139 Product Security Jobs - Page 4

Distributed Cloud Support Engineer I Our technologies are at the heart of modern applications that are enabling digital transformation across the globe! We give the world s largest businesses, service providers, governments, and consumer brands the ability to securely deliver every app, anywhere with confidence. We do this by working collaboratively in an innovative environment, helping each other succeed. We take extraordinary pride in being trusted advisers to our customers, offering the best solutions for their interests. If our mission and culture excite you, we would love to talk with you!We are seeking a Distributed Cloud Support Engineer I , who is hardworking and committed to customer success. You are comfortable in both the Support and Engineering environments, translating technical documentation and conversations into clear, concise directions for customers and partners. You are passionate about helping our customers tackle and solve problems. You will provide support via phone, email, messaging, and web portal. Support requests range in complexity from "how to" questions through involved debugging and forensic efforts when prioritizing operational issues. Visualizing problems remotely is key to being successful in this role along with excellent analytic and troubleshooting skills. You will have a significant career growth opportunity within a fast-paced SaaS company. What will you do Fix reported issues and advocate for the customer. Collaborate with sales and engineering teams to provide support to resellers, service provider and enterprise customers, as well as end users via telephone, e-mail, Slack and the web portal. Issue reproduction and concise documentation of solutions provided through technical notes, case studies and knowledge base articles. Critical issue management and customer assurance when handling reported issues. Coordinate fixes by Engineering or Developers when required and relay appropriate information to our partners and customers. Provide recommendations on how to improve supportability, reliability, availability, and serviceability based on lessons learned through issue resolution. How do you qualify 1 or more years of experience working in an operations environment. Background in customer service/support and IT, networking, or IT security incident management. Experience driving efficiency, handling growth, and delivering results. Good understanding of IT, Network, or IT SOC best practices and a real passion for continuous improvement. Strong organizational skills and work well with contacts in various business subject areas. Conversationally and technically fluent in English verbally and written. Advantageous to have: Strong understanding of Networking and Layer 7 Protocols. Familiarity with Container technologies (Docker and Kubernetes). Knowledge of Data Representation types (XML, JSON, YAML). Public cloud experience with Amazon Web Services (AWS), Google Cloud Platform (GCP) and/or Microsoft Azure is preferred. Security product/solutions experience (Firewalls, WAFs, DDoS Mitigation) is preferred. Strong troubleshooting skills, independent and collaborative. Approachable disposition and steadfast in delivering. Ability to prioritize and multitask when leading sophisticated technical issues. Proven understanding of routing and switching technologies. Ability to read different scripting and automation languages (Python, Shell and Ansible). Bachelor s degree in technologically relatable field or equivalent practical experience. Physical Demands and Work Environment This role requires availability outside normal business hours to align with the distributed global teams or to respond to critical security events. Some travel may be required (less than 10%). The is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Distributed Cloud Support Engineer I Our technologies are at the heart of modern applications that are enabling digital transformation across the globe! We give the world s largest businesses, service providers, governments, and consumer brands the ability to securely deliver every app, anywhere with confidence. We do this by working collaboratively in an innovative environment, helping each other succeed. We take extraordinary pride in being trusted advisers to our customers, offering the best solutions for their interests. If our mission and culture excite you, we would love to talk with you!We are seeking a Distributed Cloud Support Engineer I , who is hardworking and committed to customer success. You are comfortable in both the Support and Engineering environments, translating technical documentation and conversations into clear, concise directions for customers and partners. You are passionate about helping our customers tackle and solve problems. You will provide support via phone, email, messaging, and web portal. Support requests range in complexity from "how to" questions through involved debugging and forensic efforts when prioritizing operational issues. Visualizing problems remotely is key to being successful in this role along with excellent analytic and troubleshooting skills. You will have a significant career growth opportunity within a fast-paced SaaS company. What will you do Fix reported issues and advocate for the customer. Collaborate with sales and engineering teams to provide support to resellers, service provider and enterprise customers, as well as end users via telephone, e-mail, Slack and the web portal. Issue reproduction and concise documentation of solutions provided through technical notes, case studies and knowledge base articles. Critical issue management and customer assurance when handling reported issues. Coordinate fixes by Engineering or Developers when required and relay appropriate information to our partners and customers. Provide recommendations on how to improve supportability, reliability, availability, and serviceability based on lessons learned through issue resolution. How do you qualify 1 or more years of experience working in an operations environment. Background in customer service/support and IT, networking, or IT security incident management. Experience driving efficiency, handling growth, and delivering results. Good understanding of IT, Network, or IT SOC best practices and a real passion for continuous improvement. Strong organizational skills and work well with contacts in various business subject areas. Conversationally and technically fluent in English verbally and written. Advantageous to have: Strong understanding of Networking and Layer 7 Protocols. Familiarity with Container technologies (Docker and Kubernetes). Knowledge of Data Representation types (XML, JSON, YAML). Public cloud experience with Amazon Web Services (AWS), Google Cloud Platform (GCP) and/or Microsoft Azure is preferred. Security product/solutions experience (Firewalls, WAFs, DDoS Mitigation) is preferred. Strong troubleshooting skills, independent and collaborative. Approachable disposition and steadfast in delivering. Ability to prioritize and multitask when leading sophisticated technical issues. Proven understanding of routing and switching technologies. Ability to read different scripting and automation languages (Python, Shell and Ansible). Bachelor s degree in technologically relatable field or equivalent practical experience. Physical Demands and Work Environment This role requires availability outside normal business hours to align with the distributed global teams or to respond to critical security events. Some travel may be required (less than 10%). The is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

