684 Qualys Jobs - Page 23

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Job Description: This is a great opportunity to be an integral part of a team building Qualys next generation Micro-Services based technology platform processing over a 100 million transactions and terabytes of data per day, leverage open source technologies, and work on challenging and business-impacting projects. Responsibilities: You will be building next generation of Asset Management product in the cloud You will be building highly scalable Micro-services that interacts with Qualys Cloud Platform. Research, evaluate and adopt next generation technologies Produce high quality software following good architecture and design principles that you and your team will find easy to work with in the future Requirements: Excellent programming and designing skills with 6-8 years of hands-on experience in Java back-end development and skills with Spring-boot framework. Messaging middleware using Kafka . In-memory caching using Redis, Memcached, etc. Strong Java programming skills including object-oriented design, prototyping, development, testing, profiling, etc. Understand data structures and algorithms Expertise with RDBMS systems (preferably Oracle) Experience with NoSQL databases (preferably Cassandra) Knowledge of Docker, Kubernetes, Jenkins, and related CI/CD tools Ability and skill to debug & solve complex issues in a high-performing environment Desired Qualifications: Bachelors/Masters in Computer Science or equivalent Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Brief Description: Principal Software development engineer for Cloud Agent Endpoint Security Product Full Job Description: We invite you to be part of motivated and agile Qualys engineering team responsible for developing high-end Cloud based Security Solutions. This opening is your chance to work in the rapidly expanding field of computer security, in a company with excellent customer ratings and outstanding growth rates. In this position you will be working on network security solutions to deliver cutting-edge products including advanced Endpoint Security Technology and product. This position is for our fastest growing R&D center in Pune, India, which is part of multi-continent engineering team. Responsibilities: Develop understanding of the product functionality spanning in-field appliance to cloud services i.e. the end-to-end architecture, how customers use the product, how the product fits in the overall Qualys security platform and its value-add, various customer use case scenarios etc. This perspective is required for in-depth understanding and handling customer queries. Ability to lead the initiatives and engineering lifecycle including write, read, comprehend codebase and participate in design / code / testcase reviews. Develop in-depth knowledge in Endpoint Security and networking domains Contribute to the appliance stack development. Understand the existing appliance architecture well to be able to own new feature development - design, develop, deliver. Study and decipher documentation needed to accomplish tasks at hand viz Endpoint security technologies including EDR/AntiMalware (EPP), XDR, MDR, etc., other Cloud Agent standards, RFCs and protocol specifications, network topologies, networking fundamentals ( Tcp/Ip stack, switches, routers, networking protocols, firewalls), Linux platform fundamentals, virtualization, deep packet inspection etc. Debug issues in the product reported by internal QA teams or in production by customers and suggest solutions. Interact with QA teams to describe product feature and methods to test it – functionality, performance, negative scenarios. Document the design and test plans as part of development activities. Communicate with other team members, including with the QA team and collaborate as required. Qualifications: Must Have: Degree in Computer Science/Electronics/Instrumentation. 10 to 15 years software development or testing experience in Windows Development background and Windows Internals. Professional experience developing products in any tech domains is a good added advantage, for example experience in areas such as deep packet inspection, packet parsing and fast packet processing techniques, firewalls, networking protocols socket programming, virtualization and hypervisors etc. Ability to write as well as comprehend written code in C/C++ and/or Python programs. Passion to build a career in Endpoint systems and system closer to OS levels. Good academic record. Good reading and comprehension skills to be able to read technical literature of Network Security products and make inferences. Ability to operate Windows Operating System commands and related applications Good written and verbal communication skills. Additional skills that are good to have: Good debugging skills, ability to inspects packet captures Understanding of Linux boot loaders, grub, kernel compilation and networking stack internals, TCP/IP knowledge. Knowledge of one or more protocols used in Network Security systems - eg. LDAP, DHCP, ARP, DNS etc. Knowledge of Layer 2 and 3 switching, High availability, VPN, VLAN technologies etc. Working knowledge of deployment of Virtual Machines such as Vmware. Good understanding of Database concepts and good working knowledge with Oracle/PLSQL/Postgres. Excellent analytical and program solving skills, excellent written and oral communication, self-starter and highly motivated. Work in a dynamic environment and ability to adapt quickly to changes. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are looking for a self driven Sr QA Automation engineer with strong networking background with problem solving, and programming skills who is able to help design and develop Qualys Web Application Scanning product. Engineer should be able to Design, implement, document and maintain test framework for various functionality in UI and API Develop test automation & enable high quality micro-services based delivery. This is a fantastic opportunity to be an integral part of a team building Qualys next generation platform using Micro-Services based technology. Responsibilities: Own core product capabilities and drive it to deliver highest quality product. Design and develop test frameworks for automation. Develop new testing tools for various use cases. Maintain automated test environment to perform unit, functional and stress testing. Setup and configure automation running part of the CI-CD pipeline. Participate in the creation and enhancement of the continuous integration platform used to test the product. Develop and execute automated performance tests. Develop test plan & automation by working closely with PM on requirements and with dev to understand design. Qualifications: 5-7 years of hands-on experience in QA and at least 3-4 years working on automation Experience in Selenium WebDriver with Java/Python, Selenium grid. Strong knowledge of Java, Python, Shell Scripting, Data structures, OOPS concepts and its applications. Experience working with Docker, Kubernetes, ElasticSearch, Cassandra, Kafka. Strong experience with automation test tools (preferably Selenium Webdriver, Cucumber, Rest Assured). Good experience in test automation frameworks (data/keyword driven) and tools (Eclipse, Cucumber). Strong experience in testing frameworks like TestNG, JUnit. Hands on experience with Performance Testing and Load Testing tools like JMeter. Experience with Web application testing along with REST APIs. Good understanding of Database concepts and writing SQL queries. Understanding of CI-CD pipelines: Docker, Kubernetes. Experience with Test and defect management tools like Jira Automated builds and deployments process using GIT or other SCM, Maven, Jenkins. Experienced with Apache/Tomcat web servers and web application development. Must be a critical thinker with excellent verbal and written skills. Good communication skills to be able to work with global teams. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Appsec team in Qualys looking for web application security to be part of Application Security team which provides state-of-art automated web app security scanning for customers. You will test vulnerable web applications, API, develop, deploy vulnerable web applications, analyze vulnerability reports to verify false positives and false negatives. The position is a Pune based position and will require working with a team of engineers in Pune and the US. Responsibilities Solid working knowledge of DAST tools. Understanding of UNIX environment, and UNIX command line. Analyze web application security scanner reports and validate false positives and false negatives Understanding of OWASP top 10 vulnerabilities. Develop scripts to automate manual tasks in python, shell as required. Analyze server logs Analyze requests and responses in TCP/UDP protocols. Strong network layer understanding. Use of Burp, Kali or other security tools. Understanding of working with APIs and experience with Postman tool. Installation, configuration of web servers, Kubernetes and Docker systems. Knowledge of PCI DSS preferred. Required skills 3+ years of experience in web applications security Hands on experience with web applications security scanning tools like Burp/Zap, SQLMap, curl/wget, HTTP Proxy Knowledge of HTTP protocol (Requests, responses, Cookies etc) Experience with network analysis tools, analysis of packet capture Understanding and crafting of regular expressions Exposure and understanding around selenium scripts Understanding of web application vulnerabilities, OWASP top Strong analytical and problem-solving skills. Understanding of HTML/DOM, XML, CSS, Javascript and Javascript frameworks like JQuery, Ajax Database/SQL knowledge. Strong attention to details Passion for web security Strong communication and team-work skills Ability to work independently and self-learner Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Qualys is seeking a Senior QA Engineer to join our team. You will be part of a motivated engineering team responsible for ensuring the quality of the on-demand cloud-based security solutions. This opening is your chance to work in the rapidly expanding field of computer security, in a public company with excellent customer ratings and outstanding growth rates. Responsibilities : Efficiently contribute to both the functional and automation aspects of all products and features within the group. While strong functional skills are essential, proficiency in automation is a valuable asset that enhances overall performance. Assist in the creation of test plans, test cases, and test data for various types of testing (functional, regression, integration, etc.). Execute test cases, report defects, and ensure the software meets quality and performance standards. Identify, document, and track software defects. Collaborate with the development team to resolve issues. Prepare and configure test environments, including software installations and configurations. Maintain test documentation, including test cases, test results, and defect reports. Work closely with developers, product managers, and other team members to ensure the software's quality and reliability. Conduct exploratory testing to find defects that might not be covered by test cases. Adherence to Quality Standards: Ensure adherence to quality assurance and testing best practices. Keep up-to-date with the latest testing techniques, tools, and industry trends. Requirements : Candidate having 4-6 years of experience in a QA role in a product company. Experience in Java programming is a plus. Experience in shell/bash scripting. Strong knowledge of UNIX and Windows platforms. Strong debugging and analysis skills. Strong understanding of generic test automation frameworks (data-driven, keyword-driven) and tools (TestNG, Eclipse, Maven, Selenium, JMeter, Cucumber). Experience with Web application standards (Web services, XML, JSON, HTTP, HTTPS) and API testing. Good understanding of JSP/Web Technologies/Web Architecture. Strong knowledge of SaaS model/cloud-delivered application testing. Good understanding of Database concepts and good working knowledge of Oracle, PLSQL & JDBC. Experience with Test and defect management tools. Excellent analytical and program-solving skills, excellent written and oral communication, self-starter, and highly motivated. Work in a dynamic environment and can adapt quickly to changes. Strong experience with Docker containers/ Kubernetes/ CICD pipeline as well as working with build management tools like Git, Bamboo, and Jenkins. Sound knowledge of Databases and elastic search queries. Additional Skills Desired : Previous experience as a developer or exposure to white box testing is a plus. Experience in the Security/Performance domain is an advantage. Prior experience in working with a globally distributed team is a plus. Comfortable working in an Agile environment. Show more Show less

