668 Qualys Jobs - Page 2

Overview Exp. - 3-6 Years Location - Hyderabad Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

Overview Exp. - 3-6 Years Location - Hyderabad Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3-5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

Ankura is a team of excellence founded on innovation and growth. Location: Conditional Remote / Gurgaon Hours: 40 hours a week Reporting: Director - Threat Detection Operations (TDO) Duties include providing On-Job Training to fellow Senior Analysts and Analysts, continuous monitoring of Security Information Event Management (SIEM), EDR, XDR and related platforms for correlated events and alerts and working with the client to take action. Senior Analysts leverage events to determine the impact, document possible causes, and provide useful information to clients. A deep understanding of various commercial and open-source network sensors, intrusion detection systems, and event log correlation engines is required as senior analysts are expected to deliver enhanced threat awareness and knowledge through research and continuous improvement of use cases, signatures, and metrics. Expected to help automate anomaly detection and alerting while documenting security incidents, processes, investigations, and remediation efforts. Senior Analysts are also expected to maintain open communication and visibility with their team members, Directors, and Clients. Usually, employees will be permitted to work remotely in the current operational setup however that setup may change based on company and/or business needs, with or without notice. It may also be considered a conditional privilege as the employees are personally responsible to maintain uninterrupted availability and communication via all official channels throughout their designated shifts. If the employee's performance cannot be satisfactorily ascertained by their manager or the employee is unable to adapt to work without disturbance, they may be called upon to work out of the company’s office. Capabilities Knowledge of IR process, ticketing tools, Knowledgeable in various IR response commands related to Windows, Linux Strong knowledge on advanced attack techniques related to Endpoints and servers, Threat hunting using EDR/XDR. Experience in handling latest attack techniques LOLBAS, fileless malware etc. Experience in monitor globally emerging threats, vulnerabilities, malicious activities etc. research about the same and reports to concerned teams and management for proactive actions. Must have knowledge of various OSINT tools: VirusTotal, Cisco Talos Intelligence, IBM X-force Exchange, URL.io etc. during the investigation of security alerts. Capable to handle a team of L1 analysts, impart training etc Must have experience of Vulnerability management to identify emerging risks in organization's environment using Qualys, Nessus, MS-Defender etc Knowledgeable about Automation and SOAR Must have the necessary experience to conduct initial triage and in depth analysis of security events and incidents; determine the priority, criticality, and impact; facilitate communication within the client's SOC, escalate to the for containment and remediation, and document/journal progress throughout the Incident Response Lifecycle within the respective service level objectives. Required to have experience in conducting research analysis and data gathering requirements to present in a report format. Should be detail-oriented and able to work independently and communicate effectively both verbally and in writing.Must be flexible enough to work in a 24x7 rotational shift setup, including overnight, weekend, and national holidays. TECHNICAL Emerging SIEM/XDR such as MS Azure Sentinel, SentinelOne Experience with security tools: Nessus, Burpsuite, Acunetix, Kali Linux Strong knowledge on XDR tools such as Sentinel One, Cortex, CrowdStrike, Microsoft etc Understanding of KQL, Lucene, Python, and/or other similar programming/query/scripting languages Proficient in finetuning detection rules of XDR, creation of SOPs, Playbooks for various scenarios and techniques EDUCATION, EXPERINCE, TRAINING & CERTIFICATIONS Minimum Experince in SOC/IR/VM 4 yrs plus Preferred to have a degree in CS/IT or a Masters's Diploma in the field of IT Security. Certifications such as CEH, Security+ CHFI,ACE, and specific to vendor XDR tools SentinelOne cortex, Microsoft CrowdStrike etc COMMUNICATION Comfortable working in a remote work environment including web-based team management and collaboration applications, and time-keeping systems e.g. Slack, Microsoft Teams, Intapp, and Workday. Ability to communicate complex ideas effectively, both verbally and in writing in English and the local office language(s) Able to provide reports showing progress or achievement of assigned goals and responsibilities as required. Must be an active listener and ask questions of others when clarity is needed Ability to gain an understanding of client needs and apply analytic reasoning Demonstrates proactive engagement in meetings and process discussions KEY PERFORMANCE INDICATORS Analyze client networks for threats using analytical platforms for event monitoring such as NSM, SIEM, UEBA, ETDR. Deliver client reports based on analyses that are timely, high quality, and accurate. Understand and support incident response and triage Improve reporting to avoid ‘analysis paralysis’. Develop new skills within analytical platforms INDIVIDUAL & TEAMWORK Must be able to effortlessly switch between independent and team-based work Understands that the work product is dependent on team efforts and remains responsive to internal and external deadlines Able to share expertise and experience with team members to encourage growth and shared success Able to maintain focus and attention to detail for sustained periods of time Engaged in supporting the development and growth of all team members GROWTH MINDSET Can receive and provide feedback in a constructive manner that leads to the growth of self and others. Displays perseverance of effort and passion for a long-term goal and end state. Works well under timelines and puts in extra effort as required to meet timelines. Self-motivated to identify areas for team & process improvement and collaborate with others to develop creative solutions LEADERSHIP TRAITS Willing to adapt leadership skills to support larger and more complex projects. Work product for self and team is consistently of excellent quality and efficiency. Respectful and professional in all interactions with team members, clients, and colleagues. Maintains composure and calm disposition under high-pressure or stressful circumstances. Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.

Your Responsibilities Will Include : Monitoring and responding to security incidents Conducting vulnerability assessments & pen tests Managing firewalls, IDS/IPS, and endpoint security Enforcing cybersecurity policies & compliance Supporting cloud & network security What You Need to Bring : 2–5 years of relevant experience Hands-on with tools like Splunk, Nessus, Qualys Exposure to cloud platforms (AWS/Azure/GCP) Certifications like CEH, Security+, OSCP are a plus Why Join Us? High-impact role in a security-first environment Flexible work setup Learning & upskilling opportunities Collaborative, inclusive culture Job Types: Full-time, Permanent Pay: ₹500,000.00 - ₹1,000,000.00 per year Application Question(s): What is your current and expected CTC? What is your notice period? In case you are serving your notice period then what is your LWD? Experience: Cybersecurity: 2 years (Required) Splunk: 2 years (Preferred) Nessus: 2 years (Preferred) Qualys: 2 years (Preferred) Cloud Platforms: 2 years (Preferred) Work Location: In person