Overview Skills :- Product Security, Devops, SCA, SAAS Platforms, SecDevops, SAST Location :- Hyderabad Shift Timing :- 2.00 pm -11.00 pm (IST) About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4500 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Role Overview We have an exciting opportunity for an Engineer, Product Security at our Hyderabad office. This role supports secure software development, risk mitigation, and product security best practices across automated platforms and infrastructure-as-code environments. The Product Security Engineer will perform vulnerability assessments, provide risk analysis, support incident response, and collaborate with development and DevOps teams to embed security into all stages of the product lifecycle. This role plays a vital part in enabling secure, scalable, and compliant services across Omnicom’s digital ecosystem. Responsibilities Assist in implementing secure software development standards and practices. Support integration of security measures into automated service platforms and infrastructure-as-code. Conduct regular security assessments and vulnerability scans for applications and infrastructure. Analyse and report on security risks and vulnerabilities; provide mitigation recommendations. Collaborate with the incident response team on investigations and real-time threat intelligence. Monitor and manage security tools to detect and respond to application and infrastructure threats. Continuously monitor cloud environments and SaaS platforms for emerging security threats. Work closely with development, QA, and IT teams to support secure software delivery. Prepare and present security metrics, reports, and summaries to Product Security Leads and stakeholders. Deliver security awareness training on secure software development and SecDevOps practices. Contribute to the maintenance of security documentation and internal guidelines. Qualifications 3-5 years of experience in cybersecurity, software engineering, or DevOps with a focus on product security. Familiarity with security assessment tools (e.g., SAST, DAST scanners) and CI/CD environments. Basic understanding of secure coding, cloud security, and infrastructure-as-code practices. Hands-on experience with tools such as GitHub, AWS, Terraform, Jenkins, Docker, etc. Understanding of IT governance frameworks (e.g., SDLC, ITIL) is a plus. Strong analytical, documentation, and troubleshooting capabilities. Bachelor's degree in Cybersecurity, Computer Science, IT, or related field. Strong technical skills relevant to Information Security such as secure coding standards, ethical hacking techniques, network security, SIEM, and risk analysis Certifications such as Security+ or CEH are a plus. Preferred Qualifications AppSec depth (CSSLP, eWPT), Cloud specialization (AWS Security), Foundational credibility (Security+), and CEH are a plus. Experience with cloud security frameworks and zero trust architecture.

1. Checkpoint and Building Control 2. Enforce security protocols and procedures in the building 3. Public Safety: customer, VIP, Govt. Officials and vendor coordination 4. Shift wise checking of emergency exit door and check point doors 5. Perimeter and Internal patrolling 6. Investigation against the Security violations, material found in trash, process violations, theft, unauthorized entry and other incidents 7. Guard profile documentation 8. Guard recruitment & retention (Bring up plan)/Training / Deployment 9. Guard Vendor 10. Guard welfare and grievances 11. Guard incentive program 12. Guard Assessment

Mandatory Skills: -Programming skills in Dot Net, Java, Go (Any Skill is fine) with Penetration & Security testing is a must. Essential Duties and Responsibilities Provides support to cross-functional teams, with a high attention to detail Researches, analyzes, and documents findings May coach, review, and/or delegate work to other team members Conducts security assessments, threat modeling, and vulnerability reporting and develops security architecture patterns for implementing new solutions and products Performs application security reviews for our products and services to identify and/or validate vulnerabilities and attack chains. Communicates findings, attack paths, and recommendations to technical and executive stakeholders through written reports and verbal presentations Develops and maintains methodologies for penetration testing Assists with decision-making, prioritization, and support throughout the secure software development life cycle (s-SDLC) on a variety of security domains Participates in requirements gathering, secure coding and configuration, software testing, and third-party component management and defect management Serves as point of contact on secure development and security best practices Consults cross-functionally to embed security gates into their existing SDLC, leveraging automation when possible Drives the development of standards, practices, and processes to establish, manage, and report adherence to application security requirements and best practices Attends regular stand-ups and planning meetings to build positive relationships with key stakeholders Serves as the security authority on assigned products, ensuring the security controls are functioning, security requirements are provided before coding begins, and that vulnerabilities are fixed within their SLAs Ensures s-SDLC controls are embedded in assigned product and serves as control owner for a subset of these controls Engages in application and domain-specific threat modeling, as well as attack surface analysis and reduction. Educational/Vocational/Previous Experience Recommendations: Ability to manage projects and processes independently with limited supervision Recognized subject matter expert of applicable work area Ability to situationally adapt and understand new technology/processes as per business requirement Ability to identify application vulnerabilities and advise on appropriate remediation Solid understanding of common languages such as .NET, Python, JavaScript, Go, etc. Strong foundation in core information security principles and concepts (encryption, authentication, etc.) Effective communication skills, with the ability to explain sophisticated security topics in simple terms to technical and non-technical stakeholder Work locations: Pune, Mumbai, Bangalore Hybrid and also complete Remote option available. Work Type: Hybrid and Remote

About the Opportunity Job Type: PermanentApplication Deadline: 31 July 2025 Title: Technical Specialist - Network Security Department: Enterprise Infrastructure Services (EIS) Location: Bangalore Reports To: Senior Technical Manager - ENS Level 4 About Fidelity International Fidelity International offers investment solutions and services and retirement expertise to more than 2.5 million customers globally. As a privately-held, purpose-driven company with a 50-year heritage, we think generationally and invest for the long term. Operating in more than 25 locations and with $611.4 billion in total assets, our clients range from central banks, sovereign wealth funds, large corporates, financial institutions, insurers and wealth managers, to private individuals. Our Workplace & Personal Financial Health business provides individuals, advisers and employers with access to world-class investment choices, third-party solutions, administration services and pension guidance. Together with our Investment Solutions & Services business, we invest $471 billion on behalf of our clients. By combining our asset management expertise with our solutions for workplace and personal investing, we work together to build better financial futures. Find out more about what we do, our history, and how you could be a part of our future at . Our clients come from all walks of life and so do we. We are proud of our inclusive culture and encourage applications from the widest mix of talent, whatever your age, gender, ethnicity, sexual orientation, gender identity, social background and more. As a flexible employer, we trust our people to perform their role in the way that works best for them, our clients and our business. We are a disability-friendly company and would welcome a conversation with you if you feel you might benefit from any reasonable