352 Qualys Jobs

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in penetration testing at PwC will focus on penetration testing (or pen testing) which is a security exercise where a cybersecurity consultant attempts to find and exploit vulnerabilities in a computer system. The purpose of this simulated attack is to identify any weak spots in a system's defences which attackers could take advantage of. *Why PWC At PwC , you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC , we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations Job Description & Summary: Job Description & Summary: We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Senior Associate to join our Risk Consulting team. As a Cybersecurity Senior Associate, you will be responsible for leading and managing a team of consultants to deliver high-quality cybersecurity and risk management services to our clients. Responsibilities: Key Responsibilities: · Good interpersonal skills (written and oral communication) and ability to articulate complex issues · Ability to communicate technical · information clearly and concisely, commensurate with the audience · Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. · Good communicator (written and verbal) and listener. · Must be a team player and motivated self-starter with ability to work independently with limited supervision. · Must be assertive, methodical and detail oriented Technical Experience: · Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing · Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities · Should be aware of tools like Qualys, HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools · Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest. · Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) · Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets · Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools · Map out a network, discover ports and services running on the different exposed network and security devices · Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. · In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. · Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage · Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM) Mandatory skill sets: CEH, ECSA, LPT (any one) Preferred skill sets: OSCP, OSWE Years of experience required: 2-10 Years Education qualification: B.Tec Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Bash (Programming Language), Common Vulnerability Scoring System (CVSS), Communication, Creativity, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption, Ethical Hacking, Firewall (Network Security), Inclusion, Information Security, Information Security Management System (ISMS), Information Security Risk Assessments, Intellectual Curiosity, Intrusion Detection System (IDS), IT Infrastructure, Kali Linux, Learning Agility, Microsoft Active Directory {+ 25 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Manager Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Senior Associate to join our Risk Consulting team. As a Cybersecurity Senior Associate, you will be responsible for leading and managing a team of consultants to deliver high-quality cybersecurity and risk management services to our clients. Responsibilities: Key Responsibilities: · Good interpersonal skills (written and oral communication) and ability to articulate complex issues · Ability to communicate technical · information clearly and concisely, commensurate with the audience · Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. · Good communicator (written and verbal) and listener. · Must be a team player and motivated self-starter with ability to work independently with limited supervision. · Must be assertive, methodical and detail oriented Technical Experience: · Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing · Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities · Should be aware of tools like Qualys, HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools · Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest. · Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) · Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets · Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools · Map out a network, discover ports and services running on the different exposed network and security devices · Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. · In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. · Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage · Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM) Mandatory skill sets: CEH, ECSA, LPT (any one) Preferred skill sets: OSCP, OSWE Years of experience required: 2-10 Years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Professional Courage {+ 13 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cybersecurity Enterprise Solution Architect Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 900 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting, and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity The Security Technology Services (STS) group is a division of Information Security that ensures secure access to systems and information for more than 390,000 people in over 150 countries. A Solution Architect focused on Data and Application protection on the STS team is responsible for turning strategic plans into reality by producing architectural designs, leading the development and implementation of solutions, and offering security advice to project teams. This person will also oversee experimental projects to determine the best technology choices for integration into EY's infrastructure. Your Key Responsibilities Connect with key stakeholders, cybersecurity experts, and operational teams within the information security department to help create security solutions that work well on a large scale. Collaborate with Enterprise Architects to make sure solutions are in line with the company's long-term goals, follow design guidelines, and contribute to the direction of projects when necessary. Turn business requirements into technical specifications for solutions, considering risks, dependencies, costs, and the overall risk of the technical solution. Lead the technical side of evaluating and choosing technologies through Requests for Information (RFI) and Requests for Proposal (RFP), which includes: Defining the criteria that will influence technology choices and solution development. Recommending technologies while engaging with key people. Oversee experimental projects, designs, and the actual building of solutions from an architectural standpoint. Create and update documents that describe solution architecture to guide the planning, design, and implementation of the chosen solution. Keep up with the latest in the industry, research thoroughly, and continuously learn about new security technologies. Share expertise with project teams, governance groups, and other audiences as required. Stay informed about the latest trends, developments, and driving factors in the industry and incorporate them into architectural work. Propose standards and reuse solutions for security technology. Travel requirements Skills And Attributes For Success Skilled in guiding the development and strategic direction of solution architecture. Profound knowledge in Security Technologies, including: Cloud Application Security Solutions – Integration with AppSec, DevOps (IDE/CI/CD), and Software Composition Analysis (SCA). Vulnerability Management tools such as AquaSec, Qualys, Wiz, CheckMarx, and MS Defender (VM/XDR/AV/FW) Data Protection technologies like Thales, Microsoft Purview solutions such as DLP, eDiscovery, etc. Proficiency in data services such as Azure Data Factory, Synapse, SQL, Machine Learning, and PowerBI Analytics. Deep expertise in Security Capabilities, encompassing: Mastery of encryption algorithms, key management, and cryptographic protocols for data security. Securing databases through access controls, encryption, monitoring, and vulnerability management. Application security tools expertise, including web application firewalls (WAF), intrusion detection/prevention systems (IDS/IPS), and vulnerability scanners. Risk identification, evaluation, prioritization, and mitigation for data and application security. Data Loss Prevention (DLP) strategies and tools to safeguard sensitive data. Extensive hands-on experience with Application Security, Data Architecture, Security Analytics, and Threat Intelligence solutions. Familiarity with application security frameworks and standards, such as NIST and ISO 27001. Knowledge of secure software development lifecycle (SSDLC) processes. Practical experience in applying security controls across various programming languages and frameworks. Quick learner, able to gain expertise in new technology areas swiftly. Flexible and capable of adapting to the ever-changing landscape of technology and global complexities. Proven track record in fostering client-service relationships and valuing internal customers. Exceptional communication and presentation abilities, with effectiveness in engaging executive leadership. Consideration for the perspectives of diverse audiences, both technical and non-technical. Experience in crafting security architecture documentation, including vision statements and Solution Architecture (SA) Design documents. Well-versed in common Information Security practices and the domains covered by the CISSP certification. Aptitude for identifying and implementing opportunities for cybersecurity improvements and transformations. To qualify for the role, you must have Degree in Computer Science, Engineering or equivalent work experience 12+ years of experience in the Information Technology field 2+ years of senior architecture experience, exposure to enterprise architecture teams. 3+ years working with network protection technologies Ideally, you’ll also have one or more Security certification such as CISSP or CISM TOGAF and/or SABSA architecture framework SANS Certifications including: GSEC, ECSA, ECSP What We Look For Deep critical thinking skills demonstrating analytical and systematic approach to problem solving Experience working in a global virtual environment Excellent written & verbal communication skills, including preparation & delivery of presentations Good judgment, tact, and decision-making ability Ability to understand and integrate cultural differences and motives and to work with cross cultural teams. Ability to deal with ambiguity and change, and exercise appropriate time management to meet objectives Ability to work autonomously but also within a team environment where necessary What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial, and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cybersecurity Enterprise Solution Architect Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 900 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting, and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity The Security Technology Services (STS) group is a division of Information Security that ensures secure access to systems and information for more than 390,000 people in over 150 countries. A Solution Architect focused on Data and Application protection on the STS team is responsible for turning strategic plans into reality by producing architectural designs, leading the development and implementation of solutions, and offering security advice to project teams. This person will also oversee experimental projects to determine the best technology choices for integration into EY's infrastructure. Your Key Responsibilities Connect with key stakeholders, cybersecurity experts, and operational teams within the information security department to help create security solutions that work well on a large scale. Collaborate with Enterprise Architects to make sure solutions are in line with the company's long-term goals, follow design guidelines, and contribute to the direction of projects when necessary. Turn business requirements into technical specifications for solutions, considering risks, dependencies, costs, and the overall risk of the technical solution. Lead the technical side of evaluating and choosing technologies through Requests for Information (RFI) and Requests for Proposal (RFP), which includes: Defining the criteria that will influence technology choices and solution development. Recommending technologies while engaging with key people. Oversee experimental projects, designs, and the actual building of solutions from an architectural standpoint. Create and update documents that describe solution architecture to guide the planning, design, and implementation of the chosen solution. Keep up with the latest in the industry, research thoroughly, and continuously learn about new security technologies. Share expertise with project teams, governance groups, and other audiences as required. Stay informed about the latest trends, developments, and driving factors in the industry and incorporate them into architectural work. Propose standards and reuse solutions for security technology. Travel requirements Skills And Attributes For Success Skilled in guiding the development and strategic direction of solution architecture. Profound knowledge in Security Technologies, including: Cloud Application Security Solutions – Integration with AppSec, DevOps (IDE/CI/CD), and Software Composition Analysis (SCA). Vulnerability Management tools such as AquaSec, Qualys, Wiz, CheckMarx, and MS Defender (VM/XDR/AV/FW) Data Protection technologies like Thales, Microsoft Purview solutions such as DLP, eDiscovery, etc. Proficiency in