674 Qualys Jobs - Page 14

About Our Opportunity We are part of the global CIO function tasked to deliver world-class built-in security in Ericsson. Our 100+ employees’ organization is global with the main hubs located in Sweden (HQ), India, USA, and the Philippines. We are inviting the application for Head of IT Sec AS Attack Surface Management. In this role, you will have the chance to be part of a passionate global team dedicated to fulfilling Ericsson’s emerging journey building a strong, resilient, purposed and sustainable IT Security capability. Mandated to protect our company assets from emerging threats and risks, you will together with your colleagues lead the way to develop the future IT Security concepts and technology roadmaps in Ericsson You will Define and execute the enterprise-wide strategy for attack surface management aligned with the broader cybersecurity roadmap. Build and lead a high-performing ASM team covering asset discovery, vulnerability management, cloud security, penetration testing, and red teaming. Partner with business, IT, DevOps, and architecture teams to embed ASM principles in solution design and lifecycle. Oversee continuous asset discovery and inventory (including shadow IT, rogue systems, and exposed services). Manage vulnerability identification, classification, prioritization, and remediation across infrastructure, applications, and cloud environments. Lead API and third-party attack surface monitoring and ensure proactive risk reduction. Drive adoption of ASM platforms, exposure management tools, and threat intelligence integrations. Define KPIs, KRIs, and reporting for ASM effectiveness and risk posture across business units. Ensure alignment with security frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and regulatory compliance. Lead red/purple team exercises to validate security posture and feed improvements into the ASM program. Drive coordination with vulnerability management, SOC, architecture, DevSecOps, and compliance teams. Continuously evaluate ASM capabilities through tabletop exercises and exposure simulations. The Skills You Bring: Bachelor’s or master’s degree in computer science, Information Security, or related field. 10+ years in cybersecurity with at least 4 years in a leadership role managing attack surface or vulnerability management programs. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Proven experience in managing hybrid IT environments including cloud (AWS, Azure, GCP), SaaS, and on-premises assets. Expertise in tools such as ASM platforms (e.g., CyCognito, Randori, Microsoft Defender ASM), VM platforms (Tenable, Crowdstrike, Qualys, Rapid7), and API security tools. Deep understanding of cloud security controls, CI/CD pipelines, external threat modeling, and exposure management. Familiarity with MITRE ATT&CK, NIST 800-53/CSF, OWASP Top 10, CIS Benchmarks. Strong leadership, stakeholder management, and team development skills. Ability to communicate technical risks and attack surface exposures in business language to executives and board members. Excellent leadership and people management skills, with the ability to inspire and guide a team of security professionals. Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Gurgaon Req ID: 768823

About Our Opportunity We are part of the global CIO function tasked to deliver world-class built-in security in Ericsson. Our 100+ employees’ organization is global with the main hubs located in Sweden (HQ), India, USA, and the Philippines. We are inviting the application for Head of IT Sec AS Attack Surface Management. In this role, you will have the chance to be part of a passionate global team dedicated to fulfilling Ericsson’s emerging journey building a strong, resilient, purposed and sustainable IT Security capability. Mandated to protect our company assets from emerging threats and risks, you will together with your colleagues lead the way to develop the future IT Security concepts and technology roadmaps in Ericsson You will Define and execute the enterprise-wide strategy for attack surface management aligned with the broader cybersecurity roadmap. Build and lead a high-performing ASM team covering asset discovery, vulnerability management, cloud security, penetration testing, and red teaming. Partner with business, IT, DevOps, and architecture teams to embed ASM principles in solution design and lifecycle. Oversee continuous asset discovery and inventory (including shadow IT, rogue systems, and exposed services). Manage vulnerability identification, classification, prioritization, and remediation across infrastructure, applications, and cloud environments. Lead API and third-party attack surface monitoring and ensure proactive risk reduction. Drive adoption of ASM platforms, exposure management tools, and threat intelligence integrations. Define KPIs, KRIs, and reporting for ASM effectiveness and risk posture across business units. Ensure alignment with security frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and regulatory compliance. Lead red/purple team exercises to validate security posture and feed improvements into the ASM program. Drive coordination with vulnerability management, SOC, architecture, DevSecOps, and compliance teams. Continuously evaluate ASM capabilities through tabletop exercises and exposure simulations. The Skills You Bring: Bachelor’s or master’s degree in computer science, Information Security, or related field. 10+ years in cybersecurity with at least 4 years in a leadership role managing attack surface or vulnerability management programs. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Proven experience in managing hybrid IT environments including cloud (AWS, Azure, GCP), SaaS, and on-premises assets. Expertise in tools such as ASM platforms (e.g., CyCognito, Randori, Microsoft Defender ASM), VM platforms (Tenable, Crowdstrike, Qualys, Rapid7), and API security tools. Deep understanding of cloud security controls, CI/CD pipelines, external threat modeling, and exposure management. Familiarity with MITRE ATT&CK, NIST 800-53/CSF, OWASP Top 10, CIS Benchmarks. Strong leadership, stakeholder management, and team development skills. Ability to communicate technical risks and attack surface exposures in business language to executives and board members. Excellent leadership and people management skills, with the ability to inspire and guide a team of security professionals. Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Gurgaon Req ID: 768823