Role Description We are looking for a skilled and motivated DevOps Engineer to join our team. The ideal candidate will have extensive experience in cloud infrastructure (particularly AWS), automation, and security best practices. You will be responsible for delivering resilient application stacks, supporting critical business applications, and collaborating with cross-functional teams to ensure system reliability, scalability, and security. Key Responsibilities Deliver resilient application stacks using Infrastructure as Code and other DevOps practices. Monitor and provide ongoing support for critical, high-revenue business applications. Diagnose and resolve complex system and application issues. Maintain strong security postures and remediate identified vulnerabilities. Collaborate with Development, QA, IT Operations, Customer Operations, and Project Management teams. Create and maintain documentation for systems and applications for both technical and non-technical stakeholders. Essential Skills And Experience Hands-on experience with AWS and public cloud environments. Proficiency in Infrastructure as Code (IaC) tools such as Terraform. Experience with CI/CD tools like GitLab CI/CD, GitHub Actions, Jenkins. Scripting and coding proficiency in PowerShell, Bash, Python, or similar languages. Familiarity with configuration management tools such as Ansible, Puppet, Chef. Strong experience with Linux server administration and troubleshooting. Proven track record in analytical and complex troubleshooting scenarios. Exposure to security tools such as Wiz, Qualys, or similar. Desirable Skills Monitoring tools: Prometheus, Grafana, CloudWatch. Log management solutions: Elastic Stack, Graylog, Splunk. Experience with relational databases: MySQL, MS SQL Server, etc. Knowledge of secret management systems like HashiCorp Vault. Familiarity with change control and related procedures. Hands-on experience with security testing and tools such as: Wiz, SonarQube, CheckMarx, AppScan, BurpSuite, OWASP ZAP, WebInspect, Fortify, Veracode, Nessus, etc. Skills Aws Cloud,Terraform,Powershell,Github

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! As Security Signature Engineer, you will be part of a motivated engineering team that is responsible for the research, development, and delivery of signatures in the Qualys Security products spanning across multiple domains such as asset identity, vulnerability detections, etc. This opening is your opportunity to work in the rapidly expanding field of computer security with a company that has excellent customer ratings and outstanding growth rates. Responsibilities: Research and create signatures for the Qualys product to recognize assets of different varieties such as Laptops, Desktops, Mobile Phones, Cameras, PLCs, Communication Modules, I/O Modules, RTUs, IoT devices etc. from the fingerprints of their communication protocol messages. Research new and emerging products and innovative use of networking protocols to identify assets from their network behaviour. Apply product research to correlate and identify patterns within data (packet captures) gathered from field devices and code these into identity or security signatures. Build automation for day-to-day tasks that are part of your research job. Closely work with customer support to troubleshoot and triage customer issues such as fingerprinting unidentified devices, fixing incorrect fingerprints, etc. Qualifications: BS or MS in computer science with 2-4 years of experience in Information Security domain or cyber security. Experience with network analysis tools, and analysis of packet captures using Wireshark. In-depth knowledge of TCP/IP, HTTP, FTP, SSH, SSL, NetBios, eMail, DNS, DHCP, Samba/Windows-Networking and understanding of UPnP protocols. Experience with scripting languages, including Python and Bash. Excellent written and verbal communication skills. Flair and patience for research and documentation of gathered information. Additional good to have Competencies : Knowledge of Virtualization software (VMWare, Virtual PC/Virtual Box, XEN, etc.). Knowledge of any of the Industrial protocols such as S7 Comm, Modbus, Ethernet IP, CIP, BACnet, etc. would be a huge advantage. Proficiency with regular expressions. Understanding of Lua (preferred), or Java. Knowledge of any Cloud Platform (AWS, Azure, Oracle, etc.). System administrator experience on Windows or Unix platforms. Ability to handle projects independently. Experience in developing security-related tools/programs Knowledge of security domain

Company Description Aguna Solutions is an IT services company dedicated to leveraging technology to build better futures for our customers, colleagues, environment, and communities. We excel in transforming operations and driving innovation through Robotics Process Automation, Product Development, Cyber/Information Security, Cloud, Consulting, Implementation, and Business Intelligence services. Our commitment to quality is upheld by proven processes and models, ensuring consistent results. We are driven by a mission to fuel digital innovation through inspired creativity, unbounded by traditional software and systems. Role Description We are seeking a highly skilled and self-driven Cybersecurity Specialist with hands-on experience in Imperva Database Activity Monitoring (DAM) to join our security operations team. The ideal candidate will have deep expertise in deploying, configuring, and troubleshooting Imperva DAM solutions, along with broad knowledge of various other enterprise security tools. The role requires strong problem-solving abilities, attention to detail, and a proactive mindset for enhancing our security posture. Job Responsibilities Install, configure, and manage Imperva DAM across diverse environments. Perform ongoing administration, health checks, and tuning of Imperva systems. Develop and maintain security policies, rulesets, and custom alerts within Imperva DAM. Work closely with DBAs, system admins, and compliance teams to support audit and monitoring requirements. Troubleshoot and resolve performance, connectivity, and configuration issues related to security tools. Deploy and support other security tools such as SIEMs, vulnerability scanners, endpoint security platforms, firewalls, etc. Maintain detailed technical documentation, SOPs, and architectural diagrams. Stay current with emerging threats, vulnerabilities, and best practices in data protection and security monitoring. Assist in incident response and investigations involving data access or database-related threats. Required Qualifications 3+ years of experience in cybersecurity, with 2+ years of hands-on work with Imperva DAM. Strong understanding of database environments (Oracle, SQL Server, MySQL, etc.) and how DAM integrates with them. Proven experience in installation, configuration, upgrade, and troubleshooting of security tools in enterprise environments. Working knowledge of Linux and Windows systems. Familiarity with SIEM (e.g., Splunk, QRadar), endpoint protection (e.g., CrowdStrike, SentinelOne), and vulnerability scanners (e.g., Qualys, Nessus). Strong scripting skills (e.g., Shell, PowerShell, Python) are a plus. Excellent communication, documentation, and analytical skills. Preferred Qualifications Imperva Certified Implementation Specialist (if applicable). Experience with cloud deployments (AWS, Azure) of security tools. Prior experience supporting GRC/audit requirements (e.g., PCI-DSS, SOX). Knowledge of database security best practices and insider threat detection.

