682 Qualys Jobs - Page 19

Your day at NTT DATA The Security Platform Engineer is a seasoned subject matter expert, responsible for facilitating problem resolution and mentoring for the overall Global Data Centers Office of Information Security (GDC-OIS) team. This role performs important tasks specialized at threat hunting, Crowdstrike, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). The Security Platform Engineer is responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments). What you'll be doing KEY RESPONSIBILITIES Works as part of a 24/7 global team in IT/OT environment. ICS and SCADA knowledge preferred. Administers the organization's security tools to gather security logs from the environment and performs lifecycle management, including break-fix, patching, and live updates. Performs security incident handling and response from various vectors, including endpoint protection, enterprise detection and response tools, attack analysis, malware analysis, network forensics, and computer forensics. Conducts vulnerability assessments using automated scanning tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components. Analyzes scan results, prioritizes vulnerabilities based on severity, impact, and exploitability, and provides detailed remediation recommendations to system owners, administrators, and IT teams. Monitors security alerts and maintains awareness of new threats and vulnerabilities to identify potential risks. Reads reports, makes risk assessments, works to detect the source of attacks, and tests current defenses against threats. Collaborates to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities. Identifies opportunities to make automations that will help the incident response team. Ensures usage of knowledge articles in incident diagnosis and resolution and assists with updating as required. Investigates causes of incidents, seeks resolution, and escalates unresolved incidents, following up until resolved. Provides service recovery following the resolution of incidents and documents and closes resolved incidents according to agreed procedures. Maintains knowledge of specific , provides detailed advice regarding their application, and ensures efficient and comprehensive resolution of incidents. Logs all incidents in a timely manner with the required level of detail and cooperates with all stakeholders, including client IT environments, vendors, and carriers, to expedite diagnosis of errors and problems and identify a resolution. Analyzes data from various sources, including network traffic, email logs, malware files, web server logs, and DNS records, to identify potential risks and improve security measures Leads projects, self-starter, and performs any other related task as required. KNOWLEDGE & ATTRIBUTES Seasoned working knowledge on implementation and monitoring of any SIEM or security tools/technologies. ICS and SCADA knowledge preferred Seasoned knowledge on security architecture, worked across different security technologies. Customer service orientated and pro-active thinking. Problem solver who is highly driven and self-organized. Great attention to detail. Good analytical and logical thinking. Excellent spoken and written communication skills. Team leader with the ability to work well with others and in group with colleagues and stakeholders. ACADEMIC QUALIFICATIONS & CERTIFICATIONS Bachelor's degree or equivalent in Information Technology or related field. Relevant level of Security certifications such as CySA+, PenTest+, CCSP, GCIH, OSCP, etc. preferred. Relevant level of IT certifications such as GRID, GICSP, AZ-500, SC-200, etc. will be added advantage. REQUIRED EXPERIENCE Seasoned experience in Security technologies like (SIEM, PAM, IAM, PenTest, Threat Hunting, Firewall, Proxy etc.) preferably within a global IT services organization. Prior experience of working into Security Operation centers of a Data Center will be an added advantage. ICS and SCADA knowledge preferred. Seasoned experience in technical support to clients. Seasoned experience in diagnosis and troubleshooting. Seasoned experience providing remote support in Security Technologies. Seasoned experience in SOC/CSIRT Operations. Seasoned experience in handling security incidents end to end. Seasoned experience in Security Engineering. Knowledge on networking, Windows, Linux and security concepts. Seasoned experience in configuring/managing security controls such as RBAC, IAM, Zero Trust, UTM, Proxy, SOAR, etc.. Knowledge on log collection mechanism such as Syslog, Log file, DB API. Knowledge in security architecture. Prior experience of working on platforms like Crowd strike, Qualys, Palo Alto, Splunk, QRADAR, Cisco, VMWare and Ubuntu PHYSICAL REQUIREMENTS Primarily sitting with some walking, standing, and bending. Able to hear and speak into a telephone. Close visual work on a computer terminal. Dexterity of hands and fingers to operate any required to operate computer keyboard, mouse, and other technical instruments. WORK CONDITIONS & OTHER REQUIREMENTS This position is expected to be Hybrid for the foreseeable future with an occasional need to be onsite in a shared work environment. Must be comfortable with flexible working schedules across regions and their standard Time zones other than the base location. (US, EMEA & APAC) Extensive daily usage of workstation or computer. Must be comfortable working in a highly critical, fast paced environment with shifting priorities. Some domestic and/or international travel required, up to 25% of time. Perform work from a remote location with stable internet connection.

Your day at NTT DATA The Vulnerability Assessment Specialist is a seasoned subject matter expert, responsible for conducting advanced vulnerability assessments, identifying vulnerabilities, and provides expert recommendations to mitigate security risks to ensure the security and integrity of the organization's systems and infrastructure. This role requires collaboration with cross-functional teams, and they lead/perform vulnerability assessments, analyze findings, and provide recommendations to mitigate security risks and contributes to the improvement of vulnerability management practices. What you'll be doing Key Responsibilities: Conducts vulnerability assessments using automated scanning tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components. Conducts penetration tests using automated tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components. Analyzes scan results and prioritizes vulnerabilities based on severity, impact, and exploitability. Assesses the potential risks associated with identified vulnerabilities. Analyzes the business impact, likelihood of exploitation, and potential attack vectors to prioritize remediation efforts based on risk severity. Provides detailed remediation recommendations to system owners, administrators, and IT teams. Collaborates to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities. Utilizes vulnerability scanning tools such as Nessus, OpenVAS, Qualys, or similar tools to conduct scans, configure scan policies, and fine-tune scan parameters for accurate and comprehensive assessments. Utilizes penetration testing tools such as Metasploit, Burp Suite, and similar tools to conduct tests, configure test policies, and fine-tune test parameters for accurate and comprehensive assessments. Prepares vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions. Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner. Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, coordination, and alignment on vulnerability management efforts. Communicates technical concepts and recommendations to non-technical stakeholders. Participates in security awareness programs and provides training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Promotes a culture of security awareness within the organization. Collaborates with incident response teams to identify and address vulnerabilities associated with security incidents. Provides support during incident response efforts and contribute to post-incident analysis and remediation. Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices. Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools. Shares knowledge and provides guidance to improve vulnerability management practices. Shares knowledge and provides guidance to improve penetration testing practices. Contributes to open source security projects and the security community. Performs any other related task as required. Knowledge and Attributes: Seasoned understanding of vulnerability assessment methodologies, tools, and industry best practices. Seasoned understanding of penetration testing methodologies, tools, and industry best practices. Seasoned understanding of networking concepts, operating systems, and common software vulnerabilities. Solid proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Solid proficiency in using penetration testing tools such as Metasploit, Burp Suite, and similar tools. Seasoned knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities. Solid knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases. Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions. Excellent written and verbal communication skills to prepare vulnerability assessment reports and effectively communicate technical information to diverse stakeholders. Excellent collaboration and teamwork skills to work effectively with cross-functional teams and stakeholders. Seasoned familiarity with security frameworks, standards, and regulatory compliance requirements. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP)GIAC Penetration Tester (GPEN) or GIAC Certified Vulnerability Assessor (GCVA) are beneficial. Required Experience: Seasoned demonstrated experience in information security or related roles, with a focus on conducting vulnerability assessments and providing remediation recommendations. Seasoned demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, network security assessments, penetration testing, or code review. Experience in bug bounty programs and identifying zero-day vulnerabilities is a plus.