Hi All, Greetings from Shivsys Softwares Pvt Ltd We are hiring for Product Security Engineer Role: Product Security Engineer Experience: 3+ Years Location: Noida Job Description: Security Specialist in areas of Security Vulnerability Assessment & Penetration Testing. Responsible for periodic assessment and implementation of remediation with the help of node owners. Job Key Tasks & Responsibilities: · Experience in developing trailored Vulnerability Assessment Profiles in collaboration with clients, outlining assessment scope, methodologies, risk assessment criteria, and reporting structures. · Have created and configured custom scan policies for vulnerability scanners, ensuring accurate, tailored scans to meet organizational needs and risk tolerance. · Configure scan policies for full network scans, application scans, compliance checks, and sensitive data exposure detection. · Performed both authenticated and unauthenticated scans across telecom networks and cloud environments (VNF, CNF). Troubleshooting and debugging scans. · Performed automated and manual scans against the CIS Benchmarks (e.g., CIS AWS Foundations, CIS Linux, CIS Windows) to ensure compliance with industry best practices. · Performed comprehensive risk triage by analyzing vulnerability reports, verifying false positives, and assigning accurate severity levels to vulnerabilities based on CVSS matrix. · Evaluate the impact of vulnerabilities and prioritize vulnerabilities based on CVSS scoring and considering exploitability in telecom environments (e.g., SS7, Diameter, GTP, VoIP, IoT, 5G). · Perform cloud-specific vulnerability assessments for containers and orchestration platforms (Docker, Kubernetes). · Provide remediation recommendations based on scan findings, including patching, work arounds, configuration hardening, and compensating controls. · Worked on remediation of non-compliant configurations and security issues based on CIS recommendations. · Experience in threat intelligence gathering to identify known exploits and determine the current exploitation risk of vulnerabilities (e.g., availability of exploit POC, exploit in wild). · Experience of working in ticketing tools i.e. ServiceNow, Jira. · Proficiency in Linux, Windows, and cloud security hardening. · Knowledge security frameworks and standards (e.g., NIST, ISO 27001, CIS) Experience & Certification: · Minimum 3+ years of relevant experience in a combination of security and operations technology jobs · Vulnerability Scanning tools: Nessus, Qualys, OpenVAS · Cloud Scanning Tools: Redhat ACS, Anchore, Trivy · Ticketing Systems: Jira, ServiceNow, Remedy Telecom Expertise: Telecom architecture(2G,3G,4G,5G), Nokia Nodes and functionalities You can also drop your CV at karan.prajapati@shivsys.com Show more Show less

We are looking for : THE SENIOR DEV OPS ENGINEER As Klypup’s Senior DevOps Engineer you will be a champion of our cloud center of excellence, CCOE team and will be responsible for building and operating fast and scalable workflows, and must have the ability to help an architect, design and lead the transformational journey into the AWS Cloud platform of services. This role will support cloud strategy across all Klypup markets, India, Singapore and UAE. Overall responsibility: · Incorporate entire application lifecycle in automation, including end-to-end and performance testing, automated remediation of issues, auditable release tracking process · Drive significant improvements to business outcomes through simplifying and accelerating software development practice both through technical projects and procedural and technical coaching Deliver implementation of: · Revision/Source Control, Configuration Management · Maintain tools related to Monitoring, Bug Tracking, Testing · Infrastructure as Code/Software Defined Infrastructure · Experience with Continuous Integration, Continuous Deployment · Lead the implementation of continuous delivery systems and methodologies on AWS · Implement software development life cycle to deliver Cloud solutions · Deliver the development of automated solutions to monitor and support software development and release processes · Lead automation of security controls, governance processes, and compliance validation · Lead the deployment of monitoring, metrics, and logging systems on AWS · Manage, and maintains tools to automate operational processes · Development of various infrastructure components including web stacks, database systems, security tools, and networking/Cloud environment configurations · Support development/engineering team to drive, design, implement and maintain end-to-end DevOps automation from build, implement, deploy (code check-in), operate and maintaining the CI/CD deployment pipeline · Leverage DevOps Automation Tools to support engineering team in improving the CI/CD deployment pipeline, and to extend the functionality of IT Infrastructure making use of APIs and open source tools with sound knowledge of Python programming, web programming, and designs that scale · Manage system automations, writing scripts to extend the functionality of IT Infrastructure making use of various APIs and open source tools with sound knowledge of Python programming, web programming and scaling challenges Leadership Responsibility: · Start Up attitude. Hustle is the rhythm of the business. · Teamwork is real – there are no silos. · We build stuff – but always keeping the customer first. · Lead multiple products or work streams simultaneously · Guide and coach less experienced peers to become more productive and effective team members · Proactively engage with other Service Teams · Educate team to design and implement based on DevOps practices · Provide hands-on technical coaching to accelerate learning across the Cloud COE · Lead DevOps Champions. Develops a community of DevOps Specialists across the Cloud COE Required qualifications: · 10+ years experience of working in an Agile/Scrum environment · Deep understanding of Cloud computing technologies and workload transition challenges · Knowledge of AWS Well Architected Framework and Cloud migration industry standards and best practices · Prior programming background in at least ONE language: C++, Java, Python, Ruby etc. · Knowledge of development processes and methodologies · Deep knowledge of Automation services like - Lambda, API Gateway, CodeBuild, CodeDeploy, CodePipeline, Gitlab, Kubernetes, Prometheus, Grafana · Knowledge of DevOps tooling landscape and experience integrating various DevOps tools together to provide end to end application lifecycle management · Deep software architecture and programming skills · Strong scripting skills, i.e., Powershell, Python, Bash, Ruby, Perl, etc. · Strong practical Linux and Windows-based systems administration skills in a Cloud or Virtualized environment · Understanding of tagging · Deep understanding of Service-Oriented Architectures (SOA and REST) · Understanding of application and infrastructure logs · Experience with various DevSecOps tools including Qualys, Fortify, or OWASP · Experience with Gen AI code transformations and coding assistants like Amazon Q Developer, AWS Transform, Cursor, Co-Pilot etc. Competencies: · Ability to work in an Agile/Scrum environment. Ability to deliver in sprints and work as a team · Ability to multi-task and prioritize deadlines · Ability to operate in cross-functional and multidisciplinary teams · Customer focused with an attitude to deliver excellent customer outcomes through technical expertise · Ability to think strategically about business, product, and technical challenges · Ability to take "ownership" with high sense of urgency and work like an "entrepreneur" · Problem solving, analytics and resolution skills · Ability to think outside the box · Exceptional and effective verbal and written communication skills · Demonstrated ability to communicate effectively across teams to a broad range of audiences · Ability towards learning new technologies. Continuously strives to learn new technologies and make time for self-development Certifications: · Mandatory: o AWS Certified Solutions Architect – Associate o AWS Certified DevOps Engineer – Associate o AWS Certified DevOps Engineer – Professional · Good to have: o AWS Certified Solutions Architect – Professional o AWS Certified SysOps Administrator – Associate Job Location · Noida / Delhi (IN) Travel · 10% of the time Show more Show less