data services such as Azure Data Factory, Synapse, SQL, Machine Learning, and PowerBI Analytics. Deep expertise in Security Capabilities, encompassing: Mastery of encryption algorithms, key management, and cryptographic protocols for data security. Securing databases through access controls, encryption, monitoring, and vulnerability management. Application security tools expertise, including web application firewalls (WAF), intrusion detection/prevention systems (IDS/IPS), and vulnerability scanners. Risk identification, evaluation, prioritization, and mitigation for data and application security. Data Loss Prevention (DLP) strategies and tools to safeguard sensitive data. Extensive hands-on experience with Application Security, Data Architecture, Security Analytics, and Threat Intelligence solutions. Familiarity with application security frameworks and standards, such as NIST and ISO 27001. Knowledge of secure software development lifecycle (SSDLC) processes. Practical experience in applying security controls across various programming languages and frameworks. Quick learner, able to gain expertise in new technology areas swiftly. Flexible and capable of adapting to the ever-changing landscape of technology and global complexities. Proven track record in fostering client-service relationships and valuing internal customers. Exceptional communication and presentation abilities, with effectiveness in engaging executive leadership. Consideration for the perspectives of diverse audiences, both technical and non-technical. Experience in crafting security architecture documentation, including vision statements and Solution Architecture (SA) Design documents. Well-versed in common Information Security practices and the domains covered by the CISSP certification. Aptitude for identifying and implementing opportunities for cybersecurity improvements and transformations. To qualify for the role, you must have Degree in Computer Science, Engineering or equivalent work experience 12+ years of experience in the Information Technology field 2+ years of senior architecture experience, exposure to enterprise architecture teams. 3+ years working with network protection technologies Ideally, you’ll also have one or more Security certification such as CISSP or CISM TOGAF and/or SABSA architecture framework SANS Certifications including: GSEC, ECSA, ECSP What We Look For Deep critical thinking skills demonstrating analytical and systematic approach to problem solving Experience working in a global virtual environment Excellent written & verbal communication skills, including preparation & delivery of presentations Good judgment, tact, and decision-making ability Ability to understand and integrate cultural differences and motives and to work with cross cultural teams. Ability to deal with ambiguity and change, and exercise appropriate time management to meet objectives Ability to work autonomously but also within a team environment where necessary What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial, and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cybersecurity Enterprise Solution Architect Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 900 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting, and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity The Security Technology Services (STS) group is a division of Information Security that ensures secure access to systems and information for more than 390,000 people in over 150 countries. A Solution Architect focused on Data and Application protection on the STS team is responsible for turning strategic plans into reality by producing architectural designs, leading the development and implementation of solutions, and offering security advice to project teams. This person will also oversee experimental projects to determine the best technology choices for integration into EY's infrastructure. Your Key Responsibilities Connect with key stakeholders, cybersecurity experts, and operational teams within the information security department to help create security solutions that work well on a large scale. Collaborate with Enterprise Architects to make sure solutions are in line with the company's long-term goals, follow design guidelines, and contribute to the direction of projects when necessary. Turn business requirements into technical specifications for solutions, considering risks, dependencies, costs, and the overall risk of the technical solution. Lead the technical side of evaluating and choosing technologies through Requests for Information (RFI) and Requests for Proposal (RFP), which includes: Defining the criteria that will influence technology choices and solution development. Recommending technologies while engaging with key people. Oversee experimental projects, designs, and the actual building of solutions from an architectural standpoint. Create and update documents that describe solution architecture to guide the planning, design, and implementation of the chosen solution. Keep up with the latest in the industry, research thoroughly, and continuously learn about new security technologies. Share expertise with project teams, governance groups, and other audiences as required. Stay informed about the latest trends, developments, and driving factors in the industry and incorporate them into architectural work. Propose standards and reuse solutions for security technology. Travel requirements Skills And Attributes For Success Skilled in guiding the development and strategic direction of solution architecture. Profound knowledge in Security Technologies, including: Cloud Application Security Solutions – Integration with AppSec, DevOps (IDE/CI/CD), and Software Composition Analysis (SCA). Vulnerability Management tools such as AquaSec, Qualys, Wiz, CheckMarx, and MS Defender (VM/XDR/AV/FW) Data Protection technologies like Thales, Microsoft Purview solutions such as DLP, eDiscovery, etc. Proficiency in data services such as Azure Data Factory, Synapse, SQL, Machine Learning, and PowerBI Analytics. Deep expertise in Security Capabilities, encompassing: Mastery of encryption algorithms, key management, and cryptographic protocols for data security. Securing databases through access controls, encryption, monitoring, and vulnerability management. Application security tools expertise, including web application firewalls (WAF), intrusion detection/prevention systems (IDS/IPS), and vulnerability scanners. Risk identification, evaluation, prioritization, and mitigation for data and application security. Data Loss Prevention (DLP) strategies and tools to safeguard sensitive data. Extensive hands-on experience with Application Security, Data Architecture, Security Analytics, and Threat Intelligence solutions. Familiarity with application security frameworks and standards, such as NIST and ISO 27001. Knowledge of secure software development lifecycle (SSDLC) processes. Practical experience in applying security controls across various programming languages and frameworks. Quick learner, able to gain expertise in new technology areas swiftly. Flexible and capable of adapting to the ever-changing landscape of technology and global complexities. Proven track record in fostering client-service relationships and valuing internal customers. Exceptional communication and presentation abilities, with effectiveness in engaging executive leadership. Consideration for the perspectives of diverse audiences, both technical and non-technical. Experience in crafting security architecture documentation, including vision statements and Solution Architecture (SA) Design documents. Well-versed in common Information Security practices and the domains covered by the CISSP certification. Aptitude for identifying and implementing opportunities for cybersecurity improvements and transformations. To qualify for the role, you must have Degree in Computer Science, Engineering or equivalent work experience 12+ years of experience in the Information Technology field 2+ years of senior architecture experience, exposure to enterprise architecture teams. 3+ years working with network protection technologies Ideally, you’ll also have one or more Security certification such as CISSP or CISM TOGAF and/or SABSA architecture framework SANS Certifications including: GSEC, ECSA, ECSP What We Look For Deep critical thinking skills demonstrating analytical and systematic approach to problem solving Experience working in a global virtual environment Excellent written & verbal communication skills, including preparation & delivery of presentations Good judgment, tact, and decision-making ability Ability to understand and integrate cultural differences and motives and to work with cross cultural teams. Ability to deal with ambiguity and change, and exercise appropriate time management to meet objectives Ability to work autonomously but also within a team environment where necessary What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial, and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Qualys, Inc is a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions with over 10,000+ active customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes, and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance, and protection for IT systems and web applications across on premises, endpoints, cloud, containers, and mobile environments. As a BI ETL Developer, you’ll be responsible for designing data solutions, optimizing our data pipeline architecture, as well as developing infrastructure for data collection to support cross functional teams in the BI & Analytics Organization. You will also contribute towards building reports, dashboards and analytics for the entire organization including Product, Pricing, Finance, Sales and Marketing Teams. Your ability to creatively collaborate and execute team goals will affect scalability and directly contribute to the company growth and profitability. Responsibilities Plan, design, develop, test, implement, and maintain BI ETL pipeline in DWH environment. Build the data model for optimal extraction, transformation, and loading of data from a wide variety of data sources. Analyze source data using complex SQL queries to come up with best possible data model design and development. Debug and tune ETLs, reports and dashboards by analyzing relevant SQL queries. Optimize data systems to support our data initiatives, increase operational efficiency, improve collaboration and knowledge sharing. Gather, analyze, and document business requirements and translate into technical specifications, prototypes, and end state products. Work closely with Executive Management, Software Engineers, Data Engineers, Quality Engineers, and various cross functional team members to design, build, test, and maintain analytics solutions. Requirements 4-7 years of proven experience in Data Warehousing, ETL and Business Intelligence. Highly proficient in data analysis and troubleshooting skills with ability to write complex SQL queries. Advanced SQL knowledge and in-depth ETL development experience. Strong knowledge of Data Warehousing and Multidimensional Data Modeling. Tableau or other reporting tool experience preferred. Cloud based DWH & ETL Tool experience good to have Strong ability to multi-task and meet deadlines. Excellent verbal and written communication skills. Work independently and self-learning without much guidance. Experience in gathering and understanding requirements from executive management. A successful history of integrating source systems and delivering self-serve Business Intelligence. Education: BE, B.Tech, MCA in Computer Science, Engineering, Information Technology/Systems or another related discipline. Additional technical certifications are a plus. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are seeking a talented Lead Software Engineer to develop features for our EDR Product. Working with a team of engineers and architects, you will be responsible for prototyping, designing, developing, and supporting a highly scalable SaaS based EDR product. This is a great opportunity to be an integral part of a team building Qualys’ next generation Micro-Services based technology platform and work on challenging and business-impacting projects. Responsibilities: You will be designing and developing EDR Product in the cloud. You will be building highly scalable microservices and data processing pipelines. You will be working on Java based microservices with clean, extensible code adopting suited design principles and patterns. You will be responsible to design, develop, maintain products to process events and serve REST APIs. Researching and implementing for code design, adoption of new technologies and skills. Qualifications: Bachelors/Masters/Doctorate in Computer Science or equivalent 7+ years of experience with Java 8. 3+ years of experience in Spring/Spring-Boot, microservices 2+ years of experience in Kafka Hands on experience on Spring Boot, Hibernate. Strong logical skills for code design and implementation. Writing high-performance, reliable, and maintainable code. Experience in designing streaming applications, developing, and delivering scalable solutions. Good knowledge of SQL, advanced data structures, design patterns, object-oriented principles. Should be well versed with Java 8. Good to have: Experience in Docker, Kubernetes. Experience in NO-SQL databases like Elastic Search, Cassandra etc. Experience in stream processing with Kafka and related open-source tools/technologies. Experience in Apache Flink, Siddhi queries. Knowledge of Security log sources. Show more Show less