We are looking for a Cloud-first IT Administrator with foundational Information Security (InfoSec) skills to manage and secure a modern, distributed IT environment. The ideal candidate will be responsible for overseeing cloud-native infrastructure, end-user devices, identity and access management, and maintaining InfoSec hygiene—driven by an automation-first, tools-based approach rather than traditional manual methods. Key Responsibilities Cloud-based IT Admin Manage Identity & Access Management : Google Workspace Admin or Azure AD or Okta Implement and enforce SSO, MFA policies Manage SaaS platforms used by the company: Google Workspace / Microsoft 365 / Slack / Zoom / Notion / Jira / others Setup and manage MDM (Mobile Device Management) across all endpoints (laptops / mobiles): Example tools: Hexnode, Intune, JAMF, Comodo Enforce security policies — device encryption, patching, antivirus, screen lock, remote wipe Enable self-service onboarding/offboarding — automate account provisioning and deprovisioning Manage asset inventory for cloud and physical devices Setup VPN / Zero Trust Access models where needed Manage basic networking & firewall rules in: Physical office (hardware firewalls like Fortinet / Palo Alto / Ubiquiti) Cloud (AWS Security Groups, NACLs, WAF) InfoSec (Basic / First line) Conduct regular user access reviews and implement least privilege Run basic vulnerability scans on endpoints and cloud systems Implement DLP (Data Loss Prevention) policies where needed Monitor and enforce phishing protection / SPF / DKIM / DMARC Setup endpoint monitoring / EDR tools (ex: CrowdStrike, SentinelOne) Ensure basic compliance tracking for ISO 27001 / SOC2 readiness Conduct InfoSec awareness training for employees (quarterly) AWS & Cloud Infra (Basic Admin) Monitor AWS usage and identify cost saving opportunities Manage AWS IAM users, policies, roles Manage basic AWS services : EC2, S3, RDS, CloudWatch, CloudTrail Assist DevOps team in ensuring secure cloud configurations Preferred Experience with AI-driven IT / InfoSec Tools Experience using or exploring AI-driven MDM platforms (Hexnode AI, Kandji AI, Jamf AI Assist, etc.) Familiarity with AI-assisted Identity Governance tools (Saviynt, Okta AI Assist, etc.) Understanding of AI-based Cloud Cost Optimization tools (CloudZero, OpsAI, AWS Trusted Advisor AI, Harness) Exposure to AI-based email security / DLP platforms (Abnormal Security, Material Security) Experience with AI-assisted VAPT & vulnerability scanning tools (Tenable, Plerion AI, Qualys AI) Familiarity with AI-powered IT Helpdesk platforms (Moveworks, Espressive, Aisera) Willingness to adopt AI-first approach to IT and InfoSec automation Skills & Requirements Mandatory 4+ years experience in Cloud-based IT Admin roles Hands-on experience with: Google Workspace / Azure AD / Okta MDM platforms Cloud networking & firewalls AWS IAM & basic cloud services Basic InfoSec knowledge: Endpoint security DLP Email security

As a Senior Consultant in the Cyber Security department located in Gurugram, you will be responsible for various tasks and possess a range of skills and experiences. Your role will involve working on programming languages used for storing and processing raw data, having knowledge of operating systems such as Windows, macOS, Linux, UNIX, and other OSs, conducting penetration testing, understanding ethical hacking and coding practices, mastering advanced persistent threat management, ensuring firewall safety and management, utilizing encryption techniques and capabilities, conducting compliance assessments, and working with frameworks like COBIT and ITIL. You should have at least 5 years of relevant experience in cybersecurity, IT systems operation, and IT solutions development and maintenance. You must be well-versed in configuring and troubleshooting vulnerability management platforms like Tenable or Qualys, as well as patch management control platforms such as Microsoft MECM/SCCM. Experience in supporting patch management, vulnerability management, or configuration management programs is crucial, along with troubleshooting patch deployment and installation through log analysis and investigation. Your expertise should include knowledge of OWASP top 10 and other network security frameworks, hands-on experience in VAPT for application and network security, skills in configuration review, policy review, hardening of systems and networks, endpoint review, application code review, and testing tools. You should possess excellent communication and analytical skills to interact with clients directly, experience in Mobile AppSEC for Android and iOS, API testing, willingness to travel, good presentation and report-making skills, research knowledge in cyber security for consulting and customizing services, and hands-on working knowledge of tools like Burp, Nessus, Nmap, Qualys, Acunetix, Metasploit, and other relevant tools. Additionally, you should have knowledge of SIEM/SOAR, DLP, EDR/EPP, Firewall/IPS, Web Servers, and basic scripting knowledge in any language would be advantageous. Your role will also involve being willing to travel and actively participating in pre-sales activities, ensuring the highest level of security for clients and their systems.,

The Manager, Exposure Management plays a crucial role in identifying, analyzing, and mitigating cybersecurity exposures across enterprise systems. Your focus will be on vulnerability management, attack surface monitoring, and web application scanning to ensure timely detection and response to risks impacting the organization's digital footprint. It is essential to possess strong technical expertise, attention to detail, and the ability to collaborate across teams to influence remediation activities and enhance security posture. Key Responsibilities - Operate enterprise vulnerability scanning platforms, validate findings, and monitor remediation efforts effectively. - Continuously assess the organization's internal and external attack surface for untracked assets, misconfigurations, and exposed services. - Identify and manage asset ownership across business units, ensuring accurate data consistently reflected in the configuration management database (CMDB). - Collaborate with infrastructure, application, and business stakeholders for prompt and comprehensive updates to asset and ownership records. - Configure, execute, and analyze web application security scans, working closely with development teams to address identified issues. - Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tools. - Prepare detailed reports and dashboards tailored for various audiences, from technical teams to executive leadership. - Partner with IT, infrastructure, and cybersecurity stakeholders to facilitate risk-informed remediation activities. - Contribute to continuous process enhancements and tool optimization throughout the exposure management lifecycle. Basic Qualifications - A Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical field, along with a minimum of 10 years of experience in cybersecurity, focusing on vulnerability or exposure management. - A Master's degree in Computer Science, Information Security, Engineering, or a related technical field, combined with at least 8 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Preferred Qualifications - Hands-on experience with tools like Tenable, Qualys, Rapid7, or similar platforms. - Familiarity with web application scanning tools and techniques. - Experience in managing or supporting a CMDB and asset lifecycle processes in a large organization. - Understanding of frameworks such as CVSS, MITRE ATT&CK, and NIST CSF. - Strong communication and analytical skills to effectively communicate technical risks to business stakeholders. - Experience supporting compliance and regulatory programs within a global business context. In addition to competitive benefits programs, we offer health insurance, professional development opportunities, and an Employee Assistance Programme to help you achieve your personal goals. At our organization, we value the expertise, creativity, and passion of our employees and strive to create an inclusive environment that promotes growth, innovation, and diversity. Join us and be part of The Carrier Way, where you can make a difference. Apply now!,

Kyndryl Bengaluru, Karnataka, India Posted on Jul 26, 2025 Apply now Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Kyndryl’s Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested; we're committed. We're not just protecting data; we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills. When you walk through our doors, you're not only joining a team but you're also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn't just a job – it’s a passion; a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure. In this role, you won't just monitor; you'll actively engage in the relentless hunt for cyber adversaries. In a world where every click and keystroke could be a potential gateway for attackers, your role will be nothing short of critical as you seek out advanced threats, attackers, and Indicators of Compromise (IOCs). Your expertise in endpoint detection and response (EDR) will be the shield that safeguards individual workstations, laptops, servers, and other devices from cybercrime. Your responsibilities go beyond vigilance. When it comes to network security, you'll utilize Network Detection and Response (NDR) to monitor the ever-flowing currents of network traffic. The incident management process will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy – helping Kyndryl stay one step ahead of security breaches. In Cybersecurity Defense at Kyndryl, you’re not just protecting the present – you’re shaping the future of digital security. Join us on this cybersecurity venture where your expertise and creativity will have a lasting impact in the world of digital defense. Your Future at Kyndryl When you join Kyndryl, you're not just joining a company – you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles – we’re invested in your journey. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills And Experience Provide and manage vulnerability scanning and assessment tools for traditional IT assets. 6 - 8 years of security analyst experience, preferably in a managed services environment Analyze scan results, prioritize findings using risk-based methodology. Deliver actionable remediation and mitigation recommendations. Maintain continuous visibility and reporting for servers, endpoints, and network infrastructure. Vulnerability Scanning: Tenable.io, Qualys, or Rapid7, Tanium (based on agreement) Vulnerability Scanning: Tenable.io, Qualys, or Rapid7, Tanium (based on agreement) Ticketing Integration: ServiceNow, Jira Reporting: Custom dashboards (Power BI/Tableau) or native tool reports Experience with cloud security, devops, cyber resiliency/incident management, Zero Trust, network/EDGE security, and emerging technologies such as IoT and AI. Experience threat hunting, proactively and iteratively searching to detect advanced threats that evade existing security solutions. Deep understanding of the current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks Expertise with security incident response process. Preferred Skills And Experience Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or other related fields Preferred Certifications in Cyber Security: ECTHP (Certified Threat Hunting Professional) or ECMAP (Malware Analysis Professional); other specialized security analyst certifications Experience in Cloud Security monitoring and in advanced analytics (UEBA) Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address. Apply now See more open positions at Kyndryl