🔐 Hiring Now: Senior SOC Analyst (SIEM | Threat Hunting | Incident Response) 📍 Location: Manesar, Haryana (Onsite | Government Sector Client) 📅 Join by: Immediate to Max 1 Month 🏢 Company: VVNT SEQUOR LLP, Noida 🛡️ About the Role VVNT SEQUOR is urgently hiring a Senior SOC Analyst with 8 –10 years of hands-on experience in SIEM, threat hunting, incident response , and L3/L4 security operations . This is a critical individual contributor role supporting a Government sector client at Manesar, where your cybersecurity expertise will help defend against real-world threats in a high-stakes environment. You’ll work with leading SIEM/EDR/SOAR platforms, conduct forensic investigations, and take the lead on proactive threat detection, containment, and post-incident analysis. 🧰 Key Responsibilities 🔍 Threat Monitoring & SIEM Operations Lead 24x7 SOC operations, monitoring alerts via ArcSight, Splunk, ELK Create and optimize correlation rules , use cases, and detection dashboards Leverage MITRE ATT&CK framework and threat intel feeds for advanced threat hunting 🚨 Incident Response & Forensics Coordinate incident lifecycle management and forensic investigations using CHFI techniques Analyze logs, memory dumps, and endpoint telemetry (EDRs like CrowdStrike, SentinelOne ) Conduct Root Cause Analysis (RCA) and post-incident reviews 🛡️ Vulnerability & Infrastructure Security Perform VAPT using Nessus, Qualys, OpenVAS, Metasploit, Burp Suite Manage security appliances – Firewalls (Palo Alto, FortiGate), WAF, IDS/IPS, Anti-DDoS Support compliance activities for ISO 27001, NIST CSF 🧠 Automation & Knowledge Sharing Integrate SOAR platforms and automate response playbooks (Python, PowerShell scripting) Lead security awareness programs (e.g., KnowBe4) and mentor junior SOC analysts 🧩 Who We’re Looking For 8–10 years in SOC & Security Operations with L3/L4 experience Deep working knowledge of SIEM, EDR, SOAR, forensic tools, threat modeling Strong skills in incident detection, investigation, containment, and RCA documentation Ability to handle escalations independently , acting as a technical leader on shift 🏆 Bonus Skills (Nice to Have) Certifications: CEH, CHFI, GCFA, GCIA, Security+, Splunk Certified Analyst Experience with Tripwire SCM, AWS GuardDuty, Azure Sentinel, TIPs Exposure to OT/ICS security , Red/Blue teaming, Purple teaming drills 📚 Tech Stack & Keywords (for AI & Job Portal Optimization) SOC Analyst | Threat Hunting | Incident Response | SIEM ArcSight Splunk | CHFI | CrowdStrike SentinelOne | SOAR | EDR | MITRE ATT&CK | L3/L4 Security Support | VAPT | Nessus Qualys | Firewall FortiGate PaloAlto | Burp Suite | RCA | ISO 27001 | NIST CSF | Python PowerShell Scripting | Government Sector Cybersecurity 🎯 Why Join VVNT SEQUOR? ✅ Lead mission-critical SOC operations for a Government Sector client ✅ Exposure to real-world threats and next-gen cyber tools ✅ Subsidized Cab + Lunch at client site ✅ Work in a fast-paced, hands-on, innovation-driven environment 📬 Apply Now 📩 Email: chaitali@vvntsequor.in parveen.arora@vvntsequor.in 📱 WhatsApp: +91-9891810196 +91-8802801739 📌 Please include : Updated Resume Last Drawn Salary Expected CTC Notice Period (Only Immediate or ≤1 Month) 📌 #SeniorSOCAnalyst #CybersecurityJobs #SIEM #ThreatHunting #IncidentResponse #L3L4Support #GovernmentCybersecurity #EDR #SplunkJobs #ArcSight #HiringNow #SecurityOperations Show more Show less

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-Qualys Platform Ownership & Optimization:Act as the Qualys SME, leading the end-to-end lifecycle of vulnerability management using Qualys, including scanner appliance deployment, asset tagging, scan scheduling, and template creation.Configure and manage Qualys Global AssetView, Cloud Agents, and Scanner Appliances (physical and virtual) for internal, external, and authenticated scans.Develop and fine-tune custom scan templates to reduce false positives/negatives, tailored to OS, application stack, and business unit needs.Leverage Qualys Tagging, Dynamic Asset Groups, and Query Language (QQL) to segment, track, and report on assets across on-prem, cloud, and hybrid environments.Vulnerability Lifecycle Management:Analyze vulnerability data, correlate with threat intelligence, and provide risk-prioritized remediation plans to infrastructure, cloud, and devops teams.Build automated ticketing workflows with platforms like ServiceNow, integrating Qualys findings directly into change management processes.Design and deliver actionable dashboards and reports for different audiences (CISO, IT Ops, Audit, DevSecOps).Policy Compliance & Governance:Implement and manage Qualys Policy Compliance (PC) for baseline configuration and hardening checks aligned with CIS, NIST, ISO, and custom policies.Collaborate with GRC teams to support audits, compliance initiatives, and regulatory mandates (e.g., PCI-DSS, HIPAA, SOX).Strategic & Technical Leadership:Work cross-functionally to evangelize vulnerability management best practices, educate stakeholders, and shift security left in development and operations lifecycles.Identify opportunities to automate manual processes through APIs, scripting (Python, Bash, PowerShell), and integrations with DevOps tools.Stay ahead of new Qualys features/releases and coordinate their controlled rollout across environments.________________________________________ Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations- Strong understanding of cloud security principles- Experience with security architecture design- Knowledge of security compliance standards- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a highly skilled Lead Application Security & Vulnerability Management to take charge of identifying, assessing, and mitigating security risks across applications and IT infrastructure. As a key security leader, you will oversee vulnerability management operations, lead security assessments, and collaborate with cross-functional teams to ensure robust security posture and compliance with industry standards. This role demands expertise in Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) to protect critical software assets. Roles & Responsibilities:Leadership & StrategyLead vulnerability management operations and security assessments. Develop and implement strategic security initiatives for application protection. Collaborate with leadership to define security roadmaps and policies. Act as a mentor for junior security analysts, fostering skill development.Vulnerability Management & Security OperationsConduct regular vulnerability scans across applications and infrastructure. Analyze security vulnerabilities, assess impact, and prioritize mitigation strategies. Oversee penetration testing and security assessments to identify weaknesses. Provide detailed reports on security findings, risk levels, and remediation efforts. Ensure compliance with industry security frameworks and standards. Develop and maintain security policies, procedures, and playbooks.Application Security & Secure DevelopmentPerform SAST scans to detect vulnerabilities in source code before deployment. Conduct DAST assessments to identify runtime security issues in web applications. Utilize SCA tools to analyze third-party dependencies for known vulnerabilities. Integrate security testing into CI/CD pipelines for proactive protection. Define secure coding guidelines and conduct training for development teams.Incident Management & Vendor CoordinationInvestigate and resolve false positives and critical vulnerabilities in risk management tools. Manage vendor relationships, escalating and resolving security issues efficiently. Generate monthly security reports and dashboards for leadership insights. Qualifications & Skills: Experience:7+ years in Application Security, Vulnerability Management, and Cybersecurity. Education:Bachelors/Masters degree in Computer Science, Information Technology, or Cybersecurity. Certifications:Preferred CISSP, CEH, CompTIA Security+. Technical Expertise:Strong knowledge of network protocols, operating systems, security testing. Leadership & Communication:Excellent problem-solving, analytical, and collaboration skills. Compliance & Frameworks:Deep understanding of ISO 27001, NIST, OWASP, PCI DSS. Professional & Technical Skills: Vulnerability Management:Brinqa, Qualys VMDR, Qualys WAS, Rapid7 InsightVM, NessusApplication Security:Fortify, Snyk, Trufflehog, SnaffpointSecurity Frameworks:OWASP Top 10, NIST, ISO 27001, PCI DSS Additional Information:- The candidate should have minimum 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at Bengaluru, Gurgram, Hyderabad, Mumbai, Noida only- A 15 years full time education is required. Qualification 15 years full time education