What Success Looks Like In This Role Vulnerability Management: Experience with vulnerability management tools (e.g., Tenable, Qualys), including actions to remediate identified vulnerabilities Experience in working at “responsibility without authority” engagements for vulnerability remediation Threat Analysis: Perform in-depth analysis of security events and provide actionable intelligence to prevent future incidents. Root Cause Analysis: Conduct post-incident analysis to determine the root cause of incidents and assist in developing mitigation strategies to prevent recurrence. Collaboration: Work closely with other internal teams, such as IT, legal, and compliance, to mitigate and remediate security incidents and provide necessary incident reporting. Security Tools Support: Support the installation and management of security tools such as SIEM, IDS/IPS, endpoint detection & response (EDR), and firewall systems. Continuous Improvement: Contribute to the development and refinement of incident response processes, playbooks, and security protocols. Expected Knowledge And Experience Incident Response: experience in security incident response and resolution, including malware outbreaks, network intrusions, and data breaches alerts monitoring and root-cause analysis. Cybersecurity Frameworks: Familiarity with security frameworks such as NIST, MITRE ATT&CK, and SANS. Tools & Technologies: Familiarity with security technologies and platforms (e.g., SIEMs like Splunk, Tenable; EDR tools like CrowdStrike; firewalls, IDS/IPS systems). Network & Systems: Understanding of network protocols, operating systems (Windows, Linux), and web applications, and how they can be exploited in attacks. Threat Intelligence: Familiarity with threat intelligence feeds and using them to inform incident response and proactively detect threats. Incident Response: Support the analysis and documentation of security incidents, including timelines, actions taken, and outcomes. Reporting: Provide clear and concise incident reports and updates to senior management and relevant stakeholders. Cloud Security: Understanding of cloud platforms (AWS, Azure, GCP) and security implications within cloud environments. Regulatory Compliance: Knowledge of relevant regulatory requirements (e.g., GDPR, ISO27001, PCI-DSS) and how they relate to incident management and reporting. Preferred Qualifications Certifications: Relevant cybersecurity and/or privacy certifications are expected. Scripting Skills: Familiarity with scripting or automation (Python, Bash, PowerShell) for incident investigation and response tasks. Forensics: Understanding of digital forensics, including evidence collection, chain of custody, and data analysis techniques. Skills & Competencies Strong analytical and problem-solving skills. Solid knowledge of MS Excel. Excellent verbal and written communication skills. Ability to handle high-pressure situations and make quick decisions. Ability to work both independently and as part of a collaborative team. Detail-oriented with strong organizational and documentation skills. You will be successful in this role if you have: BA/BS degree and 2-4 years’ relevant experience OR equivalent combination of education and experience Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4). US job seekers can find more information about Unisys’ EEO commitment here. Show more Show less

Category: Infrastructure/Cloud Main location: India, Maharashtra, Mumbai Position ID: J0525-0774 Employment Type: Full Time Position Description: Company Profile: At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 72,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve. At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 72,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. Come grow with us. Learn more at www.cgi.com. This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans. We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted. No unsolicited agency referrals please. Job Title: Database Analyst + SDP Admin Position: Systems Engineer/ Senior Systems Engineer Experience:3 - 6 Years Category: Software Development/ Engineering Main location: Mumbai Position ID: J0525-0774 Employment Type: Full Time Job Description : Must Have: Minimum 2+ years of experience in Oracle database & of 1+ years as IBM SDP Admin using the application (Thick/Web Client, Manager).. Good knowledge in SQL/PLSQL, DB Tools (export/import/sqlloader). Good knowledge on shell scripting (ksh/bash). Knowledge on Business Intelligence 4.x platform will be an added advantage. Knowledge of Atlas2 & usage IV2 Marketplace will be an added advantage Up to date technical stack covering all assets used by Core Banking the environments (with different technologies) to develop, test & deliver the Atlas2 product to different sites. The frameworks used for Java & Angular developments The CI/CD Pipelines Direct Responsibilities Tools and Frameworks(T&F) team is a unit working under the Core Banking Build Department. The Build team is responsible for the development of Atlas2 CIB applications that are deployed across sites. The responsibility of T&F is to provide the build team with o Up to date technical stack covering all assets used by Core Banking o the environments (with different technologies) to develop, test & deliver the Atlas2 product to different sites. o The frameworks used for Java & Angular developments o The CI/CD Pipelines o Internal Tools So, T&F is a transversal team in charge of servers, environments, defining their technical stacks, fully responsible for CI-CD platform across technologies from Java to Cobol to IBM SDP, provides technical support & studies on different technologies to the needs of build team. T&F also owns many applications as GDI, PCK-B/M /Viewer, Env-viewer, Polaris, BCTT. The current role will be part of Unix Pole under T&F team focusing on DB tasks but also as SDP Admin In the scope of all Database related actions& SDP application for Atlas2: Maintaining databases, writing complex SQL queries for data retrieval & manipulation. Installation & Administration of IBM SDP application (Thick/Web Client, Manager). Ability to develop Cobol programs. Technical Support, Troubleshooting & resolving database/SDP-related issues. Ability to create/maintain tools via scripts or via automation to facilitate the different inputs that are necessary for development of atlas application. Should be able to handle different type of requests from build team and provide solution. Contributing Responsibilities Should learn, work across technologies (Linux, SDP, Unikix, Autosys, Jenkins, Ansible, Oracle) & across number of atlas tools (PCK, listGDI, mporacle, …) with the different resources in T&F team & should ensure to act as a backup of other resources within ISPL team. Must Have: OWASP methodologies application is a mandatory. 2 – 4-year experience in IT Security minimum University degree, preferably in Computer Science with spec. in IT Security Experience working in an international and complex financial environment, dealing with both business constraints and IT users across countries. Good knowledge of Security scanning tools like Qualys, Nexpose, Appspider is highly appreciated along with good understanding of Kubernetes. Experience in a multi-cultural environment is appreciated. CEH or Any Security certifications are appreciated. Good To Have: Experience in Development languages and scripting is appreciated. Note: This job description is a general outline of the responsibilities and qualifications typically associated with the Virtualization Specialist role. Actual duties and qualifications may vary based on the specific needs of the organization. CGI is an equal opportunity employer. In addition, CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs. Your future duties and responsibilities Required Skills & Qualifications: Minimum 2+ years of experience in Oracle database & of 1+ years as IBM SDP Admin. Good knowledge in SQL/PLSQL, DB Tools (export/import/sqlloader). Good knowledge on shell scripting (ksh/bash). Knowledge on Business Intelligence 4.x platform will be an added advantage. Knowledge of Atlas2 & usage IV2 Marketplace will be an added advantage Required qualifications to be successful in this role Bachelor’s degree in Computer Science, Engineering, or related field preferred. Skills: ITIL Oracle MS SQL Server Shell Script What you can expect from us: Together, as owners, let’s turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction. Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team—one of the largest IT and business consulting services firms in the world.

Job Title: Vulnerability Engineer Experience: 5 - 12 Years Location: Bengaluru / Noida Employment Type: Full-time About the Role: We are hiring a Vulnerability Engineer to join our Managed Security Services team. You will be responsible for identifying, analyzing, and tracking security vulnerabilities across enterprise environments. The role involves working with scanning tools, coordinating with stakeholders, and ensuring timely remediation to minimize security risk. Key Responsibilities: Perform vulnerability scans using tools like Tenable Nessus, Qualys, IBM AppScan , etc. Analyze scan results, identify false positives, and prioritize risks Track and support remediation efforts with technical teams Register and manage assets in scanning platforms and maintain scan schedules Prepare reports and metrics for leadership and stakeholders Coordinate with customers on scan schedules and mitigation plans Contribute to automation and process optimization Required Skills: Strong knowledge of vulnerability management processes and tools Solid understanding of network, system, and application-level security Experience in report writing and communicating technical findings Familiarity with enterprise IT environments and TCP/IP networking Excellent problem-solving, collaboration, and communication skills Willingness to participate in on-call support rotation Preferred: Experience with scripting/automation for scanning and reporting Security certifications (e.g., CEH, CompTIA Security+, OSCP)