Kyndryl Bengaluru, Karnataka, India Posted on Jul 26, 2025 Apply now Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Kyndryl’s Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested; we're committed. We're not just protecting data; we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills. When you walk through our doors, you're not only joining a team but you're also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn't just a job – it’s a passion; a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. As a Cybersecurity Defense professional at Kyndryl, you will encompass cybersecurity, incident response, security operations, vulnerability management, and the world of cyber threat hunting and security intelligence analysis all to protect the very heartbeat of organizations – their infrastructure. In this role, you won't just monitor; you'll actively engage in the relentless hunt for cyber adversaries. In a world where every click and keystroke could be a potential gateway for attackers, your role will be nothing short of critical as you seek out advanced threats, attackers, and Indicators of Compromise (IOCs). Your expertise in endpoint detection and response (EDR) will be the shield that safeguards individual workstations, laptops, servers, and other devices from cybercrime. Your responsibilities go beyond vigilance. When it comes to network security, you'll utilize Network Detection and Response (NDR) to monitor the ever-flowing currents of network traffic. The incident management process will be used as you respond and manage to cybersecurity incidents. Cybersecurity Defense is all about information. You'll gather, analyze, and interpret data applying your own and external threat intelligence to uncover potential security threats and risks. These insights and your ability to analyze complex attack scenarios will be the foundation of our security strategy – helping Kyndryl stay one step ahead of security breaches. In Cybersecurity Defense at Kyndryl, you’re not just protecting the present – you’re shaping the future of digital security. Join us on this cybersecurity venture where your expertise and creativity will have a lasting impact in the world of digital defense. Your Future at Kyndryl When you join Kyndryl, you're not just joining a company – you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles – we’re invested in your journey. Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills And Experience Provide and manage vulnerability scanning and assessment tools for traditional IT assets. 6 - 8 years of security analyst experience, preferably in a managed services environment Analyze scan results, prioritize findings using risk-based methodology. Deliver actionable remediation and mitigation recommendations. Maintain continuous visibility and reporting for servers, endpoints, and network infrastructure. Vulnerability Scanning: Tenable.io, Qualys, or Rapid7, Tanium (based on agreement) Vulnerability Scanning: Tenable.io, Qualys, or Rapid7, Tanium (based on agreement) Ticketing Integration: ServiceNow, Jira Reporting: Custom dashboards (Power BI/Tableau) or native tool reports Experience with cloud security, devops, cyber resiliency/incident management, Zero Trust, network/EDGE security, and emerging technologies such as IoT and AI. Experience threat hunting, proactively and iteratively searching to detect advanced threats that evade existing security solutions. Deep understanding of the current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks Expertise with security incident response process. Preferred Skills And Experience Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or other related fields Preferred Certifications in Cyber Security: ECTHP (Certified Threat Hunting Professional) or ECMAP (Malware Analysis Professional); other specialized security analyst certifications Experience in Cloud Security monitoring and in advanced analytics (UEBA) Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address. Apply now See more open positions at Kyndryl

Introduction In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your Role And Responsibilities Vulnerability Identification & Assessment: Manage and oversee vulnerability scanning tools (Qualys, Tenable, Rapid7, etc.). Analyze vulnerability data from multiple sources and assess the impact on business operations. Perform risk assessments and categorize vulnerabilities based on severity and exploitability. Remediation & Risk Mitigation: Collaborate with IT and development teams to ensure timely remediation of identified vulnerabilities. Prioritize vulnerabilities based on risk to the business and potential exploitability. Track remediation efforts and ensure proper closure of security gaps. Process & Policy Development: Define and maintain vulnerability management policies, standards, and procedures. Establish workflows for vulnerability detection, reporting, remediation, and validation. Ensure compliance with security frameworks such as NIST, CIS, ISO 27001, and regulatory standards like GDPR, HIPAA, and PCI-DSS. Security Monitoring & Threat Intelligence Integration:Work with threat intelligence teams to understand emerging threats and vulnerabilities. Ensure vulnerability management aligns with incident response and threat-hunting processes. Continuously enhance detection mechanisms to improve vulnerability discovery and response. Compliance & Audit Readiness:Ensure that vulnerability management practices align with regulatory and compliance requirements. Maintain records of assessments, remediation efforts, and compliance reports for audits. Support internal and external audits related to vulnerability management. Reporting & Metrics: Develop and present vulnerability status reports to security leadership and executive teams. Track key performance indicators (KPIs) related to vulnerability remediation SLAs and risk reduction Provide insights on security posture improvements based on trend analysis. Security Awareness & Collaboration: Conduct training sessions to educate teams on vulnerability risks and remediation best practices. Work closely with DevSecOps, SOC, and infrastructure teams to integrate security best practices into the development lifecycle Preferred Education Master's Degree Required Technical And Professional Expertise Vulnerability Management Preferred Technical And Professional Experience Qualys

Our people work differently depending on their jobs and needs. From hybrid working to flexible hours, we have plenty of options that help our people to thrive. This role is based in India and as such all normal working days must be carried out in India. Job description Join us as a Security Consultant This key role will see you working with the domain lead to define the product backlog and analyse a broad range of security information As our Security Consultant, you’ll be providing advice and guidance on the best course of action needed to manage and solve security risks As well as the opportunity to enhance your security knowledge, you’ll also be exposed to a wide range of stakeholders across the wider bank We're offering this role at associate level What you'll do Using your broad knowledge of security specialisms together with an appreciation of franchise strategies and objectives, you’ll be helping the wider bank to ensure a robust security environment across our centres of excellence and domains. We’ll look to you to develop appropriate security strategies by understanding the needs and demands of the customer and business, while making sure that organisational system health and security are maintained and, improved where possible. You’ll also be: Acting as the interface with security experts when needed Enabling a culture of continuous improvement, promoting the benefits of security and working closely with teams to reinforce the robustness of the domain Analysing business requirements, technical solutions or processes to identify security related risks and providing guidance on how they can be managed effectively Making sure that decisions made are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management Building relationships with colleagues across the bank to ensure decisions are commercially focused and create long term value for the organisation The skills you'll need To be successful in this role, you’ll need knowledge of one or more security subject areas and experience of setting risk appetites. You’ll also demonstrate experience of, or a willingness to learn risk management frameworks. Additionally, you’ll need: A background of at least 4 years in security assessment in information system An understanding in Cloud environment like AWS, Azure, Google Cloud, Web/API Security, Network protocols, Encryption technologies, Intrusion detection/prevention systems, Firewall etc Industry certification such as CISSP, CISM, CISA Experience in conducting risk assessments of AI systems, identifying potential vulnerabilities, threats within AI models and data pipelines Strong knowledge of vulnerability assessment tools such as GitLab, SAST, Qualys, and CSPM solutions