About Omnicom Global Solutions - Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Let’s build this together! Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking. Show more Show less

About Northern Trust Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. Job Description Northern Trust has commitment to ensure that all the technologies are secure, reliable and resilient. As part of that Northern Trust has a Vulnerability Management function to identify vulnerabilities, risk rate them and assign and drive remediation. Principal Responsibilities/Requirements 2-3 yrs of Working experience in platform hardening/ Secure configuration/ policy compliance is a must 2-3 yrs of Working experience in Qualys – Policy compliance module Identify and assess policies/test results Ensure reassignment of tickets assigned from CC team to correct platform team and timely resolution of it. Actively participate in meetings to understand business plans on remediations or roadblocks Respond to email advisories as well as chat/call to resolve queries/issues Partner and successfully build relationships with key stakeholders across NT Should be able to navigate scanning tools (Qualys), PowerBI & ServiceNow Minimum Skill / Experience Working knowledge of information security scanning technologies & Secure configuration management Strong analytical and problem-solving skills Experience with report visualization (Excel, ServiceNow, PowerPoint, Tableau, Power BI, etc.) Strong drive to provide excellent customer service and experience with an awareness of prioritization of tasks, stakeholders, budget, and time Excellent communication skills, both verbal and written Ability to work autonomously, under pressure, and to prioritize tasks Preferred 3-5 years of relevant experience Any infosec certifications or related (desired, not a compulsion) Working With Us As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater. Show more Show less

About Northern Trust Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service. Job Description Northern Trust has commitment to ensure that all the technologies are secure, reliable and resilient. As part of that Northern Trust has a Vulnerability Management function to identify vulnerabilities, risk rate them and assign and drive remediation. Principal Responsibilities/Requirements 2-3 yrs of Working experience in platform hardening/ Secure configuration/ policy compliance is a must 2-3 yrs of Working experience in Qualys – Policy compliance module Identify and assess policies/test results Ensure reassignment of tickets assigned from CC team to correct platform team and timely resolution of it. Actively participate in meetings to understand business plans on remediations or roadblocks Respond to email advisories as well as chat/call to resolve queries/issues Partner and successfully build relationships with key stakeholders across NT Should be able to navigate scanning tools (Qualys), PowerBI & ServiceNow Minimum Skill / Experience: Working knowledge of information security scanning technologies & Secure configuration management Strong analytical and problem-solving skills Experience with report visualization (Excel, ServiceNow, PowerPoint, Tableau, Power BI, etc.) Strong drive to provide excellent customer service and experience with an awareness of prioritization of tasks, stakeholders, budget, and time Excellent communication skills, both verbal and written Ability to work autonomously, under pressure, and to prioritize tasks Preferred 3-5 years of relevant experience Any infosec certifications or related (desired, not a compulsion) Working With Us As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater. Show more Show less

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills To Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firm’s service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com. Show more Show less

Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! Our IS&T (Information Services and Technology) department provides all the required technology and operational support services to run our business here in BMC! We have over 200 servers on premises to support production, disaster recovery, databases, applications and over 1000 servers in Lab environment. IS&T is transformational not only for BMC but also for the customer experience, because we give a 360 degrees view to the customer about the products they should know, opportunities in the pipeline, and any service issues outstanding with the customer. We use cutting-edge technologies to manage BMC's infrastructure and showcase it to the customers – program is called BMC on BMC! We are seeking a highly motivated and detail-oriented Senior Information Security Engineer to join our team. This individual will play a critical role in ensuring the security of our network infrastructure and protecting sensitive data across our systems. The ideal candidate is passionate about cybersecurity, eager to learn, and has excellent problem-solving skills. They will work in a dynamic environment, addressing complex security challenges and continuously staying up to date with new technologies. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Deploy and maintain security tools and systems. Implement security policy, standards, guidelines, processes, and procedures to ensure ongoing security posture. Design and implement secure network architectures: Collaborate with the IT team to design, build, and maintain secure network topologies, ensuring protection from external and internal threats. Automation and scripting: Use Python and other scripting languages to automate security tasks, improve efficiency, and manage security infrastructure. Security incident response: Investigate and respond to security incidents, identifying the root cause and implementing solutions to prevent future incidents. Collaborate with cross-functional teams: Work with network engineers, software developers, and system administrators to implement security best practices across all layers of the organization’s technology stack. Stay updated on the latest security trends and technologies: Continuously research and learn new security tools, trends, and technologies, applying them to the organization’s environment. To ensure you’re set up for success, you will bring the following skillset & experience: 3+ years of experience in a similar Security Engineering/DevOps role. Curiosity and eagerness to learn new technologies: A passion for exploring new cybersecurity tools, methods, and best practices. Hands-on experience with Linux-based environments, including hardening and securing servers. Proficiency in Python programming for automating tasks and scripting security processes. Excellent troubleshooting and logic skills: Strong analytical and problem-solving capabilities, with the ability to think critically and resolve complex issues. Strong understanding of network architecture and protocols: Ability to design and comprehend complex network topologies, troubleshoot network issues, and optimize security. Ability to work with little supervision as well as being a team player with excellent verbal, written, and interpersonal communication skills. Nice To Have Experience with firewall configurations, IDS/IPS, and security event monitoring tools. Familiarity with cloud security (AWS, Azure, Google Cloud, OCI) is a plus. Familiarity with cybersecurity frameworks: Experience working with NIST, CIS, ISO 27001, or similar security standards is a plus. Previous experience working with vulnerability management technologies (e.g. Tenable, Rapid7, Qualys) preferred. Security Certifications such as CISSP, CEH, CompTIA Security+, or GIAC. Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. < Back to search results BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 2,628,600 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Show more Show less

