682 Qualys Jobs - Page 24

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are seeking a talented Lead QA Engineer to deliver roadmap features of Enterprise TruRisk Platform which would help customers to Measure, Communicate and Eliminate Cyber Risks. The Lead QA Engineer will design, implement, document, and maintain testing frameworks. You will be responsible for the quality of core product capabilities using micro-services and Big Data based components. This is a fantastic opportunity to be an integral part of a team building Qualys next generation platform using Big Data & Micro-Services based technology to process over billions of transactions data per day, leverage open-source technologies, and work on challenging and business-impacting initiatives. Responsibilities: Perform functional testing of the Enterprise TruRisk Platform and its various modules. Conduct integration testing across different systems, working closely with cross-functional teams to ensure seamless data and service flow. Test Big Data ingestion and aggregation pipelines using Spark shell, SQL, and other data tools. Develop and maintain automation frameworks for functional and regression testing. Own and execute end-to-end workflow automation using custom or industry-standard frameworks. Define test strategies, test plans, and test cases for new features, platform enhancements, and services. Debug and troubleshoot issues identified in pre-production or production environments. Drive system and performance testing of the platform and data applications. Define operational procedures, service monitors, and alerting mechanisms, and coordinate implementation with the NOC team. Collaborate with product and engineering teams to review requirements, specifications, and technical designs, and ensure proper test coverage. Recreate complex production/customer issues to verify root causes and ensure resolution. Identify technical interdependencies, potential issues, and propose effective solutions. Requirements: 8-10 years of experience in the full-time Functional testing & Automation role as lead. Hands on experience in automating backend applications (e.g., database, REST API's). Hands on experience with automating any backend applications (e.g., database, server side). Knowledge of relational databases and SQL. Good debugging skills. Working experience working in Linux/Unix environment. Good understanding of testing methodologies. Good to have hands on experience in working on Big Data technologies like Hadoop, Spark, Airflow, Kafka, Elastic and other distributed components. Experience in Security domain is an advantage. Show more Show less

Driven by transformative digital technologies and trends, we are RIB and we’ve made it our purpose to propel the industry forward and make engineering and construction more efficient and sustainable. Built on deep industry expertise and best practice, and with our people at the heart of everything we do, we deliver the world's leading end-to-end lifecycle solutions that empower our industry to build better. With a steadfast commitment to innovation and a keen eye on the future, RIB comprises over 2,500 talented individuals who extend our software’s reach to over 100 countries worldwide. We are experienced experts and professionals from different cultures and backgrounds and we collaborate closely to provide transformative software products, innovative thinking and professional services to our global market. Our strong teams across the globe enable sustainable product investment and enhancements, to keep our clients at the cutting-edge of engineering, infrastructure and construction technology. We know our people are our success – join us to be part of a global force that uses innovation to enhance the way the world builds. Find out more at RIB Careers. Job Summary As part of the RIB team, you will embody our values of impact, aspiration, curiosity, and trust in everything you do. As a Cloud SecOps Engineer, you will play a key role in protecting the platforms used to deliver RIB's products within the Managed Services. The Cloud SecOps Engineer will be responsible for continuous security monitoring, threat detection, incident response, and security automation within Managed Services Product Portfolio. This role involves SIEM operations, vulnerability scanning, identity and access management, and endpoint security. The engineer will work closely with DevOps, SRE, Cloud Governance, and Application Security teams to enhance the security posture across Managed Services cloud environments. Key Responsibilities Security Monitoring & Incident Response Operate and manage SIEM solutions for real-time threat detection. Investigate security incidents, analyze logs, and escalate as needed. Work with DevOps/SRE teams on security incident containment and response. Security Automation & Orchestration (SOAR) Develop and implement security automation playbooks to streamline response. Support automated threat intelligence ingestion and response workflows. Identity & Access Management (IAM) Enforce least privilege access policies for cloud and IT environments. Assist in identity lifecycle management, MFA, and role-based access controls. Vulnerability & Risk Management Conduct vulnerability scans and misconfiguration assessments. Assist DevOps and SRE teams with security patching and risk remediation. Security Observability & Compliance Ensure security logs, alerts, and telemetry are properly integrated. Support audits and compliance initiatives for security best practices. Governance, Compliance, and Incident Response Align security operations with control frameworks (ISO 27001, GDPR, SOC 1, SOC2, CCM etc.). Work closely with CPSO., Cloud Governance, AppSec and Security Governance teams. Skills And Qualifications Bachelor's degree in cybersecurity, information security, or equivalent experience. Azure Security Engineer (AZ-500, SC-200, SC-300) 2+ years of experience in SecOps, cybersecurity, or cloud security roles. Strong understanding of SIEM solutions (e.g., Microsoft Sentinel, Splunk, QRadar, etc.). Experience with security automation (SOAR), scripting (Python, PowerShell), and incident response. Familiarity with IAM frameworks, cloud security best practices (Azure, AWS, etc.), and vulnerability management tools (Qualys, Tenable, etc.). Knowledge of DevOps, CI/CD security practices, and security control frameworks (ISO 27001, SOC1, SOC2, CIS etc.) RIB may require all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria. RIB is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business. Come and join RIB to create the transformative technology that enables our customers to build a better world. Show more Show less