Job Description: Job Summary: We are seeking a talented Security Engineer to join our growing security team. In this role, you will play a critical part in designing, implementing, and managing security controls across key areas, including but not limited to Cloud Security, Endpoint Detection & Response (EDR), Vulnerability Management, SASE/Firewall, Data Leakage Prevention . Key Responsibilities: Design, implement, and maintain security solutions to safeguard cloud environments, endpoints, networks, and applications. Lead or support vulnerability assessments, coordinate remediation activities with IT and development teams, and track mitigation progress. Configure, maintain, and optimize firewall rules and network security policies, ensuring secure and compliant connectivity. Collaborate with cloud engineers and DevOps teams to embed security best practices in cloud infrastructure and deployments. Develop and maintain documentation, including security standards, procedures, and runbooks. Stay current with emerging threats, vulnerabilities, and regulatory requirements, and proactively recommend improvements. Participate in security audits and compliance efforts as needed. Qualifications Required: Bachelor’s degree in Computer Science, Information Security, or related field; or equivalent practical experience. 3–5 years of experience working in information security area. Hands-on experience with at least one of the following areas: Cloud Security (AWS, Azure, security configurations and tools) EDR (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint) Vulnerability Management (e.g., Qualys, Tenable, Rapid7) Firewall Management (e.g., Palo Alto Networks, Fortinet, Cisco ASA) Network Security / SASE / SSE (e.g. Cato, Zscaler, Netscope) Solid understanding of security principles, networking fundamentals, and common threat vectors. Strong problem-solving skills and attention to detail. Excellent communication and collaboration skills. Preferred: Relevant industry certifications (e.g., Security+, CEH, CISSP, Azure Security Engineer, AWS Security Specialty). Scripting or automation skills (e.g., Python, PowerShell) are a plus. Familiarity with compliance frameworks (e.g., ISO 27001, SOC 2, GDPR) is desirable. AML RightSource is committed to fostering a diverse work environment and is proud to be an equal opportunity employer. We provide equal employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Bengaluru, Karnataka Hyderabad, Telangana Job ID 30184594 Job Category Digital Technology Position Title: Manager Exposure Management Location: Bangalore Full time/ Part time : Full time Job Description: Job Summary The Manager, Exposure Management plays a key role in identifying, analyzing, and driving mitigation of cybersecurity exposures across enterprise systems. This position focuses on vulnerability management, attack surface monitoring, and web application scanning to ensure timely detection and response to risks affecting the organization’s digital footprint. The role requires strong technical expertise, attention to detail, and the ability to work across teams to influence remediation activities and improve security posture. Key Responsibilities Operate enterprise vulnerability scanning platforms, validate findings, and track remediation efforts. Continuously assess the organization’s internal and external attack surface for untracked assets, misconfigurations, and exposed services. Identify and maintain asset ownership across business units; ensure ownership data is accurate and consistently reflected in the configuration management database (CMDB). Collaborate with infrastructure, application, and business stakeholders to ensure timely and complete updates to asset and ownership records. Configure, execute, and analyze web application security scans; work with development teams to address identified issues. Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tooling. Prepare detailed reports and dashboards for various audiences, from technical teams to executive leadership. Partner with IT, infrastructure, and cybersecurity stakeholders to support risk-informed remediation activities. Contribute to ongoing process improvements and tool optimization across the exposure management lifecycle. Basic Qualifications Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 10 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Master’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 8 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Preferred Qualifications Hands-on experience with tools such as Tenable, Qualys, Rapid7, or similar platforms. Familiarity with web application scanning tools and techniques. Experience managing or supporting a CMDB and asset lifecycle processes in a large organization. Understanding of frameworks such as CVSS, MITRE ATT&CK, and NIST CSF. Strong communication and analytical skills, with the ability to explain technical risks to business stakeholders. Experience supporting compliance and regulatory programs in a global business context. Benefits We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary. Have peace of mind and body with our health insurance Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference. Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

About our opportunity We are part of the global CIO function tasked to deliver world-class built-in security in Ericsson. Our 100+ employees’ organization is global with the main hubs located in Sweden (HQ), India, USA, and the Philippines. We are inviting the application for Head of IT Sec AS Attack Surface Management. In this role, you will have the chance to be part of a passionate global team dedicated to fulfilling Ericsson’s emerging journey building a strong, resilient, purposed and sustainable IT Security capability. Mandated to protect our company assets from emerging threats and risks, you will together with your colleagues lead the way to develop the future IT Security concepts and technology roadmaps in Ericsson You will Define and execute the enterprise-wide strategy for attack surface management aligned with the broader cybersecurity roadmap. Build and lead a high-performing ASM team covering asset discovery, vulnerability management, cloud security, penetration testing, and red teaming. Partner with business, IT, DevOps, and architecture teams to embed ASM principles in solution design and lifecycle. Oversee continuous asset discovery and inventory (including shadow IT, rogue systems, and exposed services). Manage vulnerability identification, classification, prioritization, and remediation across infrastructure, applications, and cloud environments. Lead API and third-party attack surface monitoring and ensure proactive risk reduction. Drive adoption of ASM platforms, exposure management tools, and threat intelligence integrations. Define KPIs, KRIs, and reporting for ASM effectiveness and risk posture across business units. Ensure alignment with security frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and regulatory compliance. Lead red/purple team exercises to validate security posture and feed improvements into the ASM program. Drive coordination with vulnerability management, SOC, architecture, DevSecOps, and compliance teams. Continuously evaluate ASM capabilities through tabletop exercises and exposure simulations. The Skills You Bring: Bachelor’s or master’s degree in computer science, Information Security, or related field. 10+ years in cybersecurity with at least 4 years in a leadership role managing attack surface or vulnerability management programs. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Proven experience in managing hybrid IT environments including cloud (AWS, Azure, GCP), SaaS, and on-premises assets. Expertise in tools such as ASM platforms (e.g., CyCognito, Randori, Microsoft Defender ASM), VM platforms (Tenable, Crowdstrike, Qualys, Rapid7), and API security tools. Deep understanding of cloud security controls, CI/CD pipelines, external threat modeling, and exposure management. Familiarity with MITRE ATT&CK, NIST 800-53/CSF, OWASP Top 10, CIS Benchmarks. Strong leadership, stakeholder management, and team development skills. Ability to communicate technical risks and attack surface exposures in business language to executives and board members. Excellent leadership and people management skills, with the ability to inspire and guide a team of security professionals. Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Gurgaon Req ID: 768823