Thank you for your interest in working for our Company. Recruiting the right talent is crucial to our goals. On April 1, 2024, 3M Healthcare underwent a corporate spin-off leading to the creation of a new company named Solventum. We are still in the process of updating our Careers Page and applicant documents, which currently have 3M branding. Please bear with us. In the interim, our Privacy Policy here: https://www.solventum.com/en-us/home/legal/website-privacy-statement/applicant-privacy/ continues to apply to any personal information you submit, and the 3M-branded positions listed on our Careers Page are for Solventum positions. As it was with 3M, at Solventum all qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Job Description Windows Admin (Solventum) 3M Health Care is now Solventum At Solventum, we enable better, smarter, safer healthcare to improve lives. As a new company with a long legacy of creating breakthrough solutions for our customers’ toughest challenges, we pioneer game-changing innovations at the intersection of health, material and data science that change patients' lives for the better while enabling healthcare professionals to perform at their best. Because people, and their wellbeing, are at the heart of every scientific advancement we pursue. We partner closely with the brightest minds in healthcare to ensure that every solution we create melds the latest technology with compassion and empathy. Because at Solventum, we never stop solving for you. The Impact You’ll Make in this Role As a Windows Admin, you will have the opportunity to tap into your curiosity and collaborate with some of the most innovative and diverse people around the world. Here, you will make an impact by Server Installation and maintenance Owning primary responsibility for installation/configuration, upgrades and patches of all hardware, operating system, and operational utilities on Windows systems Adhering to documented, approved standards Planning and coordinates infrastructure requests to accommodate server requests. Monitors, schedule, and implement server storage expansions, as required for client needs Coordinating and planning with other support groups and vendors to provide emergency and scheduled maintenance in an effective timeframe Measuring baseline of server performance and security analysis Providing research, communicates, and implements “Best Practices” for server tuning Coordinating requested changes, and minimizing the business impact of those changes Understanding and compliance to operational processes and policies Ability to work with global resources to implement servers, and resolve issues Cover a rotating on call schedule within the group PowerShell scripting to automate day to day tasks Works under limited supervision. Your Skills And Expertise To set you up for success in this role from day one, Solventum requires (at a minimum) the following qualifications: Minimum six (6) years Microsoft Windows Server Administration experience. Experience in Active Directory Services, Windows Server features like IIS, Clustering etc. Understanding about IT / OT and Edge computing. Demonstrated proficiency in a customer service role ServiceNow ticketing experience AWS and Azure Cloud experience Devops tool (Ansible, Terraform, SaltStack, Git-hub) experience would be an added advantage. Preferred Qualifications 3 / 4-year degree in Computer Science, B.Sc., MIS, BCIS, or equivalent. 2 years VMWare vCenter experience 2 years Nutanix Prism experience SCOM/SCCM experience Commvault backup experience NetApp storage experience Advanced Microsoft Power Shell experience Qualys or other scanning tool experience Experience in using the Power BI tool to import data sources including Cloud Platforms (AWS, Azure), Excel Files, CSVs, SharePoint lists, and Web data. Solventum is committed to maintaining the highest standards of integrity and professionalism in our recruitment process. Applicants must remain alert to fraudulent job postings and recruitment schemes that falsely claim to represent Solventum and seek to exploit job seekers. Please note that all email communications from Solventum regarding job opportunities with the company will be from an email with a domain of @solventum.com . Be wary of unsolicited emails or messages regarding Solventum job opportunities from emails with other email domains. Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly. Solventum Global Terms of Use and Privacy Statement Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at Solventum are conditioned on your acceptance and compliance with these terms. Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application you will be asked to confirm your agreement with the terms. Show more Show less

- - - - - - - - - - - - Skills Experience on AD security tools such as PingCastle, ALSID, Qualys, Q-Radar etc. Hands on experience in Vulnerability / Deviances assessment and executing remediation action plans. Experience on Powershell scripting to automate AD related activities. 5+ years’ experience in maintaining and troubleshooting large enterprise environments (with replication tools such as Repadmin, Dcdiag, AD Rep etc.). 3+ years of experience working in Active directory, ADFS, Azure AD, AD Connect, DHCP & DNS Experience in GPOs in AD – implementation and troubleshooting Knowledge of TCP/IP, ADFS, PKI & Kerberos etc. Exposure on Active Directory disaster recovery and backup solution. Excellent communication, writing, meeting facilitation. Flexibility to adjust to changing requirements, schedules, and priorities. Good understanding of ITSM tool for Incident/Problem/Request/Change (Service Now). Special Skills / Certifications / Requirements If Any ITIL V4 Foundation Microsoft Certified: Security, Compliance, and Identity Fundamentals. Soft skills Customer satisfaction oriented Detail oriented, able to clearly communicate ideas and work as part of a team Good written and verbal communication skills to co-ordinate tasks with other teams Ability to multi-task and handle multiple priorities Strong interpersonal skills Strong understanding of asset management processes and principles for tracking IT assets Strong attention to detail Ability to quickly adapt to changes Enthusiastic, cooperative, and positive behavior Creative, thinking outside of the box, eager to learn and truly committed to the success of the company Must be able to work in a team environment with a “can do” attitude capable of overcoming difficult challenges. Self-motivated, with keen attention to detail and excellent judgment skills Able to integrate and apply feedback in a professional manner Job Description The position is a global role and is responsible for L2 support activities around Securing and administrating Directory Services. An individual is responsible for designing the solutions, evolve the current services to meet business requirements, maintaining and improving the security posture of environments, continuous monitoring of system health, and troubleshooting issues that arise. Duties and Responsibilities Reviewing and working on Security analysis based on reports generated through Security tools. Proactively monitoring Security incidents, Manage Incident, assess impact & confirm priority. Ensure technical & functional, provide solution to end-users, proposing workarounds if required. Informs end-users on the incident management progress, working closely with other resolution teams. Manage Service Requests (SR) according to expected level of service. Handle SR execution or assign it to other contributors, informs end-users on SR fulfillment progress until its closure. Operate daily/weekly/monthly/quarterly/yearly "housekeeping" activities. Use monitoring tools setup by Engineers & Service Owners, handle alerts & communicates with other contributors to minimize impacts on end-users Contribute to the User Acceptance Test of the projects related to the Service Offering Contribute to Knowledge articles & EUX Catalog updates. Update existing knowledge articles and known errors, create the missing ones. Can work on a follow-the-sun mode Contribute to the Service Offering continuous improvement, by identifying required improvement and automation Additional Technical Skills Familiarity or experience with workplace technologies Messaging Technologies Outlook / Teams 365Collaboration and End User Productivity Microsoft Office / SharePoint / Yammer / OneDrive KEY EXPECTED ACHIEVEMENTS Incident Management : Urgency identification and priority validation are done, technical and functional analysis is provided, solutions are delivered to users, potential workarounds are communicated, incident status is updated to users. Service Request handling : Standard requests are taken into account, processing is carried out or forwarded to the relevant contributor, status updates are provided to users, and requests are continued until closure. Change Management : Participation in the change management process Problem Management : Participation in the analysis of root causes of incidents Monitoring/Observability : Monitoring systems set up by the build and/or infrastructure teams are utilized, alerts are taken into account, and potential impacts on users are communicated to relevant contributors. Incidents based on monitoring detections are triggered and tackled. Continuous Improvement : Feedback is provided to the development teams regarding potential improvements identified by users or the support engineer. Participation to the continuous improvement of the team. Knowledge Management : Lessons learned from activities are ensured to be documented and shared. Service Level Management : the performance management system is understood and alerts on cases of issues are set. Show more Show less