adjustments to perform to the best of your ability during the recruitment process and beyond. About your team The Enterprise Network Services team are responsible for innovative network and firewall design solutions, supporting operations and delivering these services to the FIL business units. The ENS team have global responsibilities, delivering a regional support service through a virtual model, with staff located in our UK, European, India and Asia offices. About your role A Technical Specialist within Network and Firewall Operations will be expected to have an excellent knowledge of Firewalls, Security appliances, DNS (dynamic), Load Balancing, Proxy Services, IPS technologies from best of breed vendors. This knowledge should be underpinned with a fundamental network (Cisco) understanding. This highly technical and customer facing position will involve Operational support, Network and Firewall Governance and project delivery from concept, scoping, design through to implementation. The ability to work as a member of a diverse geographical based team is essential. Part of ENS team, delivering a regional support function identifying and driving tasks and initiatives to maintain stability deliver operational improvement. Incorporating service management, risk management, systems management (including monitoring) lifecycle management and reporting. Responsible for supporting all areas of the Fidelity business - including the Web (critical). The ability to work well with incident managers and interact with service delivery managers and project managers is fundamental; also need to be able to work under pressure in a busy and reactive environment. About you Degree holder in Computer Engineering, Telecommunications, or related disciplines. Be considered as a network security expert, with deep subject matter expertise in a number of technologies and a broad understanding across network security and non-network technology. Strong hands on experience of managing Firewall and security products including but not limited: Palo Alto Firewalls including Panarama (VPN/IPS/Wildfire) ZScaler Cloud Proxies F5 server load balancing and security technology (GTM/LTM/ASM/AFM) Excellent understanding of network security architecture, design and support. Excellent business scenes for a technical support environment. Proven Service Management (ITIL) experience, specifically incident, problem and change management Good analytical skill and able to solve complicated problem logically Good command of spoken and written English Good interpersonal skills, communication skills, project management skills and vendor management skills Must be flexible in approach to work content and responsibilities. Able to work under pressure within a busy environment and effectively multi-tasking Must be a self-starter and able to work with a minimum of supervision. For starters, well offer you a comprehensive benefits package. Well value your wellbeing and support your development. And well be as flexible as we can about where and when you work finding a balance that works for all of us. Its all part of our commitment to making you feel motivated by the work you do and happy to be part of our team.

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: As a leading technology innovator, Qualcomm pushes the boundaries of what's possible to enable next-generation experiences and drives digital transformation to help create a smarter, connected future for all. As a Qualcomm Software Engineer, you will design, develop, create, modify, and validate embedded and cloud edge software, applications, and/or specialized utility programs that launch cutting-edge, world class products that meet and exceed customer needs. Qualcomm Software Engineers collaborate with systems, hardware, architecture, test engineers, and other teams to design system-level software solutions and obtain information on performance requirements and interfaces. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 1+ year of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field. 2+ years of academic or work experience with Programming Language such as C, C++, Java, Python, etc. Job Overview Qualcomm is a company of inventors that unlocked 5G ushering in an age of rapid acceleration in connectivity and new possibilities that will transform industries, create jobs, and enrich lives. But this is just the beginning. It takes inventive minds with diverse skills, backgrounds, and cultures to transform 5Gs potential into world-changing technologies and products. This is the Invention Age - and this is where you come in.We are looking for a passionate and skilled software professionals to provide software engineering solutions for development projects in the Security systems team. In this position, you will work with a team of multi-disciplined professionals to develop and optimize systems, tools and methods for QTI security solutions. The position will require you to work on security software development that needs close interactions with internal teams and potentially with external customers as well.You will be contributing on various Security related technologies across Mobile platform Security, Cryptography, Trusted Execution environments, Access control mechanisms, vulnerability detection etc. You will work across multiple processors, Embedded software platforms, and operating systems. Your work will contribute towards making mobile platforms safe and secure to use and thus creating a positive impact on end user of the handset. Responsibilities Designing, developing, coding, testing and debugging Security related software on Embedded platforms. Analyze product requirements, identify impacted areas, derive requirements, and produce suitable designs. Developing software in C, Assembly. Python to run on ARM, RISCV & Proprietary CPU platforms. Follow defined methodologies, processes and procedures for various software development activities. Triage, Debug and resolve issues and bugs in the software through good problem solving skills. Collaborate within and cross functional teams as required to ensure quality work products are delivered. Demonstrate Self motivation and strong initiative and ability to work with minimal supervision or direction. Independently represent the team to internal and external stake holders / partners on their area of responsibility. Minimum Qualifications Bachelor's / Master's degree in Engineering, Information Systems, Computer Science, Electronics or related field. 3-5 years of experience in Embedded software development and programming in C / C++ / Assembly. Strong understanding of Embedded hardware, Computer Architecture and Operating System concepts. Good understanding of OS concepts such as tasks, signals, timers, priorities, deadlocks, stacks, etc. Understanding of RTOS fundamentals like multi-threading, interrupt management, cache/memory management etc Experience with code versioning tools (git / perforce) build tools (Makefiles/SCons), and debuggers like JTAG. Experience in leading and driving software development activities independently and working with multiple teams. Experience in managing software projects across all phases like Requirement analysis, Design and validations. Good understanding of Software Security Concepts, Public Key Cryptography, ARM Trust zone, Virtualization etc. Good communication skills & ability to work with engineers, partners & customers across cultures / geographical sites Desirable Qualifications Good understanding of and experience on embedded processor architectures like ARMv8/9 or RISC-V processors. Experience with code versioning tools (git / perforce) build tools (Makefiles/SCons), and debuggers like JTAG.Good expertise and experience on product security for embedded devices, which may include a subset of the following skillsets: Symmetric & Asymmetric Cryptography, Device integrity & Authentication, Secure communications, Trusted execution environment, Protected virtualization Platform isolation techniques, Embedded/real time OS security, Vulnerability detection methods, Exploit mitigation techniques, Hardware access control, Secure provisioning and debug, Key management and applied cryptography