Qualys is looking for a Recruiting Intern to join our Talent Acquisition team. Responsibilities Create an exceptional experience for all candidates and interviewers throughout the interview process. Schedule phone interviews, video interviews, and onsite interviews. Act as primary contact and host to candidates and interviewers, communicate interview details, and adjust interview schedule as needed. Maintain accurate data in the applicant tracking system (Workday). Collaborate and assist the recruiting team in ongoing process improvement initiatives Qualifications Bachelor’s Degree Proficiency with Outlook, Word, Excel Strong written and verbal communication skills Ability to thrive in a fast-paced environment Show more Show less

Company Description About CyberArk : CyberArk (NASDAQ: CYBR), is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit our CyberArk blogs or follow us on X, LinkedIn or Facebook. Job Description Responsibilities: Collaborate with engineering teams on architecting, implementing technologies, processes, and improvements around product security by performing threat models, penetrations tests, and sharing security expertise. Develop security testing plans to identify misconfigurations, vulnerabilities, and visibility shortfalls. Assist, mentor, and educate about internal secure development methodologies and CyberArk "Security Champions" program. Critical skills: 4+ years of experience working in the software development industry as a test engineer or an engineer with responsibilities relating to security. Background in Whitebox penetration testing. Bachelor’s degree in Computer Science, Computer Information Systems, Software Engineering, or Mathematics or a related field, or its equivalent. Programming experience in one or more languages (Java, JavaScript, Python, Shell/BASH, C/C, C#). Qualifications Desirable skills: OSCP certification a huge plus. Experience with web application scanning tools (e.g. Static / Dynamic, Interactive, etc.) including Qualys WAS, Appspider, Acutenitx, Veracode, Burp Suite, Netsparker, OWASP Zap, Checkmarx, Whitesource, Snyk or similar. Past development expertise or operational or consultative experience supporting application security teams. Threat modeling experience. Experience using source code management tools such as Perforce, GIT or equivalent. Strong debugging skills and experience performing security code reviews. Experience with Active Directory and/or LDAP. Understanding of PKI, Certificate security, encryption, HTTPS. Strong written and oral communication and collaboration skills, ability to collaborate effectively in team, across team and with management and other disciplines. Experience working with product management, engineering and ops to help them buy into a potentially disruptive, but important, security update/change. Demonstrated security research activities (e.g. participation in bug bounties or credit for reporting CVEs). Show more Show less

