670 Qualys Jobs - Page 12

Job Title : Security GRC Consultant & Security Lead Experience: 10+ Years Location: [Thrissur / Cochin] Type: [Full-Time/Onsite] Industry : Information Security / Cybersecurity / Risk & Compliance Job Summary: A seasoned Security GRC (Governance, Risk, and Compliance) Consultant and Security Lead with over 10 years of experience in implementing, managing, and optimizing cybersecurity governance frameworks. Adept at bridging business and technology risk, ensuring regulatory compliance, and leading cross-functional teams to uphold enterprise security posture. Proven ability to drive enterprise risk programs, security audits, and compliance initiatives in diverse industries including finance, healthcare, and technology. Key Responsibilities: Governance, Risk, and Compliance (GRC): • Develop, implement, and manage enterprise-wide GRC strategies aligned with business and regulatory requirements (e.g., ISO 27001, NIST, SOC 2, HIPAA, GDPR, PCI-DSS). • Lead security risk assessments, third-party vendor evaluations, and business impact analyses (BIA). • Design and implement risk treatment plans, control testing programs, and continuous monitoring processes. • Maintain and enhance GRC platforms such as Archer, ServiceNow GRC, or LogicGate. Security Leadership & Strategy: • Act as the primary liaison between business stakeholders, technical teams, and executive leadership on cybersecurity initiatives. • Lead the development and execution of information security programs, policies, and procedures. • Provide expert guidance on security architecture, incident response, and data protection strategies. • Conduct security awareness training and culture-building across the organization Audit & Compliance: • Prepare organizations for internal and external audits; respond to audit findings and ensure timely remediation. • Manage and maintain documentation for control evidence, risk registers, and compliance reports. • Engage with regulatory bodies and customers during compliance reviews and assessments. Project Management & Team Leadership: • Lead or participate in cross-functional projects including cloud security assessments, privacy impact assessments (PIAs), and IT risk projects. • Mentor and lead junior security professionals; contribute to internal knowledge bases and best practices. • Manage project timelines, stakeholder expectations, and deliverables in Agile and Waterfall environments. Required Skills & Qualifications: • Bachelor’s or Master’s degree in Cybersecurity, Information Systems, or related field. • Professional certifications: CISSP, CISA, CRISC, CISM, ISO 27001 Lead Implementer/Auditor, or similar. • Strong knowledge of GRC frameworks (ISO, NIST CSF, COBIT), data protection laws (GDPR, CCPA), and industry standards. • Experience with security tools and platforms like Archer, ServiceNow GRC, Splunk, Tenable, Qualys, etc. • Excellent communication, stakeholder management, and technical writing skills. • Ability to work independently and drive multiple initiatives in complex environments. Preferred Experience: • Hands-on experience in cloud security (AWS, Azure, GCP). • Experience working in highly regulated industries (Finance, Healthcare, Pharma). • Familiarity with DevSecOps, secure SDLC, or CI/CD pipeline security controls.

Job Description TriNet is a leading provider of comprehensive human resources solutions for small to midsize businesses (SMBs). We enhance business productivity by enabling our clients to outsource their HR function to one strategic partner and allowing them to focus on operating and growing their core businesses. Our full-service HR solutions include features such as payroll processing, human capital consulting, employment law compliance and employee benefits, including health insurance, retirement plans and workers’ compensation insurance. TriNet has a nationwide presence and an experienced executive team. Our stock is publicly traded on the NYSE under the ticker symbol TNET. If you’re passionate about innovation and making an impact on the large SMB market, come join us as we power our clients’ business success with extraordinary HR. Don't meet every single requirement? Studies have shown that many potential applicants discourage themselves from applying to jobs unless they meet every single requirement. TriNet always strives to hire the most qualified candidate for a particular role, ensuring we deliver outstanding results for our small and medium-size customers. So if you're excited about this role but your past experience doesn't align perfectly with every single qualification in the job description, nobody’s perfect – and we encourage you to apply. You may just be the right candidate for this or other roles. Job Summary The Staff Vulnerability Management Analyst is a key member of the Global Security Cyber Defense team responsible for identifying, analyzing, and driving the remediation of vulnerabilities across enterprise systems, applications, and cloud environments. Based in Hyderabad, India, this role plays a critical part in protecting the organization's digital assets by ensuring vulnerabilities are promptly addressed and risk is effectively communicated to stakeholders. Essential Duties/Responsibilites Lead the execution of the enterprise Vulnerability Management Program, including the design, scheduling, and tuning of automated vulnerability scans across endpoints, servers, cloud assets, and container environments. Ensure the health and performance of scanning tools and infrastructure, including asset discovery, credentialed scanning, and optimization of scan coverage. Analyze scan data to identify true positive vulnerabilities, eliminate false positives, and work with asset owners to ensure timely and effective remediation. Conduct regular assessments of container images, infrastructure-as-code (IaC), and cloud-native platforms to identify misconfigurations and known vulnerabilities. Collaborate with cross-functional teams, including Cyber Defense, Security Architecture, Security Engineering, Application Security, Risk, Engineering, and Technology to coordinate remediation activities and provide technical guidance on mitigating identified risks. Support continuous improvement by tracking and reporting remediation SLAs, scan coverage metrics, and program KPIs, while partnering with system owners to ensure timely compliance with remediation timelines. Design and deliver actionable dashboards and executive-level reports to drive data-informed remediation decisions and communicate risk posture effectively. Stay current on emerging threats, vulnerability disclosures (CVEs), and industry benchmarks such as CIS, NIST, and OWASP. Act as a backup resource to the Cyber Defense team, assisting in threat hunting, incident response, and vulnerability-related investigations. Performs other duties as assigned Complies with all policies and standards Qualifications Education Bachelor's Degree Work Experience Typically 5+ years experience in vulnerability management or a related cybersecurity domain. Licenses and Certifications CISSP – Certified Information Systems Security Professional CISM – Certified Information Security Manager GIAC Certified Incident Handler (GCIH) CEH: Certified Ethical Hacker CISA – Certified Information Systems Auditor Knowledge, Skills And Abilities Hands-on experience with vulnerability scanning platforms such as Microsoft Defender Vulnerability Management, Tenable, Qualys, Rapid7, or similar. Experience working in ServiceNow Vulnerability Management suite is preferred. Experience with security orchestration and automation tools (e.g., Microsoft Sentinel, Logic Apps, ServiceNow SecOps, Splunk SOAR) is a plus, particularly within Microsoft Defender environments. Solid understanding of common operating systems (Linux, Windows), networking, cloud platforms (AWS, Azure, GCP, Oracle), and container technologies (Docker, Kubernetes). Expertise in security tools and technologies (e.g., SIEM, intrusion detection systems, firewalls) and the ability to analyze and interpret security data to identify vulnerabilities and threats. Strong understanding of cybersecurity principles, frameworks, and best practices, including risk management, incident response, and regulatory compliance (e.g., NIST, ISO 27001, NIST 800-53, PCI-DSS). Familiarity with vulnerability prioritization methodologies (e.g., CVSS, EPSS, threat intelligence enrichment) is a plus. Strong analytical and troubleshooting skills with the ability to interpret complex data sets, convey technical findings to both technical and non-technical audiences, and contextualize vulnerabilities in terms of business impact and operational risk. Experience building and presenting vulnerability management reports at a leadership level is preferred. Experience in creating technical documentation, runbooks, playbooks, and training materials for vulnerability management. Excellent communication and interpersonal skills. Proficient in Microsoft Office Suite. Detail-oriented and well organized. Self-motivated and capable of working independently within a small, high-performing team that values critical thinking and sound decision-making. Contributes to a team culture of inclusion, transparency, and innovation, by actively sharing ideas and taking ownership of impactful work. Highly ethical and professional. Work Environment Work in a clean, pleasant, and comfortable office work setting. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable persons with disabilities to perform the essential functions. This position is 100% in office. Please Note: TriNet reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Position functions and qualifications may vary depending on business necessity. TriNet is an Equal Opportunity Employer and does not discriminate against applicants based on race, religion, color, disability, medical condition, legally protected genetic information, national origin, gender, sexual orientation, marital status, gender identity or expression, sex (including pregnancy, childbirth or related medical conditions), age, veteran status or other legally protected characteristics. Any applicant with a mental or physical disability who requires an accommodation during the application process should contact recruiting@trinet.com to request such an accommodation.