Why join Stryker? Looking for a place that values your unique talents? Discover Stryker's award-winning culture. We are proud to offer you our total rewards package which includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards – not to mention various social and recreational activities, all of which are location specific. Job description We are excited to be named one of the World’s Best Workplaces by Fortune Magazine! We are proud to offer you our total rewards package which includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards – not to mention various social and recreational activities, all of which are location specific. Who we want: Dedicated achievers. People who thrive in a fast-paced environment and will stop at nothing to ensure a project is complete and meets regulations and expectations. Curious learners. People who seek out cutting-edge research and information to expand and enhance their ability to be ready for what’s next. Self-directed initiators. People who take ownership of their work and need no prompting to drive productivity, change, and outcome and will stop at nothing to ensure a project is complete and meets regulations and expectations Inspires others. A genuine, relationship-focused leader who connects, collaborates and fosters an inclusive environment of enthusiasm, trust and pride. He/she makes others want to follow, building momentum for action and positively influencing outcomes. Champions talent development. A manager who focuses on maximizing the ability, potential and contributions of themselves and others. Fosters an environment where people can excel through developing, coaching and rewarding performance. What you will do: Manage all facets of Vulnerability Assessment and Penetration testing involving embedded devices, Web and Mobile based Applications. Perform attacks and identify vulnerabilities on interfaces like USB, WiFi. Ethernet etc. Perform manual and automated security code review for complex Desktop, Web and Mobile applications to identify security flaws. Leverage DevSecOps to embed security testing into all phases of SDLC. Provide support/inputs in issue remediation. Prepare Test Plans and Test Reports to support test activities. Minimum Qualifications (Required): Bachelor’s in Software/Electronics Engineering or equivalent degree. 2-5 years of hands-on experience in Vulnernability and Penetration Testing using tools like Kali, Nessus, Burpsuite, Qualys etc. Experience in automation of routine tasks using tools like Jenkins and/or scripting languages such as PowerShell, Ruby or Python. Understanding of Cloud based environments like Azure and AWS. At least one professional certification like ECSA Practical/CPENT/LPT/OSCP/OSWE/OSCE or similar involving practical exams. Excellent communication and interpersonal skills. Stryker is a global leader in medical technologies and, together with its customers, is driven to make healthcare better. The company offers innovative products and services in MedSurg, Neurotechnology, Orthopaedics and Spine that help improve patient and healthcare outcomes. Alongside its customers around the world, Stryker impacts more than 150 million patients annually.

Join us as a Security Consultant This key role will see you working with the domain lead to define the product backlog and analyse a broad range of security information As our Security Consultant, you’ll be providing advice and guidance on the best course of action needed to manage and solve security risks As well as the opportunity to enhance your security knowledge, you’ll also be exposed to a wide range of stakeholders across the wider bank We're offering this role at associate level What you'll do Using your broad knowledge of security specialisms together with an appreciation of franchise strategies and objectives, you’ll be helping the wider bank to ensure a robust security environment across our centres of excellence and domains. We’ll look to you to develop appropriate security strategies by understanding the needs and demands of the customer and business, while making sure that organisational system health and security are maintained and, improved where possible. You’ll also be: Acting as the interface with security experts when needed Enabling a culture of continuous improvement, promoting the benefits of security and working closely with teams to reinforce the robustness of the domain Analysing business requirements, technical solutions or processes to identify security related risks and providing guidance on how they can be managed effectively Making sure that decisions made are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management Building relationships with colleagues across the bank to ensure decisions are commercially focused and create long term value for the organisation The skills you'll need To be successful in this role, you’ll need knowledge of one or more security subject areas and experience of setting risk appetites. You’ll also demonstrate experience of, or a willingness to learn risk management frameworks. Additionally, you’ll need: A background of at least 4 years in security assessment in information system An understanding in Cloud environment like AWS, Azure, Google Cloud, Web/API Security, Network protocols, Encryption technologies, Intrusion detection/prevention systems, Firewall etc Industry certification such as CISSP, CISM, CISA Experience in conducting risk assessments of AI systems, identifying potential vulnerabilities, threats within AI models and data pipelines Strong knowledge of vulnerability assessment tools such as GitLab, SAST, Qualys, and CSPM solutions