Job Title: SIEM Engineer Experience: 5 - 15 Years Location: Bengaluru / Noida Employment Type: Full-time About the Role: We are seeking a skilled SIEM Engineer to join our Managed Security Services team. You will be responsible for designing, implementing, managing, and supporting cybersecurity solutions, with a focus on SIEM tools and incident response. This is a hands-on technical role working with internal teams, customers, and third-party vendors to ensure robust security practices. Key Responsibilities: Design, deploy, and manage SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Create, tune, and maintain detection rules and dashboards Investigate and respond to security incidents and alerts Participate in security audits, threat hunting, and compliance checks Research emerging threats and enhance detection capabilities Support configuration management, system hardening, and network defense strategies Collaborate across teams to improve security operations and automation Required Skills: Strong hands-on experience with SIEM platforms & SIEM tools (e.g., QRadar, ArcSight, Splunk, McAfee ESM) and log integrations Deep understanding of security operations , incident response , and network/system security Experience with scanning tools (e.g., Nessus, Qualys ) and PAM solutions (e.g., CyberArk, BeyondTrust ) Solid knowledge of Linux/Windows environments and enterprise networks Familiar with encryption, security controls, and system hardening best practices Excellent analytical, troubleshooting, and communication skills Preferred: Security certifications (e.g., CEH, CISSP, GCIA, GCIH) Experience in automation and scripting for SOC workflows Willingness to participate in on-call support rotation

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us! Job Description Job Summary: The vulnerability analyst identifies vulnerabilities in systems using vulnerability scanning tools, interpreting the results, and developing remediation guidance for team members. You will research, identify, assess, and prioritize vendor and third-party security advisories and then advise system owners in completing patching and mitigation activities. Also, the vulnerability analyst also performs an important role in identifying areas to improve security posture resulting from security incidents. The vulnerability analyst works within the CISO organisation, which protects Rockwell Automation's security globally across a mix of cloud and on-premises networks. You will report to the Cyber Security Manager. Your Responsibilities Need to be updated on the latest vulnerabilities that may affect Rockwell Automation systems. Conduct triage of vulnerabilities based on criticality. Contribute to vulnerability management process development. Conduct remediation activities with company partners in response to detected vulnerabilities. Develop, research, and maintain proficiency in tools, techniques, and trends related to vulnerability analysis. Identify root cause of cybersecurity incidents. Develop base statistical methods to display cybersecurity risk. Hunt for new vulnerabilities. Perform security penetration tests on networks, web-based applications, and computer systems. Create findings and reports to application owners and management. Consult application owners on best practices for remediation. Demonstrated commitment to valuing diversity and contributing to an inclusive working and learning environment. The Essentials - You Will Have Basic knowledge of Software Development Lifecycle is required. An understanding of Windows and Linux-based systems are recommended. An understanding of common networking protocols, such as HTTP, DNS, and TLS is expected from the candidate. An understanding of common exploitation vectors are required. Describe vulnerabilities and technical concepts to all levels is recommended. Familiar with vulnerability scanners such as Qualys or Rapid7 are considered. The Preferred - You Might Also Have Understanding of packaging and deployment tools such as SCCM and Intune are preferrable. Experience with scripting, either Python, Powershell or another languageCertification is also an added advantage. What We Offer Our benefits package includes … Comprehensive mindfulness programmes with a premium membership to Calm. Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program. Personalised wellbeing programmes through our OnTrack programme. On-demand digital course library for professional development. and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office. Show more Show less

Ability to understand the technical implications and impact of various types of vulnerabilities on servers and applications including remote code execution, elevation of privilege, information disclosure. Ability to assess the risk associated with vulnerabilities, including impact and exploitability Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 3 plus years of experience Experience in vulnerability management, security operations, or a related field with a proven track record of identifying and mitigating vulnerabilities. Practical experience with vulnerability scanning, risk assessment, and patch management processes. Proficiency with vulnerability scanning tools such as Nessus, Qualys, Rapid7 Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Hands-on experience withTenable.SC (or an equivalent VM platform) including administration of Nessus remote and agent-based scans, profile creation and maintenance Skills in prioritizing vulnerabilities based on their severity, potential impact, and the organization’s risk profile, experience with ASM solution

As one of the world’s leading asset managers, Invesco is dedicated to helping investors worldwide achieve their financial objectives. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world. If you're looking for challenging work, smart colleagues, and a global employer with a social conscience, come explore your potential at Invesco. Make a difference every day! Job Description JOB DESCRIPTION Job Title: Sr. Analyst I - VAPT Job Code: Department: Offensive Security Location: Hyderabad Report To: Manager VAPT Direct Reports: No Job Purpose (Job Summary): This role will perform vulnerability assessments against risk-prioritized infrastructure and applications. This position will serve as a security subject matter expert working with technology, and business partners in managing vulnerabilities and implementing adequate security controls to protect Invesco data and network. Key Responsibilities / Duties: Perform vulnerability assessment on various types of technologies and infrastructure using tools (preferably Qualys). This may include: Network infrastructure and wireless networks Servers, platforms, containers, hosting infrastructure and services Application technologies (APIs, middleware, database, enterprise service bus, etc.) Cloud security controls and applications High value assets and critical infrastructure Review and analyze security vulnerability data to identify applicability and false positives. Assist with ongoing assessment of Invesco perimeter assets to identify exposures and weaknesses. Assist with red team assessments to identify security exposures and to evaluate effectiveness of security controls and response. Assist with producing high-quality papers, presentations, recommendations, and findings for Senior Level Management and Enterprise Technology Leaders Execute vulnerability triaging, escalation, and management workflows through innovation and continuous improvement. Provide internal remediation support through the design, implementation and integration of network infrastructure and information security controls. Participate in vulnerability management projects. Track deliverables and provide periodic updates to the leadership team. Escalate security and projects risk timely. Respond appropriately to cyber risk incident, the related investigations, managing situations with discretion, sensitivity, and objectivity, and with due consideration of chain-of-custody. Have a thorough understanding of technological requirements for Invesco’s systems and provide guidelines to effectively mitigate security risks. Have understanding on security compliance and can perform compliance scans through various tools on the IVZ Infrastructure. Review/Analyze the compliance scan reports and help the teams in the remediation activities. Respond timely to ServiceNow tickets as needed. Keep current with industry best practices. Other duties as assigned. Work Experience / Knowledge: Five plus years of Information Security or relevant experience Three plus years of Pen Testing or Vulnerability Assessment experience. Experience in the tool Splunk for vulnerability management automation capabilities. Cloud vulnerability assessment or pen testing experience preferred Experience with security issues in large networks Able to demonstrate experience, knowledge and skills in utilizing common penetration testing and vulnerability assessment tools and techniques Hands on experience with firewalls, routers, bridges, switches and gateway devices, appliances and software Knowledge of security industry best practices (e.g. SANS, NIST, CIS) Technical Skills Required: Good understanding of security controls and common threats and vulnerabilities Knowledge of penetration testing frameworks Knowledge of security industry best practices (e.g. SANS, NIST, CIS) Understanding of common penetration testing methodologies (e.g. OSSTMM, OWASP) Ability to write scripts/tools to assist in automation is preferred Understanding of encryption technologies and common network protocols Ability to review and analyze security vulnerability data to identify applicability and false positives Patch management technologies and processes Wireless protocols and services Sound understanding of security principles, such as infrastructure security, identity and access management, vulnerability management, and secure coding. A keen analytical mind for problem solving, abstract thought, and offensive security tactics. Other Skills Required: Good interpersonal skills (written and oral communication) and ability to articulate complex issues to executives and customers Make fact-based decisions using individual judgement and problem solving. Ability to communicate technical information clearly and concisely, commensurate with the audience Strong analytical skills with ability to define, collect, analyze data, establish facts, draw valid conclusions, and make fact-based decisions. Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently and remotely with limited supervision. Possesses diplomacy and cooperative style necessary to interface effectively with all personalities and across functional disciplines. Must be assertive, methodical and detail oriented Maintain strict confidentiality of all security issues including legal investigations, Compliance, and HR data requests License / Registration / Certification: Preferred certification: Security +, Qualys VM certification, Pentest +, AWS Cloud Practitioner Full Time / Part Time Full time Worker Type Employee Job Exempt (Yes / No) No Workplace Model At Invesco, our workplace model supports our culture and meets the needs of our clients while providing flexibility our employees value. As a full-time employee, compliance with the workplace policy means working with your direct manager to create a schedule where you will work in your designated office at least three days a week, with two days working outside an Invesco office. Why Invesco In Invesco, we act with integrity and do meaningful work to create impact for our stakeholders. We believe our culture is stronger when we all feel we belong, and we respect each other’s identities, lives, health, and well-being. We come together to create better solutions for our clients, our business and each other by building on different voices and perspectives. We nurture and encourage each other to ensure our meaningful growth, both personally and professionally. We believe in diverse, inclusive, and supportive workplace where everyone feels equally valued, and this starts at the top with our senior leaders having diversity and inclusion goals. Our global focus on diversity and inclusion has grown exponentially and we encourage connection and community through our many employee-led Business Resource Groups (BRGs). What’s in it for you? As an organization we support personal needs, diverse backgrounds and provide internal networks, as well as opportunities to get involved in the community and in the world. Our benefit policy includes but not limited to: Competitive Compensation Flexible, Hybrid Work 30 days’ Annual Leave + Public Holidays Life Insurance Retirement Planning Group Personal Accident Insurance Medical Insurance for Employee and Family Annual Health Check-up 26 weeks Maternity Leave Paternal Leave Adoption Leave Near site Childcare Facility Employee Assistance Program Study Support Employee Stock Purchase Plan ESG Commitments and Goals Business Resource Groups Career Development Programs Mentoring Programs Invesco Cares Dress for your Day In Invesco, we offer development opportunities that help you thrive as a lifelong learner in a constantly evolving business environment and ensure your constant growth. Our AI enabled learning platform delivers curated content based on your role and interest. We ensure our manager and leaders also have many opportunities to advance their skills and competencies that becomes pivotal in their continuous pursuit of performance excellence. To Know More About Us About Invesco: https://www.invesco.com/corporate/en/home.html About our Culture: https://www.invesco.com/corporate/en/about-us/our-culture.html About our D&I policy: https://www.invesco.com/corporate/en/our-commitments/diversity-and-inclusion.html About our CR program: https://www.invesco.com/corporate/en/our-commitments/corporate-responsibility.html Apply for the role @ Invesco Careers : https://careers.invesco.com/india/ Show more Show less