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! The Site Reliability Engineer - Incident Management, has the responsibility of monitoring, maintaining and managing entire Qualys infrastructure and services installed at different data-centers. When there is any malfunction in Product/Services, the Site Reliability Engineer- Incident Management technician Monitor, troubleshoots, repairs and gets the Service/system back up as quickly as possible. Ensure maximum possible service availability and performance, provide support services for Engineering and other technical teams and to collaborate for quicker resolution. End to end Incident management, Documentations and task Automation are also part of responsibility. Responsibilities: Monitor the performance and capacity of computer systems using a variety of tools. When an issue is identified, Site Reliability Engineer- Incident Management works to determine the cause of the problem. Responsible for basic troubleshooting platform/product issues to isolate the problems and take appropriate action to resolve. Check performance with Splunk/Grafana/Kibana. Manage PagerDuty. Also help in task automation wherever possible/applicable. Ensure creation and timely resolution to incident tickets tracking and resolution of the incident. When a problem impacts Product (SaaS) or Any (IT) services, Site Reliability Engineer- Incident Management works to triage or troubleshoot the problem, Site Reliability Engineer- Incident Management must carefully track and document all issues and resolutions in detail on the ticketing tool / documentation tools. This increases the knowledge base of the Site Reliability Engineer- Incident Management and is a record of the health of the system. When problems are too large or complex for quick troubleshooting, Site Reliability Engineer- Incident Management must escalate the issue to management, other IT resources or 3rd party vendors for assistance in reaching a resolution. Site Reliability Engineer- Incident Management maintain ongoing communication within the team and externally, to keep all stakeholders aware of relevant info, known issues and the steps being taken in summary format. Site Reliability Engineer- Incident Management team will operate 24*7*365 days. Monthly shift rotation basis (*depend on requirement). Required Skills One to Two years IT Operations (Infra/System admin/Linux) or equivalent experience/certification (Fresher can apply). Knowledge or familiarity of Monitoring and other integration tools like Splunk, Prometheus, Grafana, Kibana, PagerDuty, Runscope (good to have any of the knowledge) and Jira /ServiceNow tool for Incident Management. Good experience (or familiarity) with ITSM main functions and usage of tools. Very good understanding of Incident Management (IM) processes and ability to drive Incident process (IM ticket). Strong interpersonal skills and have the ability to interact with all levels of employees in a professional manner. Certifications is highly recommended with a strong knowledge of computer functionality. Any technical certification on Linux, System Admin, VMware, IT Security or certification in the area of ITSM/ ITIL will be an added advantage. Knowledge of DevOps/SRE (basics) , Python, Cloud will be also good to have

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Qualys is changing the market by delivering a SaaS platform that solves the most difficult challenges faced by security and IT operations teams, no matter the size and complexity of the organization. Come work for the only company with a closed-loop solution that can both detect and block sophisticated threats and patch the underlying vulnerabilities being targeted by cyber attackers – all from one agent and one platform. We are seeking a candidate with a strong blend of deep technical expertise and business experience. The ideal candidate will have experience in implementing, integrating, and architecting security, compliance, and risk solutions, along with a proven track record in pre-sales, post-sales, customer engagement, and product strategy. We value individuals with high energy who thrive in fast-paced environments, are eager to roll up their sleeves, and possess a strong technical aptitude to drive success. Responsibilities: Qualys Solutions Architects are the trusted advisors to our global customers, providing valuable insights and education on asset and vulnerability management, patching, threat detection & response, compliance, and cloud and application security by leveraging the world-class Qualys Platform. You will partner with the field workforce (Technical Account Managers/TAMs and Solution Architects) within the global Enterprise, Medium, and Small customer segments to achieve local and corporate growth ambitions by providing technical expertise for the Qualys Platform, including leveraging a deep understanding of Qualys technologies to propose/architect solutions based on customer requirements and business needs Execute standardized and high-quality proof-of-concepts/proof-of-value engagements as needed to secure the technical win for strategic pursuits within assigned areas Understand technical requirements and provide solutions through direct customer engagements, RFPs, and RFIs Uncover new use cases for the Qualys platform by identifying technical and business value gaps between the customer’s desired state versus existing capabilities and demonstrate how to fill those gaps Create onboarding playbooks and technical reference architectures to effectively deploy Qualys solutions within customer environments and address specific use cases Develop and deliver a variety of technical engagements including workshops, whiteboarding architecture design sessions, and post-sale deployment health checks Collaborate with Product Management and Product Engineering teams to communicate customer pain points, feature requests, and product feedback Constantly learn and stay on top of the latest developments in the Qualys portfolio and in the larger security and compliance ecosystem Required skills and experience: We are looking for a technologist who thrives at solving complex customer challenges related to security, risk, and compliance. Solid understanding and hands-on experience with Infrastructure and Network security domains, including asset management, patching, vulnerability management, policy compliance, configuration management, endpoint threat detection and response OR Solid understanding and hands-on experience with popular public cloud infrastructure services such as AWS, Azure, and/or GCP at an architectural level, with a solid grasp of cloud security concepts, including cloud risks, vulnerabilities, posture management, and configuration best practices OR Solid understanding and hands-on experience with application security concepts, including web application testing (SAST and DAST), container security, API security, and familiarity with the OWASP and MITRE frameworks Experience with Qualys or other security and compliance platforms as a practitioner, technical seller, sales engineer, subject matter expert, or customer success architect Ability to understand and design complex architectures that solve security and compliance issues end-to-end (from identification through to remediation and recovery) Knowledge of key industry/compliance standards and frameworks for developing and governing corporate and government security programs Prior experience personally engaging with customers to drive technical wins and/or resolve challenged accounts Strong communicator with excellent written, verbal, and presentation skills Possess excellent emotional intelligence, a strong sense of curiosity, an avid learner, and high accountability