About our opportunity We are part of the global CIO function tasked to deliver world-class built-in security in Ericsson. Our 100+ employees’ organization is global with the main hubs located in Sweden (HQ), India, USA, and the Philippines. We are inviting the application for Head of IT Sec AS Attack Surface Management. In this role, you will have the chance to be part of a passionate global team dedicated to fulfilling Ericsson’s emerging journey building a strong, resilient, purposed and sustainable IT Security capability. Mandated to protect our company assets from emerging threats and risks, you will together with your colleagues lead the way to develop the future IT Security concepts and technology roadmaps in Ericsson You will Define and execute the enterprise-wide strategy for attack surface management aligned with the broader cybersecurity roadmap. Build and lead a high-performing ASM team covering asset discovery, vulnerability management, cloud security, penetration testing, and red teaming. Partner with business, IT, DevOps, and architecture teams to embed ASM principles in solution design and lifecycle. Oversee continuous asset discovery and inventory (including shadow IT, rogue systems, and exposed services). Manage vulnerability identification, classification, prioritization, and remediation across infrastructure, applications, and cloud environments. Lead API and third-party attack surface monitoring and ensure proactive risk reduction. Drive adoption of ASM platforms, exposure management tools, and threat intelligence integrations. Define KPIs, KRIs, and reporting for ASM effectiveness and risk posture across business units. Ensure alignment with security frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and regulatory compliance. Lead red/purple team exercises to validate security posture and feed improvements into the ASM program. Drive coordination with vulnerability management, SOC, architecture, DevSecOps, and compliance teams. Continuously evaluate ASM capabilities through tabletop exercises and exposure simulations. The Skills You Bring: Bachelor’s or master’s degree in computer science, Information Security, or related field. 10+ years in cybersecurity with at least 4 years in a leadership role managing attack surface or vulnerability management programs. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Proven experience in managing hybrid IT environments including cloud (AWS, Azure, GCP), SaaS, and on-premises assets. Expertise in tools such as ASM platforms (e.g., CyCognito, Randori, Microsoft Defender ASM), VM platforms (Tenable, Crowdstrike, Qualys, Rapid7), and API security tools. Deep understanding of cloud security controls, CI/CD pipelines, external threat modeling, and exposure management. Familiarity with MITRE ATT&CK, NIST 800-53/CSF, OWASP Top 10, CIS Benchmarks. Strong leadership, stakeholder management, and team development skills. Ability to communicate technical risks and attack surface exposures in business language to executives and board members. Excellent leadership and people management skills, with the ability to inspire and guide a team of security professionals. Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Gurgaon Req ID: 768823

This role involves utilizing the Qualys tool for report shared by Group team, analysis and reporting to ensure the security and compliance of our systems. KEY RESPONSIBILITIES: Conduct regular vulnerability assessments based on the Qualys tool report received by Product team to identify security weaknesses in systems and applications. Relevant request to be raised thorough silva. Highlighting issues with the Scanned report to Product team and resolve it immediately. If issue not getting resolved, then escalate it to right stakeholder. Analyze scan results and generate comprehensive reports detailing vulnerabilities, potential impacts, and remediation recommendations/Action plan with dates. Collaborate with IT, Partner, Business and Security teams to prioritize and address identified vulnerabilities based on risk assessments and business impact. Monitor and track remediation efforts on weekly / monthly basis to ensure vulnerabilities are resolved within defined timelines. Maintain and update documentation related to vulnerability management processes, policies, and procedures. Stay current with industry trends, threats, and vulnerabilities to provide informed recommendations and enhancements to the vulnerability management program. QUALIFICATIONS: Bachelors degree in information technology, Cybersecurity, or a related field. 4-7 years of experience in vulnerability management or security operations. Familiarity with vulnerability scanning tools, particularly Qualys. Understanding of security frameworks and standards (e.g., NIST, ISO 27001). Strong analytical and problem-solving skills with attention to detail. Relevant certifications (e.g., Vulnerability Management, Certified Ethical Hacker (CEH), or similar) are a plus. To succeed in this role, you should have the following skills and experience Soft Skills Exceptional communication and interpersonal skills, with the ability to collaborate effectively with stakeholders at all levels. Cross-cultural etiquette, customer centric and collaborative mindset. Good command of stakeholder management, judgement, conflict resolution, risk & mitigations. Excellent team player skills.

The purpose of the Support Technical Project Manager (TPM) Team is to be the liaison between Qualys customers and internal teams within Qualys. The TPM team's primary focus is to ensure the customer's continued success using the Qualys Cloud Platform. This is achieved by proactively monitoring their cases to help push on high-priority Support tickets, Business Critical feature requests, escalations, and account usage for anything that could put the customer at risk of churning. The TPM team will actively engage with the appropriate Qualys resources to ensure the customer's issues are prioritized and updates are provided consistently. Responsibilities of a TPM are as follows (indicative and prescriptive) Support Case management facilitation (prioritization and tracking) as per client needs. Provide an outstanding experience that increases retention of accounts that would lead to renewals and adoption of Qualys products. Improve customer experience throughout the end-to-end customer lifecycle. Partner with Sales to ensure smooth renewal and expansion opportunities are identified. Ensure that account issues are resolved quickly by escalating to the company's appropriate stakeholders and working with global delivery. Host & drive onboarding, implementation, weekly status meetings with the customer, meeting minutes, and tracking of deliverables. Review product adoption, overall customer experience, and perception of product and service through establishing MBRs/QBRs. Participate in the Incident management process and drive Incidents for their customers. Understand and document the impact of an issue that may present to a customer, the priority of any open tickets, and timelines for ongoing projects and commitments. Track customer sentiment and identify any revenue risk, document, and project customer voice. Facilitate necessary communication between internal teams and customers. Root Cause Analysis (RCAs) and postmortem reports for critical situations Demonstrate ability to successfully resolve broadly defined, complex, diverse, and/or, occasionally, unprecedented situations. Track and report internally & externally the overall account health and status of escalations where the account has ongoing escalations. KNOWLEDGE, SKILLS, AND ABILITIES REQUIRED: BA/BS computer science degree or equivalent work experience. Experience in the IT Security domain 5+ years of customer-facing experience managing successful and proven outcomes. 5+ years of SAAS experience Familiarity with Vulnerability Management, PCI, NIST, or Web Applications Certifications Desired: CompTIA Security+, PMP, CISM, or CISSP Prior Qualys product experience and knowledge are added benefits. Project Management, business process reengineering, and change management methodology knowledge. Strong technical understanding and passion for learning new technologies. Excellent communication and presentation skills, both written and verbal Self-motivated, highly collaborative, creative, goal- and growth-oriented, and team-centric Ability to engage in technical discussions with the customer regarding product usage and identify the business impact of customer issues.