Job description Who We Are Sureifys mission is to modernize the life insurance and annuity industry by helping carriers acquire, service, and engage their customers through any distribution channel. Sureifys products empower life insurance carriers, agents, employees, and customers to have the digital experiences that employees and consumers have come to expect in the rapidly advancing tech climate. Your Role as a Valued Team Member We are seeking a detail-oriented and proactive Vulnerability Remediation Engineer to join our growing Infosec team. The person will be responsible for reducing the risk exposure of security vulnerabilities from the scope of Sureify overall. This role entails monitoring ongoing security vulnerabilities, analyzing risk posture, collaborating with stakeholders/finding owners for managing resolutions, and acting as an SME to assess discovered vulnerabilities. You will also provide pragmatic solutions and be flexible in supporting emergency vulnerability remediations. The ideal candidate will possess a strong understanding of security protocols, vulnerability management, system administration, and software development lifecycle, as well as excellent communication skills to collaborate with cross-functional teams. This role does require some overlap of hours with a team based in San Jose, California. Your Key Responsibilities Review and assess security vulnerabilities, patches, and findings from internal audits, security scans, and penetration tests. Prioritize vulnerabilities based on risk and impact, and ensure timely patching or remediation. Enforce patch compliance by tracking deployments, addressing exceptions, and ensuring adherence to vulnerability remediation Service Level Agreements (SLAs). Collaborate with security and IT teams to develop and implement security patches for critical vulnerabilities. Work closely with developers and DevOps teams to understand the root cause of security vulnerabilities and propose appropriate fixes. Assist development teams in the integration of security features and secure coding practices throughout the software development lifecycle (SDLC). Develop and maintain scripts for automated patch deployment across various systems and applications. Automate vulnerability patching workflows using scripting languages such as Python, PowerShell, Bash, etc. Collaborate with the development team to create and test patches, ensuring that they do not disrupt the functionality of applications or systems. Maintain detailed records of patches, and remediation actions. Prepare and present reports on patch management progress, risks, and status to senior management. Flexibly support emergency response for 0-day vulnerability remediation. Automating processes of security from time to time when needed. Identify potential improvement areas for vulnerability remediation and share lessons learned. Continuously monitor for emerging vulnerabilities and maintain an up-to-date patching schedule. Role Requirements Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent work experience). Server administration experience (Windows/RHEL) with a solid understanding of industry best practices for Patch Management and Vulnerability Remediation. Experience in vulnerability management, security patching, or related security roles. Experience supporting vulnerability emergency response or security incidents, including coordinating with relevant stakeholders, implementing corrective/preventive actions, and guiding security patching of software or components. Strong knowledge of security vulnerabilities in software and infrastructure components (servers, clients, network devices, perimeter security technologies, protocols/services, middleware, databases, configurations, etc.). In-depth understanding of security processes related to vulnerability management, security patching, security configurations, and technical security validations. Strong understanding of common network protocols (TCP/IP, DNS, HTTP, HTTPS, SMTP, etc.) and how vulnerabilities in these protocols can affect system security. Strong experience in at least one scripting language such as Python, PowerShell, Bash, etc. Familiarity with cloud platforms (AWS) and their security models. Knowledge of Cloud & Vulnerability Security tools such as Qualys, SentinelOne, or Crowdstrike Good understanding of industry-standard regulations and risk management frameworks (e.g., ISO, SOC, HIPAA, GDPR, CCPA). Familiarity with security frameworks such as SANS Top 25, OWASP Top 10, and/or MITRE ATT&CK. Knowledge of secure coding practices and development environments. Familiarity with container security (Docker, Kubernetes) and securing microservices is a plus. Security certifications such as Security+, SSCP, CEH, or other equivalent recognized certifications are a plus. Excellent communication and interpersonal skills, with the ability to articulate complex technical vulnerabilities and remediation actions to both technical and non-technical stakeholders.

We are looking for: THE SENIOR DEV OPS ENGINEER As Klypup’s Senior DevOps Engineer you will be a champion of our cloud center of excellence, CCOE team and will be responsible for building and operating fast and scalable workflows, and must have the ability to help an architect, design and lead the transformational journey into the AWS Cloud platform of services. This role will support cloud strategy across all Klypup markets, India, Singapore and UAE. Overall responsibility: Incorporate entire application lifecycle in automation, including end-to-end and performance testing, automated remediation of issues, auditable release tracking process Drive significant improvements to business outcomes through simplifying and accelerating software development practice both through technical projects and procedural and technical coaching Deliver implementation of: Revision/Source Control, Configuration Management Maintain tools related to Monitoring, Bug Tracking, Testing Infrastructure as Code/Software Defined Infrastructure Experience with Continuous Integration, Continuous Deployment Lead the implementation of continuous delivery systems and methodologies on AWS Implement software development life cycle to deliver Cloud solutions Deliver the development of automated solutions to monitor and support software development and release processes Lead automation of security controls, governance processes, and compliance validation Lead the deployment of monitoring, metrics, and logging systems on AWS Manage, and maintains tools to automate operational processes Development of various infrastructure components including web stacks, database systems, security tools, and networking/Cloud environment configurations Support development/engineering team to drive, design, implement and maintain end-to-end DevOps automation from build, implement, deploy (code check-in), operate and maintaining the CI/CD deployment pipeline Leverage DevOps Automation Tools to support engineering team in improving the CI/CD deployment pipeline, and to extend the functionality of IT Infrastructure making use of APIs and open source tools with sound knowledge of Python programming, web programming, and designs that scale Manage system automations, writing scripts to extend the functionality of IT Infrastructure making use of various APIs and open source tools with sound knowledge of Python programming, web programming and scaling challenges Leadership Responsibility: Start Up attitude. Hustle is the rhythm of the business. Teamwork is real – there are no silos. We build stuff – but always keeping the customer first. Lead multiple products or work streams simultaneously Guide and coach less experienced peers to become more productive and effective team members Proactively engage with other Service Teams Educate team to design and implement based on DevOps practices Provide hands-on technical coaching to accelerate learning across the Cloud COE Lead DevOps Champions. Develops a community of DevOps Specialists across the Cloud COE Required qualifications: 10+ years experience of working in an Agile/Scrum environment Deep understanding of Cloud computing technologies and workload transition challenges Knowledge of AWS Well Architected Framework and Cloud migration industry standards and best practices Prior programming background in at least ONE language: C++, Java, Python, Ruby etc. Knowledge of development processes and methodologies Deep knowledge of Automation services like - Lambda, API Gateway, CodeBuild, CodeDeploy, CodePipeline, Gitlab, Kubernetes, Prometheus, Grafana Knowledge of DevOps tooling landscape and experience integrating various DevOps tools together to provide end to end application lifecycle management Deep software architecture and programming skills Strong scripting skills, i.e., Powershell, Python, Bash, Ruby, Perl, etc. Strong practical Linux and Windows-based systems administration skills in a Cloud or Virtualized environment Understanding of tagging Deep understanding of Service-Oriented Architectures (SOA and REST) Understanding of application and infrastructure logs Experience with various DevSecOps tools including Qualys, Fortify, or OWASP Experience with Gen AI code transformations and coding assistants like Amazon Q Developer, AWS Transform, Cursor, Co-Pilot etc. Competencies: Ability to work in an Agile/Scrum environment. Ability to deliver in sprints and work as a team Ability to multi-task and prioritize deadlines Ability to operate in cross-functional and multidisciplinary teams Customer focused with an attitude to deliver excellent customer outcomes through technical expertise Ability to think strategically about business, product, and technical challenges Ability to take "ownership" with high sense of urgency and work like an "entrepreneur" Problem solving, analytics and resolution skills Ability to think outside the box Exceptional and effective verbal and written communication skills Demonstrated ability to communicate effectively across teams to a broad range of audiences Ability towards learning new technologies. Continuously strives to learn new technologies and make time for self-development Certifications: Mandatory: AWS Certified Solutions Architect – Associate AWS Certified DevOps Engineer – Associate AWS Certified DevOps Engineer – Professional Good to have: AWS Certified Solutions Architect – Professional AWS Certified SysOps Administrator – Associate Job Location Noida / Delhi (IN) Travel 10% of the time Job Type: Full-time Benefits: Health insurance Paid sick time Paid time off Work Location: In person