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. ͏ We are looking for an experienced ServiceNow developer to join our ServiceNow Risk and Security Operations practice as a senior consultant to support client implementation projects. The ideal candidate will have a strong background in ServiceNow implementation projects, with at least one project involving ServiceNow Risk solutions (i.e., Integrated Risk Management, Third Party Risk Management, Business Continuity Management). Our team brings technical expertise, real-world experience, strong executive engagement skills, and an inspirational mindset to help our customers understand the opportunities of the “platform of platforms” vision. We act as Trusted Partners for our customers’ most complex solutions, designed to ensure that they can rapidly realize the value they need. We do this by leveraging best practices and industry standards to build customer trust and architect best-in-class solutions. While collaborating with customers, and the wider ServiceNow Risk and Security Operations delivery team, the right candidate will be able to implement ServiceNow solutions based on requirements and architectural designs approved by the client. The candidate will also lead and participate in the delivery of demonstrations, workshops, best practice overviews, and educational sessions for customers. KEY RESPONSIBILITIES: Gather and document client requirements as part of a ServiceNow implementation project. Configure and test ServiceNow Risk solutions. Be a technical delivery resource, ensuring delivery excellence, aligned to ServiceNow Risk practice expectations. Stay current with new developments in the ServiceNow platform and apply that knowledge to client solutions REQUIRED QUALIFICATIONS: Minimum of 2 years of ServiceNow developer experience. Strong understanding of ServiceNow platform, including experience with custom development, integrations, and workflows. Strong problem-solving and analytical skills. ServiceNow Certified System Administrator certification. Experience working in a consulting environment. PREFERRED QUALIFICATIONS: ServiceNow Certified Implementation Specialist certification in one or more of the following: Risk and Compliance. Third-party Risk Management (TPRM) Implementer. Micro-Certification - Business Continuity Management. ServiceNow Certified Application Developer certifications. Experience in working with an integrated global practice. Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and/or Certified Information Security Manager (CISM) Experience working with industry-leading security operations tools (e.g., CyberXM, Rapid7, Qualys, Tenable, Prisma, Snyk, Veracode, Wiz, Orca, Tanium, Splunk, QRadar. Carbon Black, CrowdStrike, ProofPoint, Cisco, etc). ͏ Mandatory Skills: ServiceNow - GRC. Experience: 8-10 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description Job Summary: Experienced Vulnerability Management and penetration testing Governance lead will manage a team to oversee the identification, assessment, and remediation of security vulnerabilities across enterprise systems. This role will focus on establishing a proactive security posture, ensuring compliance with industry standards, and driving governance initiatives to mitigate risks effectively along with strong leadership and project management skills. Vulnerability Assessment: Lead regular vulnerability scans and penetration testing across infrastructure, cloud environments and outside-In. Security Baseline: Lead development and implementation of Security Baseline using CIS Benchmarks by determining the systems, applications, and network devices to be secured (e.g., Windows, Linux, Cloud, Docker, Kubernetes). Risk Analysis & Prioritization: Evaluate identified vulnerabilities based on severity, exploitability, and potential business impact. Remediation Planning: Collaborate with IT, security, engineering and entity teams to ensure timely remediation of high-risk vulnerabilities. Governance & Compliance: Develop and enforce security governance frameworks in line with industry standards (e.g., NIST, CIS, ISO 27001, PCI-DSS). ͏ Threat Intelligence Integration : Leverage global threat intelligence feeds to stay ahead of emerging security threats and vulnerabilities. Security Policy Development: Define policies and best practices for vulnerability management, reporting, and remediation. Automation & Continuous Monitoring: Implement automated vulnerability scanning tools and ensure ongoing security assessments. Incident Response Support: Provide technical guidance in vulnerability-related security incidents and audits. Reporting & Metrics: Establish key risk indicators and provide executive reports on vulnerability trends and remediation progress. ͏ Experience: 12+ years in cybersecurity, vulnerability management, or Penetration testing roles. Technical Expertise: Hands-on experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Nessus, OpenVAS), penetration testing and threat intelligence platforms. Penetration Testing & Ethical Hacking : Experience with tools like Metasploit, Burp Suite, Nmap, and Wireshark for real-world security assessments. Security Framework Knowledge: Strong understanding of NIST, CIS benchmarks, OWASP Top 10, and CVSS scoring models. Compliance Awareness: Familiarity with regulatory standards affecting security risk management. Leadership & Communication: Ability to coordinate with multiple stakeholders, drive security improvements, and articulate risks effectively. Certifications such as CISSP, CISM, CEH, OSCP or equivalent. Experience in cloud vulnerability management (AWS, Azure, GCP). Knowledge of DevSecOps practices and security automation. ͏ ͏ Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Bangalore/ Gurgaon, India A security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation, and guidance service within the TAS Application Operations team. The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery. What You’ll Be DOING What will your essential responsibilities include? Support the Application Operations (Security) team in all security related activities, forums and discussions. Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys. Assist in setting up Jenkins pipeline integration to CI/CD lifecycle. Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues. Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements. Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization. Assist in Policy development, contributing to the development and implementation of vulnerability management policies and procedures. Manage the production of reporting and metrics to both internal and external stakeholders. You will report to the Operations Lead. What You Will BRING We’re looking for someone who has these abilities and skills: Required Skills And Abilities Security First mindset. Understanding of vulnerability analysis, scanning and remediation processes. Understanding of CVEs, CVSS. Understanding of security industry compliancy benchmarks and standards i.e. CIS. Understanding of security best practices/standards i.e. OWASP, NIST. Preferable experience with at least 2 coding languages i.e. Java, .NET, C++, Python etc. Desired Skills And Abilities Outstanding analytical, critical thinking and organizational skills, ability to multitask and work to deadlines. Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting. Excellent communication, interpersonal and relationship building skills (verbal and written) Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it. How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty. With an innovative and flexible approach to risk solutions, we partner with those who move the world forward. Learn more at axaxl.com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It’s about helping one another — and our business — to move forward and succeed. Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl.com/about-us/inclusion-and-diversity. AXA XL is an Equal Opportunity Employer. Total Rewards AXA XL’s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security. It provides competitive compensation and personalized, inclusive benefits that evolve as you do. We’re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence. Sustainability At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called “Roots of resilience”, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations. Our Pillars Valuing nature: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future. We’re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans. Addressing climate change: The effects of a changing climate are far reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions. Integrating ESG: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We’re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting. AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL’s “Hearts in Action” programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving. For more information, please see axaxl.com/sustainability. Show more Show less

Bangalore/ Gurgaon, India A security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation, and guidance service within the TAS Application Operations team. The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery. What You’ll Be DOING What will your essential responsibilities include? Support the Application Operations (Security) team in all security related activities, forums and discussions. Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys. Assist in setting up Jenkins pipeline integration to CI/CD lifecycle. Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues. Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements. Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization. Assist in Policy development, contributing to the development and implementation of vulnerability management policies and procedures. Manage the production of reporting and metrics to both internal and external stakeholders. You will report to the Operations Lead. What You Will BRING We’re looking for someone who has these abilities and skills: Required Skills And Abilities Security First mindset. Understanding of vulnerability analysis, scanning and remediation processes. Understanding of CVEs, CVSS. Understanding of security industry compliancy benchmarks and standards i.e. CIS. Understanding of security best practices/standards i.e. OWASP, NIST. Preferable experience with at least 2 coding languages i.e. Java, .NET, C++, Python etc. Desired Skills And Abilities Outstanding analytical, critical thinking and organizational skills, ability to multitask and work to deadlines. Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting. Excellent communication, interpersonal and relationship building skills (verbal and written) Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don’t just provide re/insurance, we reinvent it. How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty. With an innovative and flexible approach to risk solutions, we partner with those who move the world forward. Learn more at axaxl.com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic. At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That’s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It’s about helping one another — and our business — to move forward and succeed. Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl.com/about-us/inclusion-and-diversity. AXA XL is an Equal Opportunity Employer. Total Rewards AXA XL’s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security. It provides competitive compensation and personalized, inclusive benefits that evolve as you do. We’re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence. Sustainability At AXA XL, Sustainability is integral to our business strategy. In an ever-changing world, AXA XL protects what matters most for our clients and communities. We know that sustainability is at the root of a more resilient future. Our 2023-26 Sustainability strategy, called “Roots of resilience”, focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations. Our Pillars Valuing nature: How we impact nature affects how nature impacts us. Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future. We’re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans. Addressing climate change: The effects of a changing climate are far reaching and significant. Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption. We're building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions. Integrating ESG: All companies have a role to play in building a more resilient future. Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business. We’re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting. AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL’s “Hearts in Action” programs. These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving. For more information, please see axaxl.com/sustainability. Show more Show less

