674 Qualys Jobs - Page 15

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the teams goal. Main Scope Role of Wealth Management India IT Risk and Information Systems Security Manager, being understood this role includes delegations from APAC WM CISO for the team located in India territory and fully participates in overall WMIS Cybersecurity and IT Risk objectives. Participate to IT project security reviews conducted both on a global and APAC basis across all platforms. Participate in the Security Operation meetings in APAC, EMEA CH regions. This requires the incumbent to foster close working relationships with other business areas and IT Development/Production/CSIRT/Production Security teams. The incumbent will work hand in hand with the IT Dev, Prod teams and the business, as an enabler and a facilitator. Responsibilities Direct Responsibilities WM IT Risk and Security Manager o Manage the WM IT Risk and Security local team in India by managing the recruitment, performances review as well as training and career-path development. o Coordinate with APAC WM security actors, including India-based resources. o Coordinate with APAC WM IT teams on risk and security topics, while promoting a secure development and deployment culture o Assist for a Risk Treatment for any APAC WM issue, based on the WM GAIM generic process. o Periodic reporting of security status to WM CISO APAC and WM Global CISO o Contribute to the IT Risk and Cybersecurity Governance including procedural framework, Cybersecurity awareness and communication. o Ensure the regular reporting for management follow-up IT Security Compliance (delegation on WM APAC scope) o Ensure the alignment with the Group and WM GAIM security policies, for both project and production assets. o Ensure the protection of WM business data with an adequate security level of WM assets, based on project assessment and production review processes. o Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS), EU (GDPR), Switzerland (FINMA) o Leveraging on a deep knowledge of Security standards such as NIST, CIS,ISO2700x , ensure the compliance with the IT security requirements o Ensure the compliance with the Third-party Technology risks and Cloud security. o Identify the process gaps and provide solutions. Application Security o Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices. o Identify and implement the latest security standards for internet facing and internal assets. o Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing SAST, Dynamic Acceptance Security Testing DAST and Software Composition Analysis SCA). Perform Security risk assessments and reviews to be presented to respective committees. Ensure the adequate security level for all WM GAIM applications, whatever the IT project managers location and hosting provider. Production Security Oversight (delegation on WM APAC scope) o Identify the production security requirements and ensure a smooth integration of WM assets within APAC IT Production, including network flow opening and Application Zoning compliance. o Identify the compliance level of the production environment and contribute to remediation actions definition while keeping the oversight on actions progress. o Keep an overview and ensure the adequate Vulnerability Management at the server and middleware level leveraging on production scans and liaising with relevant production stakeholders. Contribute to the management of Cybersecurity incidents. CyberSecurity Program (delegation on WM APAC scope) o Contribute to the steering and driving of the security initiatives on the APAC scope expected by the WM Cybersecurity Program. Contributing Responsibilities Coordination with IT Security actors o Reporting line to the WM GAIM Global CISO : alignment on the objectives and means, contribution to the different global reporting (WM Cybersecurity Committee, Wholesale Application Security Dashboard) o Coordination and control of security activities performed by APAC CIB Business Information Security and Production Security teams, including project assessment from production point of view, production security review, user security awareness for the WM scope. o Coordination with the Swiss Security team concerning integration of WM assets within Swiss IT production. o Keeping abreast of initiatives by the IT Security community within the Group and other IT Security stakeholders within the Group. Technical Behavioral Competencies Cybersecurity / Technical Value-added Competencies Cybersecurity Governance : framework (NIST / CIS framework), Security incident management, Logging Detection (SIEM ELK products) DevSecOps : CI/CD toolchain knowledge of various tools o Source code management: sonarQuabe, bibucket, github/gitlab o Security application scanning (e.g. Sonatype/NexusIQ, Fortify, AppSpider, Qualys, DTR scan) o Automation/orchestration: Ansible tower, Jenkins Application Security: Threat modeling, Security architecture key concepts, exposure to various development framework and applicative landscape (Java/Web, Mobile applications, containerization/docker, kubernetes, API management, Cloud security) Vulnerability Management o Nexpose, Nessus Ethical Hacking Knowledge o Kali Linux knowledge (metasploit, nmap) Specific Qualifications (if required) Qualifications and Experience 10 years' experience in information security evaluation and design of technical architectures Functional as well as technical knowledge of the applications used within BNP Paribas Knowledge of the Norms and Standards of the BNP Paribas Group, in particular with respect to ITRM Wholesale IT Security Norms and Policies Team management experience is a must Preferred Master level in Computer science and Information Security Skills Referential Behavioural Skills : (Please select up to 4 skills) Communication skills - oral written Ability to collaborate / Teamwork Decision Making Ability to deliver / Results driven Transversal Skills: (Please select up to 5 skills) Ability to set up relevant performance indicators Ability to develop and adapt a process Ability to manage a project Ability to develop others improve their skills Ability to manage / facilitate a meeting, seminar, committee, training Education Level: Master Degree or equivalent Experience Level At least 10 years Other/Specific Qualifications (if required) Other Value-added Competencies Advanced IT security certifications may be advantageous (such as CISM, CCSP, CSK, CEH, CISSP). Operational Risk and Permanent Control Data Analytics solutions (Tableau, PowerBI) and strong expertise in Dashboard/reporting

Driven by transformative digital technologies and trends, we are RIB and we’ve made it our purpose to propel the industry forward and make engineering and construction more efficient and sustainable. Built on deep industry expertise and best practice, and with our people at the heart of everything we do, we deliver the world's leading end-to-end lifecycle solutions that empower our industry to build better. With a steadfast commitment to innovation and a keen eye on the future, RIB comprises over 2,500 talented individuals who extend our software’s reach to over 100 countries worldwide. We are experienced experts and professionals from different cultures and backgrounds and we collaborate closely to provide transformative software products, innovative thinking and professional services to our global market. Our strong teams across the globe enable sustainable product investment and enhancements, to keep our clients at the cutting-edge of engineering, infrastructure and construction technology. We know our people are our success – join us to be part of a global force that uses innovation to enhance the way the world builds. Find out more at RIB Careers. Job Summary As part of the RIB team, you will embody our values of impact, aspiration, curiosity, and trust in everything you do. As a Cloud SecOps Engineer, you will play a key role in protecting the platforms used to deliver RIB's products within the Managed Services. The Cloud SecOps Engineer will be responsible for continuous security monitoring, threat detection, incident response, and security automation within Managed Services Product Portfolio. This role involves SIEM operations, vulnerability scanning, identity and access management, and endpoint security. The engineer will work closely with DevOps, SRE, Cloud Governance, and Application Security teams to enhance the security posture across Managed Services cloud environments. Key Responsibilities Security Monitoring & Incident Response Operate and manage SIEM solutions for real-time threat detection. Investigate security incidents, analyze logs, and escalate as needed. Work with DevOps/SRE teams on security incident containment and response. Security Automation & Orchestration (SOAR) Develop and implement security automation playbooks to streamline response. Support automated threat intelligence ingestion and response workflows. Identity & Access Management (IAM) Enforce least privilege access policies for cloud and IT environments. Assist in identity lifecycle management, MFA, and role-based access controls. Vulnerability & Risk Management Conduct vulnerability scans and misconfiguration assessments. Assist DevOps and SRE teams with security patching and risk remediation. Security Observability & Compliance Ensure security logs, alerts, and telemetry are properly integrated. Support audits and compliance initiatives for security best practices. Governance, Compliance, and Incident Response Align security operations with control frameworks (ISO 27001, GDPR, SOC 1, SOC2, CCM etc.). Work closely with CPSO., Cloud Governance, AppSec and Security Governance teams. Skills And Qualifications Bachelor's degree in cybersecurity, information security, or equivalent experience. Azure Security Engineer (AZ-500, SC-200, SC-300) 2+ years of experience in SecOps, cybersecurity, or cloud security roles. Strong understanding of SIEM solutions (e.g., Microsoft Sentinel, Splunk, QRadar, etc.). Experience with security automation (SOAR), scripting (Python, PowerShell), and incident response. Familiarity with IAM frameworks, cloud security best practices (Azure, AWS, etc.), and vulnerability management tools (Qualys, Tenable, etc.). Knowledge of DevOps, CI/CD security practices, and security control frameworks (ISO 27001, SOC1, SOC2, CIS etc.) RIB may require all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria. RIB is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business. Come and join RIB to create the transformative technology that enables our customers to build a better world.