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education:Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars securityWe are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts.Key responsibilities:Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.Perform hardware penetration testing to identify vulnerabilities in electronic systems.Assess the security of medical devices, ensuring compliance with industry regulations and standards.Identify and address security risks associated with healthcare information systems and connected medical instruments.Evaluate and prioritize security risks based on potential impact and likelihood.Provide recommendations and collaborate with cross-functional teams to implement effective security controls.Stay current with emerging security threats, vulnerabilities, and testing methodologies.Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.Document security testing processes, findings, and remediation recommendations.Generate comprehensive reports for stakeholders, including technical details and actionable insights.Technical experience:Hands on experience with penetration testing tools and methodologies.Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.Knowledge of secure coding practices and the ability to review code for security vulnerabilities.Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines.Experience with threat modeling and risk assessment frameworks.Familiarity with secure development practices for embedded systems.Understanding of regulatory requirements for medical device security.Strong understanding of networking protocols, encryption, and authentication mechanisms.Professional attributes:Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.Ability to manage multiple tasks and deadlines. Qualifications:Bachelors or masters degree in engineering or computer science, Information Security, or a related field.Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP). Qualification 15 years full time education

Rao Information Technology is looking for Product Testing & Security Analyst to join our dynamic team and embark on a rewarding career journey Defining, planning, implementing, maintaining, and upgrading security measures, policies, and controls Assisting with the creation of updates and training programs to secure the network and train the employees Keeping the security systems up to date Monitoring security access and maintaining the relevant data Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans Ensure our IT solutions are secure and reliable

The candidate needs to have the following profile / experience: Experience with reverse engineering tools and techniques: Debuggers, decompilers, disassemblers, deobfuscators Static and dynamic binary analysis, binary injection Packet sniffers Solid knowledge and experience in ARM architecture exploitation. Solid experience in platform security, good understanding of OS internals & security features, bypassing SELinux controls, attacking secure boot sequence. Good C/assembly development skills Good understanding of security architecture of Linux, Android/iOS OS Good knowledge of networking protocols, Cryptography (RSA, SHA, AES, ), trusted execution environment, hardware security, etc. Experience in identifying vulnerabilities by source code analysis. Good writing skills to provide clear vulnerability reports and assist the developer to fix the vulnerabilities. Conduct penetration tests on web applications, mobile applications, and embedded systems to identify security vulnerabilities. Experience in the following topics is desirable: Anti-tamper tools and techniques Hardware attack vectors Malware analysis Networking protocols Roles and Responsibilities Activities are expected to be executed by the new team member, Own the project from the beginning to the end – scope clarification with the customer, test plan creation and effort estimations, execution according to the plan, reporting to the customer and follow-up on validation of the fixes Hands on security testing/reverse engineering (black/grey/white box depending on the project) Perform vulnerability research on a variety of Sony’s embedded devices (mostly ARM based) and windows-based products to identify previously unknown vulnerabilities affecting Sony products Perform security source code review (mainly C/C++) Development of security assessment tools and PoCs for the identified vulnerabilities Writing clear vulnerability reports and provide guidance to the development teams on fixing the security issues Documentation of knowledge and findings in the form of guidelines, checklists and examples to be used by development teams Being able to create and deliver demos advertising offensive security capabilities of the team to different audience

Job Summary: We are looking for enthusiastic Cyber Security Engineers with atleast 1 year of experience to join our dynamic team. The ideal candidate should have strong networking skills, extensive experience in Vulnerability Assessment and Penetration Testing (VAPT), and a solid understanding of network architecture, protocols, and security tools and the passion to learn, perfom and grow in the organisation. The role involves conducting in-depth security assessments on network devices and web applications, including the application of fuzzing techniques. Key Responsibilities: Vulnerability Assessment and Penetration Testing (VAPT): Lead and conduct comprehensive VAPT on network devices and web applications to identify and address security vulnerabilities. Network Security Expertise: Apply deep knowledge of network protocols, firewalls, IDS/IPS, and VPNs to ensure robust security across the network. Custom Security Tool Development: Develop and maintain custom security tools and scripts using Python, Bash, or PowerShell to enhance security assessments and automate processes. Network Tools Proficiency: Utilize tools such as Wireshark, Nmap, Nessus, Burp Suite, and others for network analysis and security testing. Security Assessments: Perform thorough security assessments on network devices, ensuring alignment with industry standards and best practices. Protocol Fuzzing Understanding: Apply protocol fuzzing techniques to uncover vulnerabilities in network devices and recommend effective remediation strategies. Communication: Clearly articulate complex security issues to both technical and non-technical stakeholders, ensuring a comprehensive understanding of risks and solutions. Continuous Improvement: Stay updated with the latest cybersecurity trends, threats, and technologies to enhance the organization's security posture. Qualifications: Experience: 1-2 years of relevant experience in cybersecurity, with a focus on networking, VAPT, and security assessments. Technical Skills: Strong networking skills and understanding of network architecture. Proficiency in network protocols, firewalls, IDS/IPS, and VPNs. Advanced programming skills in Python, Bash, or C/C++. Expertise in using network security tools (e.g., Wireshark, Nmap, Nessus, Burp Suite). Certifications: CEH, OSCP, or CRTP certifications are highly desirable. Communication: Excellent verbal and written communication skills, capable of conveying security concepts to diverse audiences. Problem-Solving: Strong analytical and problem-solving abilities, with keen attention to detail. Preferred Skills: Experience in security assessments on network devices. Understanding of web application fuzzing techniques. Ability to work independently and as part of a team. Education: Masters /Bachelors degree in Computer Science, Information Technology, Cyber Security, Electronics, Telecommunication or a related field (or equivalent experience).