Job Title: Lead Engineer – Security Operations Department: Engineering and Operations Location: Mumbai Reporting: Manager Security Operations Job Type: Full Time Shift: Rotational Shift PRE-REQUISITES Strong technical and subject matter expertise in at least four or more of the following security specialties: Firewall: Cisco, Palo Alto, Checkpoint, Fortinet, Zscaler, Barracuda VPN - IPSEC, SSL VPN: Ivanti, F5, Cisco, GlobalProtect NAC: Cisco ISE, Aruba ClearPass Unified Thread Management (UTM) SIEM products Qradar, Microsoft Sentinel etc. Load Balancers: F5 BigIP LTM/GTM, Citrix ADC Network Security (multi-vendor) experience. Cloud Infrastructure Mgmt.: Cloud stack, OpenStack, AWS, Azure, Netskope, PaloAlto Prisma Knowledge on scripting language like Python and automation Working knowledge and hands-on experience on Linux/Unix OS is desirable. Customer service experience preferably in a Global Operations Center environment Ticketing system knowledge Ability to workdays, evenings and weekends as required; 24x7 support in rotating shifts Flexibility with the ability to manage stressful situations and adapt to rapidly changing environments and requirements Analytical thinker willing to “think outside the box” to resolve customer impacting situations on first contact; understand customer pain Ability to work with Operations and Engineering on the priority of issues to resolve the urgent customer impacting issues first Aptitude and desire to learn advanced Network Security services. Creative, flexible thinker who is willing to take initiatives and share alternative solutions with peers and management Hands-on experience on Vulnerability Scanning, Penetration Testing Tools (Qualys, Nessus, Rapid7) Exceptional documentation and communication skills Ability to thrive in a fast paced, multi-cultural, customer-oriented environment MS Office proficiency RESPONSIBILITIES Incident Resolution Ticket resolution - work on trouble tickets, support the operation of advanced Network Security Services and take escalations Queue Management - keep a watch on queue and assign tickets Service Request - working on request for changes as per client requirements Perform the minor/major changes as per defined SoC process and work instructions Be a Subject Matter Expert (SME) on a few products Create Standard Operation Procedure Attend client calls and other technical meetings Assist in creation of Root Cause analysis (RCA) Security Performance Tuning Identify areas of Service Improvement Program (SIP) for key clients and reduce incidents Review code upgrade and test implement before rolling on to production Review documentation Recognize successful intrusions and compromises through review and analysis of relevant event detail information Review and update ROE on yearly basis Other Functions Work with hardware/software vendors to resolve problems Coordinate shifts and exchange handoff between various shifts Cross-train and mentor juniors Participate in various network and security related projects Perform other duties as assigned Any additional task given to the incumbent from time-to-time based on business needs TRAINING AND CERTIFICATION REQUIRED CCNA, CCSA, Fortinet NSE-4, PCNSE, CCIE, CEH EXPERIENCE Minimum 10 years of progressive, relevant experience and proven capability to work in a complex network environment EDUCATION Bachelor in Engineering - Computers/Electronics/Communication or related field Graduate/Post Graduate in Science/Math/IT or related streams with relevant technology experience TECHNICAL AND OTHER SKILLS Knowledge of ITIL, ISO27K, SOC 2 will be beneficial

Job requisition ID :: 83960 Date: Jun 23, 2025 Location: Mumbai Designation: Consultant Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Consultant in our Cyber Team you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Deloitte India is seeking a SOC Manager Lead team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Key Responsibilities: Skills & Knowledge : Lead a team of L1 and L2 engineers in shift. Work balancing of tickets across the shifts. Ensure shift handover. Manage the Quality audits of the L1 and L2 offense analysis. Support the Project Manager with escalations and timely RCA of incidents. Training of L1 and L2 resources on latest attack vectors and log analysis. Work with the SIEM Engineering team to fine tune the use cases and content on the SIEM platform. Bring down the false positives to a manageable level. Manage the work pressure on the project and keep the team alert and manage their work life balance. Ensure timely preparation of daily/weekly/monthly reports. Desired qualifications Sound Cyber Security Principles and well versed in security domains of Endpoint , Network, Database, Cloud Security technologies like IPS, WAF, Firewall, Deception, Cloud Security, AV, EDR, . Conduct senior level log analysis, proactive monitoring, mitigation & response to network & security incidents. Triage security events and carry out incident response steps. Implement & Maintain Extensive Security Operation Policies and procedures documentation including AWS cloud Proactively Hunt & research potential malicious activity using tool like Cortex, Shodan, Qrdar etc. Identify Indicator of Compromise through static & dynamic analysis of commodity and 0-day malware Perform advanced security event detection and threat analysis for complex and/or escalated security events. QRadar , Demisto/XSOAR , Qualys, MITRE Framework Attack Methodology. Preferred Certifications IBM QRadar SIEM Certification. CISSP, CEH, CISM, or other relevant security certifications. Location and way of working Base location: Mumbai/Navi Mumbai Professional is required to work from office Your role as Consultant/Sr Consultant. We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