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Qualys, Inc is a pioneer and leading provider of disruptive cloud-based IT, security, and compliance solutions with over 19,000 active customers in more than 130 countries, including a majority of each of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes, and substantial cost savings. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously, enabling them to automate the full spectrum of auditing, compliance, and protection for IT systems and web applications across on premises, endpoints, cloud, containers, and mobile environments. The ideal candidate possesses in-depth functional knowledge and an aptitude for Finance process and systems. You will identify, design, and build technology-driven solutions that enable strategic initiatives and operational improvements, including the implementation of Digital Finance. In this role, you will work closely with our Finance and supporting teams to enable strategic solutions. You will help to design and deploy changes to systems and processes in all aspects of the global finance process, including General Ledger, Cost Accounting, Procurement, Revenue Recognition, Finance Planning, Reporting and Tax areas. This position will report into Senior Director , Business Applications Essential Responsibilities And Tasks Serve as the IT lead on Finance related strategic initiatives and system implementations throughout the end-to-end solution design and development, from design through deployment. You will work closely with team members, leaders, and product owners to execute product delivery as well as continual strategy setting and evaluation of delivery team structure in alignment with firm needs and direction. You will act as a hands-on subject matter expert for Revenue Recognition, Billing Architecture and other financial applications that interact with NetSuite. The role requires taking ownership of the architecture and design of critical cloud-based business applications used by Qualys’s Finance and Accounting partners within the NetSuite domain. Review design, code, deployment strategies and other technical aspects of Qualys’s Financial Systems. Demonstrated ability to build strong partnerships and relationships with internal Business partners and adjacent Technology organizations including Quality Assurance, User Experience, Program Mgt Office and Enterprise Architecture Help with development of relevant training materials, business process flows and SOP’s, and support training delivery to relevant team members. Contribute to the solutions repository/best practices and knowledge share activities and participate in Subject Matter Expert programs. Problem solve and provide hands-on support during post-go live hyper care and support phases. Drive decisions across cross-functional teams in both the technical and operational areas, ensuring tradeoffs are understood and mitigations are put in place when required. Define and drive documentation of current and target state business processes and related systems flow with emphasis on cross-functional impact. Take a “Big Picture” view - ensure creation of new systems and processes integrates effectively into the existing landscape and does not disrupt business continuity. Removing obstacles and coordinating resources to continually increase team throughput, predictability, and quality Develop and execute on-going improvements for processes related to the team (e.g. incident management escalations) Deep understanding of the product team’s systems, processes, priorities, and technologies while representing these aspects to all levels of Technology leadership Guide teams to do their work in a way that minimizes key-person dependencies and knowledge silos Representation to ensure firm and division processes are followed and risk is reduced by the product team (e.g. compliance change management, information security, etc.) Ability to hold teams accountable for setting and achieving Service Level Objectives In the people leadership portion of this role, this leader will be responsible for: Coaching and mentoring of each team member through observation and timely feedback Identification of key team positions and develop ready-now successors Develop and execute on-going improvements for processes related to the team (e.g. resource management and support processes). Establish and maintain effective communications and relationships across teams, departments, vendors, and other divisions Must be able to establish and maintain effective relationships with vendors while aligning to the firm's objectives Qualifications Required in the job: 10 years of expertise in ERP/SAAS based financial systems roles 5 years of management experience Experience as an Enterprise Solution Architect/ Lead for Financials, for NetSuite with focussed experience with General Ledger, Accounts Payable, Accounts Receivable, Intercompany, Asset Management, Procurement, Expenses, Costing and Enterprise Contracts. Good understanding of Zuora RevPro Revenue Recognition system is preferable. Understanding of the Lead to Revenue Process from systems like Salesforce is good to have. Experience with Coupa, Revpro, Avalara, Netsuite, Salesforce, Anaplan Knowledge of Java Previous experience with usage based billing models Recognizes the importance of continuous improvement and finding opportunities to streamline/optimize current practices in order to shorten delivery schedules, and improve quality

Cloud & Compliance Security Specialist (4–6 Years Experience) Job Title: Cloud & Compliance Security Specialist Experience Required: 4–6 Years Location: Noida Job Type: Full-Time Department: Cyber Security Reporting to: Head/CISO Cyber Security. Role Overview: We are seeking a highly experienced and detail-oriented Cloud & Compliance Security Specialist to join our cybersecurity team. The ideal candidate will have a strong background in Governance, Risk, and Compliance (GRC), security technologies, and reporting/documentation. This role demands a strategic thinker with hands-on expertise in securing cloud environments across Various Cloud platforms. Key Responsibilities: 1. Security Technology & Operations – 50% · Design and implement cloud-native security controls and architectures (e.g., IAM, encryption, firewalls, WAFs, SIEM, CSPM, CWPP). · Monitor and respond to cloud security incidents using industry-standard tools and platforms for threat detection and analysis. · Integrate DevSecOps practices into CI/CD pipelines to ensure secure code deployment. · Perform threat modeling, vulnerability assessments, and penetration testing of cloud infrastructure. · Collaborate with DevOps and IT teams to ensure secure configuration and hardening of cloud resources. 2. Governance, Risk & Compliance (GRC) – 35% · Develop, implement, and maintain overall organizational security policies, standards, and procedures including Cloud security aligned with industry frameworks (e.g., ISO 27001, NIST, CIS, CSA). · Conduct risk assessments and cloud security audits to identify gaps and recommend mitigation strategies. · Ensure compliance with regulatory requirements such as DPDP, GDPR, HIPAA, PCI-DSS, and local data protection laws. · Collaborate with internal audit and legal teams to manage third-party risk assessments and vendor security reviews. · Lead security awareness and training programs across the organization. 3. Reporting & Documentation – 15% · Prepare detailed security reports, dashboards, and metrics for executive leadership and stakeholders. · Maintain comprehensive documentation of cloud security architecture, incident response plans, and audit findings. · Track and report on remediation efforts and risk mitigation progress. · Support internal and external audits with accurate and timely documentation. Required Skills & Qualifications: Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. 4–6 years of experience in cybersecurity with at least 4 years in cloud security. Strong knowledge of AWS, Azure, and/or GCP security services. Hands-on experience with security tools: Next Gen Firewalls, SIEM, WAF, CSPM, EDR, etc. Hands-on experience with DevSecOps, container security (Kubernetes, Docker), and Infrastructure as Code (Terraform, CloudFormation). Hands-on experience with various VA/PT tools including open source like OpenVas/OWASP Zap/Veracode/Nessus/Qualys etc. Certifications (Preferred): Cloud Security: CCSP, AWS Security Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer (any one of them) General Security & Compliance: CISA/ISO 27001 Lead Implementer/Auditor (any one of them)