Position SecOps Engineer Job Description Good Experience with AWS Prior experience of CloudOps / DevOps is preferred Exposure to Production Cloud infrastructure. Vulnerability Management Working on Wiz Cloud Security – Handling cloud security posture using Wiz. PCI Scanning & Reporting (Qualys) – Conducting PCI scans, generating reports, and ensuring compliance. Weekly Reporting & Coordination – Creating vulnerability reports and collaborating with respective teams (Dev, Eng, Infra) for remediation. Cloud Security & Native Services – Familiar with cloud security concepts and services like EKS, ECS, and Docker. Qualifications And Experience Bachelor’s degree in Software Engineering, Computer Science, Computer Engineering, or related Engineering discipline; Master’s degree or higher from IIT/IISc or other premier institutes preferred. In depth knowledge and experience of AWS (Amazon Web Service) IoT platform and services. Hands-on experience about build and deployment for Nodejs, reactjs, react native, GO, typescript and python code based. Having good experience in AWS Security, Identity, & Compliance services. Having good experience in AWS Management & Governance services. Having good experience in deployment framework. (GitHub, Gitlab, Jenkins). Having good experience in Configuring and deploying Android and IOS application CI/CD platforms like Bitrise. AWS Professional Certified will get weightage. Exposure to Kibana and have experience in Red hat. Knowledge of code promotion workflow where promotion/rollback of code should be integrated with any tool like Jira. Handled stack auto scaling for any incident raised. Also have depth knowledge of python and CloudFormation. Having good experience in AWS DevOps tools services. Must be experience in creation and assignment of IAM roles and policy’s. Must have experience in IaC (AWS cli and AWS Boto lib). Strong understanding of techniques such as Continuous Integration, Continuous Delivery, Test Driven Development, Cloud Development, resiliency, security AWS Cost optimization. AWS Monitoring and Scaling. Having excellent knowledge in GIT workflow with staging environment using AWS devops tools. Experience in containerized deployments & container orchestration Experience in provisioning environments, infrastructure management & monitoring Experience in designing the HA Architecture and DC-DR setup. Experience in agile development, stage gate process, minimum viable product development, and DevOps tools. Location: IN-GJ-Ahmedabad, India-Ognaj (eInfochips) Time Type Full time Job Category Engineering Services Show more Show less

About Us: Barry-Wehmiller is a diversified global supplier of engineering consulting and manufacturing technology for the packaging, corrugating, sheeting and paper-converting industries. By blending people-centric leadership with disciplined operational strategies and purpose-driven growth, Barry-Wehmiller has become a $3 billion organization with nearly 12,000 team members united by a common belief: to use the power of business to build a better world. Job Description: About Barry Wehmiller: - Barry Wehmiller Companies is a global supplier of manufacturing technology and services based in St. Louis Missouri. Although it was founded in 1885 as a maker of machinery for the brewing industry, since 1987 Barry-Wehmiller has acquired more than 80 companies that provide equipment and services for a variety of industries: packaging, paper converting, sheeting, corrugating, engineering, and IT consulting. In 2016 it was ranked no. 10 on the St. Louis Business Journal's list of the city's Top 150 Privately Held Companies. We believe our culture differentiates us from other firms. In India, Barry-Wehmiller operates as a hub of innovation and collaboration, housing our Global Competency Center (GCC) and other strategic functions. The GCC, based in Chennai, is an Engineering Center of Excellence that supports all Barry-Wehmiller divisions globally. The center focuses on areas such as design and development in mechanical, electrical, and controls engineering, software development, and additive manufacturing. We believe in: Ownership – You’ll drive features end-to-end, from design to deployment. Flexibility – A friendly, results-oriented culture that respects your time. Empowerment – Your insights are valued, and your work makes a visible difference. Learning & Growth – You’ll work on complex challenges with smart, passionate peers—and have the support to level up continually. If you’re ready to bring your best thinking to the table and grow in a high-impact, future-focused environment, we’d love to hear from you. Job Description: The Enterprise IT Service Desk Workstation Vulnerability Analyst’s role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 3-5 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Travel: Travel could be up to 15% (in the country) as needed for remote support. What is it for you? This role is more than just a job. It’s an opportunity to be part of a global team that values people excellence, innovative solutions, and operational excellence. Barry-Wehmiller provides a unique environment where you can grow your skills, work on impactful projects, and collaborate with some of the brightest minds in the industry. In addition, we are deeply committed to your personal and professional growth, fostering a culture that helps you achieve your full potential. To understand more about our people-first philosophy, you may like to watch this short video by our CEO, Mr. Bob Chapman , on Truly Human Leadership : Watch the video At Barry-Wehmiller we recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying. We know that our differences often can bring about innovation, excellence and meaningful work—therefore, people from all backgrounds are encouraged to apply to our positions. Please let us know if you require reasonable accommodations during the interview process. Company: BW Corporate US Show more Show less

Bangalore,Karnataka,India Job ID 768426 Join our Team About the Role: We are hiring a Vulnerability Engineer to join our Managed Security Services team. You will be responsible for identifying, analyzing, and tracking security vulnerabilities across enterprise environments. The role involves working with scanning tools, coordinating with stakeholders, and ensuring timely remediation to minimize security risk. Key Responsibilities: Perform vulnerability scans using tools like Tenable Nessus, Qualys, IBM AppScan , etc. Analyze scan results, identify false positives, and prioritize risks Track and support remediation efforts with technical teams Register and manage assets in scanning platforms and maintain scan schedules Prepare reports and metrics for leadership and stakeholders Coordinate with customers on scan schedules and mitigation plans Contribute to automation and process optimization Required Skills: Strong knowledge of vulnerability management processes and tools like Tenable Nessus, Qualys, IBM AppScan etc Solid understanding of network, system, and application-level security Experience in report writing and communicating technical findings Familiarity with enterprise IT environments and TCP/IP networking Excellent problem-solving, collaboration, and communication skills Willingness to participate in on-call support rotation Preferred: Experience with scripting/automation for scanning and reporting Security certifications (e.g., CEH, CompTIA Security+, OSCP) Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

Job Role : Computer and Information Systems Managers For Workflow Annotation Specialist Project Type: Contract-based / Freelance / Part-time – 1 Month Job Overview: We are seeking domain experts to participate in a Workflow Annotation Project . The role involves documenting and annotating the step-by-step workflows of key tasks within the candidate’s area of expertise. The goal is to capture real-world processes in a structured format for AI training and process optimization purposes. Domain Expertise Required :  Plan and deliver IT projects on time and within scope  Supervise technical and project staff  Oversee IT infrastructure and operations  Enforce information security policies and protocols  Manage vendor contracts and service agreements  Align technology strategy with overall business objectives . Tools & Technologies You May have Worked: Project & task management: Jira, Microsoft Project, Smartsheet Monitoring & analytics: Datadog, Splunk Security tools: Nessus, Qualys Service management: ServiceNow, Zendesk Cloud platforms: AWS Console, Azure Portal, Google Cloud Console Enterprise systems: SAP, Oracle ERP Collaboration tools: Slack, Microsoft Teams Open Source / Free Software Experience Project management: OpenProject, Taiga, Kanboard Monitoring & visualization: Zabbix, Prometheus + Grafana Security tools: OpenVAS Version control & DevOps: GitLab Community Edition (CE) Collaboration & support: Rocket.Chat, osTicket ERP systems: Odoo Community Edition Show more Show less