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Associate Job Description & Summary We are seeking a highly skilled Sailpoint Developer .If candidate has experience of 2-3 years, he/she must be Sailpoint Certified, above 3 years experience sailpoint certification is not mandatory but good to have. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary : We are seeking a highly skilled and experienced Cybersecurity/Risk Consulting Senior Associate to join our Risk Consulting team. As a Cybersecurity Senior Associate, you will be responsible for leading and managing a team of consultants to deliver high-quality cybersecurity and risk management services to our clients. Responsibilities: Good interpersonal skills (written and oral communication) and ability to articulate complex issues Ability to communicate technical information clearly and concisely, commensurate with the audience Conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently with limited supervision. Must be assertive, methodical and detail oriented Technical Experience: Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities Should be aware of tools like Qualys, HP Fortify, IBM Appscan , Burpsuite , Kali Linux suite of tools Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest . Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Conduct penetration test and launch exploits using Nessus, Metaspoilt , kali linux penetration testing distribution tools sets Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM) Mandatory skill sets: CEH, ECSA, LPT ( any one ) Preferred skill sets: OSCP, OSWE Years of experience required : 2 - 10 Years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SailPoint IdentityIQ Optional Skills Accepting Feedback, Accepting Feedback, Access Control Models, Access Control System, Access Management, Active Listening, Authorization Compliance, Authorization Management Systems, Azure Active Directory, Cloud Identity and Access Management (IAM), Communication, CyberArk Management, Cybersecurity, Emotional Regulation, Empathy, Encryption Technologies, Federated Identity Management, ForgeRock Identity Platform, Identity and Access Management (IAM), Identity-Based Encryption, Identity Federation, Identity Governance Framework (IGF), Identity Verification, Inclusion, Information Security {+ 17 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Role Description Job Title: Specialist I - Information Security | Vulnerability Management - Subject Matter Expert (SME) Location:, Hyderabad,Chennai,Bangalore,Trivandrum,Cochin Experience: 7-9 years Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence. Job Summary We are seeking a highly experienced and knowledgeable Subject Matter Expert (SME) to join our Vulnerability Management team. The ideal candidate will possess deep expertise in cybersecurity, particularly in vulnerability management processes, tools, and best practices. This role demands strong analytical skills, excellent communication, and a proactive approach to security risk mitigation. Key Responsibilities Lead and manage the vulnerability management program end-to-end. Conduct vulnerability assessments and penetration testing. Use tools like Qualys VMDR, MS Defender, and CrowdStrike to detect, analyze, and report vulnerabilities. Create dashboards and detailed reports with actionable recommendations. Prioritize vulnerabilities based on business risk and exploitability. Collaborate with technical teams for remediation planning and execution. Stay current with emerging threats, trends, and technologies. Deliver training on vulnerability management processes and tools. Support incident response efforts with expertise in vulnerability exploitation and mitigation. Ensure compliance with security frameworks and regulatory standards. Skills Must-Have Skills: Minimum 7 years of experience in Cybersecurity with a focus on Vulnerability Management. Hands-on experience with Rapid7, Tenable . In-depth understanding of cybersecurity threats, vulnerabilities, and risk prioritization. Strong knowledge of operating systems: Windows, Linux, macOS. Excellent communication and reporting skills. Knowledge of network protocols, architectures, and security configurations. Familiarity with patch management and risk assessment methodologies. Good-to-Have Skills Experience with MS Defender, and CrowdStrike , or cloud security tools. Scripting and automation experience (e.g., Python, PowerShell). Relevant certifications such as CISSP, CEH, OSCP, etc. Knowledge of compliance standards (e.g., NIST, ISO 27001, GDPR). Show more Show less

Job Title : Cybersecurity Analyst (Entry-Level) Location: Hyderabad, TS, India – Work From Office Must. Department : Information Technology / Cybersecurity Employment Type : Full-Time Reports To : Cybersecurity Manager Job Purpose The Cybersecurity Analyst (Fresher) will support the organization’s security operations by monitoring, analysing, and responding to cyber threats. This entry-level role is designed for recent graduates passionate about cybersecurity, eager to apply foundational knowledge, and grow into skilled professionals safeguarding critical systems and data. Key Responsibilities Threat Monitoring and Analysis : Monitor security alerts using tools like Splunk, CrowdStrike, or SIEM platforms to identify potential threats. Analyse logs and network traffic for suspicious activities under senior team guidance. Incident Response Support : Assist in investigating security incidents, documenting findings, and escalating issues as needed. Participate in containment and remediation efforts for low-level threats. Vulnerability Assessments : Support vulnerability scans using tools like Nessus or Qualys to identify system weaknesses. Help prioritize remediation based on risk severity with team input. Security Awareness : Contribute to employee training programs on phishing, password hygiene, and cyber best practices. Create basic awareness content under supervision. Documentation and Reporting : Maintain records of security events, incidents, and mitigation steps. Assist in preparing compliance reports for standards like ISO 27001 or GDPR. Learning and Development : Stay updated on emerging threats, attack vectors, and cybersecurity trends. Participate in training programs to gain certifications like CompTIA Security+ or CEH. Qualifications and Skills Education : Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field (2024/2025 graduates preferred). Relevant certifications (e.g., CompTIA Security+, CySA+, or equivalent) are a plus but not mandatory. Technical Skills : Basic understanding of networking concepts (TCP/IP, DNS, firewalls). Familiarity with operating systems (Windows, Linux) and command-line tools. Exposure to cybersecurity tools like Wireshark, Splunk, or endpoint detection platforms. Knowledge of common attack vectors (e.g., phishing, malware, DDoS). Soft Skills : Analytical mindset with strong problem-solving abilities. Clear communication to document findings and collaborate with teams. Eagerness to learn and adapt in a fast-paced environment. Attention to detail for identifying anomalies in data. Preferred but Not Required : Internship or project experience in cybersecurity, IT, or network administration. Basic scripting knowledge (e.g., Python, Bash) for automating tasks. Awareness of compliance frameworks (e.g., NIST, GDPR). Key Competencies Curiosity : Proactively seeks to understand cyber threats and solutions. Teamwork : Collaborates with senior analysts and cross-functional teams. Time Management : Prioritizes tasks effectively under tight deadlines. Ethics : Maintains integrity and confidentiality in handling sensitive data. Why Join Us? Growth Opportunities : Access to mentorship, certifications, and hands-on projects to build a cybersecurity career. Innovative Environment : Work with cutting-edge tools like AI-driven threat detection and cloud security platforms. Impactful Work : Protect critical systems and data, contributing to organizational and societal security. Inclusive Culture : Join a diverse team committed to collaboration and innovation. Show more Show less

About Netskope Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive. Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter@Netskope. About The Position Netskope is looking for an analyst on the Threat and Vulnerability Management team. This position will focus on the identification and proactive mitigation of Netskope’s attack surface, threat landscape, security gaps , and cyber threats which could impact the business. In addition, this role will be responsible for performing the vulnerability management function such as finding, reporting, and supporting business units in their vulnerability remediation efforts. Roles & Responsibilities Continuous development and execution of the enterprise Threat and Vulnerability Management strategic plan to identify and reduce vulnerable attack surfaces Perform complex analysis to understand emerging threats, and continuously demonstrates awareness of current threat posture Reviews emerging and existing threat methodologies and exploit code / proof of concept code to develop mitigations, prioritize risks and navigating sources for identification of vulnerable assets. Execute on core team functions such as scanning, reporting, custom checks, asset tagging, as well as incorporating threat intelligence into vulnerability checks Automate security tasks using scripting languages such as python. Maintain and contribute to the threat models understanding emerging/existing threats and countermeasures to them. Partners with internal teams to lead, develop, test, and continuously validate detection signatures for various attacks Provide internal teams with hardening guidance and develop tooling for auditing Support teams by being a Remediation Champion giving them guidance on various strategies to remediate a vulnerability and supporting them in their testing and validation efforts. Provides expertise in incident response activities. Teach and understand CVSS, CVE, and additional vulnerability ratings and methodologies Qualifications/Requirements Experience 2 to 5 Yrs in Security Should possess relevant university degree and/or professional qualifications/certification (e.g. CEH, OSCP) Must have knowledge with tools Tenable, Qualys, NMAP, SCAPY, and other tools. Must have the ability to understand hardening guidelines for new technologies and applications being adopted by Netskope. Understanding of containerization and containerized applications, their security weaknesses and how to secure them Must have an understanding of patch automation, security orchestration, and management tooling for on premise, private cloud, and cloud infrastructure. Knowledge of OWASP Web and Mobile Top 10 vulnerabilities and identifying them. Knowledge of TCP/IP and other application and network level protocols. Knowledge of Cloud Applications like AWS, Azure and other SAAS Applications. Excellent written and verbal communication skills. Self-motivated, curious, knowledgeable pertaining to news and current events. Ability to be effective in a remote global work environment. Netskope is committed to implementing equal employment opportunities for all employees and applicants for employment. Netskope does not discriminate in employment opportunities or practices based on religion, race, color, sex, marital or veteran statues, age, national origin, ancestry, physical or mental disability, medical condition, sexual orientation, gender identity/expression, genetic information, pregnancy (including childbirth, lactation and related medical conditions), or any other characteristic protected by the laws or regulations of any jurisdiction in which we operate. Netskope respects your privacy and is committed to protecting the personal information you share with us, please refer to Netskope's Privacy Policy for more details. Show more Show less