Job Title: Attack Surface Management Analyst Job Location: UniOps Bangalore About Unilever Be part of the world’s most successful, purpose-led business. Work with brands that are well-loved around the world, that improve the lives of our consumers and the communities around us. We promote innovation, big and small, to make our business win and grow; and we believe in business as a force for good. Unleash your curiosity, challenge ideas and disrupt processes; use your energy to make this happen. Our brilliant business leaders and colleagues provide mentorship and inspiration, so you can be at your best. Every day, nine out of ten Indian households use our products to feel good, look good and get more out of life – giving us a unique opportunity to build a brighter future. Every individual here can bring their purpose to life through their work. Join us and you’ll be surrounded by inspiring leaders and supportive peers. Among them, you’ll channel your purpose, bring fresh ideas to the table, and simply be you. As you work to make a real impact on the business and the world, we’ll work to help you become a better you. About Uniops Unilever Operations (UniOps) is the global technology and operations engine of Unilever offering business services, technology, and enterprise solutions. UniOps serves over 190 locations and through a network of specialized service lines and partners delivers insights and innovations, user experiences and end-to-end seamless delivery making Unilever Purpose Led and Future Fit. Unilever is one of the world’s leading consumer goods companies with operations in over 190 countries and serving 3.4 billion consumers every day. Unilever delivers best in class performance with market making, unmissably superior brands which include Dove, Knorr, Domestos, Hellmann’s, Marmite and Lynx. Our strategy beings with a purpose that places our consumers at the heart of everything we do, “Brighten everyday life for all”. Role Purpose This role supports the Threat Intelligence & EASM Lead in identifying, monitoring, and managing Unilever’s external digital footprint. The EASM Analyst will leverage open-source intelligence (OSINT), commercial EASM platforms, and reconnaissance tools to discover, assess, and reduce Unilever’s exposure to external cyber threats. Role Summary The External Attack Surface Management (EASM) Analyst plays a critical role in Unilever’s proactive cybersecurity strategy by continuously identifying, analyzing, and mitigating risks associated with the organization’s internet-facing assets. As digital transformation accelerates and cloud adoption expands, the external attack surface becomes increasingly dynamic and complex. This role is designed to provide visibility into that evolving landscape and ensure that Unilever’s digital perimeter is secure, monitored, and well-managed. The analyst will be responsible for leveraging a combination of commercial EASM platforms (such as Mandiant, Wiz, and Qualys) and open-source reconnaissance tools (like Shodan, FOFA, and Censys) to discover unknown or unmanaged assets, detect misconfigurations, and identify potential vulnerabilities. This includes domains, IP addresses, cloud services, APIs, and third-party integrations that may be exposed to the internet. The EASM Analyst will work closely with Threat Intelligence, Vulnerability Management, and Incident Response teams to contextualize findings, prioritize risks, and support remediation efforts. They will also contribute to the development of automated discovery and alerting mechanisms, ensuring that new exposures are detected in near real-time. In addition to technical responsibilities, the role requires strong communication and collaboration skills to engage with asset owners, IT teams, and business stakeholders across the organization. The analyst will help drive awareness of external risks, support secure asset lifecycle management, and contribute to the overall maturity of Unilever’s cyber defense capabilities. Main Accountabilities External Asset Discovery & Mapping: Use EASM tools (e.g., Mandiant, Wiz, Qualys) to identify and catalog Unilever’s external-facing assets. Perform continuous monitoring to detect changes in the external attack surface. Reconnaissance & Threat Identification Utilize OSINT and reconnaissance tools (e.g., Shodan, FOFA, Censys) to identify exposed services, misconfigurations, and potential vulnerabilities. Correlate findings with threat intelligence to assess risk and prioritize remediation. Risk Assessment & Reporting Collaborate with vulnerability management and security operations to triage and remediate high-risk exposures. Provide regular reports and dashboards on EASM findings, trends, and KPIs. Collaboration & Process Improvement Work with IT and cloud teams to validate asset ownership and ensure secure configurations. Contribute to the development of EASM processes, playbooks, and automation strategies. Skills Key Skills and Relevant Experience Strong understanding of internet protocols, DNS, SSL/TLS, and cloud infrastructure. Proficiency with EASM and OSINT tools (e.g., Mandiant, Wiz, Qualys, Shodan, FOFA). Ability to analyze large datasets and identify patterns or anomalies. Excellent communication skills to convey technical findings to non-technical stakeholders. Familiarity with vulnerability management and threat intelligence workflows. Experience 3–5 years of experience in cybersecurity, with at least 1–2 years in EASM, threat intelligence, or vulnerability management. Experience with cloud platforms (Azure, AWS, GCP) and their security configurations. Knowledge of security frameworks such as MITRE ATT&CK, NIST CSF, or CIS Controls. Relevant certifications (e.g., CEH, OSCP, Security+, GIAC GOSI) are a plus. Note: "All official offers from Unilever are issued only via our Applicant Tracking System (ATS). Offers from individuals or unofficial sources may be fraudulent—please verify before proceeding."

Who we want: Dedicated achievers. People who thrive in a fast-paced environment and will stop at nothing to ensure a project is complete and meets regulations and expectations. Curious learners. People who seek out cutting-edge research and information to expand and enhance their ability to be ready for what’s next. Self-directed initiators. People who take ownership of their work and need no prompting to drive productivity, change, and outcome and will stop at nothing to ensure a project is complete and meets regulations and expectations Inspires others. A genuine, relationship-focused leader who connects, collaborates and fosters an inclusive environment of enthusiasm, trust and pride. He/she makes others want to follow, building momentum for action and positively influencing outcomes. Champions talent development. A manager who focuses on maximizing the ability, potential and contributions of themselves and others. Fosters an environment where people can excel through developing, coaching and rewarding performance. What you will do: Manage all facets of Vulnerability Assessment and Penetration testing involving embedded devices, Web and Mobile based Applications. Perform attacks and identify vulnerabilities on interfaces like USB, WiFi. Ethernet etc. Perform manual and automated security code review for complex Desktop, Web and Mobile applications to identify security flaws. Leverage DevSecOps to embed security testing into all phases of SDLC. Provide support/inputs in issue remediation. Prepare Test Plans and Test Reports to support test activities. Minimum Qualifications (Required): Bachelor’s in Software/Electronics Engineering or equivalent degree. 2-5 years of hands-on experience in Vulnernability and Penetration Testing using tools like Kali, Nessus, Burpsuite, Qualys etc. Experience in automation of routine tasks using tools like Jenkins and/or scripting languages such as PowerShell, Ruby or Python. Understanding of Cloud based environments like Azure and AWS. At least one professional certification like ECSA Practical/CPENT/LPT/OSCP/OSWE/OSCE or similar involving practical exams. Excellent communication and interpersonal skills. Stryker is a global leader in medical technologies and, together with its customers, is driven to make healthcare better. The company offers innovative products and services in MedSurg, Neurotechnology, Orthopaedics and Spine that help improve patient and healthcare outcomes. Alongside its customers around the world, Stryker impacts more than 150 million patients annually.

As a member of the Vulnerability Management Services team at Atos Group, you will play a crucial role in executing vulnerability scanning and managing VM programs for our clients. Your responsibilities will include completing projects within budgeted efforts and agreed timelines with high-quality deliverables. You will utilize various scanning solutions such as SAINT, Nessus, Tenable.io, Tenable.sc, Qualys, etc., to perform vulnerability scanning and gain a deep understanding of client network architecture and infrastructure to be scanned. Moreover, you will be involved in threat identification, vulnerability identification, and control analysis, as well as developing customized reports and dashboards based on client expectations. Proactiveness in project planning and execution, likelihood determination, impact analysis, and risk determination are key aspects of this role. You will also prioritize risks, provide solution recommendations, and document findings, identifying the business risks posed by weaknesses identified during assessments. Collaboration with both business and technical teams within and outside the organization will be essential for project scope definition, execution, and closure. The ideal candidate for this role should have at least 5 years of experience in Vulnerability Scanning, with expertise in tools like Qualys, Tenable, Rapid7, etc. Additionally, you should possess the ability to understand and explain vulnerabilities to stakeholders, knowledge of platforms such as Windows, Linux, Unix, Mac OS, Cisco, Juniper, as well as familiarity with standards like PCIDSS, CIS Benchmarks, etc. A flexible approach to working on challenging activities, creative problem-solving skills, strong communication, and writing abilities are crucial for success in this role. Join us at Atos Group to expand the possibilities of data and technology, now and for generations to come. Let's grow together.,