Overview: Exp. - 3-6 Years Location - Hyderabad, Bangalore, Gurgaon, Mumbai Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities: Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications: Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

Seeking a skilled security tester (3–6 yrs) to perform VAPT, threat modeling, and configuration reviews across web, mobile apps, servers, and networks. Strong hands-on with tools like Burp Suite, Nessus, Qualys, and Kali Linux. Must know OWASP Top 10. CEH/OSCP/CPTE certified Designation - Sr. Executive/ AM Location - Prabhadevi Mumbai Work - Work from Office Key Responsibilities Conduct thorough testing of Web Applications to identify Vulnerabilities and Weaknesses. Perform vulnerability assessments to identify potential security risks and provide recommendations for remediation. Create and maintain secure configuration documentation to ensure proper configuration and alignment with industry best practices. Conduct vulnerability assessment of servers/devices OS, Database and Middleware of multiple technologies windows and non- windows Configuration Review for OS, Database, Middleware, Network devices, Security Devices, and as per CIS benchmark. Web application security assessments, including manual testing and analysis, hands on use of automated web application vulnerability scanning/testing tools. Carry out Mobile application testing for Android and iOS by utilizing SAST & DAST methodologies. Perform Threat Modelling for new and existing applications. Experience 3-6 years post BCA/ B.Sc. (Computers)/ B.Tech. / MCA / M.Tech. etc. Technical Skills Familiar with tools like Nessus, QualysGaurd, Tenable, Burp suite, Wireshark, Postman, Frida, Kali Linux, etc. Owasp Top 10 and Security Concepts Vulnerability Management Vulnerability Assessment and Penetration Testing (VAPT) Certification OSCP Certified Ethical Hacker [CEH v12] Certified Penetration Testing Expert [CPTE] Certified Information Security & Ethical Hacker [CISEH] Show more Show less

Roles and Responsibilities Conduct vulnerability assessments using Nessus, Burp Suite, and Qualys to identify potential security risks. Develop and maintain comprehensive reports on identified vulnerabilities, including remediation recommendations. Collaborate with cross-functional teams to implement mitigation strategies and monitor progress towards resolution. Provide expert guidance on application security best practices to development teams. Stay up-to-date with industry trends and emerging threats to continuously improve vulnerability management processes.