The primary responsibilities include managing vulnerability assessments using the Qualys tool, creating detailed metrics and reports, and collaborating with relevant teams to ensure timely remediation of identified vulnerabilities. To ensure the organization's IT infrastructure remains secure by proactively identifying, assessing, and mitigating vulnerabilities through effective use of the Qualys tool and coordinated efforts with cross-functional teams. The basic purpose of this position is to safeguard the organization's digital assets by maintaining a robust vulnerability management program that prioritizes risk reduction and compliance with security policies. Perform daily vulnerability assessments, create weekly metrics and reports, and handle ad-hoc requests as they arise. Work on analytical projects to enhance the vulnerability management process and develop strategies to address identified security issues. Prepare and present metrics and reports to senior leadership, showcasing trends in vulnerabilities over the year and how they are being addressed. Produce reports daily, weekly, and as needed on vulnerability assessments and remediation efforts. Responsible for training new hires and occasionally participating in candidate interviews. Technical/Job Specific Knowledge Vulnerability Management: In-depth knowledge of vulnerability assessment, prioritization, and remediation processes. Qualys: Proficiency in using Qualys for scanning, identifying, and managing vulnerabilities across various environments. Security Frameworks: Familiarity with industry standards and frameworks such as OWASP, NIST, and CIS. Network Security: Understanding of network protocols, firewalls, and intrusion detection/prevention systems. Skills Analytical Skills: Strong analytical abilities to identify and assess vulnerabilities and their potential impact. Technical Aptitude: Competence in using security tools and technologies to perform thorough assessments. Problem-Solving: Effective problem-solving skills to develop and implement remediation plans. Communication: Clear and concise communication skills to report findings and collaborate with different teams. Attention to Detail: High level of attention.

Key Responsibilities: Lead and execute vulnerability assessments across enterprise systems using Qualys VMDR and related modules. Manage and optimize Qualys scanning infrastructure including scanner appliances and cloud agents. Develop and maintain scanning strategies and schedules for internal and external assets. Analyze scan results, prioritize vulnerabilities based on risk, and coordinate remediation efforts with stakeholders. Generate detailed reports and dashboards using Qualys reporting tools and best practices. Ensure compliance with internal security policies and external regulatory requirements. Provide technical guidance and mentorship to junior team members. Collaborate with IT, DevOps, and application teams to integrate vulnerability management into CI/CD pipelines. Required Skills and Experience: 5+ years of experience in vulnerability assessment and management. Hands-on experience with Qualys VMDR, Patch Management, and Continuous Monitoring. Strong understanding of vulnerability lifecycle, CVSS scoring, and remediation workflows. Experience with asset discovery, host tracking, and scanning best practices. Familiarity with scripting (Python, PowerShell) for automation and integration. Knowledge of network protocols, operating systems, and web application security. Industry certifications such as CEH, CISSP, or Qualys certifications are a plus. Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Vulnerability Management. Experience3-5 Years.

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Job Description: We are seeking a talented Lead Big Data Engineer to deliver roadmap features of Unified Asset Inventory. This is a great opportunity to be an integral part of a team building Qualys next generation Micro-Services based platform processing over a 100 million transactions and terabytes of data per day, leverage open-source technologies, and work on challenging and business-impacting projects. Responsibilities: You will be building the Unified Asset Management product in the cloud You will be building highly scalable Micro-services that interacts with Qualys Cloud Platform. Research, evaluate and adopt next generation technologies Produce high quality software following good architecture and design principles that you and your team will find easy to work with in the future This is a fantastic opportunity to be an integral part of a team building Qualys next generation platform using Big Data & Micro-Services based technology to process over billions of transactions data per day, leverage open-source technologies, and work on challenging and business-impacting initiatives. Qualifications: Bachelor’s degree in computer science or equivalent 10+ years of total experience. 4+ years of relevant experience in design and architecture Big Data solutions using Spark 3+ years experience in working with engineering resources for innovation. 4+ years experience in understanding Big Data events flow pipeline. 3+ years experience in performance testing for large infrastructure. 3+ In depth experience in understanding various search solutions solr/elastic. 3+ years experience in Kafka In depth experience in Data lakes and related ecosystems. In depth experience of messing queue In depth experience in giving requirements to build a scalable architecture for Big data and Micro-services environments. In depth experience in understanding caching components or services Knowledge in Presto technology. Knowledge in Airflow. Hands-on experience in scripting and automation In depth understanding of RDBMS/NoSQL, Oracle , Cassandra , Kafka , Redis, Hadoop, lambda architecture, kappa , kappa ++ architectures with flink data streaming and rule engines Experience in working with ML models engineering and related deployment. Design and implement secure big data clusters to meet many compliances and regulatory requirements. Experience in leading the delivery of large-scale systems focused on managing the infrastructure layer of the technology stack. Strong experience in doing performance benchmarking testing for Big data technologies. Strong troubleshooting skills. Experience leading development life cycle process and best practices Experience in Big Data services administration would be added value. Experience with Agile Management (SCRUM, RUP, XP), OO Modeling, working on internet, UNIX, Middleware, and database related projects. Experience mentoring/training the engineering community on complex technical issue.

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are looking for a skilled and motivated Software Engineer to join our team in developing Qualys’ next-generation Platform & Middleware . In this role, you will work alongside a team of experienced engineers and architects to prototype, design, build, and support a highly scalable SaaS-based cloud security platform . This is an exciting opportunity to contribute to the core of our microservices-based technology stack that handles over 100 million transactions and terabytes of data daily . You'll leverage cutting-edge open-source technologies while working on complex, high-impact projects that shape the future of cloud security. Responsibilities Collaborate in the design and development of Qualys’ next-generation platform and middleware products. Build high-performance APIs, libraries, and microservices to support massive scale and data throughput. Evaluate and integrate emerging technologies to ensure platform evolution. Write clean, maintainable, and high-quality code that adheres to solid architecture and design principles. Participate in all stages of the software development lifecycle, including design, development, testing, and deployment. Requirements 2+ years of hands-on experience developing SaaS-based software solutions for service-oriented architectures in public (AWS, Azure, etc.) or private cloud environments. Proven experience with building scalable SaaS platforms using microservices Expertise in: RESTful APIs for internal and external integrations Messaging middleware (e.g., Kafka) In-memory caching (e.g., Redis) Strong proficiency in Java, with solid understanding of object-oriented design, development, testing, and profiling. Solid foundation in data structures and algorithms. Experience with RDBMS (preferably Oracle) and NoSQL databases (preferably Cassandra). Familiarity with containerization and orchestration tools such as Docker, Kubernetes, and CI/CD pipelines (e.g., Jenkins). Bachelor’s or Master’s in Computer Science or a related field.