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. Information Security Consultant II This role is part of NCR’s Global Information Security team. This team is responsible for developing and implementing NCR’s corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management. The Information Security Consultant shall be responsible for the day-to-day activities required to respond for both routine and high severity vulnerabilities and security incidents. The Information Security Consultant shall work in a collaborative manner with vulnerability coordinators, incident responders, key incident management team members, management, and other stakeholders to ensure vulnerabilities and security incidents are contained, eradicated, remediated and after-action review is held according to corporate policy. The Information Security Consultant is expected to contribute to weekly status calls and respond to ad-hoc requests as part of this position. The Information Security Consultant will work with stakeholders and team members to assist with improving incident response processes that are aligned with the mission of the office of the CISO. The individual should be highly skilled, motivated and detail-oriented security professional to join our dynamic team. The ideal candidate will be responsible for leading and managing our Vulnerability Management program along with Incident Management, ensuring the protection of our organization's digital assets. Key Responsibilities: Vulnerability Management: Lead the design, implementation, and continuous improvement of the enterprise-wide vulnerability management program. External attack surface management and technical remediation Run Vulnerability red team exercises and simulation for risk prioritization Oversee vulnerability assessments, scanning, and remediation efforts across all systems, networks, and applications. Collaborate with IT, GTM and product SRE teams to prioritize and remediate vulnerabilities based on risk and business impact. Develop and maintain metrics and dashboards to track vulnerability trends and remediation progress. Ensure compliance with internal policies, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, CIS). Incident Management: Assist in the development and execution of the incident response plan and playbooks. Act as a key responder and advisor during cybersecurity incidents, ensuring timely containment, investigation, and recovery. Conduct post-incident reviews and root cause analyses to improve future response efforts. Provide guidance and training to internal teams on incident response best practices. Skills and Qualifications Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. 10+ years of experience in cybersecurity, with a strong focus on vulnerability and incident management. Proven experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and SIEM/SOAR platforms. Deep understanding of threat landscapes, attack vectors, and mitigation strategies. Strong knowledge of security frameworks and standards (e.g., NIST, MITRE ATT&CK, OWASP). Excellent analytical, communication, and leadership skills. Preferred Certifications: CISSP, CISM, OSCP, CEH, or equivalent. GIAC certifications (e.g., GCIH, GCIA, GPEN) are a plus. Offers of employment are conditional upon passage of screening criteria applicable to the job EEO Statement Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes “When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.”

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better. We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us! Job Description Job Summary: The vulnerability analyst identifies vulnerabilities in systems using vulnerability scanning tools, interpreting the results, and developing remediation guidance for team members. You will research, identify, assess, and prioritize vendor and third-party security advisories and then advise system owners in completing patching and mitigation activities. Also, the vulnerability analyst also performs an important role in identifying areas to improve security posture resulting from security incidents. The vulnerability analyst works within the CISO organisation, which protects Rockwell Automation's security globally across a mix of cloud and on-premises networks. You will report to the Cyber Security Manager. Your Responsibilities: Need to be updated on the latest vulnerabilities that may affect Rockwell Automation systems. Conduct triage of vulnerabilities based on criticality. Contribute to vulnerability management process development. Conduct remediation activities with company partners in response to detected vulnerabilities. Develop, research, and maintain proficiency in tools, techniques, and trends related to vulnerability analysis. Identify root cause of cybersecurity incidents. Develop base statistical methods to display cybersecurity risk. Hunt for new vulnerabilities. Perform security penetration tests on networks, web-based applications, and computer systems. Create findings and reports to application owners and management. Consult application owners on best practices for remediation. Demonstrated commitment to valuing diversity and contributing to an inclusive working and learning environment. The Essentials - You Will Have: Basic knowledge of Software Development Lifecycle is required. An understanding of Windows and Linux-based systems are recommended. An understanding of common networking protocols, such as HTTP, DNS, and TLS is expected from the candidate. An understanding of common exploitation vectors are required. Describe vulnerabilities and technical concepts to all levels is recommended. Familiar with vulnerability scanners such as Qualys or Rapid7 are considered. The Preferred - You Might Also Have: Understanding of packaging and deployment tools such as SCCM and Intune are preferrable. Experience with scripting, either Python, Powershell or another languageCertification is also an added advantage. What We Offer: Our benefits package includes … Comprehensive mindfulness programmes with a premium membership to Calm. Volunteer Paid Time off available after 6 months of employment for eligible employees. Company volunteer and donation matching programme – Your volunteer hours or personal cash donations to an eligible charity can be matched with a charitable donation. Employee Assistance Program. Personalised wellbeing programmes through our OnTrack programme. On-demand digital course library for professional development. ... and other local benefits! At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles. #LI-Hybrid #LI-RS1 Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.