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Job Summary: We are seeking a skilled Product Analyst / SME to drive customers onboarding and delivering extraordinary operational services for the Qualys platform. This role involves analyzing and documenting customer requirements, collaborating with development teams to deliver product enhancements, and ensuring customer success through the Qualys platform. The successful candidate will serve as a subject matter expert on Qualys platform. Responsibilities: Customer Requirements and Product Enhancements: Identify and document customer needs, working closely with development teams to define and implement required functions and product enhancements. In-depth, hands-on involvement directly with customers implementing the system. Train users and customers in the basic use of the system, particularly with the technical setup. Work directly with the customer project team implementing the system and assist them in implementing their users’ requirements. Platform Capabilities, Development and Integration: Acquire in-depth knowledge of each Qualys Cloud App's functions and operational use cases. Work hands-on with the system, configuring it and testing that it meets the customer’s technical requirements. Act as a subject matter expert on the best practices for Qualys Cloud Apps; providing insights to customers and internal teams. Conduct research on third-party tools/solutions, identifying integration opportunities and designing integrations that leverage Qualys Cloud Apps capabilities. Provide expertise on existing backend services, interactions, and modular dependencies to help PM teams design and architect new features and services within the platform. External and Internal Expertise: Serve as an internal and external subject matter expert in security research and operations, contributing to our understanding of customer challenges and communicating the value proposition of the Qualys Cloud platform. Collaborate with field sales (TAMs), customers, business analysts, core development to meet business requirements by providing technical expertise in security engineering and operations, proposing and architecting solutions based on customer needs and Qualys Cloud Apps capabilities. Excellent social skills. The person in this role will spend significant amounts of time working closely with customers as well as training them, and persistence will be key to success. Requirements: Education and Experience: Bachelor’s degree with 2-3 years of industry experience in business analysis or software product design and development. Experience in customer-facing roles and security engineering domain or security operations is a plus. Technical Skills: Experience working in systems or technical analysis for a SaaS product, preferably in the Cybersecurity domains. Understanding the architecture of SaaS applications, including multi-tenant architecture, cloud infrastructure (AWS, Azure, Google Cloud), and microservices. Familiarity with RESTful APIs, SOAP, and web services for integration purposes. Familiarity with Agile, Scrum, and Kanban, including how to use Jira, Trello, or similar tools to track development cycles. Experience working with DevOps tools and pipelines to implement security solutions/automations. Understanding of security domains, security tooling, DevSecOps and security operations is a plus. Strong technical problem-solving and analytical skills. Soft skills: Excellent user documentation & presentation skills. Ability to work independently on assigned tasks and drive them from start to completion. Adaptability: The SaaS landscape evolves rapidly, so being adaptable to new tools, technologies, or methodologies is important. Time Management: Balancing multiple priorities while ensuring deadlines are met. Experienced in customer and external communications. Demonstrated experience in identifying, analyzing customer issues, and helping the customer support team resolve them. Proactive collaboration with PM/TAM/sales teams to engage with existing customers and understand their SecOps use-cases. What We Offer: Competitive compensation package including salary, bonus, and equity. Comprehensive benefits such as health insurance, 401(k), and more. Opportunities for career growth and professional development in a dynamic and innovative environment. Collaborative team culture with a focus on employee empowerment and success. How to Apply: If you are passionate about driving innovation in security solutions and have a strong background in product management and security operations, please submit your application, including your resume and a cover letter outlining your experience and qualifications for this role. Equal Opportunity Employer: Qualys is an equal opportunity employer. All applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, age, sexual orientation, genetic information, gender identity or expression, status as a protected veteran, or status as a qualified individual with a disability or any other characteristic protected by federal, state, or local laws. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Job Posting Title Senior Collections Analyst Job Posting Title Job Description Summary The Accounts Payable / Receivable focus specializes in the Accounts Payable activities including the reviewing and verifying of invoices to ensure accuracy. Responsibilities include entering invoices into financial systems, scheduling payments to suppliers and creditors, and preparing reports according to established policies as required. The focus also specializes in the Accounts Receivable activities such as updating and summarizing receivables. Responsibilities include invoice creation and shipping verification, and may assist with smaller or less complex business units or customer accounts. Job Description Summary Hiring Requirements Job Details Job Profile Sr Collections Analyst Job Profile Job Families for Job Profiles Collections Job Families for Job Profiles Worker Sub-Type Regular Worker Sub-Type Worker Type Employee Worker Type Time Type Full time Time Type Compensation Grade (empty) Compensation Grade Primary Location Pune Primary Location Primary Job Posting Location Pune Primary Job Posting Location Additional Locations (empty) Additional Locations Additional Job Posting Locations (empty) Additional Job Posting Locations Scheduled Weekly Hours 40 Scheduled Weekly Hours Work Shift (empty) Work Shift Recruiting Start Date 22/01/2025 Recruiting Start Date Target Hire Date 15/04/2025 Target Hire Date Target End Date (empty) Target End Date Additional Information Union Membership from Job Profile (empty) Union Membership from Job Profile Allowed Unions from Job Profile (empty) Allowed Unions from Job Profile Collective Agreement Details Collective Agreement (empty) Collective Agreement Job Description General Purpose The Collections Analyst filling this role will be hands-on and assume the day-to-day responsibilities of ensuring worldwide customer payments are received timely, and properly applied to open receivables. This will involve coordination with the worldwide AR Team to ensure that any discrepant payments are immediately resolved with the customers. The ideal candidate will also liaise with the large portal-based customers and partners regularly to work on keeping their accounts reconciled, and on ad hoc projects as they surface. This position is in Pune, India reporting to the AR Credit and Collection’s Manager. This will be three days’ work in the office with two days being remote. Main Job Tasks And Responsibilities Manage a portfolio of ($11M) with 500+ invoices. Preferably handled India, Europe, (UK and Germany), Middle East, APAC, and Africa regions. Knowledge of working on a portfolio of Partners (distributors). Ability to work with the Sales organization and various team to resolve disputes. Collection, and follow-up on customer payments, with the mindset that you are representing Qualys as a whole, so professional contact with the customers is always a must. Communicate with customers via phone or email, ensuring invoice routing information is current and correct, so that invoices are received and paid in a timely manner. Record collection calls, statuses and forecast in Netsuite for follow-up and reporting purposes. Reconcile and monitor customer account aging’s for non-payments, delayed payments and other irregularities. Make monthly recommendations for appropriate AR write offs, or submissions to Qualys’ outside collections agency for continued efforts on cold account balances. Research and resolve unapplied and identified payments. Education And Experience Business or Accounting degree a plus (B.Com). 2-3 years of hands-on accounts receivable and general accounting experience. Working knowledge of NetSuite and Salesforce.com is a plus Proficient in Microsoft Office, especially Excel and Outlook Experience of portal invoicing, Ariba, a plus Knowledge of monthly cash forecasting. Exposure to Credit activities will be an added advantage Strong communicator (written & verbal); reliable and responsive to email and phone communications. Attention to detail and accuracy, good problem-solving skills. Excellent time management, planning and organizational skills. Understanding of the importance of documentation. Strong performance accountability orientation, both in terms of following through on commitments and sudden deadlines. A team player with the ability to build relationships and work collaboratively. Positive attitude and enthusiastic, with a high level of integrity and good judgment. Job Description Job Description General Purpose The Collections Analyst filling this role will be hands-on and assume the day-to-day responsibilities of ensuring worldwide customer payments are received timely and properly applied to open receivables. This will involve coordination with the worldwide AR Team to ensure that any discrepant payments are immediately resolved with the customers. The ideal candidate will also liaise with the large portal-based customers and partners regularly to work on keeping their accounts reconciled, and on ad hoc projects as they surface. This position is in Pune, India reporting to the AR Credit and Collection’s Manager. This will be three days’ work in the office with two days being remote. Main Job Tasks And Responsibilities Manage a portfolio of ($11M) with 500+ invoices. Preferably handled India, Europe, (UK and Germany), Middle East, APAC, and Africa regions. Knowledge of working on a portfolio of Partners (distributors). Ability to work with the Sales organization and various team to resolve disputes. Collection, and follow-up on customer payments, with the mindset that you are representing Qualys as a whole, so professional contact with the customers is always a must. Communicate with customers via phone or email, ensuring invoice routing information is current and correct, so that invoices are received and paid in a timely manner. Record collection calls, statuses and forecast in NetSuite for follow-up and reporting purposes. Reconcile and monitor customer account aging’s for non-payments, delayed payments and other irregularities. Make monthly recommendations for appropriate AR write offs, or submissions to Qualys’ outside collections agency for continued efforts on cold account balances. Research and resolve unapplied and identified payments. Education And Experience Business or Accounting degree a plus (B.Com). 2-3 years of hands-on accounts receivable and general accounting experience. Working knowledge of NetSuite and Salesforce.com is a plus Proficient in Microsoft Office, especially Excel and Outlook Experience of portal invoicing, Ariba, a plus Knowledge of monthly cash forecasting. Exposure to Credit activities will be an added advantage Strong communicator (written & verbal); reliable and responsive to email and phone communications. Attention to detail and accuracy, good problem-solving skills. Excellent time management, planning and organizational skills. Understanding of the importance of documentation. Strong performance accountability orientation, both in terms of following through on commitments and sudden deadlines. A team player with the ability to build relationships and work collaboratively. Positive attitude and enthusiastic, with a high level of integrity and good judgme Show more Show less