About the Team The security team at Meesho is like the Avengers to Meesho's S.H.I.E.L.D. After all, when 5% of Indian households shop with us, its important to build resilient systems to manage millions of orders every day. Weve done this with zero downtime! ?? Sounds impossible? Well, thats the kind of Engineering muscle that has helped Meesho become the e-commerce giant it is today. We value speed over perfection, and see failures as opportunities to become better. Weve taken steps to inculcate a strong Founders Mindset across our engineering teams, making us grow and move fast. We place special emphasis on the continuous growth of each team member - and we do this with regular 1-1s and open communication. As a Security Engineer, you will be part of self-starters who thrive on teamwork and constructive feedback. We know how to party as hard as we work! If we arent building unparalleled tech solutions, you can find us debating the plot points of our favorite books and games or even gossiping over chai. So, if a day filled with building impactful solutions with a fun team sounds appealing to you, join us. About the Role As a Security Engineer 4, your role is integral in ensuring the security of our products throughout their development lifecycle. You will be involved from the very beginning, participating in threat modeling and design reviews to identify potential risks early. You'll also integrate and manage SAST tools within our CI/CD pipeline, ensuring continuous security testing as code evolves. Additionally, you'll lead and conduct vulnerability assessments and penetration testing (VAPT) to proactively uncover and address security vulnerabilities before they reach production. What you will do Lead and manage all aspects of the Secure Software Development Lifecycle (SDLC). Implement and manage security tools within the CI/CD pipeline (DevSecOps). Conduct and oversee VAPT for web applications, APIs, iOS, and Android apps. Perform threat modeling, design, and architecture reviews to identify potential risks. Execute manual source code reviews and enhance security in production environments. Manage and optimize a self-managed bug bounty program. Provide security architectural guidance to Engineering and IT teams. Manage issues identified from penetration tests and bug bounty programs. Lead security training and awareness campaigns across the organization. Manage Web Application Firewalls (WAF) to ensure robust protection. Engage in the Security Champions program to integrate security practices within teams. Assist in creating and maintaining Security Risk Models for both new and existing systems. What you will need 7+ years of experience in product security, with a focus on application security and Dev SecOps. Proven experience in leading architectural changes or cross-team efforts to mitigate security vulnerabilities. Proficiency in programming languages such as Java, React, Node.js, and Python. Hands-on experience with manual source code reviews and securing production code. Expertise in deploying and managing security tools in CI/CD pipelines. Experience with Git, Jenkins, Artifactory, or other similar technologies. Strong background in securing the software development lifecycle, including eliminating classes of vulnerabilities. Proficiency with cloud platforms like AWS or GCP, including their security tools. Experience with Docker and containerization technologies is highly desirable. Additional experience in infrastructure security, particularly in GCP, Docker, and containerization, is a bonus. Bonus Points Relevant certifications such as GIAC Web Application Penetration Tester (GWAPT), OffSecs Advanced Web Attacks and Exploitation (WEB-300), etc. Strong understanding of SSO protocols, including OAuth and SAML. Experience speaking at meetups or conferences. Experience participating in bug bounty programs.

• Basic knowledge of L2/L3 protocols • Basic knowledge of security products Basic knowledge of Licensing on network devices Added advantage if knowledge on Cisco ISE product Roles and Responsibilities: Strong business acumen to understand new concepts quickly esp related to SaaS/Subscription Licensing for technical products Be able to drive business decisions with stakeholders/Cisco Be able to articulate business problems/proposals with proper justification backed by reason, logic and data Execute on the business decisions by creating solution/processes Skilled in using PPT and Excel tools Responsible for issuing demo licenses to true customers, partners, and Internal team for Lab testing purposes by following standard threshold. As a Licensing Manager, accountable to validate the request and share approval for customers to proceed with Renewal process. Accountable to incorporate Product policy and procedure changes in customer facing and Internal documents at set Intervals. Conduct informal meetings with respective stakeholders to perform Quality audits/checks on internal license reporting tools to clear backlogs. Handle critical approvals on Permanent Licenses for public and private sector customers which comply fully with relevant process. Responsible for creation, maintenance and deletion of Product IDs that enables customers to purchase required licenses. Procure Quarterly Budget approvals from Finance team for publication of product documents and submit RFP to suppliers for specific product services. Identify Lead/drive marketing initiatives with internal key stakeholders and core team members ensuring all the activities are delivered within set timeline for new Technology/product launch. Design and manage customer feedback survey, which helps product management team to capitalise on customer response for product improvisation/enhancement.