Position Purpose The purpose of the position is to help with the information security topics mentioned in the direct responsibilities. Responsibilities Direct Responsibilities - Executing IT risk assessment reviews, identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans. Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate. Knowledge of Secure Development methodologies and frameworks. Hands-on experience in penetration testing and tools like AppScan, Webinspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity Well-versed in conducting Security Review, Assessments and providing recommendations. Knowledge of OWASP, SANS standards. Experience in Process Improvement, Controls Enhancement and Reporting. - Engaging with organization wide risk and control groups, including internal audit and territory control teams. - Working with Technology stakeholders (including Production Support and Development teams) to identify the IT risks affecting the organization and formulating appropriate remediation strategies based on full understanding of business exposure and compensating controls. Contributing Responsibilities Excellent understanding of development security and its implementation in systems: identification, authentication, access control and provisioning, alignment of jurisdiction to business process Knowledge of single-sign-on security strategies (e.g. SAML, OAUTH2, SiteMinder etc.) Excellent understanding of authentication related mechanisms (Kerberos, One Time Passwords, PKI) Good understanding of cryptography and its practical uses within secure application development Familiarity with common security vulnerabilities (e.g. OWASP Top 10) Strong technical skills required to understand vulnerabilities in detail and how to resolve/mitigate them. Excellent knowledge of programming best practices, design patterns, etc. Excellent problem solving skills, being able to develop approaches to complex technology and strategy problems, building consensus across diverse interest groups and working within constraints of practical delivery yet able to think beyond the requirements of immediate issues. Well-developed written communication skills with the ability to summarise key issues, conclusions and recommendations in report form. Target audiences will include regulatory authorities and internal/external auditors. Technical & Behavioral Competencies Excellent knowledge of programming best practices, design patterns, etc. Excellent problem solving skills, being able to develop approaches to complex technology and strategy problems, building consensus across diverse interest groups and working within constraints of practical delivery yet able to think beyond the requirements of immediate issues. Well-developed written communication skills with the ability to summarize key issues, conclusions and recommendations in report form. Target audiences will include regulatory authorities and internal/external auditors. Hands-on experience in penetration testing and tools like AppScan, Webinspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity, Sonatype, Blackduck Well-versed in conducting Security Review, Assessments and providing recommendations. Knowledge of OWASP, SANS standards. Experience in Process Improvement, Controls Enhancement and Reporting. Excellent Inter personal and presentation skills Strong in verbal and written communication Ability to liaise with cross-functional stakeholders globally Clear understanding of application and data security Must be flexible, independent, self-motivated Good analytical skills Specific Qualifications (if required) - CEH, SSCP, OSCP certified. - Technical Graduate (Computer Science) Preferable. Skills Referential Behavioural Skills : (Please select up to 4 skills) Ability to collaborate / Teamwork Communication skills - oral & written Ability to share / pass on knowledge Active listening Transversal Skills: (Please select up to 5 skills) Ability to understand, explain and support change Analytical Ability Ability to develop and adapt a process Ability to develop and leverage networks Ability to manage / facilitate a meeting, seminar, committee, training Education Level: Bachelor Degree or equivalent Experience Level At least 7 years

Job Description 4: Sr. Information Security Consultant/ Information Security ConsultantOverview: eSec Forte Technologies is a distinguished cybersecurity service provider specializing in client-side infrastructure security. We are looking for a skilled Senior Infrastructure Security Engineer to join our client-side security team. The ideal candidate will have advanced experience in network vulnerability assessment and penetration testing (VAPT) and using Qualys for vulnerability management. Key Responsibilities: · Conduct advanced network vulnerability assessments and penetration tests on client-side infrastructure. · Utilize Qualys for comprehensive vulnerability scanning and management. · Identify and remediate security vulnerabilities in client environments. · Perform detailed security configuration reviews of network devices, servers, and other infrastructure components. · Collaborate with client IT teams to enhance their security posture. · Provide detailed reports and recommendations based on assessment findings. · Stay up-to-date with the latest security threats and best practices. Qualifications: · Bachelor's degree in Information Security, Computer Science, or related field. · 2+ years of experience in infrastructure security. · Proficiency in using Qualys and other vulnerability scanning tools. · Strong understanding of network security principles and advanced penetration testing techniques. · Experience with security tools such as Metasploit, Nmap. · Excellent communication and interpersonal skills. · Relevant certifications such as OSCP, CEH or equivalent are a plus. Skills: · Network Vulnerability Assessment and Penetration Testing (VAPT) · Qualys · Vulnerability Management · Security Configuration Review · Metasploit, Nmap

We are seeking an OT Security Specialist to enhance the cybersecurity posture of our manufacturing environment. This role involves engaging with stakeholders to assess risks, conduct gap analyses, and implement mitigation strategies across IT and OT systems. Responsibilities include rolling out Microsoft Defender, implementing BitLocker, creating golden images, and improving compliance in line with corporate security policies. The ideal candidate will have strong technical expertise in Windows environments, experience with cybersecurity tools (EDR, Qualys, CTD, Archer), and a solid understanding of OT security concepts including SCADA, PLCs, and IoT devices. Prior experience in endpoint, network, application, and cloud security is essential. Familiarity with IEC 62443 standards is a plus. Your tasks Rolling out Microsoft Defender in the manufacturing environment Implementing BitLocker on Windows devices and developing necessary procedures to maintain the technology Creating golden images tailored for the manufacturing environment Assessing compliance, identifying deficiencies, determining risk levels, recommending solutions, and providing guidance to ensure protection of company information in line with the Information Security Policy Supporting efforts to reduce overall risk levels in the OT environment by analyzing outputs from various security tools such as EDR, OT Continuous Threat Detection, and Qualys Collaborating with manufacturing teams to improve security KPIs in the manufacturing environment Supporting the remediation of existing security findings in the OT environment Requirements Expertise in managing Microsoft Defender and BitLocker in enterprise environments Proven ability to secure end-user devices and implement defense mechanisms Experience securing business applications and enterprise resource planning systems Knowledge of securing cloud environments, including policy and access control Strong understanding of network segmentation, firewalls, and logical access protocols Experience with asset management and user access control processes - Identity & Access Management Hands-on experience with tools like Qualys, LabMan, Archer, EDR, and Palo Alto Prisma Familiarity with OT security concepts, including CTD tools, IoT, PLCs, and SCADA systems

USI T&I - Analyst – Infrastructure Operations Center - Deloitte Support Services India Private Limited Work you’ll do Responsibilities As a team member, you will be accountable for, but not limited to the responsibilities below. Operational Proactive Monitoring of SolarWinds, Dynatrace, HP OneView and action as per standard operating procedures. Apply both independent judgment and procedure driven approach to troubleshoot, isolate and diagnose common network, OS, and server issues. Work on Agent remediation tasks pertaining to SCCM Client/Qualys/Splunk Manage Windows and Linux Server Patching and security compliance Monitoring and resolving Cohesity and Veeam backup solutions Coordinating with Vendor’s in resolving Physical Server and Network issues Support and manage Virtual Machine through vSphere Client and Hyper-V Troubleshooting Database Server (MSSQL) alerts Provide Status updates on assigned tasks Engages with customers and other technical resources by phone and email to provide technical support and issue resolution Monitoring and troubleshoot AudioVideo equipment alerts Process daily task assigned by the shift leads. Create RFC’s and represent in the CAB calls Co-ordinate and be a part of the maintenance, upgrades, and server OS patching Participate in weekly team meetings Technical Responsibilities: Ensuring the infrastructure availability through use of proactive monitoring tools like Dynatrace, SolarWinds, XIO etc Manage and Monitor alerts from various tools: o HP One View o IT Expert Monitoring Cloud o Nasuni o Backup – Veeam/Cohesity Prepare the documentations/KB articles Handle Incident management within defined SLA’s Maintaining a log of all necessary information in a centralized location Prepare and share various IT infrastructure reports Support stakeholders during improvements, upgrades, and other maintenance activities as recommended and scheduled Coordinate with vendors to resolve physical server and network issues Education: Bachelor’s Degree. Experience: 1 -2.5 plus years of Network/Server monitoring in an ITIL environment with knowledge and awareness of Servers, Network Routers/Switches/Firewalls, DNS and DHCP and Security Patching Work Location : Hyderabad Shift Timings : 24*7 in Rotational shifts The Team At Deloitte, we’re all about collaboration. And nowhere is this more apparent than among our 2,000-strong internal services team. With our combined specialist skills, we provide all the essential support and advice our client-facing colleagues need, right across the firm. This enables them to focus all of their efforts on delivering the best service possible to their clients. Covering seven distinct areas; Human Resources, Clients & Industries, Finance & Legal, Practice Support Services, Quality & Risk Services, IT Services, and Workplace Services & Real Estate, together we live, breathe and deliver the Deloitte experience. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India. Benefits to help you thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 305181

AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation. At AHEAD, we prioritize creating a culture of belonging, where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD. We are an equal opportunity employer, and do not discriminate based on an individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, marital status, or any other protected characteristic under applicable law, whether actual or perceived. We embrace all candidates that will contribute to the diversification and enrichment of ideas and perspectives at AHEAD. A Security Technical Writer will play a crucial part in supporting our cybersecurity initiatives by producing clear, comprehensive, and accurate technical documentation for a variety of customer-facing and internal audiences. You will be responsible for creating and maintaining a wide range of documents, including but not limited to: Security practice standards and procedures, incident response guides, technical manuals, system architecture overviews, user guides for security tools, and compliance documentation aligned with industry frameworks such as NIST, ISO 27001, SOC 2, and others. The ideal candidate will have a strong background in both technical writing and cybersecurity concepts, with the ability to translate complex technical information into easy-to-understand content. You will collaborate closely with security engineers, analysts, and risk / compliance professionals to gather accurate and timely information for your documentation efforts. Additionally, you will help standardize documentation practices, ensure consistent formatting and terminology, and contribute to the continuous improvement of our knowledge-sharing processes. This role requires someone who is proactive, self-directed, and capable of managing multiple projects under tight deadlines. A strong understanding of the cybersecurity landscape—including threat modeling, risk assessment, data protection, and secure systems design—is highly valuable. Key Responsibilities The following are the expectations of a Security Technical Writer: Client Delivery Develop clear, concise, and accurate documentation related to cybersecurity operations, including: Security policies and standards System architecture diagrams Incident response playbooks Compliance documentation (e.g. NIST, ISO 27001, SOC 2) User and administrator guides for security tools Translate complex technical concepts into easy-to-understand content for various audiences (technical and non-technical). Work closely with cybersecurity teams to gather information and validate documentation. Ensure all documentation is up to date and aligns with organizational policies and regulatory requirements. Create and maintain templates and documentation standards. Assist in the development of training materials and internal communications related to cybersecurity awareness. Technical Mastery Documentation Tools: Proficient with documentation platforms such as Confluence, SharePoint, Git/GitHub, Markdown, and Microsoft Office Suite Security Tools (familiarity required): Experience documenting tools like SIEMs (e.g., Splunk, QRadar), endpoint protection systems, vulnerability scanners (e.g., Qualys, Nessus), firewalls, identity and access management (IAM) solutions, and cloud security platforms (e.g., AWS Security Hub, Azure Security Center) Writing Standards: Strong knowledge of style guides (e.g., Microsoft Manual of Style, APA, Chicago Manual) and documentation best practices Diagramming Tools: Proficiency in tools like Lucidchart, Draw.io, or Visio for architecture and data flow diagrams Markup Languages (a plus): Familiarity with XML & Markdown Domain Experience Required Cybersecurity Fundamentals: Strong understanding of core cybersecurity principles, including threat modeling, risk assessment, encryption, access control, vulnerability management, and incident response Compliance Frameworks: Hands-on experience documenting against security standards such as: NIST Cybersecurity Framework (CSF), NIST SP 800-53, NIST 800-171 ISO/IEC 27001 and 27002 PCI-DSS, HIPAA, GDPR, etc. Industry Context (Preferred): Prior experience working in regulated industries such as finance, healthcare, technology, or government contracting Cloud Security (Preferred): Knowledge of cloud-native security controls, cloud shared responsibility model, and cloud platform compliance (AWS, Azure, GCP) Qualifications Bachelor’s degree in Technical Writing, Cybersecurity, Computer Science, or related field. 5 years of experience in technical writing, preferably within a cybersecurity or IT environment. Familiarity with cybersecurity concepts, frameworks, and tools (e.g., firewalls, IDS/IPS, IAM, etc.). Excellent written and verbal communication skills. Ability to work independently and collaboratively in a fast-paced environment. Why AHEAD: Through our daily work and internal groups like Moving Women AHEAD and RISE AHEAD, we value and benefit from diversity of people, ideas, experience, and everything in between. We fuel growth by stacking our office with top-notch technologies in a multi-million-dollar lab, by encouraging cross department training and development, sponsoring certifications and credentials for continued learning. USA Employment Benefits include: Medical, Dental, and Vision Insurance 401(k) Paid company holidays Paid time off Paid parental and caregiver leave Plus more! See benefits https://www.aheadbenefits.com/ for additional details. The compensation range indicated in this posting reflects the On-Target Earnings (“OTE”) for this role, which includes a base salary and any applicable target bonus amount. This OTE range may vary based on the candidate’s relevant experience, qualifications, and geographic location.

Role: Technology Analyst - IT Services(Cyber Security) Location-PUNE Experience-6+Years Notice Period-Immediate Joiners Education-BE/BTECH Scripting experience Must have worked on security products like firewall, AV, Patch, VAPT, Qualys etc. Java, Python, firewell, scripting coding, power Shell scripting. Certification like basic MS, Linux or CCNA types ensuring basic should be clear. Experience of at least 5+ years Expertise in cloud security testing & validation Scripting experience like Python, PowerShell bash etc Team Management and Leadership Cybersecurity Expertise Vulnerability Assessment & remediation Penetration Testing IT Risk Management, Security Compliance & Governance. Exposure to the tools like Qualys, Nessus, Workspace one Regards, Infosys Recruitment Team

Role Title: Cyber Defense Specialist – Senior SOC Analyst (L3/L4 | Threat Detection | Incident Response) 📍 Location: Manesar, Haryana (Onsite | Government Sector Engagement) 🏢 Organization: VVNT SEQUOR LLP, Noida 📅 Start Date: Immediate to ≤ 1 Month Preferred About the Role Join VVNT SEQUOR LLP as a Cyber Defense Specialist supporting our prestigious Government Sector client . With 8–10 years of deep expertise in SOC operations, SIEM platforms, and threat intelligence , you’ll be leading high-severity incident response efforts, forensic investigations, and proactive threat hunting. This is not just a monitoring role — it’s a frontline cybersecurity command post where you’ll shape detection strategies, automate response mechanisms, and act as a senior escalation point for L3/L4 security challenges. Your Core Responsibilities 🎯 SIEM & Threat Hunting Lead monitoring of security events using ArcSight , Splunk , ELK , and custom dashboards Develop and fine-tune correlation rules , detection use cases, and threat indicators Conduct proactive threat hunting using the MITRE ATT&CK framework, threat intel, and behavioral analytics 🚨 Incident Response & Digital Forensics Execute the full incident lifecycle —detection, containment, investigation, recovery, and RCA Perform forensic investigations : memory analysis, packet capture review, EDR telemetry (e.g., CrowdStrike , SentinelOne ) Conduct post-incident reviews , document findings, and coordinate RCA sessions with stakeholders 🛠️ Vulnerability Management & Infrastructure Security Conduct VAPT assessments using tools like Nessus , Qualys , OpenVAS , Metasploit , Burp Suite Manage and fine-tune Firewalls (Palo Alto, FortiGate) , WAF , IDS/IPS , and Anti-DDoS appliances Support audits and documentation for ISO 27001 , NIST CSF , and related compliance mandates ⚙️ Automation & Security Enablement Drive integration with SOAR platforms , building automated playbooks using Python , PowerShell , or REST APIs Mentor L1/L2 teams, lead internal security drills, and run awareness campaigns (e.g., KnowBe4 ) Collaborate on blue/purple team exercises to improve detection coverage Ideal Candidate Profile 8–10 years of SOC experience with strong L3/L4 exposure Expert in SIEM/EDR/SOAR tools , threat modeling, forensic analysis, and advanced detection Excellent in handling escalations, drafting RCA reports, and coordinating with InfoSec, Infra, and Audit teams Comfortable with mission-critical response , working in regulated or high-compliance environments Preferred Certifications / Experience Certifications: CEH, CHFI, GCFA, GCIA, Security+, Splunk Certified Analyst Experience with cloud security monitoring tools (AWS GuardDuty, Azure Sentinel, TIPs) Bonus: Exposure to OT/ICS environments , Red/Blue/Purple team operations, or critical infrastructure protection Why VVNT SEQUOR? Work on strategic cybersecurity projects for a Government client Get hands-on with next-gen detection tools and nation-grade threat response protocols Enjoy subsidized cab & lunch while working in a high-impact, innovation-led setup Be recognized as a cyber leader , not just an operator Application Process Send the following to: 📧 chaitali@vvntsequor.in , parveen.arora@vvntsequor.in 📱 WhatsApp: +91-9891810196 / +91-8802801739 Please include: Updated Resume (with certifications) Last Drawn & CTC Earliest Joining Date (Immediate to Max 1 Month only) Optimized Tags / Keywords Senior SOC Analyst | Cybersecurity Specialist | Threat Hunting | SIEM (Splunk, ArcSight) | Incident Response | Forensics | CrowdStrike | EDR | SOAR Automation | MITRE ATT&CK | ISO 27001 | NIST CSF | Python Scripting | VAPT | Firewall Security | L3 L4 Escalation Show more Show less

Key Responsibilities: Monitor security events and alerts from SIEM tools (e.g., Splunk, IBM QRadar, Azure Sentinel). Analyze logs, network traffic, and endpoint data to identify malicious activity ,