Job details Employment Type: Full-Time Location: Bangalore, Karnataka, India Job Category: Information Systems Job Number: WD30242602 Job Description Vulnerability and Security Compliance Lead Job Summary: We are seeking an experienced Vulnerability and Security Compliance Lead to join our team. The ideal candidate will be responsible for leading efforts to identify, assess, and remediate vulnerabilities across our IT infrastructure while ensuring compliance with relevant security standards and regulations. You will work closely with cross-functional teams to develop and implement security policies, procedures, and best practices that protect our organization from threats. Key Responsibilities: Vulnerability Management: Lead the vulnerability management program, including vulnerability scanning, assessment, and remediation processes. Coordinate with IT and engineering teams to prioritize and address identified vulnerabilities based on risk impact. Security Compliance: Ensure compliance with industry standards and regulations (e.g., ISO 27001, NIST, PCI-DSS, HIPAA) by developing and maintaining security policies, procedures, and documentation. Conduct regular compliance assessments and audits to identify gaps and recommend corrective actions. Risk Assessment: Perform risk assessments to identify potential threats and vulnerabilities to the organization's information assets. Develop and implement risk mitigation strategies and controls to reduce exposure to security threats. Security Policies and Procedures: Develop, review, and update security policies, procedures, and guidelines to align with best practices and regulatory requirements. Communicate security policies and compliance requirements to employees and stakeholders to promote awareness and adherence. Incident Response: Lead incident response efforts related to security breaches or vulnerabilities, ensuring timely identification, containment, and remediation. Conduct post-incident reviews to assess the effectiveness of response actions and implement improvements. Collaboration and Training: Collaborate with IT, legal, and other departments to ensure alignment on security compliance initiatives. Provide training and awareness programs to employees on security best practices, compliance requirements, and vulnerability management. Continuous Improvement: Stay current with the latest security trends, threats, and compliance requirements, evaluating their impact on the organization. Recommend and implement improvements to security controls and processes based on emerging threats and vulnerabilities. Qualifications: Educational Background: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Experience: 5+ years of experience in information security, vulnerability management, or compliance roles. Proven experience leading vulnerability assessments and compliance audits in a corporate environment. Technical Skills: Strong knowledge of security frameworks (e.g., NIST, ISO 27001), vulnerability management tools (e.g., Qualys, Nessus), and security compliance regulations. Familiarity with security technologies such as firewalls, intrusion detection/prevention systems, and endpoint security solutions. Certifications: Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), or equivalent are desirable. Preferred Skills: Experience with security incident response and threat intelligence. Knowledge of risk management methodologies and practices. Familiarity with cloud security practices and compliance frameworks.