EMERSON INNOVATION CENTER is looking for Product Security Engineer to join our dynamic team and embark on a rewarding career journey Analyzing customer needs to determine appropriate solutions for complex technical issues Creating technical diagrams, flowcharts, formulas, and other written documentation to support projects Providing guidance to junior engineers on projects within their areas of expertise Conducting research on new technologies and products in order to recommend improvements to current processes Developing designs for new products or systems based on customer specifications Researching existing technologies to determine how they could be applied in new ways to solve problems Reviewing existing products or concepts to ensure compliance with industry standards, regulations, and company policies Preparing proposals for new projects, identifying potential problems, and proposing solutions Estimating costs and scheduling requirements for projects and evaluating results

BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles and Responsibilities: Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills: 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Optional : Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities:Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations.Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis.Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues.Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations.Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance.Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes.Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms.Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices.Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation.Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness.Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services.Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434.Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers.Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals.Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering.Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms.Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information:3+ years experience implementing and performing Automotive CybersecurityKnowledge of tools like CANoe, Wireshark, or Ghidra.Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules.This position is based at our Bengaluru officeA 15-year full-time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars securityWe are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts. Roles & Responsibilities:Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.Perform hardware penetration testing to identify vulnerabilities in electronic systems.Assess the security of medical devices, ensuring compliance with industry regulations and standards.Identify and address security risks associated with healthcare information systems and connected medical instruments.Evaluate and prioritize security risks based on potential impact and likelihood.Provide recommendations and collaborate with cross-functional teams to implement effective security controls.Stay current with emerging security threats, vulnerabilities, and testing methodologies.Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.Document security testing processes, findings, and remediation recommendations.Generate comprehensive reports for stakeholders, including technical details and actionable insights. Professional & Technical Skills: Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.Ability to manage multiple tasks and deadlines.Hands on experience with penetration testing tools and methodologies.Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.Knowledge of secure coding practices and the ability to review code for security vulnerabilities.Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines.Experience with threat modeling and risk assessment frameworks.Familiarity with secure development practices for embedded systems.Understanding of regulatory requirements for medical device security.Strong understanding of networking protocols, encryption, and authentication mechanisms. Additional Information:Bachelors or masters degree in engineering or computer science, Information Security, or a related field.Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP).- 5 or more years experience require in cyber security field including penetration testing, thread modeling, hardware security.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture DesignMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Engineer, you will implement and validate security controls across in-vehicle systems, ensuring protection of ECUs, telematics units, and connected vehicle infrastructure. You will contribute to threat modeling and diagnostics hardening efforts, support penetration testing activities, and document the integration of cybersecurity measures in alignment with regulatory and technical requirements. Roles & Responsibilities:Support the development and implementation of cybersecurity controls across ECUs, telematics systems, and in-vehicle networks in alignment with ISO/SAE 21434 and company CSMS.Participate in security architecture and design reviews, contributing to the definition and validation of security requirements for embedded vehicle systems.Conduct and document threat modeling and risk assessments using methodologies such as HEAVENS, STRIDE, and custom attack graphs.Perform penetration testing and intrusion validation on in-vehicle protocols including CAN, DoIP, and Ethernet, as well as wireless interfaces such as Bluetooth and Wi-Fi.Assist in the execution of fuzz testing and vulnerability analysis using tools like CANoe, Wireshark, Scapy, and Python-based custom scripts.Contribute to the validation of secure boot mechanisms and assist in reverse engineering activities to verify firmware security compliance.Work with software and hardware teams to analyze security issues, identify root causes, and define corrective actions and mitigations.Maintain operational documentation, including test procedures, vulnerability logs, and mitigation tracking in compliance with regulatory requirements.Collaborate with cross-functional teams to integrate secure diagnostics, access control strategies, and key management protocols.Participate in internal assessments and support audit readiness for cybersecurity compliance frameworks such as UNECE WP.29 and ISO 26262. Professional & Technical Skills: Experience supporting in-vehicle cybersecurity programs with 8+ years in embedded or automotive systems development, including 34 years focused on penetration testing, diagnostics security, or secure ECU architecture.Hands-on experience conducting security testing and vulnerability assessments on vehicle communication interfaces such as CAN, DoIP, and Ethernet, as well as wireless protocols including Bluetooth, Wi-Fi, and cellular.Strong working knowledge of UDS diagnostics (ISO 14229), secure diagnostics access control, and protocol fuzzing techniques to uncover vulnerabilities in ECUs and vehicle gateways.Proficiency with security testing tools and platforms such as CANoe, Wireshark, Scapy, Python, and Ghidra for traffic analysis, custom scripting, and reverse engineering.Familiarity with cryptographic principles and practical usage of cryptographic libraries (e.g., OpenSSL, mbedTLS) and hardware security modules (HSM) for secure key storage, boot processes, and firmware authentication.Experience supporting OTA (Over-the-Air) update platforms and ensuring their secure integration using encryption, authentication, and rollback protection mechanisms.Exposure to cybersecurity development in Agile-based or V-model automotive environments, working collaboratively with software, systems, and validation teams.Knowledge of regulatory and compliance standards relevant to automotive cybersecurity, including ISO/SAE 21434, UNECE WP.29 (R155/R156), and functional safety (ISO 26262).Ability to document test cases, generate detailed security analysis reports, and provide engineering teams with clear recommendations and follow-up actions for mitigation.Demonstrated problem-solving skills and the ability