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Overview: We are seeking a highly skilled and experienced Senior Security Engineer to join our team. As a Senior Security Engineer, you will be responsible for designing, implementing, and maintaining security solutions to protect Qualys systems, networks, and data. You will work closely with cross-functional teams to ensure the effectiveness of security measures and help establish and enforce security policies and procedures. Responsibilities: Design and Implement IAM Infrastructure: Architect and build IAM infrastructure components, including identity management systems, directory services, authentication mechanisms, and access control mechanisms. Architect, design, and implement cloud-based IAM solutions, considering the unique challenges and opportunities presented by cloud environments. Develop secure IAM frameworks and workflows, ensuring scalability, reliability, and high availability of IAM infrastructure. Collaborate with system architects and network engineers to integrate IAM solutions into existing infrastructure. User Provisioning and Access Control: Develop and manage user provisioning processes, including account creation, modification, and deprovisioning, ensuring compliance with access policies and procedures. Implement role-based access control (RBAC) frameworks and access control models to grant appropriate access privileges to users based on their roles and responsibilities. Implement automated identity provisioning and deprovisioning processes, ensuring efficient onboarding and offboarding of users in cloud environments. Monitor and audit user access rights, regularly reviewing and revoking unnecessary or excessive privileges. Identity Federation and Single Sign-On (SSO): Design and implement identity federation solutions, enabling secure and seamless authentication and authorization across systems and applications. Develop and configure Single Sign-On (SSO) solutions using industry-standard protocols such as SAML, OAuth, and OpenID Connect. Integrate identity federation and SSO with external service providers and cloud-based applications. Security Policies and Procedures: Assist in the development and enforcement of IAM security policies, standards, and procedures. Develop and enforce cloud identity governance processes, including user lifecycle management, access certifications, and access review workflows. Conduct regular assessments and audits of cloud IAM infrastructure to identify and address security vulnerabilities, gaps in compliance, and deviations from established policies. Stay up-to-date with industry trends, emerging threats, and best practices related to IAM infrastructure security. Collaborate with stakeholders to ensure that IAM infrastructure aligns with compliance requirements and industry regulations. IAM Infrastructure Maintenance: Monitor the performance, availability, and security of IAM infrastructure components, proactively identifying and resolving any issues or vulnerabilities. Conduct regular maintenance activities, including software updates, patches, and system upgrades, to ensure the integrity and reliability of IAM infrastructure. Implement backup and disaster recovery mechanisms for IAM infrastructure components. Access Control and Authorization: Develop and maintain access control models, including RBAC, ABAC (Attribute-Based Access Control), and dynamic authorization frameworks, to ensure granular and appropriate access privileges across systems and applications. Implement fine-grained access controls based on user roles, job responsibilities, and data sensitivity, balancing security requirements with operational efficiency. Monitor and enforce access control policies, regularly reviewing access permissions to identify and remediate any unauthorized access or potential security risks. Multi-Factor Authentication (MFA) and Adaptive Authentication: Design and deploy multi-factor authentication (MFA) solutions to enhance the security of user authentication processes. Implement adaptive authentication mechanisms that dynamically adjust authentication requirements based on user behavior, risk levels, and contextual factors. Evaluate and select appropriate MFA methods (such as SMS, email, tokens, biometrics) based on the organization's risk profile and user experience considerations. Identity Lifecycle Management: Develop and maintain identity lifecycle management processes, including user provisioning, user attribute management, password management, and account termination procedures. Collaborate with HR, IT, and other relevant departments to ensure efficient and secure onboarding, role changes, and offboarding of employees, contractors, and external partners. Implement self-service capabilities for users to manage their identities, passwords, and access requests, reducing administrative overhead and improving user satisfaction. Collaborate with DevOps teams to integrate IAM processes into CI/CD pipelines, ensuring secure and efficient deployment of cloud infrastructure. Monitoring: Capture and analyze user activity logs to detect suspicious behavior, such as unauthorized access attempts or privilege escalations. Monitor and log access control decisions, privilege changes, and administrative activities for auditing and compliance purposes. Enable logging and monitoring of cloud IAM services to track changes, detect security incidents, and support forensic investigations. Correlate IAM logs with other security logs to identify anomalies, detect insider threats, and investigate security incidents. Vendor Management: Engage with IAM solution vendors, assess their products and services, and participate in the selection and procurement process. Collaborate with vendors on solution implementations, upgrades, and issue resolution, ensuring alignment with business requirements and security standards. Manage vendor relationships, including contract negotiations, service level agreements (SLAs), and ongoing vendor performance evaluation. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications such as CISSP, CISA, or IAM-specific certifications (e.g., CIAM, CIPP) are highly desirable. Proven track record of designing and implementing complex IAM solutions, preferably in a senior or lead role. In-depth knowledge of IAM concepts, frameworks, and best practices, including user provisioning, access management, authentication mechanisms, and identity federation. Familiarity with IAM tools and technologies, such as identity management systems, directory services, multi-factor authentication (MFA) solutions, and identity governance and administration (IGA) platforms. Understanding of cloud-based IAM solutions and integration with cloud platforms (e.g., Azure AD, AWS IAM). Experience with IAM governance processes, access certification, access review workflows, and risk-based authentication. Strong problem-solving and analytical skills, with the ability to assess complex IAM requirements, identify gaps, and propose effective solutions. Excellent communication and collaboration skills to work effectively with cross-functional teams, stakeholders, and external vendors. Strong project management skills to drive IAM initiatives, manage timelines, and deliver successful outcomes.