Management Level F Business Division: GRCLS Business Function / Department: Group Information Security Job Title: AWS DevSecOps Engineer Reporting to (Job Title): Head of Security Engineering and Operations Date: May 2024 Equiniti is a leading international provider of shareholder, pension, remediation, and credit technology. With over 6000 employees, it supports 37 million people in 120 countries. EQ India began its operations in 2014 as a Global India Captive Centre for Equiniti, a leading fintech company specialising in shareholder management. Within a decade, EQ India strengthened its operations and transformed from being a capability centre to a Global Competency Centre, to support EQ's growth story worldwide. Capitalising on India’s strong reputation as a global talent hub for IT / ITES, EQ India has structured the organisation to be a part of this growth story. Today, EQ India has evolved as an indispensable part of EQ Group providing critical fintech services to the US and UK. EQ’s vision is to be the leading global share registrar, offering complementary services to its client base and our values set the core foundations to our success. We are TRUSTED to deliver on our commitments, COMMERCIAL in building long term value, COLLABORATIVE in our approach and we IMPROVE by continually enhancing our skills and services. There has never been a better time to join EQ. Role Summary DevSecOps Engineers will work with the Head of Security Engineering & Operations to configure, manage and operate security controls within EQ’s AWS environment. The role will also be responsible for security monitoring and incident response as well as promoting and embedding DevSecOps principles to change existing systems and practices for the better. This position requires deep knowledge and experience with AWS tools, capabilities, and resources, with a deep understanding of cloud-based infrastructure resources, monitoring tools, and advanced security controls. Core Duties/Responsibilities You will be required to undertake the following specific activities: Configure and manage key AWS Security Controls such as Guard Duty, Security Hub, Inspector, Config, CloudTrail, Shield Advanced, WAF, Macie etc.. Design and coordinate cohesive responses to security events that involve multiple teams across the organization. Ensure security is seamlessly & effectively integrated with the software development life cycle (SDLC), recognising security threats, & configure infrastructure in such a way as to manage & deploy the environment, in a secure & optimised manner. Promote and Integrate Security into DevSecOps methodologies. Automate security testing & vulnerability scanning within CI/CD pipelines. Stay up to date with the latest security threats, vulnerabilities, & industry best practices related to Cloud Security. Skills, Capabilities And Attributes The successful candidate will demonstrate the following experience, skills and behaviours: Skills, Knowledge & Experience The key skills and experience required for this role can be summarised as follows. Significant public cloud (AWS) and hybrid cloud security architecture experience across multiple domains: Cloud, Network, Infrastructure, Application, Data, IAM Expert knowledge of configuring and operating key Amazon cloud security technologies, including AWS: IAM, SSO, Organisations, Guard Duty, Security Hub, Inspector, Config, CloudTrail, Shield Advanced, WAF, Macie, Detective, Certificate Manager and Secrets Manager. Experience with security incident response and handling within AWS environments, including log analysis and forensics. Experience implementing SAST and DAST tooling in deployment pipelines - specifically Checkov, SonarQube and AppScan Experience implementing Vulnerability and Compliance Scanning tools in deployment pipelines – specifically Qualys. Extensive experience implementing security automation within environments utilising DevSecOps, CI/CD, Infrastructure & Security as Code. Implementation of controls aligning to Information Security and Privacy Standards and Frameworks (e.g. ISO 27001, CSA-CCM, NIST800-53, CIS, GDPR etc…) Deep knowledge on AWS core components (examples: API Gateway, ECS, EBS, EC2, S3, SNS, Lambda, Security groups, VPC, CFT, Route 53, certificate manager, AWS build pipelines and AWS cloud trail). Experience in deploying and managing security controls within containerised environments. Strong communication skills and experience of working across multi-discipline teams. Ability to work in a fast-paced environment. Certifications such as AWS Certified Security Specialist are a plus. Benefits: Being a permanent member of the team at EQ you will be rewarded by our company benefits, these are just a few of what is on offer: 3 days of additional leaves on & above statutory requirement along with 2 days of voluntary leaves to pursue the CSR initiatives Business related certification expense reimbursement Comprehensive Medical Assurance coverage for dependents & Parents Cab transport for staff working in UK & US shift Accidental & Life cover 3 times of concerned CTC We are committed to equality of opportunity for all staff and applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships. Please note any offer of employment is subject to satisfactory pre-employment screening checks. Show more Show less

Driven by transformative digital technologies and trends, we are RIB and we’ve made it our purpose to propel the industry forward and make engineering and construction more efficient and sustainable. Built on deep industry expertise and best practice, and with our people at the heart of everything we do, we deliver the world's leading end-to-end lifecycle solutions that empower our industry to build better. With a steadfast commitment to innovation and a keen eye on the future, RIB comprises over 2,500 talented individuals who extend our software’s reach to over 100 countries worldwide. We are experienced experts and professionals from different cultures and backgrounds and we collaborate closely to provide transformative software products, innovative thinking and professional services to our global market. Our strong teams across the globe enable sustainable product investment and enhancements, to keep our clients at the cutting-edge of engineering, infrastructure and construction technology. We know our people are our success – join us to be part of a global force that uses innovation to enhance the way the world builds. Find out more at RIB Careers. Job Summary As part of the RIB team, you will embody our values of impact, aspiration, curiosity, and trust in everything you do. As a Cloud SecOps Engineer, you will play a key role in protecting the platforms used to deliver RIB's products within the Managed Services. The Cloud SecOps Engineer will be responsible for continuous security monitoring, threat detection, incident response, and security automation within Managed Services Product Portfolio. This role involves SIEM operations, vulnerability scanning, identity and access management, and endpoint security. The engineer will work closely with DevOps, SRE, Cloud Governance, and Application Security teams to enhance the security posture across Managed Services cloud environments. Key Responsibilities Security Monitoring & Incident Response Operate and manage SIEM solutions for real-time threat detection. Investigate security incidents, analyze logs, and escalate as needed. Work with DevOps/SRE teams on security incident containment and response. Security Automation & Orchestration (SOAR) Develop and implement security automation playbooks to streamline response. Support automated threat intelligence ingestion and response workflows. Identity & Access Management (IAM) Enforce least privilege access policies for cloud and IT environments. Assist in identity lifecycle management, MFA, and role-based access controls. Vulnerability & Risk Management Conduct vulnerability scans and misconfiguration assessments. Assist DevOps and SRE teams with security patching and risk remediation. Security Observability & Compliance Ensure security logs, alerts, and telemetry are properly integrated. Support audits and compliance initiatives for security best practices. Governance, Compliance, and Incident Response Align security operations with control frameworks (ISO 27001, GDPR, SOC 1, SOC2, CCM etc.). Work closely with CPSO., Cloud Governance, AppSec and Security Governance teams. Skills And Qualifications Bachelor's degree in cybersecurity, information security, or equivalent experience. Azure Security Engineer (AZ-500, SC-200, SC-300) 2+ years of experience in SecOps, cybersecurity, or cloud security roles. Strong understanding of SIEM solutions (e.g., Microsoft Sentinel, Splunk, QRadar, etc.). Experience with security automation (SOAR), scripting (Python, PowerShell), and incident response. Familiarity with IAM frameworks, cloud security best practices (Azure, AWS, etc.), and vulnerability management tools (Qualys, Tenable, etc.). Knowledge of DevOps, CI/CD security practices, and security control frameworks (ISO 27001, SOC1, SOC2, CIS etc.) RIB may require all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria. RIB is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business. Come and join RIB to create the transformative technology that enables our customers to build a better world. Show more Show less