Role Description Role Proficiency: Act creatively to develop applications and select appropriate technical options optimizing application development maintenance and performance by employing design patterns and reusing proven solutions account for others' developmental activities Outcomes Interpret the application/feature/component design to develop the same in accordance with specifications. Code debug test document and communicate product/component/feature development stages. Validate results with user representatives; integrates and commissions the overall solution Select appropriate technical options for development such as reusing improving or reconfiguration of existing components or creating own solutions Optimises efficiency cost and quality. Influence and improve customer satisfaction Set FAST goals for self/team; provide feedback to FAST goals of team members Measures Of Outcomes Adherence to engineering process and standards (coding standards) Adherence to project schedule / timelines Number of technical issues uncovered during the execution of the project Number of defects in the code Number of defects post delivery Number of non compliance issues On time completion of mandatory compliance trainings Code Outputs Expected: Code as per design Follow coding standards templates and checklists Review code – for team and peers Documentation Create/review templates checklists guidelines standards for design/process/development Create/review deliverable documents. Design documentation r and requirements test cases/results Configure Define and govern configuration management plan Ensure compliance from the team Test Review and create unit test cases scenarios and execution Review test plan created by testing team Provide clarifications to the testing team Domain Relevance Advise Software Developers on design and development of features and components with a deep understanding of the business problem being addressed for the client. Learn more about the customer domain identifying opportunities to provide valuable addition to customers Complete relevant domain certifications Manage Project Manage delivery of modules and/or manage user stories Manage Defects Perform defect RCA and mitigation Identify defect trends and take proactive measures to improve quality Estimate Create and provide input for effort estimation for projects Manage Knowledge Consume and contribute to project related documents share point libraries and client universities Review the reusable documents created by the team Release Execute and monitor release process Design Contribute to creation of design (HLD LLD SAD)/architecture for Applications/Features/Business Components/Data Models Interface With Customer Clarify requirements and provide guidance to development team Present design options to customers Conduct product demos Manage Team Set FAST goals and provide feedback Understand aspirations of team members and provide guidance opportunities etc Ensure team is engaged in project Certifications Take relevant domain/technology certification Skill Examples Explain and communicate the design / development to the customer Perform and evaluate test results against product specifications Break down complex problems into logical components Develop user interfaces business software components Use data models Estimate time and effort required for developing / debugging features / components Perform and evaluate test in the customer or target environment Make quick decisions on technical/project related challenges Manage a Team mentor and handle people related issues in team Maintain high motivation levels and positive dynamics in the team. Interface with other teams designers and other parallel practices Set goals for self and team. Provide feedback to team members Create and articulate impactful technical presentations Follow high level of business etiquette in emails and other business communication Drive conference calls with customers addressing customer questions Proactively ask for and offer help Ability to work under pressure determine dependencies risks facilitate planning; handling multiple tasks. Build confidence with customers by meeting the deliverables on time with quality. Estimate time and effort resources required for developing / debugging features / components Make on appropriate utilization of Software / Hardware’s. Strong analytical and problem-solving abilities Knowledge Examples Appropriate software programs / modules Functional and technical designing Programming languages – proficient in multiple skill clusters DBMS Operating Systems and software platforms Software Development Life Cycle Agile – Scrum or Kanban Methods Integrated development environment (IDE) Rapid application development (RAD) Modelling technology and languages Interface definition languages (IDL) Knowledge of customer domain and deep understanding of sub domain where problem is solved Additional Comments Software Developer with proven industry experience to join our global engineering team. Experience and Education 5+ years of development experience using Java/J2EE, Spring Frameworks, Spring Boot, SQL and Restful Webservices. BS Engineering/Computer Science or equivalent experience required. Good handle on concepts of cyber security, cloud technologies, and agile methodology. Experience / familiarity of working with security related tooling such as Wiz, Qualys, Checkmarx and / or Mend. Experience with Spring Boot, Micro Services, Hibernate, JPA, Angular, Lucene, jQuery frameworks. Strong understanding of REST APIs Experience working with Relational and Non-relational databases. Hands on development experience in Python Nice to have – Experience working with more than 1 large projects to get a good view of architecture concepts and pitfalls. Key Responsibilities Interface with the product team and team members to finalize requirements. Form close relationship with DevOps teams in order to further harden our environments. Implement requirements while following SDLC best practices and assist others through code and design reviews. Operate in an Agile development environment while collaborating with key stakeholders. Resolve technical issues as necessary, including security vulnerabilities. Keep abreast of new technology developments. Technical Skills Hands on experience in designing and developing applications using Java platforms – Java, springboot, Rest API, Hibernate Experience working with Java 11 and above. Experience working with front end technologies like HTML, Java Script and Angular Excellent knowledge of Relational Databases, SQL and ORM technologies (JPA, Hibernate). Experience in using Agile DevOps tools Gradle, GIT, Bamboo, Jenkins, IntelliJ and Nexus. Knowledge of test-driven development. Nice to have - exposure to AWS services and docker containers Ability to work with an agile mindset and avoid an over-the-wall approach. Ability to work well with internal and external technology resources. Good oral and written communications skills. Skills Java/J2EE,springboot,Security,Microservices Show more Show less

Job Title: Associate Director / Director – VAPT Location: Mumbai Experience: 10+ years Work Mode: Onsite (Mumbai) Certification: OSCP preferred; other relevant certifications (e.g., OSCE, CISSP, CISM, GPEN) are an added advantage Role Overview: We are seeking an experienced cybersecurity leader to join our team as an Associate Director / Director – VAPT in Mumbai . The role demands a seasoned professional with deep expertise in Vulnerability Assessment and Penetration Testing across web, mobile, network, infrastructure, cloud, and source code environments. The ideal candidate will bring strong technical capabilities along with proven leadership in managing high-performing teams and driving large-scale security engagements for enterprise clients. Key Responsibilities: Leadership & Strategic Oversight: Lead the VAPT practice for the region, ensuring alignment with organizational goals and client expectations. Define and evolve methodologies, standards, and best practices for VAPT engagements. Collaborate with senior leadership and clients (CIOs, CISOs, Risk Heads) on cybersecurity strategy, roadmap, and execution. Lead business development , proposal creation, RFP responses, and pre-sales activities. Delivery & Engagement Management: Oversee multiple VAPT projects spanning web, mobile, infrastructure, cloud, IoT, and source code . Ensure high-quality delivery of technical assessments, risk reporting, and mitigation recommendations . Monitor project performance, client satisfaction, and profitability. Act as a technical escalation point for complex and critical vulnerabilities. Team Development & Mentorship: Build, mentor, and retain a team of high-caliber security professionals. Conduct knowledge-sharing sessions, lead training initiatives, and promote internal capability building. Encourage a culture of continuous learning, innovation, and ethical hacking . Desired Skills & Experience: 12+ years of overall cybersecurity experience with a strong focus on VAPT and Red Team assessments . Proven expertise in conducting and managing manual and advanced penetration testing of applications, networks, and cloud environments. Familiarity with tools like Burp Suite, Metasploit, Nmap, Nessus, Qualys, AppScan, Fortify, Wireshark , etc. Solid understanding of security frameworks and standards : OWASP, NIST, MITRE ATT&CK, ISO 27001, PCI-DSS, RBI guidelines. Strong knowledge of secure coding practices and experience in reviewing source code in multiple languages. Exposure to cloud platforms (AWS, Azure, GCP) and DevSecOps is preferred. Excellent communication, stakeholder management, and team leadership skills. OSCP certification is preferred ; additional credentials such as OSCE, CISSP, CISM, GPEN are a plus. Show more Show less