Category: Administration Main location: India, Karnataka, Bangalore Position ID: J0625-0283 Employment Type: Full Time Position Description: Company Profile: Founded in 1976, CGI is among the largest independent IT and business consulting services firms in the world. With 94,000 consultants and professionals across the globe, CGI delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at cgi.com. Job Title: Cyber Security Engineer Position: Senior Systems Engineer/Lead Analyst Experience: 7+ yrs Category: IT Infrastructure Main location: Bangalore Position ID: J0625-0283 Employment Type: Full Time Qualification: Bachelor's degree in Computer Science or related field or higher with minimum 3 years of relevant experience. Job Description: At least 7+ years’ Experience in Vulnerability Assessment and Penetration testing of web applications, mobile applications, API and thick client applications. Good knowledge on web application security, OWASP, Application Security testing, Network Penetration testing, Code Review, Vulnerability Assessment and Appscan Experience in cyber security penetration testing (Manual, PT, VAPT, DAST, SAST, API) Hands on experience in setting up the network environment for VAPT Manual penetration testing skills and techniques are required besides automated tools and frameworks. Hands on experience in identifying false positives Hands on knowledge on tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, Sqlmap, Checkmarx etc Strong knowledge of tools for mobile application security, including but not limited to Appuse, MOBSF, Geny Motion, Kali Linux, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify On Demand Good Understanding of OWASP Top 10 for web application security and Mobile application security. Perform mobile vulnerability assessment and Penetration testing. Good understanding of Microservice based architecture Experience working in a DevSecOps environment with knowledge of continuous integration, containers, DAST/SAST tools Good understanding of Database security requirements. Good knowledge of cloud environments and should be able to perform VAPT on AWS, Azure etc. Scripting and coding experience(good to have) Certifications: OSCP, CEH Must have Skills : Good knowledge on web application security, OWASP, Application Security testing, Network Penetration testing, Code Review, Vulnerability Assessment and Appscan Experience in cyber security penetration testing (Manual, PT, VAPT, DAST, SAST, API) Hands on experience in identifying false positives Hands on knowledge on tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, Sqlmap, Checkmarx etc Good to have Skills : Excellent customer interfacing skills. Excellent written and verbal communication skills. Participating in Daily Standups and weekly reviews Strong attention to detail and outstanding analytical and Problem-solving skills. Understanding of Business, emerging technologies in relevant industry (Banking/CIAM ) , strong understanding of trends (market and technology) in areas of specialization. CGI is an equal opportunity employer. In addition, CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs. Life at CGI: It is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons Come join our team, one of the largest IT and business consulting services firms in the world Skills: Vulnerability Assessment(IAVA) What you can expect from us: Together, as owners, let’s turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction. Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team—one of the largest IT and business consulting services firms in the world.

About Us: Barry-Wehmiller is a diversified global supplier of engineering consulting and manufacturing technology for the packaging, corrugating, sheeting and paper-converting industries. By blending people-centric leadership with disciplined operational strategies and purpose-driven growth, Barry-Wehmiller has become a $3 billion organization with nearly 12,000 team members united by a common belief: to use the power of business to build a better world. Job Description: About Barry Wehmiller: - Barry Wehmiller Companies is a global supplier of manufacturing technology and services based in St. Louis Missouri. Although it was founded in 1885 as a maker of machinery for the brewing industry, since 1987 Barry-Wehmiller has acquired more than 80 companies that provide equipment and services for a variety of industries: packaging, paper converting, sheeting, corrugating, engineering, and IT consulting. In 2016 it was ranked no. 10 on the St. Louis Business Journal's list of the city's Top 150 Privately Held Companies. We believe our culture differentiates us from other firms. In India, Barry-Wehmiller operates as a hub of innovation and collaboration, housing our Global Competency Center (GCC) and other strategic functions. The GCC, based in Chennai, is an Engineering Center of Excellence that supports all Barry-Wehmiller divisions globally. The center focuses on areas such as design and development in mechanical, electrical, and controls engineering, software development, and additive manufacturing. We believe in: Ownership – You’ll drive features end-to-end, from design to deployment. Flexibility – A friendly, results-oriented culture that respects your time. Empowerment – Your insights are valued, and your work makes a visible difference. Learning & Growth – You’ll work on complex challenges with smart, passionate peers—and have the support to level up continually. If you’re ready to bring your best thinking to the table and grow in a high-impact, future-focused environment, we’d love to hear from you. Job Description: The Enterprise IT Service Desk Workstation Vulnerability Analyst’s role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 3-5 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Travel: Travel could be up to 15% (in the country) as needed for remote support. What is it for you? This role is more than just a job. It’s an opportunity to be part of a global team that values people excellence, innovative solutions, and operational excellence. Barry-Wehmiller provides a unique environment where you can grow your skills, work on impactful projects, and collaborate with some of the brightest minds in the industry. In addition, we are deeply committed to your personal and professional growth, fostering a culture that helps you achieve your full potential. To understand more about our people-first philosophy, you may like to watch this short video by our CEO, Mr. Bob Chapman , on Truly Human Leadership : Watch the video At Barry-Wehmiller we recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying. We know that our differences often can bring about innovation, excellence and meaningful work—therefore, people from all backgrounds are encouraged to apply to our positions. Please let us know if you require reasonable accommodations during the interview process. Company: BW Corporate US

Qualification & Experience We are looking for candidates with the following skills and experience: ● Graduate/Post Graduate with 5+ years of experience in IT, Cyber or equivalent field. ● Business acumen with ability to step back to get global perspective ● Cyber security vulnerability & compliance Knowledge management ● Hands on experience with scanning tools like Qualys or Tenable or similar ● Risk and threat management basics ● Skill in conducting application vulnerability assessments. ● Organised with a proven ability to prioritise workload, meet deadlines, and utilise time effectively in a challenging environment to drumbeat the activity ● Good interpersonal and communication skills, works effectively as a team player for stakeholder management and customer relationships ● Data driven with influence skills at different levels (top mgt, customers, partners....) for reporting purposes. Knowledge in monitoring technologies (like Splunk current skill or high interest and potential to upskill) ● Agile mindset required, experience in Agile, SAFE & Scrum methodology preferred but not essential ● Good understanding of global security standards and implementation ● On-hands experience with tools like Qualys and Tenable Tasks & Accountabilities As the successful candidate your main tasks & accountabilities are: ● Understand Airbus business and process to exchange with Digital Security Risk & Asset Management department ● Grasp and understand Cyber vulnerabilities(CVE’s) to connect them to risk with recommendations. ● Work in MFT (Multi functional Team) inside and outside IM for an End 2 End perspective ● Plan and commit on analysis and recommendations follow-up activities with stakeholders ● Contribute to cyber risk avoidance ● Establish and maintain strong relationships with key stakeholders, ensuring coordination and cooperation ● Produce/ contribute to operational and executive KPIs Show more Show less

Our Company Techvantage.ai is a next-generation technology and product engineering company at the forefront of innovation in Generative AI, Agentic AI , and autonomous intelligent systems . We build intelligent, secure, and scalable digital platforms that power the future of AI across industries. Role Overview We are looking for a Senior Security Specialist with 8+ years of experience in cybersecurity, cloud security, and application security. You will be responsible for identifying, mitigating, and preventing threats across our technology landscape — particularly in AI-powered, data-driven environments. This role involves leading penetration testing efforts , managing vulnerability assessments , and implementing best-in-class security tools and practices to protect our platforms and clients. What we are looking from an ideal candidate? Design and implement robust security architectures for cloud-native and on-prem environments. Conduct penetration testing (internal/external, network, application, API) and deliver clear remediation strategies. Perform regular vulnerability assessments using industry-standard tools and frameworks. Lead threat modeling and risk assessments across systems, services, and data pipelines. Collaborate with development and DevOps teams to integrate security in SDLC and CI/CD pipelines (DevSecOps). Define and enforce security policies, incident response procedures, and access controls. Monitor for security breaches and investigate security events using SIEM and forensic tools. Ensure compliance with global standards such as ISO 27001, SOC 2, GDPR, and HIPAA. Provide guidance on secure implementation of AI/ML components and data protection strategies. Preferred Skills What skills do you need? Requirements 8+ years of experience in information security, application security, or cybersecurity engineering. Proficient in penetration testing methodologies and use of tools such as Burp Suite, Metasploit, Nmap, Wireshark, Nessus, OWASP ZAP, Qualys, etc. Deep experience in vulnerability management, patching, and security hardening practices. Strong understanding of OWASP Top 10, CWE/SANS Top 25, API security, and secure coding principles. Hands-on experience with cloud security (AWS, Azure, or GCP), IAM, firewalls, WAFs, encryption, and endpoint security. Familiarity with SIEM, EDR, IDS/IPS, and DLP solutions. Knowledge of DevSecOps and tools like Terraform, Kubernetes, Docker, etc. Excellent problem-solving, analytical, and incident-handling capabilities. Preferred Qualifications Certifications such as CISSP, CISM, CEH, OSCP, or AWS Security Specialty. Experience working on security aspects of AI/ML platforms, data pipelines, or model inferencing. Familiarity with governance and compliance frameworks (e.g., PCI-DSS, HIPAA). Experience in secure agile product environments and threat modeling techniques. What We Offer A mission-critical role securing next-gen AI systems Opportunity to work with an innovative and fast-paced tech company High visibility and leadership opportunities in a growing security function Compensation is not a constraint for the right candidate Show more Show less