VARITE is looking for a Vulnerability Analyst with one of its clients located in Bangalore. If you are interested in this opportunity, kindly respond ASAP with your updated resume or apply here. We will be glad to represent you to our client and help in your job search. About the client: Client is an American data infrastructure company that provides unified data storage, integrated data services, and cloud operations (CloudOps) solutions to enterprise customers. WHAT DO WE DO? VARITE is a global IT company providing software and engineering consulting and team augmentation services to Fortune 1000 companies in USA, CANADA, and INDIA. VARITE is currently a primary and direct vendor to the leading corporations in the areas of Cloud, Data Sciences, Infrastructure Application Software, Mobility, Robotics, Banking & Financial Systems. Job Responsibilities: About The Job: We are seeking a highly skilled and motivated Vulnerability Management Specialist with at least 5 years of hands-on experience in identifying, assessing, and mitigating security vulnerabilities across enterprise environments. The ideal candidate will have a strong understanding of cybersecurity principles, vulnerability scanning tools, and risk management frameworks, with the ability to communicate technical issues to non-technical stakeholders. Essential Job Functions: Manage the end-to-end vulnerability management lifecycle: discovery, classification, prioritization, remediation tracking, and reporting. Conduct regular vulnerability assessments using tools such as Qualys, Tenable, Nessus, or Rapid7. Collaborate with system owners, infrastructure teams, and developers to address and remediate vulnerabilities. Monitor threat intelligence feeds to identify and assess emerging vulnerabilities. Develop and maintain metrics and reports on vulnerability status, trends, and remediation progress. Ensure compliance with internal security policies and external regulatory standards (e.g., PCI-DSS, ISO 27001, HIPAA). Coordinate periodic penetration testing and work with external vendors as needed. Assist in maintaining and improving the organization's vulnerability management processes and tools. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). Minimum of 2-3 years of professional experience in vulnerability management, information security, or a related domain. Strong knowledge of operating systems (Windows, Linux, Unix), network protocols, and application architectures. Hands-on experience with vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7, Tenable.io). Familiarity with patch management practices and tools. Understanding of CVSS scoring, OWASP Top 10, and MITRE Telecommunication&CK framework. Experience interpreting and responding to vulnerability alerts (e.g., CVEs, vendor advisories). Preferred: Security certifications such as CEH, OSCP, CompTIA Security+, or GIAC. Experience with scripting languages (Python, PowerShell, Bash) for automation of vulnerability tasks. Exposure to cloud environments (AWS, Azure, GCP) and related security controls. Familiarity with SIEM and ticketing systems (e.g., Splunk, ServiceNow). Soft Skills Strong analytical and problem-solving skills. Excellent written and verbal communication. Ability to manage multiple priorities and work effectively in a fast-paced environment. Collaborative mindset with a strong sense of accountability. Location: Bangalore Please feel free to send your resume to himanshu@varite.com ** If you are not comfortable or interested in this job opening, please feel free to forward this to others.

Bengaluru, Karnataka Hyderabad, Telangana Job ID 30184594 Job Category Digital Technology Position Title: Manager Exposure Management Location: Bangalore Full time/ Part time : Full time Job Description: Job Summary The Manager, Exposure Management plays a key role in identifying, analyzing, and driving mitigation of cybersecurity exposures across enterprise systems. This position focuses on vulnerability management, attack surface monitoring, and web application scanning to ensure timely detection and response to risks affecting the organization’s digital footprint. The role requires strong technical expertise, attention to detail, and the ability to work across teams to influence remediation activities and improve security posture. Key Responsibilities Operate enterprise vulnerability scanning platforms, validate findings, and track remediation efforts. Continuously assess the organization’s internal and external attack surface for untracked assets, misconfigurations, and exposed services. Identify and maintain asset ownership across business units; ensure ownership data is accurate and consistently reflected in the configuration management database (CMDB). Collaborate with infrastructure, application, and business stakeholders to ensure timely and complete updates to asset and ownership records. Configure, execute, and analyze web application security scans; work with development teams to address identified issues. Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tooling. Prepare detailed reports and dashboards for various audiences, from technical teams to executive leadership. Partner with IT, infrastructure, and cybersecurity stakeholders to support risk-informed remediation activities. Contribute to ongoing process improvements and tool optimization across the exposure management lifecycle. Basic Qualifications Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 10 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Master’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 8 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Preferred Qualifications Hands-on experience with tools such as Tenable, Qualys, Rapid7, or similar platforms. Familiarity with web application scanning tools and techniques. Experience managing or supporting a CMDB and asset lifecycle processes in a large organization. Understanding of frameworks such as CVSS, MITRE ATT&CK, and NIST CSF. Strong communication and analytical skills, with the ability to explain technical risks to business stakeholders. Experience supporting compliance and regulatory programs in a global business context. Benefits We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary. Have peace of mind and body with our health insurance Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference. Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

We're looking for a strategic thinker with deep hands-on expertise in GRC, cloud security technologies, and Focus Areas : Governance, Risk & Compliance (40%): Implement security frameworks (ISO 27001, NIST), conduct risk assessments, ensure regulatory compliance (GDPR, HIPAA, PCI-DSS). Security Operations (40%): Deploy cloud-native security controls, integrate DevSecOps, perform threat modeling and vulnerability assessments. Reporting & Documentation (20%): Create executive-level reports, maintain security architecture docs, support audits. What Were Looking For Bachelors or Masters degree in Computer Science, Information Security, or related field. 8 to 10 years of experience in cybersecurity with at least 5 years in cloud security. Strong knowledge of AWS, Azure, and/or GCP security services. Hands-on experience with security tools: Next Gen Firewalls, SIEM, SOAR, CSPM, DLP, EDR, etc. Hands-on experience with DevSecOps, container security (Kubernetes, Docker), and Infrastructure as Code (Terraform, CloudFormation). Hands-on experience with various VA/PT tools including open source like OpenVas/OWASP Zap/Veracode/Nessus/Qualys etc. Certifications (Preferred) Cloud Security: CCSP, AWS Security Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer (any one of them) General Security & Compliance: CISA/ISO 27001 Lead Implementer/Auditor (any one of them) (ref:hirist.tech)