Job Role As a DevOps Architect, you are responsible for designing and implementing your organization's DevOps strategy. You'll work closely with development and operations teams to enhance collaboration, improve deployment frequency, and ensure the reliability and scalability of applications. Your key responsibilities include architecting CI/CD pipelines, managing cloud infrastructure, implementing monitoring and logging solutions, and fostering a culture of continuous improvement and agility within the organization. Why Choose Ideas2IT Ideas2IT has all the good attributes of a product startup and a services company. Since we launch our products, you will have ample opportunities to learn and contribute. However, single-product companies stagnate in the technologies they use. In our multiple product initiatives and customer-facing projects, you will have the opportunity to work on various technologies. AGI is going to change the world. Big companies like Microsoft are betting heavily on this (see here and here). We are following suit. What's in it for you? Perform capacity planning, automation, testing, performance tuning, and tools development. Develop and maintain the continuous integration and continuous delivery pipeline. Develop and deploy a control plane for all platform services to guarantee observability, monitoring, analytics, and alerting. Provide on-call support for the platform. Collaborate with the DevOps teams of the SaaS products built on the platform to resolve incidents and implement changes quickly and efficiently. Collaborate with the cyber-security team to integrate security measures into all aspects of the platform. Work with technical project managers, product managers, and operations managers to set priorities and track operational metrics. Participate in planning, system demos, and inspect & adapt events. Drive and coordinate platform adoption, actively engaging product development, quality, regulatory, and customer success teams. Experience in the diagnostics and pharmaceutical industry or other highly regulated industries like finance or insurance seen as highly advantageous. Here's What You'll Bring 8+ years of experience in a systems engineering/DevOps role 3+ years of industry experience with Amazon Web Services, IAM, VPC peering, API Gateway, NLB, EC2, ECS, EKS, Lambda, S3, RDS, DynamoDB, SQS, etc. Strong knowledge of Linux systems and internals (Ubuntu/Alpine preferred) Experience in creating software to automate production systems with one of the following languages: Python, Ruby, Java, Go, etc. Strong experience with configuration management, monitoring, and systems tools (e.g. Ansible, SumoLogic, Prometheus, Grafana, etc.). Proficiency with source control, continuous integration, and testing methods (Git, GitLab, Jenkins) Understanding of cloud provisioning tools, e.g. CloudFormation and Terraform. Strong knowledge of docker, Kubernetes Experience working with cloud-based technologies (Cloudflare CDN and Qualys WAS are highly desirable). Exposure to messaging pub/subsystems (e.g. RabbitMQ, Active-MQ, Kafka) Experience with Linux package management tools e.g.: rpm, apk, deb & fpm, etc. About Us Ideas2IT stands at the intersection of Technology, Business, and Product Engineering, offering high-caliber Product Development services. Initially conceived as a CTO consulting firm, we've evolved into thought leaders in cutting-edge technologies such as Generative AI, assisting our clients in embracing innovation. Our forte lies in applying technology to address business needs, demonstrated by our track record of developing AI-driven solutions for industry giants like Facebook, Bloomberg, Siemens, Roche, and others. Harnessing our product-centric approach, we've incubated several AI-based startupsâincluding Pipecandy, Element5, IdeaRx, and Carefi. inâthat have flourished into successful ventures backed by venture capital. With fourteen years of remarkable growth behind us, we're steadfast in pursuing ambitious objectives. â P.S. We're all about diversity, and our doors are wide open to everyone. Join us in celebrating the awesomeness of differences! Show more Show less

Job Description Who We Are Sureifys mission is to modernize the life insurance and annuity industry by helping carriers acquire, service, and engage their customers through any distribution channel. Sureifys products empower life insurance carriers, agents, employees, and customers to have the digital experiences that employees and consumers have come to expect in the rapidly advancing tech climate. Your Role as a Valued Team Member We are seeking a detail-oriented and proactive Vulnerability Remediation Engineer to join our growing Infosec team. The person will be responsible for reducing the risk exposure of security vulnerabilities from the scope of Sureify overall. This role entails monitoring ongoing security vulnerabilities, analyzing risk posture, collaborating with stakeholders/finding owners for managing resolutions, and acting as an SME to assess discovered vulnerabilities. You will also provide pragmatic solutions and be flexible in supporting emergency vulnerability remediations. The ideal candidate will possess a strong understanding of security protocols, vulnerability management, system administration, and software development lifecycle, as well as excellent communication skills to collaborate with cross-functional teams. This role does require some overlap of hours with a team based in San Jose, California. Your Key Responsibilities Review and assess security vulnerabilities, patches, and findings from internal audits, security scans, and penetration tests. Prioritize vulnerabilities based on risk and impact, and ensure timely patching or remediation. Enforce patch compliance by tracking deployments, addressing exceptions, and ensuring adherence to vulnerability remediation Service Level Agreements (SLAs). Collaborate with security and IT teams to develop and implement security patches for critical vulnerabilities. Work closely with developers and DevOps teams to understand the root cause of security vulnerabilities and propose appropriate fixes. Assist development teams in the integration of security features and secure coding practices throughout the software development lifecycle (SDLC). Develop and maintain scripts for automated patch deployment across various systems and applications. Automate vulnerability patching workflows using scripting languages such as Python, PowerShell, Bash, etc. Collaborate with the development team to create and test patches, ensuring that they do not disrupt the functionality of applications or systems. Maintain detailed records of patches, and remediation actions. Prepare and present reports on patch management progress, risks, and status to senior management. Flexibly support emergency response for 0-day vulnerability remediation. Automating processes of security from time to time when needed. Identify potential improvement areas for vulnerability remediation and share lessons learned. Continuously monitor for emerging vulnerabilities and maintain an up-to-date patching schedule. Role Requirements Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent work experience). Server administration experience (Windows/RHEL) with a solid understanding of industry best practices for Patch Management and Vulnerability Remediation. Experience in vulnerability management, security patching, or related security roles. Experience supporting vulnerability emergency response or security incidents, including coordinating with relevant stakeholders, implementing corrective/preventive actions, and guiding security patching of software or components. Strong knowledge of security vulnerabilities in software and infrastructure components (servers, clients, network devices, perimeter security technologies, protocols/services, middleware, databases, configurations, etc.). In-depth understanding of security processes related to vulnerability management, security patching, security configurations, and technical security validations. Strong understanding of common network protocols (TCP/IP, DNS, HTTP, HTTPS, SMTP, etc.) and how vulnerabilities in these protocols can affect system security. Strong experience in at least one scripting language such as Python, PowerShell, Bash, etc. Familiarity with cloud platforms (AWS) and their security models. Knowledge of Cloud & Vulnerability Security tools such as Qualys, SentinelOne, or Crowdstrike Good understanding of industry-standard regulations and risk management frameworks (e.g., ISO, SOC, HIPAA, GDPR, CCPA). Familiarity with security frameworks such as SANS Top 25, OWASP Top 10, and/or MITRE ATT&CK. Knowledge of secure coding practices and development environments. Familiarity with container security (Docker, Kubernetes) and securing microservices is a plus. Security certifications such as Security+, SSCP, CEH, or other equivalent recognized certifications are a plus. Excellent communication and interpersonal skills, with the ability to articulate complex technical vulnerabilities and remediation actions to both technical and non-technical stakeholders. Show more Show less