Job Title: Senior SOC Analyst Department: IT Infrastructure Location: Bangalore / Coimbatore Job Type: Full-Time Experience: 7+ years Immediate joiners or notice period of less than 30days are needed. Job Role: A Senior SOC Analyst is a cybersecurity professional responsible for proactively monitoring, analyzing, and responding to security threats within Logixhealth network and systems. They play a crucial role in detecting, investigating, and containing security incidents, as well as developing and improving security solutions. SOC 24/7, SOC monitoring Role Description: The analyst performs monitoring, research, assessment and analysis on Intrusion Detection and Prevention tools as well as Anomaly Detection systems, Firewalls, Antivirus systems, proxy devices (IPS IDS) which requires demonstrable security incident response experience. Perform initial risk assessment on new threats and vulnerabilities, perform assessment phase of Vulnerability and Threat Management process. Perform assessment as well as troubleshooting and help isolate issues with IDS/IPS sensors, Antivirus Cloud MS O365 Defender, Application monitor control, Mobile management (Intune), Vulnerability scanners Nessus professional ,Qualys PCI DSS scanners or other vulnerability Management tools. Patch management & MS O365 Defender Console monitoring. Participate in daily and ad-hoc conference calls as well as compliance and controls, self-assessment processes and documentation related tasks. Log and event management log monitoring and share the daily report. Exposure to User behavior analytics tools. MS Azure sentinel Vulnerability Management. Compliant / Non-Compliant (Devices) Management using Intune. Application control using MS Cloud App security. Working Knowledge of Taegis Secure works or any XDR/EDR/MDR Products Working Knowledge of Password management tools similar tool Bit warden Microsoft Purview and Entra (Azure AD Identity Management) working knowledge. Key Deliverables: Being Proactive and handling SOC Alerts Provide analysis and trending of security log data from a large number of heterogeneous security devices. Analyze and respond to previously undisclosed software and hardware vulnerabilities Zero Day Exploits Coordinate with Intel analysts on open source activities impacting SLTT governments. Integrate and share information with other analysts and other teams Compliance ISO 27001-2022 ,SOC 2 type 2,HIPAA,Hi-Trust Flexible, quick learning, willing to work 24/7 and rotational shifts. Senior Security analysts are expected to be on-call to respond to incidents that arise outside of business hours Monitor, Manage, Remediate (Vulnerability Management) Advise based Vulnerability advisories (CISA, MS-ISAC,USCERT) and escalate to respective teams. Other duties as assigned Independent worker Able to read and Analyze Counter Threat Intelligence Reports and suggest appropriate actions. Manage SIEM and On board devices and respond to Alerts and Analyze and remediate. Skills: Incident response, Security posture management vulnerability Management in Hybrid environment (Cloud and Onsite) Creating and managing security tools and policies in tools such as SIEM, EDR, and DLP, Exposure to Application vulnerability management, API security. Strong understanding of networking, operating systems, and security technologies. Ability to analyze data, identify patterns, and draw conclusions. Ability to investigate and resolve security incidents effectively. Ability to communicate technical information clearly and concisely with all stakeholders and advise appropriate action. Significant experience in security operations, incident response, and threat analysis. Identifying areas for improvement in security processes and tools. Developing and implementing new security solutions Using threat intelligence to identify and mitigate potential risks. Staying up-to-date on the latest cyber threats and attack vectors. Ability to lead Security Projects and Programs and drive towards closure and stakeholder satisfaction. Other skills: Excellent knowledge of Intrusion Detection (TCP/IP knowledge, and Cyber security), various operating systems (Windows, and web technologies (focusing on Internet security) Ability to read and understand packet level data Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc) Host Security Products (HIPS, AV, scanners, XDR,EDR) Knowledge of threats and technologies effecting Web Application vulnerabilities and recent internet threats Exposure on Vulnerability assessment as well as penetration testing Preferred Certifications from EC-Council, GIAC, (ISC)² are preferred [CISSP, CEH, GCIA, CCNA-Security] Good knowledge of forensics and Log analysis. Incident response and remediation Knowledge of Playbooks. Qualification: Any degree/BE/B. Tech (computer science, Cybersecurity) with technical certification from EC-Council, GIAC, (ISC)² [CISSP, CEH, GCIA, CCSP, CCNA-Security] Show more Show less

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. Information Security Consultant II This role is part of NCR’s Global Information Security team. This team is responsible for developing and implementing NCR’s corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management. The Information Security Consultant shall be responsible for the day-to-day activities required to respond for both routine and high severity vulnerabilities and security incidents. The Information Security Consultant shall work in a collaborative manner with vulnerability coordinators, incident responders, key incident management team members, management, and other stakeholders to ensure vulnerabilities and security incidents are contained, eradicated, remediated and after-action review is held according to corporate policy. The Information Security Consultant is expected to contribute to weekly status calls and respond to ad-hoc requests as part of this position. The Information Security Consultant will work with stakeholders and team members to assist with improving incident response processes that are aligned with the mission of the office of the CISO. The individual should be highly skilled, motivated and detail-oriented security professional to join our dynamic team. The ideal candidate will be responsible for leading and managing our Vulnerability Management program along with Incident Management, ensuring the protection of our organization's digital assets. Key Responsibilities: Vulnerability Management: Lead the design, implementation, and continuous improvement of the enterprise-wide vulnerability management program. External attack surface management and technical remediation Run Vulnerability red team exercises and simulation for risk prioritization Oversee vulnerability assessments, scanning, and remediation efforts across all systems, networks, and applications. Collaborate with IT, GTM and product SRE teams to prioritize and remediate vulnerabilities based on risk and business impact. Develop and maintain metrics and dashboards to track vulnerability trends and remediation progress. Ensure compliance with internal policies, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, CIS). Incident Management: Assist in the development and execution of the incident response plan and playbooks. Act as a key responder and advisor during cybersecurity incidents, ensuring timely containment, investigation, and recovery. Conduct post-incident reviews and root cause analyses to improve future response efforts. Provide guidance and training to internal teams on incident response best practices. Skills And Qualifications Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. 10+ years of experience in cybersecurity, with a strong focus on vulnerability and incident management. Proven experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and SIEM/SOAR platforms. Deep understanding of threat landscapes, attack vectors, and mitigation strategies. Strong knowledge of security frameworks and standards (e.g., NIST, MITRE ATT&CK, OWASP). Excellent analytical, communication, and leadership skills. Preferred Certifications: CISSP, CISM, OSCP, CEH, or equivalent. GIAC certifications (e.g., GCIH, GCIA, GPEN) are a plus. Offers of employment are conditional upon passage of screening criteria applicable to the job EEO Statement Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes “When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.” Show more Show less