About Marvell Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities. At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead. Your Team, Your Impact At Marvell, we are looking for a Vulnerability Management Professional who will be instrumental in protecting the company’s digital assets. The individual shall come with proven strong technical competence and leadership capability to contribute towards the success of the enterprise-wide vulnerability management program. The ideal candidate will lead the vulnerability management strategy, oversee the identification and remediation of security vulnerabilities, and report on the effectiveness of the program to IT, Engineering, and Product teams. What You Can Expect Lead the vulnerability management program, including developing strategies, policies, and procedures to identify, assess, and remediate security vulnerabilities. Develop and maintain a comprehensive vulnerability management program that aligns with industry best practices and regulatory requirements. Set clear vulnerability management targets and objectives to ensure timely identification, assessment, and remediation of security risks. Collaborate with IT, Engineering, and Product teams to prioritize vulnerability remediation efforts based on risk and business impact. Manage the regular scanning of Marvell’s infrastructure and applications to detect vulnerabilities. Provide leadership and guidance to the vulnerability management team, fostering a culture of continuous improvement and learning. Prepare and present detailed reports on vulnerability findings, remediation progress, and program effectiveness to senior management and relevant stakeholders. Stay abreast of the latest security threats, trends, and technologies to continuously enhance Marvell’s security posture. Collaborate with cross-functional teams to ensure the timely and effective identification and remediation of security vulnerabilities in software, firmware, and hardware products. Conduct regular vulnerability assessments and penetration testing to identify weaknesses and potential threats to Marvell's systems and networks. Work closely with external partners and vendors to ensure that security measures are effectively integrated into Marvell’s products and services. Stay up-to-date on emerging security threats, vulnerabilities, and industry best practices to continuously improve Marvell's security posture. Perform vulnerability risk profiling and prioritization of vulnerabilities. Represent Marvell Semiconductor in security forums, conferences, and industry working groups to share knowledge and expertise in vulnerability management. Lead and manage vulnerability management projects, such as implementing new tools or processes. Metrics, and Reporting: Leverage technology stack to report and manage the requirements of various metrics requested by different stakeholders. What We're Looking For Bachelor's degree in Computer Science, Information Security, or related field. Master's degree preferred. More than 12 years of experience in cybersecurity, with a focus on vulnerability management and penetration testing. In-depth knowledge of common security vulnerabilities, attack vectors, and mitigation techniques. Experience with vulnerability scanning tools such as Qualys, Nessus, or similar. Strong understanding of network protocols, operating systems, and software development processes. Industry certifications such as OSCP, CISSP, GIAC GWAPT, are highly desirable. Excellent communication and interpersonal skills, with the ability to effectively collaborate with technical and non-technical stakeholders. Strong analytical and problem-solving abilities, with a keen attention to detail. Ability to work independently and lead cross-functional teams in a fast-paced environment. Additional Compensation And Benefit Elements With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. We’re dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what it’s like to work at Marvell, visit our Careers page. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Show more Show less

Infrastructure Engineering & Cloud Operations (IECO) is evolving into a world-class, cloud-optimized organization focused on delivering secure, scalable, and high-performing platforms. As we transition from co-located environments to modern cloud solutions, we are placing a heightened emphasis on vulnerability management, patch compliance, and infrastructure security. As a DevOps Manager within IECO, you will lead a team of engineers with a core mission to ensure the security and resilience of our cloud infrastructure. You will drive the implementation of robust vulnerability and patch management programs, ensuring timely remediation of security risks while maintaining operational excellence. Your leadership will be instrumental in advancing automation, improving system reliability, and safeguarding customer trust. You must be a proactive, results-driven leader who thrives in dynamic environments. You bring a security-first mindset, a passion for continuous improvement, and the ability to mentor and inspire high-performing teams. What you’ll do ❖Build and lead a high-performing team focused on vulnerability detection, assessment, and remediation across cloud and hybrid environments. ❖Oversee the end-to-end patch management lifecycle, ensuring timely deployment of security patches and updates across all infrastructure components. ❖Establish and enforce security baselines and compliance standards, integrating them into CI/CD pipelines and infrastructure as code. ❖Monitor and analyze vulnerability metrics and patch compliance KPIs, using data to drive continuous improvement and risk reduction. ❖Collaborate with Security, Risk, and Compliance teams to align on threat intelligence, audit requirements, and remediation strategies. ❖Lead incident response efforts related to infrastructure vulnerabilities, ensuring rapid containment and resolution. ❖Drive automation initiatives to streamline vulnerability scanning, patch deployment, and compliance reporting. ❖Provide technical leadership in cloud infrastructure design, ensuring security is embedded in architecture and operations. ❖Partner with Product Management and Application Engineering to align infrastructure security with product roadmaps and business goals. ❖Manage 24/7 operations, ensuring high availability, performance, and security of critical systems. ❖Create and maintain documentation for systems, processes and procedures to ensure knowledge sharing across teams ❖Stay updated on industry trends and emerging technologies What we’ll want you to have: ❖Bachelor’s degree in Computer Science, Engineering, Information Security, or related field (or equivalent experience). ❖10+ years of experience in IT infrastructure, DevOps, or SRE roles with a strong focus on security and patch management. ❖Proven experience implementing and managing vulnerability management tools (e.g., Qualys, Tenable, Rapid7) and patch management solutions (Tanium). ❖Hands-on experience with cloud platforms (AWS, Azure, GCP) and container orchestration (Docker, Kubernetes). ❖Familiarity with DevSecOps practices, infrastructure as code (Terraform, Ansible), and secure CI/CD pipelines. ❖Strong understanding of ITIL, security frameworks (NIST, CIS), and compliance standards (SOC 2, ISO 27001). ❖Excellent communication and leadership skills, with experience managing geographically distributed teams. ❖Availability for on-call support during critical incidents or high-impact events. Stay up to date on everything Blackbaud, Blackbaud is a digital-first company which embraces a flexible remote or hybrid work culture. Blackbaud supports hiring and career development for all roles from the location you are in today! Blackbaud is proud to be an equal opportunity employer and is committed to maintaining an inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Description Qualys (QLYS) is a cybersecurity company headquartered in USA. We have an opening for a Marketing Operations Manager to join our Marketing team in Pune, India. Responsibilities Work with marketing leadership to identify the KPIs that are most relevant to driving the business forward; develop the means to report on those KPIs and dashboards in an automated, on-demand fashion Drive data fluency throughout the marketing organization through the creation of standardized metrics, intuitive dashboards, and compelling business insights based on salesforce data. Develop, optimize and maintain dashboards, in Salesforce & Tableau, with a focus on user experience, interactivity, and dynamism Drive marketing database strategy. Analyze gaps in our data and contact acquisition strategy. Oversee strategy, execution and measurement to ensure accuracy, completeness, and recency of marketing data. Facilitate key monthly/quarterly processes like business reviews and other reports Partner with other teams such as Business Applications, Sales Operations, and Finance in cross functional projects Requirements Total 10+ years’ experience in data engineering, business intelligence, or analytics Complete fluency in Salesforce.com from marketing team perspective and familiarity with common enterprise Martech tools such as Bizible, Marketo, Salesforce etc. Minimum 2 years’ work experience in BI tools such as Tableau or PowerBI High energy self-starter with a passion for data and enjoy working in a fast paced rapidly changing environment. Proactively drive for process improvements to drive our platform forward with a metrics-driven, continuous improvement approach. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! The Senior Accountant in this role is expected to handle the complete Fixed Asset Accounting responsibilities for Qualys Inc and should be able to cooperate with the International Accountants across Qualys Subsidiaries and Consolidate the numbers at group level. In addition to Fixed Assets, the candidate is expected to support few General Ledger tasks, prepaid reviews, accruals during the month end close. Must have sound working knowledge on Opex & Capex concepts and be able apply them in accordance with company expense policies/GAAP requirements and established thresholds. Coordinate with Accounts Payable teams for proper classification of expenses i.e. Fixed Assets, Prepaids. A detailed Overview of the Responsibilities: Fixed Asset Close Process: CIP Analysis to gather the necessary information for Fixed Assets capitalizations/Reclass/expense-off. Good exposure in Fixed Asset creation/ Disposals/Transfers. FA Roll-forward and Reconciliation with FAM. Run the Depreciation Schedules and analytical review of the month over month variances. Preparation of FA-GL Reconciliations and variance explanation. Preparation of Capital Expenditure Group Report for MIS purposes Review the open PO’s and record the necessary accruals. Prepare audit schedules relating to fixed assets and assist the auditors in their inquiries. Conduct analyses related to fixed assets as requested by management. Recommend to management on any fixed asset disposals on a quarterly basis. Prepaid expense review, classification, and amortizations. Should support in month-end AP and T&E Accruals preparation. Maintaining the Intangible schedules (Purchased & Internally developed) and amortize on monthly/quarterly basis. Should be able to handle the General Accounting activities for some of the Qualys India, US and Other international entities independently and ensure timely month-end/quarter end book closures. Assists in preparing and posting all entries and reconciliations for month-end close. Review of financial statements and prepare the variance analysis to present the findings along with necessary commentary. Qualifications: CA Inter, CA, Bachelor’s degree in Accounting, Finance, or related discipline required. Should have minimum 6 years of relevant experience. Candidate should be self-motivated, prioritize responsibilities, and work in a dynamic environment. Good communication and presentation skills Continuously identify opportunities for process improvement. Advanced Microsoft Excel skills (Pivot Tables, VLOOKUP functions, etc.) a Plus. Experience with NetSuite (Oracle Application), Concur and Coupa is preferred. Show more Show less