to troubleshoot complex issues related to embedded systems security, communication integrity, and control system protection. Additional Information:5+ years experience implementing and performing Automotive CybersecurityExperience with AUTOSAR (Classic/Adaptive), ECU firmware security, or secure telematics units.This position is based at our Bengaluru officeA 15-year full-time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Product Security Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time educationProduct Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars securityWe are seeking a highly skilled and motivated Product Security Testing Engineer with 4-6 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts. Roles & Responsibilities:Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.Perform hardware penetration testing to identify vulnerabilities in electronic systems.Assess the security of medical devices, ensuring compliance with industry regulations and standards.Identify and address security risks associated with healthcare information systems and connected medical instruments.Evaluate and prioritize security risks based on potential impact and likelihood.Provide recommendations and collaborate with cross-functional teams to implement effective security controls.Stay current with emerging security threats, vulnerabilities, and testing methodologies.Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.Document security testing processes, findings, and remediation recommendations.Generate comprehensive reports for stakeholders, including technical details and actionable insights. Professional & Technical Skills: Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.Ability to manage multiple tasks and deadlines.Hands on experience with penetration testing tools and methodologies.Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.Knowledge of secure coding practices and the ability to review code for security vulnerabilities.Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines.Experience with threat modeling and risk assessment frameworks.Familiarity with secure development practices for embedded systems.Understanding of regulatory requirements for medical device security.Strong understanding of networking protocols, encryption, and authentication mechanisms.- Additional Information:Bachelors or masters degree in engineering or computer science, Information Security, or a related field.Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP).- 5 or more years experience require in cyber security field including penetration testing, thread modeling, hardware security.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :AI Red Teaming Expert Adversarial ML, Threat Simulation, and AI Security StrategyWe are seeking a highly experienced and visionary AI Red Teaming Expert 12+ years of experience across cybersecurity and machine learning. This role is ideal for professionals who thrive in dynamic environments and possess a passion for securing cutting-edge AI/ML systems. You will lead red teaming operations, simulate adversarial threats, and guide the organizations AI security posture at strategic and technical levels. The ideal candidate demonstrates deep technical expertise, exceptional leadership, and a keen understanding of adversarial machine learning and risk mitigation frameworks. Roles & Responsibilities:Define and execute the AI red teaming strategy across the organization.Simulate realistic and advanced adversarial attacks against AI/ML systems aligned with business contexts.Review AI/ML system architecture to identify security gaps and advocate for secure design patterns.Establish internal standards and workflows for AI threat modeling, risk assessment, and adversarial testing.Stay ahead of evolving adversarial ML threats and guide the development of defensive strategies.Contribute to secure development practices for model deployment pipelines and lifecycle management.Lead and mentor a specialized team of AI security analysts and red teamers.Represent AI security strategy in executive forums and drive cross-functional alignment.Collaborate with engineering, data science, compliance, and legal stakeholders to integrate security into AI innovation cycles.Drive internal policy-making efforts around responsible and secure AI development practices.Own and lead remediation initiatives, translating findings into actionable improvements across teams. Professional & Technical Skills: Exceptional communication and leadership skills with the ability to convey technical issues to non-technical stakeholders.Proven experience managing high-impact security initiatives and leading diverse teams.Strategic thinker capable of aligning AI security objectives with business goals.Passionate about AI safety, responsible innovation, and emerging threat landscapes.Strong analytical and problem-solving skills in high-pressure environments.Hands-on expertise in red teaming AI/ML systems at scale.Strong understanding of adversarial ML techniques, threat simulation tools, and AI model manipulation tactics.Experience implementing and aligning with frameworks such as OWASP Top 10 for LLMs, ISO 42001, NIST AI RMF.Proficiency in AI/ML pipeline security, model risk evaluation, and secure MLOps practices.Familiarity with deep learning frameworks (e.g., TensorFlow, PyTorch) and their associated vulnerabilities.Demonstrated ability to design, execute, and scale red teaming programs in AI-native environments.- Additional Information:Bachelors or Masters degree in Computer Science, Information Security, Machine Learning, or related field.Recognized certifications such as CEH, OSCP, CISSP, or credentials specific to AI security (e.g., MITRE ATLAS experience) are a plus.- 12+ years of experience spanning cybersecurity, AI/ML, and adversarial testing- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Product Security Good to have skills : Google Cloud Data TransferMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Architect Cloud Security Strategy, Governance, and ArchitectureWe are seeking an accomplished GCP Security Architect with 12+ years of experience in cloud security architecture, threat modeling, and governance across enterprise-scale environments. This strategic role involves defining secure cloud architecture standards, driving security-first GCP adoption, and automating risk mitigation initiatives across business units. Roles & Responsibilities:Define and implement enterprise-wide GCP security architecture strategy.Design and implement secure GCP architectures aligned with business and compliance needs.Lead design reviews covering IAM (IDP, SSO, MFA), VPC security, VPNs, data encryption, and secure interconnects.Implement Cloud Armor, Cloud Security Command Center, and threat detection pipelines.Conduct threat modeling, risk analysis, and vulnerability assessments for high-impact platforms.Define automated controls and audit checks using Terraform, Cloud Shell, and GCP APIs.Ensure monitoring, logging, and auditing using Cloud Operations Suite.Lead enterprise security design and architecture governance forums.Mentor a team of cloud security professionals and guide platform standardization.Represent GCP security strategy to CISO teams, compliance leadership, and auditors.Define secure-by-design templates and enforce zero-trust access architectures Professional & Technical Skills: Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.Ability to manage multiple tasks and deadlines.Expertise in GCP IAM roles, Identity Federation, and Policy Troubleshooting.Advanced knowledge of VPC SC, KMS, security perimeters, and encryption standards.Hands-on with IaC tools like Terraform, Cloud Shell scripting, and GCP-native tools.Strong understanding of networking protocols, encryption, and authentication mechanisms.Confident communicator with executive presence.Proactive leader capable of owning enterprise transformation initiatives.Strategic thinker with deep technical foundations.- Additional Information:Bachelors or masters degree in engineering or computer science, Information Security, or a related field.Certifications such as Google Cloud Certified Professional Cloud Security Engineer is a must; CISSP or CCSP preferred.