This job is with Allianz Commercial, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly. The Vulnerability Management Engineer is responsible for managing the identification, assessment, reporting, and mitigation of infrastructure and cloud vulnerabilities. A candidate for this role will have a mindset of a defender and be able to operate in a fast-paced environment working closely with our infrastructure team that includes Network, Firewall, Hypervisors, Servers, and business application teams. Primary Skills At least 7+ years' experience in Information Security or Information Technology field. Bachelor's degree in computer science, Information Security, or equivalent combined experience. Hands-on experience with a variety of vulnerability management and network scanning tools, such as Qualys, Tenable Security Center, Nmap, web scanners, etc. Understanding of the relationship between operating systems, applications, and their dependencies, and how interrelated software vulnerabilities exist - with ability to determine remediation techniques in diverse environments. Conduct regular vulnerability scans and assessments on network devices, servers, applications, and databases. Perform vulnerability metrics reporting for ad-hoc and scheduled metrics report for various KPIs (Key Performance Indicators) around vulnerability management activities. Knowledge of both Windows and UNIX-based operating systems (e.g. Windows Server and Client OS, RHEL, Ubuntu, Amazon Linux, MacOS), and container technologies (e.g. Kubernetes, Docker). Ability to script and program using Python and other scripting and programming languages (i.e. SQL, Python, C, Java, JavaScript), notably for working with RESTful APIs. Perform regular security audits and compliance checks to ensure adherence to security policies and standards. Experience working with REST APIs and integrating API frameworks into wider business intelligence solutions. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Capable of independently managing customer requirements, from the initial information gathering phase through to implementation. Secondary Skill Knowledge of the DORA Standard. Solid experience in offensive security, adversarial tactics, techniques, and procedures (e.g. using MITRE ATT&CK framework), and common attack patterns such as binary exploitation, memory corruption, race conditions, web attacks, etc. In-depth knowledge of security standard methodologies, technologies and products and aim to continuously improve these skills. Knowledge of CI/CD pipelines, GitHub or other version control systems, and cloud hosting environment's (i.e. AWS) applicable security standard methodologies. Experience working in agile project management toolsets, creating tickets which break down work into manageable pieces, tracking capacity, and closing stories in a timely manner, and documenting work (i.e. Jira, Confluence, ServiceNow). Soft Skill Good experience working with numerous external teams to track and deliver solutions. Strong detail-oriented individual able to efficiently analyze and resolve problems. Strong verbal, communication, and diplomacy skills with all levels of the business. Must be self-motivated, able to work independently, and multi-task effectively. Skills Desired Exposure or knowledge of cloud architectures, services, and vulnerabilities. Understanding of risk assessment methodologies. Proficiency in using vulnerability scanning tools such as Qualys etc. Qualys, MDE & C, SNS, Excellent in Excel. Ability to interpret vulnerability data from multiple sources. Reporting and metrics expertise with platforms such as Splunk, PowerBI, etc Your Benefits We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teachAbout Allianz Technology Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 13,000 employees located in 22 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.We oversee the full digitalization spectrum - from one of the industry's largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age. D&I statement Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life Join us. Let´s care for tomorrow You. IT Show more Show less

Job requisition ID :: 79285 Date: Jun 12, 2025 Location: Kochi Designation: Assistant Manager Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Job requisition ID :: 83600 Date: Jun 12, 2025 Location: Delhi Designation: Consultant Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Overview Make your mark at Comcast - a Fortune 30 global media and technology company. Become part of our award-winning, international engineering team that turns big ideas into cutting-edge products, platforms, and solutions that our customers love. We create space to innovate, and we recognize, reward, and invest in your ideas, while ensuring you can proudly bring your authentic self to the workplace. You’ll do the best work of your career right here. Success Profile What makes a successful Security Engineer 2 at Comcast? Check out these top traits and explore role-specific skills in the job description below. Results-driven Adaptable Inventive Entrepreneurial Team Player Problem-Solver Benefits We’re proud to offer comprehensive benefits to help support you physically, financially and emotionally through the big milestones and in your everyday life. Paid Time off We know how important it can be to spend time away from work to relax, recover from illness, or take time to care for others needs. Physical Wellbeing We offer a range of benefits and support programs to ensure that you and your loved ones get the care you need. Financial Wellbeing These benefits give you personalized support designed entirely around your unique needs today and for the future. Emotional Wellbeing No matter how you’re feeling or what you’re dealing with, there are benefits to help when you need it, in the way that works for you. Life Events + Family Support Benefits that support you no matter where you are in life’s journey. Security Engineer 2 Location Chennai, India Req ID R412615 Job Type Full Time Category Cybersecurity Date posted 06/13/2025 Comcast brings together the best in media and technology. We drive innovation to create the world's best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast. Job Summary "Responsible for monitoring, identifying, investigating and analyzing all response activities related to cybersecurity incidents within an organization. Identifies security flaws and vulnerabilities; responds to cybersecurity incidents, conducts threat analysis as directed and addresses detected incidents. Conducts network or software vulnerability assessments and penetration testing utilizing reverse engineering techniques. Perform vulnerability analysis and exploitation of applications, operating systems or networks. Identifies intrusion or incident path and method. Isolates, blocks or removes threat access. Evaluates system security configurations. Evaluates findings and performs root cause analysis. Performs analysis of complex software systems to determine both functionality and intent of software systems. Resolves highly complex malware and intrusion issues. Contributes to the design, development and implementation of countermeasures, system integration, and tools specific to Cyber and Information Operations. Works with moderate guidance in own area of knowledge. Employees at all levels are expect to: - Understand our Operating Principles; make them the guidelines for how you do your job - Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services - Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences - Win as a team - make big things happen by working together and being open to new ideas - Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers - Drive results and growth - Respect and promote inclusion and diversity - Do what's right for each other, our customers, investors and our communities" Job Description Core Responsibilities Strong customer focus with the ability to advise and work closely with application teams and vendors on mitigation. Exposure to commercial and open-source tools such as Burpsuite, Metasploit, WebInspect, Nessus, Qualys, Nexpose, nmap, Kali Linux, etc. Experience cataloguing and risk-scoring vulnerabilities discovered through assessments. Good understanding and experience with: Web application security assessment, including hands-on techniques. Hands-on experience in identifying, mitigating, and remediating vulnerabilities based on OWASP Top10 (API, Web) Basic Scripting knowledge with the capability to automate analysis of technical engineering tasks. CVSS scoring and its use in risk rating What success looks like Prompt, effective curation of security vulnerabilities. Responsiveness to internal customer requests. Validation of remediated tickets within published service level agreements (SLAs). What You Can Expect A cool and casual work environment with opportunities to showcase your skills. A culture of innovation and continuous learning. Training, support, and mentoring to expand and evolve your expertise. Opportunities to impact the security of Comcast products in millions of homes and businesses What We Require: Bachelor's Degree in Computer Science, Information Systems, or other related field or equivalent work experience. Disclaimer: This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications. Comcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law. Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits to eligible employees. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details. Education Bachelor's Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience. Relevant Work Experience 2-5 Years