Job Role Position: Security Engineer (L3): System Compliance and Identity & Access Management Work Location: Mumbai Educational Qualification: Bachelor’s degree in Engineering or equivalent Work Experience: L3 (6+ yrs) Certification: Azure Security certification / GCP Security Certification / AWS Cloud Security Certification or similar certifications Flexible on working hours and ready for 24/7 support model. Knowledge & Skills Good knowledge in Security technologies of Azure or GCP or AWS or on-premises Identity and access management Working knowledge on IAM related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth Working knowledge on Windows AD, Windows ADFS, Windows AD Sites and Trusts Working knowledge on various identity providers such as Windows AD, Okta, Oracle, PingID Working knowledge of multi-Factor authentication and Privileged Access Management Good understanding of Identity Protection, Identity & Access Solution Migration System Compliance Working knowledge of one of the technology administration & patching like Windows, Unix, DB, MW, Others Hands-on experience with one or more configuration management systems such as Ansible, Chef, or Puppet Knowledge of vulnerability scoring systems (CVSS/CMSS) Good understanding of Windows and Unix administration & patching Work experience with vulnerability assessment tools like Qualys, Foundstone, Rapid7, Nessus and similar Working experience in Public / Private / Hybrid Cloud solutions and their best practices Hands on experience using the various cloud administration portal Hands-on with PowerShell, Python, or other scripting languages Knowledge on Cloud (Azure, GCP, AWS) Security concepts and technologies Provides remediation guidance and prepares management reports to track remediation activities. Knowledge in information security management, compliance principles, practices, laws, rules and regulations Strong understanding on Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols Knowledge in cloud security standard frameworks, architecture, design, controls, technology solutions and service orchestration Skills: security,powershell,identity & access solution migration,windows adfs,data architecture,aws,windows,information security management,ansible,chef,azure security,cloud administration portals,identity protection,gcp security,identity and access management,compliance principles,iam protocols (saml, spml, xacml, scim, openid, oauth),management,cvss,mfa,azure,python,access,puppet,aws cloud security,patching,system compliance,network infrastructure,privileged access management,vulnerability assessment tools (qualys, foundstone, rapid7, nessus),cloud solutions (public/private/hybrid),windows ad,security certification Show more Show less

About Zeta Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future. It was founded by Bhavin Turakhia and Ramki Gaddipati in 2015. Our f lagship processing platform - Zeta Tachyon - is the industry’s first modern, cloud-native, and fully API-enabled stack that brings together issuance, processing, lending, core banking, fraud & risk, and many more capabilities as a single-vendor stack. 15M+ cards have been issued on our platform globally. Zeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios. Zeta has over 1700+employees - with over 70%roles in R&D - across locations in the US,EMEA, and Asia. We raised$280 million at a$1.5 billion valuation from Softbank, Mastercard, and other investors in 2021.Learn more @ www.zeta.tech , careers.zeta.tech , Linkedin , Twitter The Role As part of the Risk & Compliance team within the Engineering division at Zeta, the Application Security Manager is tasked with safeguarding all mobile, web applications, and APIs. This involves identifying vulnerabilities through testing and ethical hacking, while also educating developers and DevOps teams on how to resolve them. Your primary goal will be to ensure the security of Zeta's applications and platforms. As a manager, you'llbe responsible for securing all of Zeta’s products. In this individual contributor role, you will report directly to the Chief Information Security Officer (CISO). The role involves ensuring the security of web and mobile applications, APIs, and infrastructure by conducting regular VAPT. It requires providing expert guidance to developers on how to address and fix security vulnerabilities, along with performing code reviews to identify potential security issues. The role also includes actively participating in application design discussions to ensure security is integrated from the beginning and leading Threat Modeling exercises to identify potential threats. Additionally, the profile focuses on developing and promoting secure coding practices, educating developers and QA engineers on security standards for secure coding, data handling, network security, and encryption. The role also entails evaluating and integrating security testing tools like SAST, DAST, and SCA into the CI/CD pipeline to enhance continuous security integration. Responsibilities Guide Security and Privacy Initiatives: Actively participate in design reviews and threat modeling sessions to help shape the security and privacy approach for technology projects, ensuring security is embedded at all stages of application development. Ensure Secure Application Development: Collaborate with developers and product managers to ensure that applications are securely developed, hardened, and aligned with industry best practices. Project Scope Management: Define the scope for security initiatives, ensuring continuous adherence throughout each project phase, from initiation to sustenance/maintenance. Drive Internal Adoption and Visibility: Ensure that security projects are well-understood and adopted by internal stakeholders, fostering a culture of security awareness within the organization. Security Engineering Expertise: Serve as a technical expert and security champion within Zeta, providing guidance and expertise on security best practices across the organization. Team Leadership and Development Make decisions on hiring and lead the hiring process to build a skilled security team. Define and drive improvements in the hiring process to attract top security talent. Mentor and guide developers and QA teams on secure coding practices and security awareness. Security Tool and Gap Assessment: Continuously assess and recommend tools to address gaps in application security, ensuring the team is equipped with the best resources to identify and address vulnerabilities. Stakeholder Liaison: Collaborate with both internal and external stakeholders to ensure alignment on security requirements and deliverables, acting as the main point of contact for all security-related matters within the team. Bug Bounty Program Management: Evaluate and triage security bugs reported through the Bug Bounty program, working with relevant teams to address and resolve issues effectively. Own Security Posture: Take ownership of the security posture of various applications across the business units, ensuring that security best practices are consistently applied and maintained. Skills Hands-on experience in Vulnerability Assessment (VA) and Penetration Testing (PT) across web, mobile, API, and network/Infra environments. Deep understanding of the OWASP Top 10 and their respective attack and defense mechanisms. Strong exposure to Secure SDLC activities, Threat Modeling, and Secure Coding practices. Experience with both commercial and open-source security tools, including Burp Suite, AppScan, OWASP ZAP, BEEF, Metasploit, Qualys, Nipper, Nessus andSnyk. Expertise in identifying and exploiting business logic vulnerabilities. Solid understanding of cryptography, PKI-based systems, and TLS protocols. Proficiency in various AuthN/AuthZ frameworks (OIDC, OAuth, SAML) and the ability to read, write, and understand Java code. Experience with Static Analysis and Code Reviews using tools like Snyk,Fortify,Veracode, Checkmarx, and SonarQube. Hands-on experience in reverse engineering mobile apps and using tools like Dex2jar, ADB, Drozer, Clang, iMAS, and Frida/Objection for dynamic instrumentation. Experience conducting penetration tests and security assessments on internal/external networks, Windows/Linux environments, and cloud infrastructure (primarily AWS). Ability to identify and exploit security vulnerabilities and misconfigurations in Windows and Linux servers. Proficiency in shell scripting and automating tasks with tools such as Python or Ruby. Familiarity with PA-DSS, PCI SSF (S3, SSLC), and other security standards like PCI DSS, DPSC, ASVS and NIST. Understanding of Java frameworks like Spring Boot, CI/CD processes, and tools like Jenkins & Bitrise. In-depth knowledge of cloud infrastructure (AWS, Azure), including VPC/VNet, S3 buckets, IAM,Security Groups, blob stores, Load Balancers, Docker containers, and Kubernetes. Solid understanding of agile development practices. Active participation in bug bounty programs (HackerOne, Bug Crowd, etc.) and experience with hackathons and Capture the Flag (CTF) competitions. Knowledge of AWS/Azure services, including network configuration and security management. Experience with databases (PostgreSQL, Redshift, MySQL) and other data storage solutions like Elasticsearch and S3 buckets. Preferred Certifications: OSCP, OSWE, GWAPT, AWAE, AWS Certified Security Specialist, CompTIA Security+ Experience And Qualifications 12 to 18 years of overall experience in application security, with a strong background in identifying and mitigating vulnerabilities in software applications. A background in development and experience in the fintech sector is a plus. Bachelor of Technology (BE/ B.Tech ), M.Tech , or ME in Computer Science or an equivalent degree from an Engineering college/University. Life At Zeta At Zeta, we want you to grow to be the best version of yourself by unlocking the great potential that lies within you. This is why our core philosophy is ‘People Must Grow.’ We recognize your aspirations; act as enablers by bringing you the right opportunities, and let you grow as you chase disruptive goals. is adventurous and exhilarating at the same time. You get to work with some of the best minds in the industry and experience a culture that values the diversity of thoughts. If you want to push boundaries, learn continuously and grow to be the best version of yourself, Zeta is the place to be! Explore the life at zeta Zeta is an equal opportunity employer. At Zeta, we are committed to equal employment opportunities regardless of job history, disability, gender identity, religion, race, marital/parental status, or another special status. We are proud to be an equitable workplace that welcomes individuals from all walks of life if they fit the roles and responsibilities. Show more Show less