Job Title: ServiceNow SecOps Consultant / Developer Experience: 5+ years in ServiceNow with minimum 2 years in SecOps module Job Description: We are looking for a highly skilled ServiceNow Security Operations (SecOps) Consultant/Developer to join our team. The ideal candidate will have experience in implementing and customizing ServiceNow SecOps modules including Security Incident Response (SIR), Vulnerability Response (VR), Threat Intelligence, and Security Incident Enrichment. Key Responsibilities: Implement, configure, and maintain ServiceNow Security Operations modules. Integrate external security tools (e.g., Qualys, Splunk, Rapid7, Tenable) with ServiceNow SecOps. Design and develop workflows, automation scripts, and business rules to streamline SecOps processes. Configure and maintain playbooks for automated response actions. Manage security incident lifecycle using ServiceNow SIR module. Enable vulnerability identification and remediation using VR module. Collaborate with InfoSec, IT, and third-party security tools teams. Support continuous improvement efforts and provide recommendations for platform optimization. Required Skills: Strong hands-on experience with ServiceNow Security Operations Suite. Knowledge of ServiceNow CMDB, Discovery, and MID server setup. Experience with Security Incident Response, Vulnerability Response, and Threat Intelligence modules. Proficiency in scripting (JavaScript) and ServiceNow development/customization. Experience with integration tools like REST/SOAP APIs. Familiarity with SIEM tools (e.g., Splunk, QRadar), Vulnerability scanners (e.g., Qualys, Tenable). Good to Have: ServiceNow Certified Implementation Specialist – Security Operations. Experience in SOC processes, NIST/ISO frameworks, and risk management. ITIL certification or working knowledge of ITIL processes. Experience with MITRE ATT&CK framework and threat intelligence feeds. Educational Qualification: Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, or related field. Show more Show less

Windows, Linux OS We are looking for a skilled and proactive Security Analyst to join our Server and Vulnerability Management team The ideal candidate will possess expertise in identifying, assessing, and mitigating vulnerabilities across operating and non-operating systems The role requires proficiency in BigFix and Qualys, along with experience in providing solutions for vulnerabilities A strong background in scripting and the ability to conduct impact analysis for critical non-OS vulnerabilities is essential

Aqua, Vulnerability Assessment, Vulnerability Mitigation - Applicants should possess 7+ years of demonstrated experience in cybersecurity, network engineering, and/or infrastructure engineering 5 of the years must include hands on experience in one or many of the following areas - threat intelligence, server vulnerability management and container vulnerability management - 3 plus years experience administering cloud container vulnerability solutions like Aqua or Wix is required Candidates without this experience will not be considered - 3+ years working with container technologies and container vulnerabilities is required Candidates without this experience will not be considered - Experience with scanning solutions such as Rapid7, Qualys, or Tenable scanning is desired - Understanding of MITRE ATTCK and OWASP frameworks is desired - Understanding of malware and common attack types is desired

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Position Summary: The Deal Desk Analyst will play a critical role in optimizing and supporting our sales processes. This position is responsible for managing and analyzing complex deals, ensuring pricing accuracy, and facilitating smooth transactions. The ideal candidate will have a strong analytical mindset, excellent attention to detail, and the ability to collaborate effectively across departments. In this role, you will support the sales organisation throughout the entire quote-to-cash lifecycle —covering deal structure, quote creation and approval, order forms, revenue, legal review, and compliance—while continuously striving to enhance and streamline the sales process. You will also be a critical participant in the annual planning process. Responsibilities Deal Structuring & Analysis: Support the sales team in structuring complex deals by providing guidance on pricing, discounting, and contract terms. Analyze the financial impact of proposed deals to ensure alignment with company goals. Pricing & Quoting: Ensure accurate and timely delivery of quotes to sales teams and clients. Identify potential issues and risks related to deals and proactively work to find solutions. Particular focus on quoting nonstandard deal structures. Cross-Functional Collaboration: Work closely with sales, finance, legal, and operations teams to ensure deals are executed efficiently and align with company objectives. Enablement: Drive enablement for sellers with Qualys’ systems and processes related to quoting. Act as a subject matter expert for deal desk processes and tools and provide training and support to team members as needed. Develop/maintain enablement documentation for sales processes Operational Support: Address ad-hoc requests and troubleshoot complex issues with from Sales and cross functional teams. Work with partner alliance team on monthly billing/quoting. Support monthly/quarterly activities. Will play a crucial role in 2025 quota planning and data hygiene. Qualifications: 3-4 years of experience in deal desk, finance, or sales operations roles Tertiary degree Business, Finance, Marketing, Economics, Strategy, Statistics or other relevant areas Working knowledge of Sales organizations, Sales quotas, and CRM platforms (i.e. Salesforce.com) Detail-oriented with strong organizational skills to manage multiple concurrent deals Experience delivering against multiple priorities at the same time along with strong attention to detail, planning and the ability to work in a dynamic environment. Knowledge of SaaS business models and pricing strategies. SFDC administration certification a plus. Willingness to work according to business requirements across various time zones US/EMEA/APAC Advanced Excel skills. Understanding of reports, management tools, trends, KPIs, and opportunities for improvement. Show more Show less

As a Technical Implementation Engineer, you will be pivotal in onboarding customers to multiple Qualys products including ETM(Enterprise TruRisk Management). You will serve as a trusted advisor, helping customers integrate Qualys products into their environments, aligning them with security goals, and ensuring their success with the platform. This role focuses on DevOps, cloud security, and enabling customers to maximize their value from Qualys solutions. Key Responsibilities Customer Onboarding: • Manage the onboarding process for enterprise customers, ensuring smooth adoption of Qualys products (ETM being the major focus). • Conduct product demos, onboarding meetings, and hands-on configurations. • Collaborate with customers to align implementations with their goals and security needs. Technical Implementation: • Assist customers in deploying Qualys solutions within containerized and cloud environments. • Provide expertise in Kubernetes, Docker, CRI-o, and related technologies. • Configure integrations with public cloud providers like AWS, Azure, GCP, and OCI. Customer Success: • Act as a primary point of contact during the implementation phase. • Design and execute onboarding plans tailored to customer objectives. • Educate customers on using Qualys tools effectively to achieve their security goals. Collaboration and Feedback: • Work closely with internal teams to address customer challenges and improve onboarding processes. • Collect and relay customer feedback to enhance product functionality and user experience. Required Skills and Qualifications Experience: • Minimum 5 years of experience in customer-facing roles (e.g., onboarding, customer success, technical support). • Hands-on experience working in an Enterprise environment, Windows, Linux, networking working knowledge • Exposure to cloud platforms (AWS, Azure, GCP, OCI) and container environments (Kubernetes, Docker, CRI-o). Technical Expertise: • Strong background in cybersecurity, networking, or related technologies. • Familiarity with vulnerability management, policy compliance, and threat detection. • Proficiency in deploying and managing endpoints, virtual machines, and agents. Communication Skills: • Excellent verbal, written, and presentation skills. • Proven ability to engage with enterprise and global customers. Other Skills: • Strong analytical mindset with project management skills. • Ability to thrive in fast-paced environments and solve complex challenges. • Emotional intelligence and interpersonal skills to build positive customer relationships. Preferred Qualifications • Experience with Qualys products as a practitioner, sales engineer, or subject matter expert. • Familiarity with CI/CD pipelines and DevOps practices. • Understanding of asset management, patching, and configuration management. Show more Show less