Job Description Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! As Security Signature Engineer, you will be part of a motivated engineering team that is responsible for the research, development, and delivery of signatures in the Qualys Security products spanning across multiple domains such as asset identity, vulnerability detections, etc. This opening is your opportunity to work in the rapidly expanding field of computer security with a company that has excellent customer ratings and outstanding growth rates. Responsibilities: Research and create signatures for the Qualys product to recognize assets of different varieties such as Laptops, Desktops, Mobile Phones, Cameras, PLCs, Communication Modules, I/O Modules, RTUs, IoT devices etc. from the fingerprints of their communication protocol messages. Research new and emerging products and innovative use of networking protocols to identify assets from their network behavior. Apply product research to correlate and identify patterns within data (packet captures) gathered from field devices and code these into identity or security signatures. Build automation for day-to-day tasks that are part of your research job. Closely work with customer support to troubleshoot and triage customer issues such as fingerprinting unidentified devices, fixing incorrect fingerprints, etc. Qualifications: BS or MS in computer science with 2-4 years of experience in Information Security domain or cyber security. Experience with network analysis tools, and analysis of packet captures using Wireshark. In-depth knowledge of TCP/IP, HTTP, FTP, SSH, SSL, NetBios, eMail, DNS, DHCP, Samba/Windows-Networking and understanding of UPnP protocols. Experience with scripting languages, including Python and Bash. Excellent written and verbal communication skills. Flair and patience for research and documentation of gathered information. Additional good to have Competencies : Knowledge of Virtualization software (VMWare, Virtual PC/Virtual Box, XEN, etc.). Knowledge of any of the Industrial protocols such as S7 Comm, Modbus, Ethernet IP, CIP, BACnet, etc. would be a huge advantage. Proficiency with regular expressions. Understanding of Lua (preferred), or Java. Knowledge of any Cloud Platform (AWS, Azure, Oracle, etc.). System administrator experience on Windows or Unix platforms. Ability to handle projects independently. Experience in developing security-related tools/programs Knowledge of security domain

Comcast brings together the best in media and technology We drive innovation to create the world's best entertainment and online experiences As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast Job Summary "Responsible for contributing towards the build and maintenance of the organization's cyber security systems and infrastructure Exercises solid knowledge of engineering skills and methodology with a working knowledge of applicable cyber security compliance standards Conducts security assessments and audits to identify cybersecurity risks within the company's networks, applications and operating systems Helps secure and protect the Network Infrastructure: Routers, Switches, Optical Devices, L2 Datacenter and cabling, Strand Mounted devices, Secure Routing protocols, DOCSIS plant (CMTS/vCMTS/PON), SDN, best practice device configuration, network automation, monitoring and troubleshooting Tests company's internal systems to validate security and detect any computer and information security weaknesses Performs a technical analysis of vulnerabilities and determines the impacts to the organization Reports, tracks and records findings in a comprehensive vulnerability assessment report Identifies and recommends appropriate action to mitigate vulnerabilities and reduce potential impacts on cybersecurity resources Applies long-term objectives and plans related to the company's technical vision to daily activity Applies innovative solutions for cyber engineering developmental problems that are competitive with industry and company standards Has in-depth experience, knowledge and skills in own discipline Usually determines own work priorities Acts as a resource for colleagues with less experience Employees at all levels are expect to: Understand our Operating Principles; make them the guidelines for how you do your job Own the customer experience think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services Know your stuff be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences Win as a team make big things happen by working together and being open to new ideas Be an active part of the Net Promoter System a way of working that brings more employee and customer feedback into the company by joining huddles, making call backs and helping us elevate opportunities to do better for our customers Drive results and growth Respect and promote inclusion and diversity Do what's right for each other, our customers, investors and our communities" Job Description What you will do Review and triage new vulnerability tickets to validate the impact Assist users by providing security guidance for remediation of Vulnerabilities Validate remediation efforts from internal customers Investigate possible security exceptions Update, maintain and document security controls Ensure application teams are implementing remediations within SLA Maintain documentation of work performed and remediation actions using ServiceNow ticketing system What You Should Possess Strong customer focus with the ability to advise and work closely with application teams and vendors on mitigation Exposure to commercial and open-source tools such as Burpsuite, WebInspect, , Qualys, nmap, etc Experience cataloguing and risk-scoring vulnerabilities discovered through assessments Knowledge about public cloud environments Knowledge about basic computer networking and HTTP Good understanding and experience with: Web application security assessment, including hands-on techniques Hands-on experience in identifying, mitigating, and remediating vulnerabilities based on OWASP Top10 (API, Web) Basic Scripting knowledge with the capability to automate analysis of technical engineering tasks using python, bash, or the use of PowerAutomate CVSS3 scoring and its use in risk rating Basic experience with Linux Preferable certifications like CEH / ECSA / CompTIA or other equivalent security certifications What Success Looks Like Prompt, effective review and collaboration on remediation of security vulnerabilities Responsiveness to internal customer requests Validation of remediated tickets within published service level agreements (SLAs) What You Can Expect A fun, cutting-edge, and collaborative environment A culture of innovation and continuous learning Training, support, and mentoring to expand and evolve your expertise Opportunities to impact the security of Comcast products in millions of homes and businesses What We Require Bachelor's Degree in Computer Science, Information Systems, or other related field or equivalent work experience Disclaimer This information has been designed to indicate the general nature and level of work performed by employees in this role It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications Comcast is proud to be an equal opportunity workplace We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus Additionally, Comcast provides best-in-class Benefits to eligible employees We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most Thats why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality to help support you physically, financially and emotionally through the big milestones and in your everyday life Please visit the compensation and benefits summary on our careers site for more details Education Bachelor's Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience Relevant Work Experience 5-7 Years

Job Title: ISMS (Information Security Management System) Location: Airoli, Navi Mumbai Key Responsibilities: ISMS Implementation & Management: Develop, implement, and maintain the ISMS framework, including policies, procedures, and guidelines based on ISO 27001 and other relevant standards. Conduct regular risk assessments to identify vulnerabilities and recommend appropriate controls to mitigate information security risks. Coordinate with other departments to ensure adherence to ISMS protocols and align information security with business goals. Compliance & Audits: Ensure the organization complies with regulatory requirements related to information security, privacy, and data protection. Lead internal and external audits to assess the effectiveness of the ISMS, manage audit processes, and work towards continuous improvement. Documentation & Reporting: Maintain comprehensive documentation for all ISMS processes, policies, controls, and audit activities. Prepare reports for senior management, detailing the effectiveness of the ISMS and recommending improvements. Continuous Improvement: Monitor industry best practices and emerging security trends to enhance the organizations security posture. Recommend improvements to the ISMS based on audit findings, risk assessments, and new business requirements. Desired Traits: Proactive and self-driven. Ability to work independently as well as part of a team. Strong collaboration and interpersonal skills to engage with stakeholders at all levels.