At Pitney Bowes, we do the right thing, the right way. As a member of our team, you can too. We have amazing people who are the driving force, the inspiration and foundation of our company. Our thriving culture can be broken down into four components: Client. Team. Win. Innovate. We Actively Look For Prospects Who Are passionate about client success. Enjoy collaborating with others. Strive to exceed expectations. Move boldly in the quest for superior and best in market solutions. Job Description Join Pitney Bowes as an Intune & Citrix Administrator Years of experience: 8+ years Job Location – Pune/Noida Impact We are looking for SRE - Desktop Engineering Technician to join our Desktop Engineering Team. As SRE – Desktop Engineer, you will flex your creativity and engineering skills to support and improve End User experience by making IT easy, simple, and reliable. As part End User Computing team, you will be exploring the latest technologies and work collaboratively with various teams and experts to deliver value. The Job Manage Autopilot Pre-Provision configuration to keep it up to date and provide L2 support for device enrollment issues. Manage Mobile Device policy, MAM Policy, Restriction, Enrollments, Profile, and compliance configuration. Deploy monthly Windows Operating system patches and Vulnerability remediation through Intune, SCCM, and Qualys tools. Create and deploy applications through Intune, SCCM, JAMF and Qualys Manage Kiosk devices configuration and deployment. Overseeing VDI support team during daily operations. Defining/Coordinating application package creation for deployment via PB Software Center Improving new hire VDI provisioning as well as equipment for established employees Collaborate with the Service Desk and Desk Side Support team to identify the most repeated issues to automate the fix. Create observability dashboards for services offered by EUC to identify the gaps proactively. Create Synthetic monitoring for all EUC services to proactively monitor infrastructure issues/outages. Contribute to the development of automation tools for provisioning, configuration management, and deployment using DevOps tools. Collaborate with the SRE team to design, implement, and improve monitoring, alerting, and incident response processes leveraging tools like Grafana, Splunk, etc. Create automated fixes for failed App and patch deployment devices to increase deployment success rate. Engage in and improve the whole lifecycle of services. Qualifications & Skills Required. Bachelor’s degree in computer science or related field and established technologist with 8+ years of related experience. Experience - Previous Citrix admin-level role in desktop virtualization management. Experience - Citrix CVAD and Cloud offerings Experience - Citrix MCS, WEM, and related technologies Experience – Must have: Microsoft Intune, SCCM, JAMF Pro, Azure AD, Active Directory. Experience – Must have: Microsoft security patching, software packaging & deployment. Experience – Must have: Mobile device management (iOS & Android) Experience – Must have: Operating System build and hardening. Experience – Must have: Managing hybrid cloud environments. Experience – Must have: SRE and Observability – Proactive, Automation and Synthetic Monitoring implementation. Experience – Must have: Programming scripting language, e.g., PowerShell, Python and other programing languages will be added advantage to the position. Knowledge of EDR tools (CrowdStrike) and Perimeter security tools (Zscaler) Knowledge in DevOps tools like Ansible, Git and Grafana. Knowledge in Zero Trust Implementation Familiarity with Agile development practices and good software engineering practices Strong organizational skills with high attention to detail Excellent oral and written communication skills About Pitney Bowes Pitney Bowes (NYSE:PBI) is a global technology company providing commerce solutions that power billions of transactions. Clients around the world, including 90 percent of the Fortune 500, rely on the accuracy and precision delivered by Pitney Bowes solutions, analytics, and APIs in the areas of ecommerce fulfillment, shipping and returns; cross-border ecommerce; office mailing and shipping; presort services; and financing. For 100 years Pitney Bowes has been innovating and delivering technologies that remove the complexity of getting commerce transactions precisely right. For additional information visit Pitney Bowes at https://www.pitneybowes.com/in. Only Talent Matters at Pitney Bowes Pitney Bowes is an equal opportunity workplace. To remove unconscious biases from our hiring process, we encourage ‘Blind Applications’ from candidates applying for jobs at Pitney Bowes. This means that details such as gender, caste, religion, nationality, and age are omitted from applications. And candidates can choose to reveal only their first or last name on the application. Watch the video here: https://www.youtube.com/watch?v=dNB-K5KFU78 Watch the videos below for more information about Life at Pitney Bowes: Who we are Pitney Bowes All Stars Pitney Bowes named a Great Place to Work® Pitney Bowes Gratitude Video Pitney Bowes COVID Care We Will Provide the will: opportunity to grow and develop your career Offer an inclusive environment that encourages diverse perspectives and ideas Deliver challenging and unique opportunities to contribute to the success of a transforming organization Offer comprehensive benefits globally (PB Live Well) Pitney Bowes is an equal opportunity employer that values diversity and inclusiveness in the workplace. All interested individuals must apply online. Show more Show less

Responsibilities: * Ensure compliance with PCI DSS, NIST, HIPAA & ISO standards. * Design, implement & maintain secure systems using Infosec principles. * Conduct regular security audits & risk assessments. * Experience in SOC and SIEM tools-Qradar

The Opportunity "This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering. What Youll Contribute Collaborate with the Cyber Security Team, business stakeholders, IT partners, and clients to manage and reduce cybersecurity risk. Act as a subject matter expert in vulnerability scanning, compliance monitoring, and risk reporting. Operate and optimize tools such as Wiz, Qualys, or similar for vulnerability scanning across cloud and on-prem environments. Validate, triage, and risk-rank vulnerabilities based on severity, exposure, and potential business impact. Drive remediation planning with Product and IT teams, and oversee patch management cycles. Contribute to threat & vulnerability management strategy, policy, and continuous process improvement. Conduct periodic risk assessments and develop mitigation strategies in line with compliance requirements. Monitor the evolving threat landscapeincluding zero-day exploits, vendor patches, EOL systemsand proactively update mitigation plans. Lead initiatives to improve configuration, cloud asset management, vulnerability and patch management practices. Provide documentation, reporting, and cross-functional collaboration support. What Were Seeking Bachelors degree in Computer Science, Information Security, or a related field (or equivalent work experience). 36 years of hands-on experience with cloud security tools such as Wiz, Qualys, or similar vulnerability scanning platforms. Strong understanding of AWS infrastructure and cloud security principles. Working knowledge of operating system and application-level vulnerabilities and how they relate. Familiarity with risk-based vulnerability management and compliance frameworks. CISSP, CISM or equivalent certifications preferred (or willingness to obtain). Ability to multitask, manage complex data sets, and collaborate with diverse teams. Knowledge of scripting languages (e.g., Python, Bash) is a plus. Demonstrated experience in cloud (especially AWS) patch and configuration management. Familiarity with malware behavior, indicators of compromise, and modern threat vectors. Strong documentation, analytical, and communication skills. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Learn more about how you can fulfil your potential at