- 12+ years in security, including 5+ years specifically with GCP.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Product Security Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :AI Security Architect Enterprise AI Strategy, Scalable ML Platforms, and Secure AI DesignWe are looking for a seasoned and visionary AI Architect with 12+ years of experience in designing, securing, and leading scalable, responsible AI systems. This role blends AI solution architecture with security architecture and is ideal for professionals who bring together deep technical knowledge, strategic thinking, and a passion for trustworthy, ethical innovation.As an AI Architect, you will define the enterprise AI and security architecture, embed secure-by-design practices across AI platforms, and ensure alignment with privacy, compliance, and ethical standards across the entire ML lifecycle Roles & Responsibilities:Own the architectural vision for enterprise-wide AI and ML platforms, ensuring scalability, resilience, security, and regulatory compliance.Develop and maintain architectural blueprints for secure and responsible AI, covering areas such as bias mitigation, explainability, threat modeling, and data protection.Define and implement AI security architecture practices, including secure access to models, datasets, APIs, and ML pipelines.Collaborate with MLOps, engineering, DevSecOps, and cloud security teams to develop standardized, reusable, and secured AI infrastructure components.Ensure AI systems comply with global regulations and standards (e.g., GDPR, ISO 42001, NIST AI RMF, and ISO/IEC 27001).Evaluate and introduce tools and frameworks that support privacy-preserving AI, adversarial robustness, model security, and interpretability.Lead efforts to design and enforce secure AI development workflows, from data ingestion to model deployment and monitoring.Partner with Security Architects and Risk teams to identify and mitigate AI-specific attack surfaces, including adversarial attacks and model poisoning.Conduct risk assessments and threat modeling for AI systems, including LLMs, generative models, and federated learning architectures.Collaborate with internal InfoSec, Privacy, and Legal stakeholders to align AI initiatives with enterprise cybersecurity strategies.Establish monitoring and incident response guidelines for AI workloads, including model drift, data leakage, and compliance alerts.Lead and mentor a multidisciplinary team of AI engineers, ML architects, and AI security specialists.Drive cross-functional initiatives with stakeholders in cloud, legal, compliance, and business domains to ensure holistic AI strategy implementation.Serve as a strategic advisor on AI and ML security topics across various business units and projects.Support the development and enforcement of enterprise-wide AI security and governance policies.Lead architecture review boards focused on AI and ensure consistent application of best practices across AI platforms. Professional & Technical Skills: Strong experience designing and deploying secure, large-scale ML systems in cloud and hybrid environments.Deep understanding of secure development practices, identity and access management (IAM) for ML workloads, model versioning, and auditability.Familiarity with:oCloud-native security tools (AWS IAM, KMS, GCP Workload Identity, Azure Key Vault)oAI attack mitigation (e.g., adversarial training, input sanitization, model watermarking)oSecure MLOps and CI/CD for AIoTools for model explainability (SHAP, LIME), monitoring (Prometheus, Grafana), and compliance tracking.Experience with data privacy, encryption techniques (at rest/in transit/in use), and secure federated learning is a plus.Proven leadership in AI security architecture and secure ML engineering practices.Exceptional stakeholder communication and ability to advocate for responsible AI across technical and executive teams.Strategic mindset with an ability to balance innovation with risk mitigation.Strong documentation, risk assessment, and audit reporting skills in security-centric environments.Proven success in building and securing AI platforms with strong focus on privacy, ethical AI, and regulatory compliance.- Additional Information:Bachelors or Masters degree in Computer Science, Artificial Intelligence, Information Security, or related field.Industry certifications preferred:Cloud AI (e.g., AWS Certified Machine Learning Specialty, GCP ML Engineer)Security (e.g., CISSP, CCSP, Certified AI Security Professional, TOGAF)- 12+ years of experience in AI/ML solution architecture with 4+ years focused on AI security, governance, or compliance.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data ServicesMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Engineer / Associate Architect Cloud Security Operations & EngineeringWe are looking for GCP Security Engineers / Associate Architects with 5+ years of experience in cloud security engineering and automation. This role supports operational security, control configuration, and secure design practices for GCP workloads. Roles & Responsibilities:Implement GCP security controls:IAM, VPC security, VPNs, KMS, Cloud Armor, and secure networking.Manage GCP identity and access, including SSO, MFA, and federated IDP configurations.Monitor workloads using Cloud Operations Suite and escalate anomalies.Conduct basic threat modeling, vulnerability scanning, and patching processes.Automate security audits and compliance controls using Terraform and Cloud Shell scripting.Assist architects in deploying and maintaining secure-by-default infrastructure.Support audit preparation, policy enforcement, and evidence gathering.Collaborate with cross-functional teams to resolve security alerts and findings.Maintain detailed technical documentation and knowledge sharing resources. Professional & Technical Skills: Working knowledge of IAM, KMS, GCP networking, and cloud policy enforcement.Familiarity with IaC tools (Terraform), scripting, and log analytics.Strong desire to grow in the cloud security domain.Good communication skills and proactive approach to problem-solving.Thrives in a fast-paced, learning-oriented environment. Additional Information:Bachelors degree in Computer Science, IT, or Information Security.Certifications such as Google Cloud Certified Professional Cloud Security Engineer is a must; Associate Cloud Engineer is a plus.- 5+ years in security or cloud engineering, with at least 12 years in GCP.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem. Roles & Responsibilities:Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements.Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity.Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces.Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle.Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular).Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules.Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification.Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning.Lead red team exercises and security reviews in coordination with product security and development teams.Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262.Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements. Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis.Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces.Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular.In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications.Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments.Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434.Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards.Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering.Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment.Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams.Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information:7+ years experience implementing and performing Automotive CybersecurityThis position is based at our Bengaluru officeA 15-year full time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles and Responsibilities: Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills: 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Optional : Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.