1.Security Acceptance testing(SAT) Experience : 6+ years Work Mode : Remote (Preferable Bangalore, Chennai)Look for local candidates. Notice period : Immediate to 30 Days only Mandatory Skills:Vulnerability assessment,Management ,Qualys VDR,Qualys 3 yrs,Implementation . Information security and preferably in Banking and Financial services sector, In-depth working experience on Cloud technologies, routers, switches, firewalls, load.Balancers and proxy will be an added advantage for the role Perform Vulnerability assessment & Policy Compliance using leading Vulnerability Scanning solutions like Qualys etc. Perform Vulnerability assessments & Policy Compliance on On-prem, Cloud hosted systems, container (like Docker & Kubernetes), databases, web services and other widely deployed infrastructure components. Perform false positive validation and ensure delivery of quality reports. Act as a technical SME to analyse the vulnerability results & detection logic. Provide technical advice and support on remediation to infrastructure / application support teams. Review findings and identify root causes for common issues and provide recommendations for sustainable improvements. Responsible to maintain vulnerability quality assurance by building VM team technical knowledge base. Research and report on security vulnerabilities and latest advancements in the vulnerability management lifecycle. Understand security policies, procedures and guidelines to all levels of management and staff. Communicate effectively orally and in writing and establish cooperative working relationships. Provide suggestion to improve vulnerability Management service based on current trends in information technology (Network, system security software and hardware). Act as line manager in the absence of team lead. People and Talent: Minimum 6 years of experience in Information security and preferably in Banking and Financial services sector In-depth working experience on Cloud technologies, routers, switches, firewalls, load balancers and proxy will be added advantage for the role. Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent. Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, CISA, CRISC and CISM. Strong knowledge and subject matter expertise in multiple areas within Information Security. Hands on skill and expertise in performing risk / threat assessments/risk consulting. Excellent written, oral communication and reporting skills. Provides technical leadership, expertise and direction working with district and college technical staff for design and implementation of information technology security systems. Develops strategy for propagating, maintaining, and measuring compliance against security policies, standards, and guidelines district-wide. Time management and organizational skills Ability and desire to learn new skills quickly Performs other related duties as assigned.

DevSecOps Engineer Experience: 5 to 9 Years Budget: Up to 36 LPA Location: Hyderabad, Bangalore, Pune, Gurgaon, Chennai Notice Period: Immediate Joiners Only About the Role: Were seeking a skilled DevSecOps Engineer with a strong security mindset and hands-on experience in secure cloud deployments. This role demands practical knowledge of cloud platforms, Infrastructure as Code (IaC), CI/CD pipelines, and modern security tooling. You will be at the forefront of embedding security in every stage of the software development lifecycle. Key Skills & Responsibilities: Cloud: Experience with Azure or AWS IaC Tools: Expertise in Terraform Containerization: Working knowledge of Kubernetes CI/CD: Hands-on with any modern CI/CD tools (e.g., Jenkins, GitHub Actions, GitLab CI, etc.) Security Tools (any): WiZ, Snyk, Qualys, Mend, Checkmarx, Dependabot Secret Management: Experience with HashiCorp Vault or Akeyless DevSecOps: Strong experience in integrating security into DevOps pipelines Mandatory Requirement: Security experience is mandatory DevSecOps exposure is highly preferred

Join our digital revolution in NatWest Digital X In everything we do, we work to one aim. To make digital experiences which are effortless and secure. So we organise ourselves around three principles: engineer, protect, and operate. We engineer simple solutions, we protect our customers, and we operate smarter. Our people work differently depending on their jobs and needs. From hybrid working to flexible hours, we have plenty of options that help our people to thrive. This role is based in India and as such all normal working days must be carried out in India. Job Description Join us as a Security Consultant This key role will see you working with the domain lead to define the product backlog and analyse a broad range of security information As our Security Consultant, you’ll be providing advice and guidance on the best course of action needed to manage and solve security risks As well as the opportunity to enhance your security knowledge, you’ll also be exposed to a wide range of stakeholders across the wider bank We're offering this role at associate level What you'll do Using your broad knowledge of security specialisms together with an appreciation of franchise strategies and objectives, you’ll be helping the wider bank to ensure a robust security environment across our centres of excellence and domains. We’ll look to you to develop appropriate security strategies by understanding the needs and demands of the customer and business, while making sure that organisational system health and security are maintained and, improved where possible. You’ll also be: Acting as the interface with security experts when needed Enabling a culture of continuous improvement, promoting the benefits of security and working closely with teams to reinforce the robustness of the domain Analysing business requirements, technical solutions or processes to identify security related risks and providing guidance on how they can be managed effectively Making sure that decisions made are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management Building relationships with colleagues across the bank to ensure decisions are commercially focused and create long term value for the organisation The skills you'll need To be successful in this role, you’ll need knowledge of one or more security subject areas and experience of setting risk appetites. You’ll also demonstrate experience of, or a willingness to learn risk management frameworks. Additionally, you’ll need: A background of at least 4 years in security assessment in information system An understanding in Cloud environment like AWS, Azure, Google Cloud, Web/API Security, Network protocols, Encryption technologies, Intrusion detection/prevention systems, Firewall etc Industry certification such as CISSP, CISM, CISA Experience in conducting risk assessments of AI systems, identifying potential vulnerabilities, threats within AI models and data pipelines Strong knowledge of vulnerability assessment tools such as GitLab, SAST, Qualys, and CSPM solutions

Join our digital revolution in NatWest Digital X In everything we do, we work to one aim. To make digital experiences which are effortless and secure. So we organise ourselves around three principles: engineer, protect, and operate. We engineer simple solutions, we protect our customers, and we operate smarter. Our people work differently depending on their jobs and needs. From hybrid working to flexible hours, we have plenty of options that help our people to thrive. This role is based in India and as such all normal working days must be carried out in India. Job Description Join us as a Security Consultant This key role will see you working with the domain lead to define the product backlog and analyse a broad range of security information As our Security Consultant, you’ll be providing advice and guidance on the best course of action needed to manage and solve security risks As well as the opportunity to enhance your security knowledge, you’ll also be exposed to a wide range of stakeholders across the wider bank We're offering this role at associate level What you'll do Using your broad knowledge of security specialisms together with an appreciation of franchise strategies and objectives, you’ll be helping the wider bank to ensure a robust security environment across our centres of excellence and domains. We’ll look to you to develop appropriate security strategies by understanding the needs and demands of the customer and business, while making sure that organisational system health and security are maintained and, improved where possible. You’ll also be: Acting as the interface with security experts when needed Enabling a culture of continuous improvement, promoting the benefits of security and working closely with teams to reinforce the robustness of the domain Analysing business requirements, technical solutions or processes to identify security related risks and providing guidance on how they can be managed effectively Making sure that decisions made are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management Building relationships with colleagues across the bank to ensure decisions are commercially focused and create long term value for the organisation The skills you'll need To be successful in this role, you’ll need knowledge of one or more security subject areas and experience of setting risk appetites. You’ll also demonstrate experience of, or a willingness to learn risk management frameworks. Additionally, you’ll need: A background of at least 4 years in security assessment in information system An understanding in Cloud environment like AWS, Azure, Google Cloud, Web/API Security, Network protocols, Encryption technologies, Intrusion detection/prevention systems, Firewall etc Industry certification such as CISSP, CISM, CISA Experience in conducting risk assessments of AI systems, identifying potential vulnerabilities, threats within AI models and data pipelines Strong knowledge of vulnerability assessment tools such as GitLab, SAST, Qualys, and CSPM solutions