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Position Overview: F5 is seeking a highly experienced and results-driven Technical Program Manager (TPM) to lead and manage critical programs focused on software security. This is a senior level role that will drive initiatives that enhance F5s security posture by implementing best practices for vulnerability management, security scanners, CVE tracking, Security Software Development Life Cycle (SDLC), and more. The ideal candidate will have a deep understanding of security programs, a strong technical background in software development, and a proven track record of successfully delivering cross-functional initiatives in complex environments. As a trusted leader, you will collaborate closely with engineering, security, product, and operations teams to ensure F5s products and processes meet the highest security standards while enabling business objectives. Key Responsibilities: Program Management: Strategically plan and deliver programs and initiatives across key security and vulnerability management areas, including implementation of security tools (scanners, CI/CD integrations), tracking and addressing vulnerabilities (e.g., CVEs), and enforcing best practices throughout the software development lifecycle. Own program roadmaps, timelines, deliverables, and reporting, ensuring execution aligns with business goals, security requirements, and resource capacity. Drive key metrics and outcomes for security, tracking improvements in vulnerability remediation, compliance, and overall risk reduction. Security SDLC and Vulnerability Management: Partner with engineering and security teams to integrate Security SDLC (Secure Software Development Lifecycle) best practices into the development process, ensuring security is considered and implemented at every stage. Manage programs for vulnerability detection, assessment, and remediation to ensure timely resolution of security risks identified across F5 products and environments. Develop and implement governance processes for tracking and addressing externally reported vulnerabilities, such as Common Vulnerabilities and Exposures (CVEs) , ensuring effective prioritization and swift resolution. Cross-Functional Collaboration: Build strong relationships with software engineering, product management, cybersecurity, IT, and operations teams to foster alignment across security-related goals and projects. Act as the central point of coordination for security initiatives, driving progress and ensuring accountability across stakeholders. Facilitate efficient communication between technical and non-technical teams to ensure clarity around priorities, goals, and timelines. Risk and Compliance Management: Drive alignment on security requirements, risk tolerance, and compliance needs, partnering with internal and external security auditors where required. Ensure teams are meeting corporate and industry security standards, including regulatory and policy compliance, while achieving development velocity. Proactively identify and manage security risks through effective mitigation planning and ongoing tracking. Process Improvement and Tooling: Evaluate current security program practices, tools, and workflows, identifying gaps and opportunities for improvement in efficiency and effectiveness. Lead the implementation of automated tools for static and dynamic code analysis, dependency scanning, and configuration management to identify and address vulnerabilities earlier in the development process. Metrics and Reporting: Define, track, and report on KPIs and success metrics for security efforts, including vulnerability remediation rates, defect density reduction, and SLAs for incident response. Provide clear and actionable updates to executive leadership and key stakeholders on the status of security programs, progress, risks, and outcomes. Qualifications: Education: Bachelors degree in Computer Science, Software Engineering, Cybersecurity, or a related technical discipline (Masters preferred). Experience: 8+ years of experience in program management, with at least 3 years focused on security programs, vulnerability management, or security operations (senior level); 10+ years for principal level. Proven experience implementing Security SDLC processes and collaborating with software teams to deliver secure, production-grade solutions. Solid understanding of security domains, particularly vulnerability scanning tools (e.g., Tenable Nessus, Snyk, Qualys), CVE tracking, dependency management, and secure coding practices. Technical Expertise: In-depth knowledge of software development methodologies, including Agile and DevSecOps principles. Familiarity with CI/CD pipelines, source code repositories, and tools for static/dynamic application security testing (e.g., SonarQube, Checkmarx, Veracode). Understanding of vulnerability databases (e.g., NVD), common exploitation techniques, and secure design principles. Basic understanding of threat modeling and risk assessment techniques (stronger expertise is a plus). Leadership and Collaboration: Experience working in highly cross-functional, multi-team environments, with the ability to motivate, guide, and align diverse stakeholders. Exceptional interpersonal, written, and verbal communication skills, with the ability to convey complex security requirements and issues to non-technical audiences, executives, and engineering teams alike. Demonstrated ability to influence without authority and lead by example. Problem Solving and Decision Making: Ability to analyze complex problems, evaluate trade-offs, and make sound decisions in a fast-paced environment. Strong risk management skills, with the ability to balance security needs with engineering velocity and business priorities. Preferred Qualifications: Project management certification (e.g., PMP, PgMP, or PMI-ACP) or security-related certifications (e.g., CISSP, CISM, or CISA). Experience with cloud security and platform-oriented vulnerability management tools like Bugzilla or similar. Familiarity with emerging cybersecurity trends and zero-day vulnerability exploitation techniques. Knowledge of networking and application delivery technologies (F5 experience is a plus!). The is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change. Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com ) . Equal Employment Opportunity It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates . Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.

Date 2 Jun 2025 Location: Bangalore, KA, IN Company Alstom Req ID:481603 We create smart innovations to meet the mobility challenges oftoday and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric busesand driverless trains, as well asinfrastructure, signalling and digital mobility solutions. Joining us meansjoininga truly global community ofmore than38 900 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact. OVERALL PURPOSE OF THE ROLE: The primary responsibility of the specialist security Operationsis to ensure security risks are identified and managed within acceptable limits. The Security specialist will work closely with Design Authority, Solution Architects, IS Design,IS&T operations and Business teams to manage security of the organization RESPONSIBILITIES: To analyse and update critical and non critical log sources and their health status check for redundant log sources and take necessary steps working with right stake holders daily health check and monitoring of SOC infra Co-relationship, framework management for SOC use cases responsible for analytics and data crunching or data analysis and represenation of outcome for leadeship to make next decisions KPI definition, revision and imprvement for SOC infra, health and use cases TECHNICAL COMPETENCIES & EXPERIENCE To be considered for this role, candidate need to demonstrate the following skills experience and attributes: Bachelors/Masters degree in Engineering/Technology or related field Minimum 4-6 years of relevant IT experience Professional industry standard certifications like CISSP, CEH, GIAC, CISM, ISO 27002 etc. will be an added advantage Experience with various IT / Security technologies including, Active Directory, DNS, Messaging, Firewalls/ VPN Gateways, IPS, Proxy, WAF, PKI, IAM,etc. Good understanding of tools like CyberArk, PingIdentity, Sailpoint, Qualys, Veracode Proficient handson experience and understanding of various security tools and technologies. Experience in an operational role working directly with internal and external customers, trouble ticketing systems, and incident management Solid understanding of ITIL process framework Must understand and have worked in an operational environment such as a NOC or SOC for 2 4 years Demonstrated leadership experience in the area of Security Operations Proven planning, prioritization, and organizational skills Demonstrated drive for continuous learning, results orientation, and teamwork Ability to drive change through innovation & process improvement Ability to manage projects and drive action items with customers and crossfunctional peers Proven crisis management skills Professional & concise communication (written & verbal) Ability and flexibility to adapt to change, including shifting and competing priorities Demonstrated ability to be a big picture thinker, strategist, and long term planner Strong analytical skills with demonstrated problem solving ability Project management skills with a proven ability to design workable solutions will be an added advantage Exposure to ISO 27002 and ISO 27005 An agile, inclusive and responsiblecultureis the foundation of ourcompanywhere diverse people are offered excellent opportunities to grow, learn and advanceintheir careers.We are committed toencouragingour employeesto reach their full potential,while valuing and respecting them as individuals.

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Job Title: Senior Manager – Accounting Location: Pune Department: Accounting Reports To: Director of Accounting Employment Type: Full-Time Job Summary: Qualys is seeking a highly experienced and detail-oriented Senior Manager of Accounting with experiences with US GAAP. This role will report to the Director of Accounting and will oversee the integrity and accuracy of accounting records, ensure compliance with accounting standards, and provide leadership in financial reporting and external audits. Key Responsibilities: Accounting & Compliance Own the review of accounting areas including bank reconciliations, month-end accrual, setting up prepaid expenses and amortization schedules, lease accounting (ASC 842), fixed asset accounting, intercompany accounting etc. Ensure accounting is completed accurately and completely for day-to-day transactions in accordance with US GAAP Manage and review the month-end and year-end close processes. Oversee the preparation and review of monthly, quarterly, and annual subsidiary accounting close packs Ensure proper reconciliations, journal entries, accruals, and financial reviews. Coordinate with HQ on intercompany services agreements. Support external audits, including local statutory audit and US group audit Other ad hoc responsibilities Internal Controls Maintain and enhance internal control frameworks in accordance with SOX. Partner with Internal Audit and Compliance teams to improve process effectiveness and efficiencies Cross-Functional Collaboration Collaborate with AP, AR, FP&A, Tax, Treasury, Legal to create/improve operational process and complete projects where relevant. Provide accounting guidance for business initiatives, including system implementations. Qualifications: Education & Certification: Chartered Accountant/CPA required. Experience: 10+ years of progressive accounting experience, including 3+ years in managerial capacity. Experience with US headquartered companies Big 4 or equivalent industry experience preferred. Skills: Strong leadership and team management abilities. Advanced Excel skills and experience with ERP systems (NetSuite preferred) Excellent written and verbal communication skills. Ability to manage multiple priorities in a fast-paced environment. Show more Show less