Job Description: We are seeking a highly motivated and talented Senior Site Reliability Engineer to work on Qualys’ Cloud Platform & Middleware technologies. Working with a team of engineers and architects, you will combine software development and systems engineering skills to build and run scalable, distributed and fault-tolerant systems. The ideal candidate will write software to optimize day to day work through better automation, monitoring, alerting, testing and deployment. Responsibilities Co-develop and participate in the full lifecycle development of cloud platform services from inception and design, deployment, operation and improvement by applying scientific principles. Increase the effectiveness, reliability and performance of cloud platform technologies by identifying and measuring key indicators, making changes to the production systems in an automated way and evaluating the results. Support cloud platform team before the technologies are pushed for production release through activities such as system design, capacity planning, automation of key deployments, engaging in building a strategy for production monitoring and alerting and participate in testing/verification process. Ensure that the cloud platform technologies are maintained properly by measuring and monitoring availability, latency, performance and system health. Advice the cloud platform team to improve the reliability of the systems in production and scale them based on need. Participate in the development process by supporting new features, services, releases and hold an ownership mindset for the cloud platform technologies Develop tools and automate the process for achieving large scaleprovisioning and deployment of cloud platform technologies Participate in on-call rotation for cloud platform technologies. At times of incidents, lead incident response and be part of writing detailed postmortem analysis reports which are brutally honest with no-blame. Propose improvements and drive efficiencies in systems and processes related to capacity planning, configuration management, scaling services, performance tuning, monitoring, alerting and root cause analysis Requirements 6 to 7 years of relevant experience in running distributed systems at scale in production. Expertise in one of the programming language: Java, Python or Go. Proficient in writing bash scripts. Good understanding of SQL and NoSQL systems Good understanding of systems programming (network stack, file system, OS services) Understanding of network elements such as firewalls, load balancers, DNS, NAT, TLS/SSL, VLANs etc Skilled in identifying performance bottlenecks, identifying anomalous system behavior, and determining the root cause of incidents. Knowledge of JVM concepts like garbage collection, heap, stack, profiling, class loading, etc. Knowledge of best practices related to security, performance, high-availability, and disaster recovery. Demonstrate a proven record of handling production issues, planning escalation procedures, conducting post-mortems, impact analysis, risk assessments and other related procedures. Able to drive results and set priorities independently BS/MS degree in Computer Science, Applied Math or related field. Bonus Points if you have: Experience with managing large scale deployments of search engines like Elasticsearch Experience with managing large scale deployments of message-oriented middleware such as Kafka Experience with managing large scale deployments of RDBMS systems such as oracle Experience with managing large scale deployments of NoSQL databases such as Cassandra Experience with managing large scale deployments of In-memory caching using Redis, Memcached, etc. Experience with container and orchestration technologies such as Docker, Kubernetes etc Experience with monitoring tools such as Graphite, Grafana and Prometheus Experience with Hashicorp technologies such as Consul, Vault, Terraform and Vagrant Experience with configuration management tools such as Chef, Puppet or Ansible In-depth experience with continuous integration and continuous deployment pipelines Exposure to Maven, Ant or Gradle for builds

About Us: Barry-Wehmiller is a diversified global supplier of engineering consulting and manufacturing technology for the packaging, corrugating, sheeting and paper-converting industries. By blending people-centric leadership with disciplined operational strategies and purpose-driven growth, Barry-Wehmiller has become a $3 billion organization with nearly 12,000 team members united by a common belief: to use the power of business to build a better world. Job Description: Position Description: The Enterprise IT Service Desk Workstation Vulnerability Analyst’s role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Full time – Five days a week - In the office position Potential for evening and weekend hours. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 1-3 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Supervisory/Responsibility: Individual contributor w/no direct reports Work Environment: This is an office position. Position Type: This is a regular, full-time position with frequent overtime. Must be able, available, and willing to work more than 40 hours per week, including scheduled and unscheduled overtime. Travel: Travel could be up to 15% (in country) as needed for remote support. Physical Demands: The physical demands described here are representative of those performed in the job duties. The employee sits at a desk and uses a computer for prolonged periods of time. Performing the role frequently uses close vision, speech, hearing, and dexterity to operate office equipment. The employee must occasionally lift and/or move up to 15 pounds. At Barry-Wehmiller we recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying. We know that our differences often can bring about innovation, excellence and meaningful work—therefore, people from all backgrounds are encouraged to apply to our positions. Please let us know if you require reasonable accommodations during the interview process. Company: BW Corporate US

Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions. Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies. SIEM and Incident ResponseHands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Strong skills in incident response, threat hunting, and forensic investigation. Access and Identity ManagementFamiliarity with IAM concepts and tools, including MFA and SSO solutions. Experience with configuring and troubleshooting access control for network and endpoint systems. Automation and ScriptingBasic scripting abilities (e.g., Python, PowerShell) for automating security processes. Excellent analytical and problem-solving skills. Effective communication skills for interacting with team members and stakeholders. Ability to work in a fast-paced environment and handle high-stakes incidents. Certifications (Preferred) CompTIA Security+, Cisco CCNA Security, Certified Ethical Hacker (CEH), or other relevant security certifications. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 10 years of experience in security & infrastructure administration Experience on any Products for Implementation & Operations in SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Expertise of handling industry standard risk, governance and security standard methodologies and incident response processes (detection, triage, incident analysis, remediation and reporting). have shown attention to detail and interpersonal skills and expertise to oversee input and develop relevant metrics and Competence with Microsoft Office, e.g. Word, Presentation, Excel, Visio, etc Preferred technical and professional experience Ability to multitask and work independently with minimal direction and maximum accountability. One or more security certifications. (CEH, Security+, GSEC, GCIH, etc).

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented Qualys Vulnerability Management (VM) Administrator to join our cybersecurity team. The ideal candidate will be responsible for deploying, configuring, managing, and maintaining the Qualys Vulnerability Management platform, ensuring vulnerabilities across the enterprise environment are identified, assessed, and remediated in a timely manner.Key Responsibilities:- Administer and maintain the Qualys Vulnerability Management suite, including configuration of scanners, asset groups, scan jobs, and dashboards.- Perform regular vulnerability scans and manage the lifecycle of vulnerability data, including detection, analysis, reporting, and remediation tracking.- Integrate Qualys VM with SIEM, ITSM, and CMDB systems as needed.- Work with IT and Security teams to prioritize vulnerabilities and coordinate remediation efforts.- Create, schedule, and monitor authenticated scans, ensuring accuracy and minimizing false positives.- Tune and optimize scans for performance and coverage across diverse environments (on-premises, cloud, hybrid).- Generate compliance and vulnerability reports for stakeholders, including summaries and detailed technical findings.- Maintain documentation of scanning policies, procedures, asset tagging, and exception handling processes.- Stay current with emerging threats, CVEs, and vulnerability management best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of risk assessment methodologies and frameworks.- Experience with security tools and technologies for vulnerability scanning and management.- Knowledge of compliance standards and regulations related to cybersecurity.- Ability to communicate complex security concepts to non-technical stakeholders. Additional Information:- The candidate should have minimum 2 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Provide enterprise-level advice to make organizations cyber resilient. Assist in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled and detail-oriented Qualys Vulnerability Management (VM) Administrator to join our cybersecurity team. The ideal candidate will be responsible for deploying, configuring, managing, and maintaining the Qualys Vulnerability Management platform, ensuring vulnerabilities across the enterprise environment are identified, assessed, and remediated in a timely manner.Key Responsibilities:- Administer and maintain the Qualys Vulnerability Management suite, including configuration of scanners, asset groups, scan jobs, and dashboards.- Perform regular vulnerability scans and manage the lifecycle of vulnerability data, including detection, analysis, reporting, and remediation tracking.- Integrate Qualys VM with SIEM, ITSM, and CMDB systems as needed.- Work with IT and Security teams to prioritize vulnerabilities and coordinate remediation efforts.- Create, schedule, and monitor authenticated scans, ensuring accuracy and minimizing false positives.- Tune and optimize scans for performance and coverage across diverse environments (on-premises, cloud, hybrid).- Generate compliance and vulnerability reports for stakeholders, including summaries and detailed technical findings.- Maintain documentation of scanning policies, procedures, asset tagging, and exception handling processes.- Stay current with emerging threats, CVEs, and vulnerability management best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of risk assessment methodologies and frameworks.- Experience with security tools and technologies for vulnerability scanning and management.- Ability to analyze security incidents and provide actionable insights.- Familiarity with compliance standards and regulations related to cybersecurity. Additional Information:- The candidate should have minimum 3 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