Skills: Nessus, Burp Suite, Metasploit, OWASP ZAP, Nmap, Qualys, Wireshark, Kali Linux, Position: VAPT Engineer Reporting to: Platform Lead Infrastructure Security Employment Type: Employee - Full Time Work Location: Guwahati Key Focus area: Infrastructure Penetration Tester Key Responsibilities Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility. Identifying and maintaining Key metrics and SLA on Infrastructure Security. Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems. Thorough experience in configurations reviews against CIS benchmarks and security standards. Ensure all Hardening and Patching activities are conducted and tracked as per defined policies. Create/Update hardening documents and build audit file for automated testing. Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations. Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings. Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments. Safeguarding information, infrastructures, applications, and business processes against cyber threats. Proactively create, share, and read reports as part of the penetration testing activities. Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation. Qualification And Work Experience Qualification: BE / BTech (Similar Education Background) Work experience: 7-15 Years 7+ years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems. Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion. Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc. The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng. Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications) Preferred: Script writing skills (Python/Ruby/bash/PowerShell). Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS. Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms. Expertise in performing grey box/Black box testing. Experience devising methods to automate testing activities and streamline testing processes. Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises. Competencies / Expertise Required (Functional & Behavioral) Systematic strong analytical thinking and problem-solving skills. Excellent in analytical thinking for translating data into informative visuals and reports. Adaptable to change. Quick Learner Open learn and work on new technologies and products. If you're interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Regards, Ashwini Chakor Show more Show less