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are looking for a self driven QA Automation engineer with strong networking background with problem solving, and programming skills who is able to help design and develop Qualys Web Application Scanning product. Engineer should be able to Design, implement, document and maintain test framework for various functionality in UI and API Develop test automation & enable high quality micro-services based delivery. This is a fantastic opportunity to be an integral part of a team building Qualys next generation platform using Micro-Services based technology. Responsibilities: Own core product capabilities and drive it to deliver highest quality product. Design and develop test frameworks for automation. Develop new testing tools for various use cases. Maintain automated test environment to perform unit, functional and stress testing. Setup and configure automation running part of the CI-CD pipeline. Participate in the creation and enhancement of the continuous integration platform used to test the product. Develop and execute automated performance tests. Qualifications: 4 years of hands-on experience in QA and at least 2-3 years working on automation Experience in Selenium WebDriver with Java/Python, Selenium grid. Strong knowledge of Java, Python, Shell Scripting, Data structures, OOPS concepts and its applications. Experience working with Docker, Kubernetes, ElasticSearch, Cassandra, Kafka. Experience with automation test tools (preferably Selenium Webdriver, Cucumber, Rest Assured). Good experience in test automation frameworks (data/keyword driven) and tools (Eclipse, Cucumber). Experience in testing frameworks like TestNG, JUnit. Experience with Web application testing along with REST APIs. Understanding of CI-CD pipelines: Docker, Kubernetes. Automated builds and deployments process using GIT or other SCM, Maven, Jenkins. Experience with Test and defect management tools like Jira Must be a critical thinker with excellent verbal and written skills. Good communication skills to be able to work with global teams.

Join us as a Security Analyst We’ll look to you to assess, triage, and respond proactively and effectively to security related threats, incidents, requests, and events The work you do will be vital in defending our assets, information, and systems from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording, or destruction Collaborating with internal and external stakeholders including third party suppliers, you’ll ensure activities relating to incident response, user access, alert monitoring, root cause analysis, and scenario planning are completed in line with standard operating procedures and to a high standard This role is available at associate vice president level What you’ll do Working with an array of domains, stakeholders, and specialists, you’ll take a proactive role to anticipate and identify security events, incidents, and trends that could adversely impact the bank, our customers, employees, or assets. You’ll contribute to security operations including production support, incident response, and on-call rota, and you’ll carry out and contribute to root cause analysis on security incidents and events, conduct training and scenario planning to prepare for and anticipate future events. As such, you’ll minimise future reoccurrence, and prepare reports and briefings as needed and to a high quality. You’ll also develop and maintain response plans, procedures, and playbooks to increase consistency and effectiveness of response capability. As well as this, you’ll: Proactively identify and effectively manage risks to deliver key security related customer and compliance outcomes, escalating and driving actions as necessary Actively contribute to security operations such as production support, incident response and on-call rota Maintain the end-to-end security response as directed, and ensure that security related services are delivered in line with expectations and that process change is implemented smoothly Act with pace when responding to customer queries and complaints and when responding to security events, make sure that feedback loops are in place to learn how to improve service and response Interrogate and interpret large volumes of data and analyse and assess data to understand trends and causal factors The skills you’ll need We’re looking for someone with a passion for cloud security and automation using Agile and DevOps methodologies, as well as promoting shift-left culture, which integrates security analysis into each CI/CD stage. You’ll have experience with Azure Cloud and security stack including Defender, Azure Sentinel and Azure Security Centre. You’ll also have expertise in automated security assessments and familiarity with third-party security tools integration such as Qualys and Tenable and compliance standards like PCI-DSS. In addition to this, you’ll demonstrate: Experience and knowledge of security controls The ability to communicate technical issues in business terms to range of stakeholders Experience in penetration testing and vulnerability management An understanding of Agile methodologies with experience of working in an Agile team

Job requisition ID :: 81577 Date: Jun 21, 2025 Location: Chennai Designation: Consultant Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Overview Exp. - 3-6 Years Location - Hyderabad, Bangalore, Gurgaon, Mumbai Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3-5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

Overall Objectives of job We are seeking a skilled and motivated Data Engineer / Data Scientist to join our team. The ideal candidate will have a strong background in data engineering and data science, with experience in building and maintaining scalable data pipelines, analyzing complex data sets, and deriving actionable insights to drive business decisions. This role also requires strong PostgreSQL, MongoDB, Python and Ansible development skills to support automation and data integration tasks. Data Engineering Build and maintain scalable ETL pipelines for data from sources like Qualys and CMDB. Ensure system reliability, availability, and high performance. Data Management Design and manage data architecture, schemas, and models. Implement data governance, quality controls, integrity, and security across SQL/NoSQL databases. Performance & Optimization Monitor database performance, optimize queries, and troubleshoot issues. Security & Backup Manage access controls and permissions. Develop backup and recovery procedures to protect data assets. Cloud Database Administration Operate DBs on AWS, Azure, and GCP. Stay current with PostgreSQL and MongoDB updates and patches. Collaboration & Documentation Work with IT and dev teams to align DB systems with business needs. Document processes, procedures, and best practices. Strategic Support Analyze business requirements and interpret data trends. Must-Have Skills PostgreSQL & MongoDB expertise Strong Python and Ansible skills for development and automation Experience in building and managing databases, tables, and indexes Solid understanding of query performance tuning and monitoring Familiarity with cloud DB platforms (AWS, Azure, GCP) #DataEngineer #SQL #Cloud #Hiring #Pune