A Technical Support Representatives at IBM is a front-line position supporting our products and making sure they are at their best for our customers. With over 100 years in technology, IBM has built a strong reputation of quality service and this role ensures we continue to deliver on that promise. If you enjoy helping people with technical issue, you’ll love your career at IBM Application Security group is responsible for ensuring that Fidelity applications are designed, developed and deployed securely. The role will involve working closely with development groups to ensure secure design, development and implementation of services and components. As Technical Specialist, person would be responsible to understand complex technical and architectural issues from security perspective and the ability to understand the implications associated with the chosen technical strategy * Conduct Vulnerability Assessments of Network and Security Devices using various open source and commercial tools * Map out a network, discover ports and services running on the different exposed network and security devices * Analyze scan reports and suggest remediation / mitigation plan * Keep track of new vulnerabilities on various network and security devices for different vendors * Review software posture and work with operations to plan code version upgrade requirements of supported security and network devices * Advanced technical analysis on intrusions * Audit configuration of Network and Security devices * Providing rich client specific reports Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 1-2 years’ experience in Cybersecurity * Knowledge on VA tool such as Tenable * Should be able scan devices using VA tool * Should be able to prepare report based on VA tool * Should be able to explain the report to client based on the findings * Should have knowledge on Web Penetration & Network Penetration testing. Should have a skill to conduct Gray box & black box testing * Should worked on various PT tools such as Burp Suite, Acunetix, etc. * Should be able do SCD scanning for Windows & Linux * Should have good knowledge on OS such as Windows, Linux * Experience on network vulnerability scanning penetration testing * Experience with Nessus NetCat, NMAP Backtrack, Metasploit, , HPing, and similar tools set like RetinaCS, Qualys, McAfee (Foundstone) * Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) * In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database * Analytical thinker willing to "think outside the box" to resolve customer impacting situations on first contact; understand customer risk profile. * Self-starter and ability to deliver under defined time lines Preferred technical and professional experience Integrate Security into DevOps and enable security automation in CI/CD pipeline Professional Qualification CEH, ECSA, LPT or Any other equivalent certification. Focused and versatile team player that is comfortable under pressure Ability to remove barriers and enable teams to complete their objectives Understanding of emerging technologies and corresponding security threats Self-motivated, flexible, with a ‘can do’ attitude. Ability to pick up business knowledge, new technology areas, new processes/methodologies and apply these changes in the day-to-day working to improve Security organization.

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired by a collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. Join us and help the world’s leading organizations unlock the value of technology and build a more sustainable, more inclusive world. Your Role We’re hiring a skilled VAPT Engineer to strengthen our cybersecurity team! If you have hands-on experience in Vulnerability Assessment & Penetration Testing , and a passion for securing digital infrastructure, apply now for Pan India locations . Experience in Cyber Security Penetration Testing (Manual PT, VAPT, DAST, SAST, MAST, API). Experience in Vulnerability Assessment and Penetration Testing of web applications, mobile applications, API networks, and thick client applications. Manual Penetration Testing skills and techniques, with hands-on experience in identifying false positives from automated tool results. Hands-on knowledge of tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, SQLmap, Checkmarx, etc. Strong knowledge of tools for mobile application security, including Appuse, MOBSF, Geny Motion, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify on Demand, etc Your Profile Vulnerability Assessment and Penetration Testing (VAPT) experience range 3 to 9 years Cyber Security Penetration Testing Manual Penetration Testing skills Knowledge of security tools Mobile application security tools What You'll Love About Working Here You can shape your career with us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work on cutting-edge projects in tech and engineering with industry leaders or create solutions to overcome societal and environmental challenges. Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.

Job Description: About Us At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Global Business Services Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations. Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence and innovation. In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services. Process Overview* Global Information Security (GIS) functions by analyzing, researching, improving, defining, implementing, and executing information security processes defined, in large part, by past high profile audit issues. Key responsibilities include Data Quality management of closed manually identified P2 vulnerabilities, developing an understanding of the LOBs that report vulnerabilities via manual flat file to GIS, following standard practices and procedures in analyzing situations or data, and supporting team members in performing specialized GIS functions, primarily Data Quality assurance. Job expectations include partnering with teams inside, and outside, of GIS, inclusive of GIS, CTI, EET, APS&E, GT Risk, and others. Job Description* This job is responsible for supporting Global Information Security (GIS) functions by analyzing, researching, improving, defining, implementing, and executing information security controls and standards. Key responsibilities include developing an understanding of the business, validating remediation of manually reported. CVE vulnerabilities, engaging with Qualys vendor support, following standard practices and procedures in analyzing situations or data, creating and updating semi-technical Quality Control vulnerability related documentation, and supporting team members in performing specialized GIS functions. Job expectations include partnering with team to provide blended security and business insights to ensure appropriate management of information security risks. Responsibilities* Vulnerability Management NVD / NIST / Discovery / CMDB Remedy / other SOR tool usage Visio Flowcharting Product Version Interpretation Understands CVE Vulnerability Data Leads Meetings / Coordinates across Stakeholders Controls Management Data Governance Risk Management Requirements* Education* : B.E. / B Tech / M.E. / M Tech / MCA / M.Sc., Certifications (If Any) : ISO 27001 LA, Ethical Hacking Experience Range* : 8+ Years Foundational Skills: Experience in Vulnerability Management/Assessment Experience in Product Version Interpretation Strong understanding of CVE/CSS/CWE Understanding of Stakeholder Engagements Understanding of Compliance and Governance Experience in Information Security Management Experience in Governance, Risk & Compliance Excellent written/verbal communication skills Desired Skills: Knowledge in Vulnerability Assessment Vulnerability Remediation Strong Technical knowledge Work Timings* : 1:30 PM - 10:30 PM Job Location* : Chennai, Hyderabad