Information Security is vital to the operation of Teleperformance. Teleperformance has developed and maintains an effective documented Information Security Management System based on the requirements of the ISO IEC 27001:2013, PCI DSS 3.2, SOC 2, Privacy Regulations, the General Data Protection Regulation (GDPR) and local regulations where appropriate, to ensure a documented method of control that protects Teleperformance, its clients and customers of its clients. As a Security Engineer, you will be responsible for managing the security infrastructure. You will play an essential part in designing and implementing different security services like SIEM, Vulnerability Management, Encryption/Decryption tools and more. You will be given the chance to work with cutting edge technologies and growing while learning will be an essential part of your daily job. Your responsibilities: Automate security deployment processes. Work with SOC teams to drive security improvements. Maintain a network of 200+ servers providing our security tools. Ensure security tools are running without downtimes. Monitor services performance and metrics and optimize alerts. Define and implement hardening process for our services. Take an active role in architectural decisions. Test and evaluate new security systems updates. Write documentation for all Security Engineering procedures. Your background 5+ years working as a system/infrastructure administrator. Advanced experience with Linux/Windows servers. Detailed knowledge of IT security principles and best practices. Experience with cloud environments such as Microsoft Azure. Strong scripting experience with Python. Advanced experience with SIEM tools like Splunk Possess in-depth knowledge of CyberArk solutions. Advanced experience with Vulnerability Assessment tools like Nessus, Qualys. Advanced experience with File Encryption. Experience with docker containers. Configuration management (Ansible, Puppet, Chef). Advanced experience with managing databases, both MySQL and MSSQL. Experience with monitoring tools like Prometheus, PRTG. Advanced Experience with Jenkins or similar orchestration platforms. Experience with GIT and configuration control principles. Experience with email security platforms like Mimecast. Automation driven personality. Excellent problem solving & analytical attitude. Eager to learn, experiment and brake things (but not in production). Fluent in English, spoken and written. Bonus to have. Familiar with CI/CD processes Docker orchestration tools like Rancher, Kubernetes Ability to understand and write APIs. Experience with microservices Experience with Infrastructure as a Code What we can offer: Competitive salary Flexible working environment - office or home - your choice Latest hardware suiting your needs. Challenging, fast-growing and stress-free geek environment We always welcome new ideas and here you have the chance to make a difference. A team of wonderful and highly qualified colleagues from all around the globe who will always be ready to help you. Show more Show less

Divisional Information Security Officer (DISO) Location- Bangalore 5Days work form office Interview mode- MS teams Required immediate joiners max 15 to 30 days Notice period. Job Context Cybersecurity is now foundational for businesses to deliver on digital agenda as well as achieve committed objectives & outcomes. The divisional DISO role is created to lead the information security function across the division to ensure consistent and high-quality information security management in support of the division’s business goals. Responsibilities The divisional DISO is responsible for developing and implementing the division’s information security program with consultation from the central DISO organization. It involves, while enabling business to achieve their goals, identify, evaluate and mitigate risks to digital assets, intellectual properties, regulated data and reputation while ensuring statutory compliance. The divisional DISO leads with sound knowledge of cybersecurity technologies covering data centres, cloud, endpoint, network, applications and emerging technologies such as AI, ML, IoT, etc. as well as broader digital ecosystem. The person should be an integrator of people, process and technology within and from the ecosystem. DISO works proactively and assures not only confidentiality, integrity, and availability but also to the safety, privacy and recovery of information assets owned or processed by the business units and ecosystem partners. The divisional DISO articulates the impact of cybersecurity on digital business, and be able to communicate this to the business stakeholders, along with progress of security program & value to the business from time to time. Tasks Develop a comprehensive security program for the division Develop the information security vision and strategy for the division that is aligned to division’s business priorities and enables and facilitates the business objectives, and ensures senior stakeholder buy-in and mandate. Implement, and monitor Information Management (IM) policy across division. Implement and monitor Incident response plan and procedures as laid down by the CISO organization Monitor, track and drive cybersecurity awareness programs for the division Operate the security function Plan and manage the cybersecurity budget for the division Align with CISO organization for integrated coordination in risk management Drive cybersecurity projects within the division Innovate and proactively refresh policies and program to meet emerging needs Continuously evaluate cybersecurity needs, compliance, changes in security posture resulting from change in IT infrastructure, architecture, emerging threats, laws, standards, regulations and technologies. Build relationship with external ecosystem partners, service providers, industry peers, vendors to ensure that the division maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies. Work with divisions and extended IT leaders, member of the IT strategy committee, business leaders, non-IT functions, thus ensuring that the information security requirements are implicit in these architectures and security is built in the design. Establish governance and oversight of security program Facilitate operational oversight of security operations governance through the division’s cybersecurity committee. Provide periodic metrics-based progress report and develop appropriate KPIs to reflect improvements in value/performance/efficiency/compliance etc. Requirements Experience Demonstrated experience and success in middle management roles in risk management, information security, compliance, and cybersecurity in dynamic environment. Hands on experience in network, system, application, perimeter, endpoint, cloud and data centre security management, and security operations. Managing vulnerability using tools like Nessus, Qualys guard etc. Working in ISO27K environment, report preparing, leading internal and external security audits Knowledge of ISO 27K, ISO20K, GDPR, COBIT, NIST, CSF frameworks/standards Skills Ability to communicate effectively across the reporting chain, external and internal customers, leadership, peers etc. Excellent written and verbal communications skills, collaborative skills and effectively communicating technical stuffs to non-technical audience. Reasonably good analytical skills, ability to manage complex projects, under strict timelines as well as ability to work well in demanding, dynamic environment and meet overall objectives. Project management skills, financial/budgeting management, resource and schedule management Relevant industry certification on cybersecurity is desirable Personal Characteristics Poise and ability to act calmly and competently in high-pressure, high-stress situations. Strong problem solving and trouble-shooting skills. High level of personal integrity and maturity, as well as the ability to handle confidential matters. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Qualys, a leading cybersecurity firm, is seeking an experienced Senior Technical Support Engineer for Security Applications to resolve global customer and partner service requests promptly. Collaborate across teams for high customer satisfaction in a secure environment. Ideal for security enthusiasts with solid networking skills. Lead in resolving technical issues, provide top-tier support, and contribute to world-class assistance. Responsibilities: Promptly resolve global customer and partner service requests in a highly secured environment. Collaborate with cross-functional teams for high customer satisfaction. Provide support via phone, email, and MS Teams for Product modules over the SaaS platform. Ensure friendly and professional customer interactions throughout the service life cycle. Act as the main point of contact for technical issues, collaborating directly with Development and QA teams. Thrive in a challenging and dynamic environment, delivering world-class support and technical solutions. Qualifications: 5+ years of technical support experience. Experience in Vulnerability Management and Web Application Security/Firewall application support. In-depth TCP/IP understanding and LAN/WAN infrastructure knowledge. Strong foundation in Windows and/or solid Linux/Unix experience in an enterprise environment. Familiarity with common OS services (IIS, BIND, Apache, AD, WINS, Samba, SSH). Knowledge of firewalls, Intrusion Detection System technologies, and Network Vulnerability Scanners. Outstanding troubleshooting and analytical skills. Excellent written and verbal communication skills. Bachelor of Science in Computer Science or equivalent experience. Networking: OSI Layer understanding. Knowledge of broadcast domain vs. collision domain. Familiarity with different records zones in DNS and how it works. Understanding of SSL Handshake and TCP/IP Handshake. Proficiency in ARP, DHCP, proxy servers, and DNS cache clearing. Differentiation between TCP and UDP, and protocols & their workings. Linux/Unix: Understanding of the boot process and run levels. Various ways to assign an IP address to a Unix/Linux/Debian machine. Proficient in checking running processes, hidden files, and installing packages. Knowledge of sudo, permissions, file systems, and SSH banner. Windows: Insight into the Windows boot process and control panel basics. Understanding of UAC, registry hives, and remote registry manipulation tools. Knowledge of kernel mode vs. user mode, Active Directory, and Group Policies. Familiarity with Kerberos and NTLM authentication, Procmon, and service control manager. Security: Understanding of vulnerabilities, the vulnerability cycle, and exploits. Knowledge of malware types (virus, trojan, worm) and False/True Positive/Negative concepts. Understanding of False Positive, False Negative, True Positive, and True Negative in the security context. Preferred: Experience with packet capture review and diagnosis. Previous API support and Regex knowledge. Scripting experience (Bash, Python). Knowledge of major web server software, UNIX/Windows web services, and diverse platforms. Oracle and Microsoft SQL knowledge. CCNA, MCSE, CISSP, CompTIA Security+, and CEH certifications are highly desirable. Experience with Customer Support and Development Tools (Salesforce, Jira, etc.). Willing to work in 24/7 rotational shifts. Show more Show less