Company – Our client is a global leader in IT solutions and services, recognized as a Fortune 500 company and consistently ranked among the best places to work in the tech sector. With a strong focus on innovation and cybersecurity, they provide mission-critical support to top enterprises worldwide. Job Title – Vulnerability Management Support Engineer Location – Chennai, Bangalore, or Hyderabad (Remote) Role Type – Contract to Hire Must Have Skills: 2+ years in IT Security or System/Network Administration, with 1–2 years in vulnerability management Hands-on experience with vulnerability tools like Qualys, Tenable, Nessus, or ServiceNow Understanding of CVEs, CVSS scoring, and basic risk assessment practices Proficiency in OS patching (Windows/Linux), basic networking, and security concepts Strong skills in interpreting scan results and clearly communicating findings to non-technical stakeholders Responsibilities and Job Details: Perform regular vulnerability scans and analyze scan results using tools like Qualys, Tenable, Rapid7, Nessus, and ServiceNow Validate vulnerabilities to eliminate false positives Coordinate remediation efforts with asset owners and IT teams Escalate high-severity vulnerabilities to security stakeholders Track and report remediation progress to ensure SLA compliance Support patch management prioritization based on risk analysis Generate internal and audit-ready vulnerability reports Maintain documentation of processes, schedules, and exceptions Collaborate with SOC and security teams for consistent risk reduction Assist in enhancing and automating the vulnerability lifecycle process Operate within a 24/7 rotational shift schedule. Utilize ticketing systems such as ServiceNow for task tracking and coordination

About NCR Atleos Responsible for planning and performing Application Risk Assessments, as per the guidelines provided by regulations and standards. Build expertise on security governance and compliance that includes all Cloud providers and Cloud security monitoring. Build tool expertise on tools - Wiz, Algosec, Fortinet, Forscout, etc. Effectively collaborates and communicates with the stakeholders and ensure satisfaction Foster teamwork. Train and coach team members to ensure effective knowledge management activity. EEO Statement NCR Atleos is an equal-opportunity employer. It is NCR Atleos policy to hire, train, promote, and pay associates based on their job-related qualifications, ability, and performance, without regard to race, color, creed, religion, national origin, citizenship status, sex, sexual orientation, gender identity/expression, pregnancy, marital status, age, mental or physical disability, genetic information, medical condition, military or veteran status, or any other factor protected by law. Statement to Third Party Agencies To ALL recruitment agenciesNCR Atleos only accepts resumes from agencies on the NCR Atleos preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Atleos employees, or any NCR Atleos facility. NCR Atleos is not responsible for any fees or charges associated with unsolicited resumes.

Driven by transformative digital technologies and trends, we are RIB and we’ve made it our purpose to propel the industry forward and make engineering and construction more efficient and sustainable. Built on deep industry expertise and best practice, and with our people at the heart of everything we do, we deliver the world's leading end-to-end lifecycle solutions that empower our industry to build better. With a steadfast commitment to innovation and a keen eye on the future, RIB comprises over 2,500 talented individuals who extend our software’s reach to over 100 countries worldwide. We are experienced experts and professionals from different cultures and backgrounds and we collaborate closely to provide transformative software products, innovative thinking and professional services to our global market. Our strong teams across the globe enable sustainable product investment and enhancements, to keep our clients at the cutting-edge of engineering, infrastructure and construction technology. We know our people are our success – join us to be part of a global force that uses innovation to enhance the way the world builds. Find out more at RIB Careers. Job Summary As part of the RIB team, you will embody our values of impact, aspiration, curiosity, and trust in everything you do. As a Cloud SecOps Engineer, you will play a key role in protecting the platforms used to deliver RIB's products within the Managed Services. The Cloud SecOps Engineer will be responsible for continuous security monitoring, threat detection, incident response, and security automation within Managed Services Product Portfolio. This role involves SIEM operations, vulnerability scanning, identity and access management, and endpoint security. The engineer will work closely with DevOps, SRE, Cloud Governance, and Application Security teams to enhance the security posture across Managed Services cloud environments. Key Responsibilities Security Monitoring & Incident Response Operate and manage SIEM solutions for real-time threat detection. Investigate security incidents, analyze logs, and escalate as needed. Work with DevOps/SRE teams on security incident containment and response. Security Automation & Orchestration (SOAR) Develop and implement security automation playbooks to streamline response. Support automated threat intelligence ingestion and response workflows. Identity & Access Management (IAM) Enforce least privilege access policies for cloud and IT environments. Assist in identity lifecycle management, MFA, and role-based access controls. Vulnerability & Risk Management Conduct vulnerability scans and misconfiguration assessments. Assist DevOps and SRE teams with security patching and risk remediation. Security Observability & Compliance Ensure security logs, alerts, and telemetry are properly integrated. Support audits and compliance initiatives for security best practices. Governance, Compliance, and Incident Response Align security operations with control frameworks (ISO 27001, GDPR, SOC 1, SOC2, CCM etc.). Work closely with CPSO., Cloud Governance, AppSec and Security Governance teams. Skills And Qualifications Bachelor's degree in cybersecurity, information security, or equivalent experience. Azure Security Engineer (AZ-500, SC-200, SC-300) 2+ years of experience in SecOps, cybersecurity, or cloud security roles. Strong understanding of SIEM solutions (e.g., Microsoft Sentinel, Splunk, QRadar, etc.). Experience with security automation (SOAR), scripting (Python, PowerShell), and incident response. Familiarity with IAM frameworks, cloud security best practices (Azure, AWS, etc.), and vulnerability management tools (Qualys, Tenable, etc.). Knowledge of DevOps, CI/CD security practices, and security control frameworks (ISO 27001, SOC1, SOC2, CIS etc.) RIB may require all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria. RIB is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business. Come and join RIB to create the transformative technology that enables our customers to build a better world.