About Us: Barry-Wehmiller is a diversified global supplier of engineering consulting and manufacturing technology for the packaging, corrugating, sheeting and paper-converting industries. By blending people-centric leadership with disciplined operational strategies and purpose-driven growth, Barry-Wehmiller has become a $3 billion organization with nearly 12,000 team members united by a common belief: to use the power of business to build a better world. Job Description: Position Description: The Enterprise IT Service Desk Workstation Vulnerability Analyst’s role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Full time – Five days a week - In the office position Potential for evening and weekend hours. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 1-3 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Supervisory/Responsibility: Individual contributor w/no direct reports Work Environment: This is an office position. Position Type: This is a regular, full-time position with frequent overtime. Must be able, available, and willing to work more than 40 hours per week, including scheduled and unscheduled overtime. Travel: Travel could be up to 15% (in country) as needed for remote support. Physical Demands: The physical demands described here are representative of those performed in the job duties. The employee sits at a desk and uses a computer for prolonged periods of time. Performing the role frequently uses close vision, speech, hearing, and dexterity to operate office equipment. The employee must occasionally lift and/or move up to 15 pounds. At Barry-Wehmiller we recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying. We know that our differences often can bring about innovation, excellence and meaningful work—therefore, people from all backgrounds are encouraged to apply to our positions. Please let us know if you require reasonable accommodations during the interview process. Company: BW Corporate US

Job Title: Data Engineer / Data Scientist Location: Pune / Trivandrum Experience Required: 9+ Years Job Overview: We are looking for a Data Engineer / Data Scientist with a passion for building scalable data solutions and enabling data-driven decision-making. This role requires expertise in PostgreSQL, MongoDB, Python, and Ansible, and a strong understanding of data engineering best practices, automation, and cloud environments. Key Responsibilities: Build and maintain robust, scalable data pipelines. Develop and optimize ETL processes from sources like Qualys, CMDB, etc. Design and manage database architecture and data schemas. Govern data quality, integrity, and security. Monitor and optimize database performance. Support automation and orchestration using Ansible and Python. Maintain and operate databases in AWS, Azure, or GCP environments. Collaborate with stakeholders and document technical processes. Required Skills: Must-Have: Strong experience with PostgreSQL and MongoDB . Proficient in Python and Ansible . Experience with cloud-based data platforms (AWS, Azure, GCP). Expertise in performance tuning and database troubleshooting. Nice-to-Have: Strong documentation and collaboration skills. Experience with enterprise-level automation and data pipelines. You can apply directly via Indeed. Job Types: Full-time, Permanent Pay: ₹484,878.94 - ₹1,755,890.88 per year Benefits: Health insurance Paid sick time Paid time off Provident Fund Schedule: Day shift Monday to Friday Ability to commute/relocate: Pune, Maharashtra: Reliably commute or planning to relocate before starting work (Preferred) Application Question(s): What is your Current CTC? What is your Expected CTC? What is your Official Notice Period/Last Working Day? Experience: Data science: 9 years (Preferred) Work Location: In person

Greetings from IDESLABS PVT LTD !!! Working Mode Hybrid Payroll: IDESLABS Location Pan India PF Detection is mandatory : Primary Skills Expertise in conducting and managing Security baseline scans, including familiarity with tools like Rapid7Nessus/Qualys etc. Strong knowledge of SBC processes and standards such as CIS benchmarks. Experience in reviewing and interpreting SBC results and providing actionable recommendations for Windows or Unix/Linux environments. In-depth knowledge of security configurations, hardening techniques for Windows or Unix/Linux environments. Ability to understand and assess group policies, permissions, patches, and security settings for windows or Unix/Linux platforms. Proficiency in performing risk assessments and understanding the criticality of identified vulnerabilities. Ability to work and collaborate with technical teams to prioritize remediation based on business risk, asset criticality, and exposure to ensure vulnerabilities/SBC controls are remediated promptly and in line with organizational security policies. Strong ability to present scan findings and SBC review results clearly to technical and non-technical stakeholders.Secondary Skills Familiarity with key industry compliance frameworks (e.g., ISO 27001, PCI DSS, HIPAA) and how security baselines relate to compliance requirements. Experience in reviewing and coordinating patch management processes, ensuring that patches are applied in a timely manner while minimizing business disruption. Understanding of the relationship between vulnerabilities and potential incidents, with knowledge of how to collaborate with incident response teams to mitigate threats. Familiarity with network security concepts (e.g., firewalls, IDS/IPS, network segmentation) and how these relate to system vulnerabilities. Understanding of cloud and hybrid environments, and how baseline compliance scans are performed in cloud infrastructures like AWS, Azure etc. Familiarity with ticketing systems (e.g., Jira, ServiceNow) to streamline remediation workflows. Kindly Acknowledge back to this mail with updated Resume.