Company Description Our mission, your future As a global community of trusted advisors, we create cutting-edge technological solutions to overcome today’s challenges and anticipate tomorrow’s needs. It all starts with the collaboration of a diverse team of passionate intrapreneurs, each driven to make a difference. Together, we challenge the status quo and push each other to new heights. Ready to make a significant impact on mission-critical projects and shape the future through digital transformation and strategic consulting? Take your ambitions to the next level and discover your next exciting challenge with us! Your role, your impact As a Security Specialist, you will report to the Vice-President and Chief Information Security Officer and be a key member of the IT team. You will be responsible to maintain the security solutions’ effectiveness, contribute to the IT security incidents and requests resolution. When a security incident does arise, you will investigate and help resolve the issue in a timely manner. In addition, you will be responsible for vulnerability management, and support the patch management and systems’ hardening procedures. You will operate on our endpoint protection platform and physical access systems, following enterprise IT security policies and standards. Your day-to-day Contribute to the Enterprise IT Operation team through coordinating IT security incidents, assessing and resolving IT security service requests, and administering Azure Sentinel SIEM, the endpoint security platform (Defender) and the vulnerability management solution (Qualys); Promptly respond to IT security incidents and coordinate mitigation and resolution (assess risk, containment, mitigation, remediation, reporting); Prepare management reports related to security (incidents, requests, alerts, breach, leak, etc.); Coordinate the remediation of identified vulnerabilities (e.g., patch management) with the Infrastructure Team and the Service Desk; Manage and handle endpoint protection alerts (virus, breach, intrusion detection, security updates and patches); Lead the deployment and operationalization of Azure Sentinel SIEM; Centralize a variety of log sources (Defender EDR, Network, Cloud apps); Develop complex KQL queries to enable reliable detection of threats; Translate real-time threat intelligence into actionable detection playbooks and automation; Contribute to the incident response process using Sentinel by providing technical guidance, coordination, and support; Support logs documentation; Serve as an expert technical resource to advise and assist in security issues, both proactively and reactively. Keys to your success Minimum 4 years of experience in a security operations role; Experience as a subject matter expert for Microsoft security solutions, such as Microsoft Defender 365, Defender for Cloud and Azure Sentinel; Experience in search query languages such as KQL (Sentinel) or SPL (Splunk); Proficiency in managing Defender; Proficiency in Azure Sentinel onboarding, Data Connectors, Content Hub, Playbooks, Workbooks; Working knowledge of SIEM, SOAR and incident management platforms; Deep knowledge of operating systems, network infrastructure and IT security solutions; Knowledge of cyber security standards, regulations, and best practices, such as ISO 27001 and NIST; Understanding of typical threat actors (Tactics, Techniques, Procedures [TTPs]); Strong skills with PowerShell, VB Script and Python. Extra edge Cyber security-specific certifications (e.g., SC-200, CISSP, CCSP, CISM, Security+, SANS, GSEC, AWS Certified Security Specialty, Azure Security Engineer Associate, Azure Sentinel). Language Skills English: Proficient Our authenticity is our strength The diversity of our backgrounds, experiences, thoughts and insights is our competitive advantage. We foster a collaborative environment rooted in our core values of respect, well-being, passion, trust, integrity and creativity. For us, diversity, equity and inclusion aren’t just buzzwords; they’re essential drivers of innovation and excellence, and powerful catalysts for inspiration and evolutionary ideas. The empowerment of our people is fundamental to being the trusted advisor to our clients. Join us in embracing our authenticity and in leveraging our unique perspectives to collectively build the future we all envision. An inclusive path to success Fostering an environment where you can thrive starts with ensuring an accessible recruitment process. If you require any accommodations, we welcome you to contact us. For more information, please visit our accessibility page at https://www.alithya.com/en/accessibility . Show more Show less

Req ID: 328054 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a Application Operations Lead to join our team in Noida, Uttar Pradesh (IN-UP), India (IN). Daily Tasks Review of SOD checks for CBA and Site 24x7 dashboard VLS report and EOD notification mails for all 3 zones. Monitor CBA SFDC queue for tickets that are yet to be assigned. Monitor emails for any followups/pending tasks for CBA BAU. Monitor new incidents raised as part of events/alerts in SNOW. Monitor NTT Infra / LCS changes scheduled for the day. Review email comms / SFDC comments if required. CBA Handover from 1st to 2nd and 2nd to 3rd - review tickets, comms, tasks, learning progress. Take stock of issues with CS / Products and ask for updates wherever required. Health check of calendar for scheduled meetings. Review of PIR documents wherever required. CBA Vulnerabilities Take stock of all vulnerabilities reported in Qualys Split by category and period of open and split by AppOps and Infra related. Rey Montero to set up bi-weekly review call of Vulnerabilities. Certificate Renewal Planning Take stock of all active certificates across PROD and NON PROD and impacted systems both in CBA and Finastra Infra. Populate the 2026 renewal planned week as per recommendation provided. Consolidate with CBA if all impact analysis is completed. Access Control & PAM Resource wise required access poplated based on daily BAU tasks performed. Workshop with NTT Infra on access control layers that can be applied on the server, database and application. Conduct an impact analysis of implemention - new user creation, password resets for admin users, etc. LoanIQ Gold Configuration Review the process of updating the LoanIQ configuration in both PROD and NON-PROD. Gather feedback from AppVal on process prepared. Review with SDMs on the process and prepare for CBA demo. Utility Script for PROD DB Dumps Development in progress by Saquib - 4 components identified Individual component development. Review utility with Jan and Rachelle. Testing to be conducted - Test when PPD refresh request comes through & bank has approved Change Management LCS changes review every Monday of all ADB and CBA changes. Checks to include: Change ticket review - Risk, Change type, Schedule, Attachments which includes Runbook Non PROD testing results and Bank approval. Runbook review of steps, schedule, testing, rollback, checklist and 4-eye checker. Bank approval in line with change schedule. Take stock of changes to be reviewed in Tuesday CAB which includes ADB + CBA + TechOps. Change owner to present during Tuesday LCS CAB. Any actions/changes to be noted. MoM to be sent out for the approved changes. All changes to be approved 4 hours prior to scheduled deployment. Review changes scheduled by NTT Infra if AppOps support is required and share the alligned weekend support. Approve DB related changes during change deployment. If required perform 4-eye checker based on availablity. Ensure on-call support during weekend change deployment. Monthly KPI Report for ADB and CBA Extract valid P1 / P2 SFDC cases for ADB and CBA and derive MTTR time. Change success rate of LCS + NTT Infra changes. Remediation % of application vulnerabilities. Backlog of all open incidents. Stock of repeat incidents with same RCA. BAU Review Calls NTT Infra + NTT AppOps internal process call every Monday to discuss issues/improvements. Fornightly governance call every Tuesday with NTT Infra to review critical BAU items and progress update. LoanIQ Squad Sprint planning every Wednesday. New format of sending BAU updates by Tuesday COB. BAU to Green call with Steve every weekday. CBA dashboard reviewed of critical / ageing tickets. NTT Service Improvement and Governance call to review SFDC housekeeping, Service Improvements plan. About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us . This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here . If you'd like more information on your EEO rights under the law, please click here . For Pay Transparency information, please click here . Show more Show less

Responsibilities As a Vulnerability Management and Threat Intel Specialist, you will be a key member of our cybersecurity team responsible for managing and enhancing our vulnerability management program. Leveraging your extensive experience with Qualys and other vulnerability assessment tools you will play a critical role in identifying, prioritizing, and mitigating security vulnerabilities across our environments. Lead the development and implementation of the vulnerability management strategy, policies, and procedures. Conduct regular vulnerability assessments and penetration tests using Qualys and other industry-standard tools to identify security weaknesses in networks, systems, and applications. Analyze scan results and prioritize vulnerabilities based on severity, exploitability, and potential impact. Collaborate with cross-functional teams to develop and implement remediation plans to address identified vulnerabilities in a timely manner. Stay abreast of emerging cyber threats, vulnerabilities, and industry best practices to continually improve the effectiveness of the vulnerability management program. Prepare and present reports on vulnerability assessment findings, remediation progress, and overall program effectiveness to senior management and clients. Monitor, analyze, and investigate emerging cyber threats, vulnerabilities, and attack trends using CloudSEK and Mandiant. Conduct dark web monitoring to identify potential threats, data leaks, or malicious activities targeting the organization. Correlate threat intelligence findings with security incidents using SIEM and collaborate with the SOC team for proactive threat detection. Contribute to threat-hunting activities by leveraging TTPs from frameworks like MITRE ATT&CK. Analyze indicators of compromise and develop actionable intelligence to strengthen security defenses. Assist in automating threat intelligence workflows using SOAR platforms. Prepare intelligence reports and brief senior management on emerging threats and their potential Skills : Hands-on experience with Qualys (or other VA tools like Tenable, Rapid7) for vulnerability assessment and scanning. Strong analytical skills to interpret scan results, false positives, and emerging threats. Strong understanding of CVSS scoring, risk-based vulnerability prioritization, and exploitability analysis. Experience in conducting penetration tests and security assessments. Familiarity with compliance frameworks (NIST, CIS, ISO 27001, PCI-DSS) related to vulnerability management. Scripting skills for automating scanning and reporting workflows are a plus. Experience with threat intelligence tools (CloudSEK, Mandiant, Recorded Future, ThreatConnect, etc.). Understanding of dark web monitoring, malware analysis, and cyber threat landscapes. Hands-on knowledge of SIEM and SOAR. Familiarity with MITRE ATT&CK framework, cyber kill chain, and intelligence-sharing platforms Strong analytical skills for correlating threat intelligence with security incidents. (ref:hirist.tech) Show more Show less