Job Summary A Security Analyst specializing in Vulnerability Assessment and Penetration Testing (VAPT) is responsible for evaluating and testing an organization’s digital assets for vulnerabilities. This Role is responsible to manage organization’s internal and external vulnerability management program from scan to resolution of identified vulnerabilities. Roles and Responsibilities: Perform Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications & IT Assets. Leverage threat modelling for applications to identify potential threats and suggest suitable mitigation strategies. Manage organization’s internal vulnerability management program execution, coordination, reporting and mitigation of vulnerabilities with various stakeholders. Work with external Vendor to plan, execute External VAPT on IT Assets, software applications, software code, mobile apps. Provide technical leadership in setting up SoW, complete External VAPT scan from start to closer of identified vulnerabilities. Work closely with cross function teams including IT and product development teams to close security findings, vulnerabilities. Develop and implement strategies to improve overall security posture. Knowledge And Skills Bachelor’s degree in computer science, Information Security, or a related field. Proven experience in vulnerability assessment and penetration testing. Good understanding of various Security standards like OWASP Top 10, OWASP Mobile Top 10, OWASP API Top 10, OWASP IoT Top 10, SANS Top 25, NIST. Good understanding of vulnerability severity calculation methods like CVSS Any of security certification related to VAPT, for example: Certified Security Analyst (ECSA). Licensed Penetration Tester (LPT). Offensive Security Certified Professional (OSCP). Offensive Security Certified Web Expert (OSWE). GIAC Penetration Tester (GPEN) Sound working experience with security scan products like Nessus, burp suits, Open VAS. Strong understanding of security principles, techniques, and technologies. Knowledge of application design and coding practices. Knowledge on any vulnerability management products like Qualys, Tenable, Rapid7 High level of initiative and self-direction Excellent communicator in English, both written and spoken while being able to convey information effectively at multiple levels of sensitivity and for various audiences.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cybersecurity Enterprise Solution Architect Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of over 900 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting, and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity The Security Technology Services (STS) group is a division of Information Security that ensures secure access to systems and information for more than 390,000 people in over 150 countries. A Solution Architect focused on Data and Application protection on the STS team is responsible for turning strategic plans into reality by producing architectural designs, leading the development and implementation of solutions, and offering security advice to project teams. This person will also oversee experimental projects to determine the best technology choices for integration into EY's infrastructure. Your Key Responsibilities Connect with key stakeholders, cybersecurity experts, and operational teams within the information security department to help create security solutions that work well on a large scale. Collaborate with Enterprise Architects to make sure solutions are in line with the company's long-term goals, follow design guidelines, and contribute to the direction of projects when necessary. Turn business requirements into technical specifications for solutions, considering risks, dependencies, costs, and the overall risk of the technical solution. Lead the technical side of evaluating and choosing technologies through Requests for Information (RFI) and Requests for Proposal (RFP), which includes: Defining the criteria that will influence technology choices and solution development. Recommending technologies while engaging with key people. Oversee experimental projects, designs, and the actual building of solutions from an architectural standpoint. Create and update documents that describe solution architecture to guide the planning, design, and implementation of the chosen solution. Keep up with the latest in the industry, research thoroughly, and continuously learn about new security technologies. Share expertise with project teams, governance groups, and other audiences as required. Stay informed about the latest trends, developments, and driving factors in the industry and incorporate them into architectural work. Propose standards and reuse solutions for security technology. Travel requirements Skills And Attributes For Success Skilled in guiding the development and strategic direction of solution architecture. Profound knowledge in Security Technologies, including: Cloud Application Security Solutions – Integration with AppSec, DevOps (IDE/CI/CD), and Software Composition Analysis (SCA). Vulnerability Management tools such as AquaSec, Qualys, Wiz, CheckMarx, and MS Defender (VM/XDR/AV/FW) Data Protection technologies like Thales, Microsoft Purview solutions such as DLP, eDiscovery, etc. Proficiency in data services such as Azure Data Factory, Synapse, SQL, Machine Learning, and PowerBI Analytics. Deep expertise in Security Capabilities, encompassing: Mastery of encryption algorithms, key management, and cryptographic protocols for data security. Securing databases through access controls, encryption, monitoring, and vulnerability management. Application security tools expertise, including web application firewalls (WAF), intrusion detection/prevention systems (IDS/IPS), and vulnerability scanners. Risk identification, evaluation, prioritization, and mitigation for data and application security. Data Loss Prevention (DLP) strategies and tools to safeguard sensitive data. Extensive hands-on experience with Application Security, Data Architecture, Security Analytics, and Threat Intelligence solutions. Familiarity with application security frameworks and standards, such as NIST and ISO 27001. Knowledge of secure software development lifecycle (SSDLC) processes. Practical experience in applying security controls across various programming languages and frameworks. Quick learner, able to gain expertise in new technology areas swiftly. Flexible and capable of adapting to the ever-changing landscape of technology and global complexities. Proven track record in fostering client-service relationships and valuing internal customers. Exceptional communication and presentation abilities, with effectiveness in engaging executive leadership. Consideration for the perspectives of diverse audiences, both technical and non-technical. Experience in crafting security architecture documentation, including vision statements and Solution Architecture (SA) Design documents. Well-versed in common Information Security practices and the domains covered by the CISSP certification. Aptitude for identifying and implementing opportunities for cybersecurity improvements and transformations. To qualify for the role, you must have Degree in Computer Science, Engineering or equivalent work experience 12+ years of experience in the Information Technology field 2+ years of senior architecture experience, exposure to enterprise architecture teams. 3+ years working with network protection technologies Ideally, you’ll also have one or more Security certification such as CISSP or CISM TOGAF and/or SABSA architecture framework SANS Certifications including: GSEC, ECSA, ECSP What We Look For Deep critical thinking skills demonstrating analytical and systematic approach to problem solving Experience working in a global virtual environment Excellent written & verbal communication skills, including preparation & delivery of presentations Good judgment, tact, and decision-making ability Ability to understand and integrate cultural differences and motives and to work with cross cultural teams. Ability to deal with ambiguity and change, and exercise appropriate time management to meet objectives Ability to work autonomously but also within a team environment where necessary What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial, and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Responsible for identifying, assessing, and mitigating security vulnerabilities through automated and manual penetration testing. Develops remediation plans, conducts security audits, and ensures compliance with industry standards. Expertise in vulnerability scanners, ethical hacking, and cybersecurity frameworks is required.

Preferred candidate profile OWASP methodologies application is a mandatory. 2 4-year experience in IT Security minimum University degree, preferably in Computer Science with spec. in IT Security Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner. Curious and highly implicated in IT Security Team player Experience working in an international and complex financial environment, dealing with both business constraints and IT users across countries. Good knowledge of Security scanning tools like Qualys, Nexpose, Appspider is highly appreciated along with good understanding of Kubernetes. Experience in a multi-cultural environment is appreciated. CEH or Any Security certifications are appreciated. Experience in Development languages and scripting is appreciated.

Preferred candidate profile OWASP methodologies application is a mandatory. 2 4-year experience in IT Security minimum Experience working in an international and complex financial environment, dealing with both business constraints and IT users across countries. Good knowledge of Security scanning tools like Qualys, Nexpose, Appspider is highly appreciated along with good understanding of Kubernetes. CEH or Any Security certifications are appreciated. Experience in Development languages and scripting is appreciated.

Need an Immediate Joiner!! Position: Senior Systems Engineer(CrowdStrike) Location: Remote Duration: Fulltime Hire (40 hours per week) Multi Year Contract This role is going to be WFH, flexible working hours. Job Description: Server Remediation Static code analysis Vulnerability Management for Software Development SONARQube for Security testing. Automation: IAAC/IAAS This position will be operations-focused, directly supporting IT teams with vulnerability remediation, coordination, tracking mitigation efforts, managing security exceptions, and providing management reporting. Specifically looking for a consultant or technical specialist who will handle end-to-end vulnerability management across our critical IT applications and infrastructure. Key responsibilities include: Analysing scan results, assessing exploitability, and prioritizing remediation based on criticality, CVSS scores, and business impact. Collaborating with IT, DevOps, SME’s and system owners to validate and verify remediation efforts. Developing and maintaining dashboards and reports to track remediation progress for management updates. Assisting with patch validation, system hardening, and misconfiguration remediation. Maintaining and improving vulnerability management policies and procedures. Required qualifications: Atleast 3+ years of experience in vulnerability management or related cybersecurity role. Proficiency with vulnerability scanning tools (e.g., Nessus, Qualys, CrowdStrike) . Strong understanding of cloud environments (AWS, Azure, GCP). Experience with scripting languages like Python or PowerShell.