Hi We have got an opening in HCL for Qualys - 8 Years To 15 Years - Permanent Openings, Interview Location : Chennai / Bangalore / Noida / Hyderabad Job Location : Chennai / Bangalore / Noida / Hyderabad if you are interested; kindly send your updated resume to Shakthi@glaubentechnology.com with below mentioned details Skills : Qualys - 8 Years To 15 Years While sending your resume, Pls provide the following details First name Last name Date of Birth Total Experience Relevant Experience in Qualys - UG Degree percentage/CGPA & year of passing PG Degree Percentage & year of passing Current Company Current CTC Expected CTC Notice Period Location of interview Preferred Job Location Regards, Shakthi Shakthi@glaubentechnology.com

Job Summary We are seeking a highly skilled and motivated Vulnerability Management Specialist with at least 5 years of hands-on experience in identifying, assessing, and mitigating security vulnerabilities across enterprise environments. The ideal candidate will have a strong understanding of cybersecurity principles, vulnerability scanning tools, and risk management frameworks, with the ability to communicate technical issues to non-technical stakeholders. Job Requirements • Manage the end-to-end vulnerability management lifecycle: discovery, classification, prioritization, remediation tracking, and reporting. • Conduct regular vulnerability assessments using tools such as Qualys, Tenable, Nessus, or Rapid7. • Collaborate with system owners, infrastructure teams, and developers to address and remediate vulnerabilities. • Monitor threat intelligence feeds to identify and assess emerging vulnerabilities. • Develop and maintain metrics and reports on vulnerability status, trends, and remediation progress. • Ensure compliance with internal security policies and external regulatory standards (e.g., PCI-DSS, ISO 27001, HIPAA). • Coordinate periodic penetration testing and work with external vendors as needed. • Assist in maintaining and improving the organization's vulnerability management processes and tools. • Strong analytical and problem-solving skills. • Excellent written and verbal communication. • Ability to manage multiple priorities and work effectively in a fast-paced environment. • Collaborative mindset with a strong sense of accountability. • Security certifications such as CISSP, CEH, OSCP, CompTIA Security+, or GIAC. • Experience with scripting languages (Python, PowerShell, Bash) for automation of vulnerability tasks. • Exposure to cloud environments (AWS, Azure, GCP) and related security controls. • Familiarity with SIEM and ticketing systems (e.g., Splunk, ServiceNow). Education • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). • Minimum of 5 years of professional experience in vulnerability management, information security, or a related domain. • Strong knowledge of operating systems (Windows, Linux, Unix), network protocols, and application architectures. • Hands-on experience with vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7, Tenable.io). • Familiarity with patch management practices and tools. • Understanding of CVSS scoring, OWASP Top 10, and MITRE ATT&CK framework. • Experience interpreting and responding to vulnerability alerts (e.g., CVEs, vendor advisories).

kindly apply through below link: https://www.jobs.global.fujitsu.com/job/VAPT-L2-Tenable/934-en_US/ JD for Vulnerability Management : 1.Minimum 10 years in cybersecurity space and 7 years of relevant experience in vulnerability management domain. 2.Understanding and Handson experience in implementing or doing operations as per the phases of vulnerability Management lifecycle . 3.Experience in working or deployment of scanner appliances and cloud agents. 4.Experience in doing asset discovery or IT network asset identification scanning. 5.Good understanding of best vulnerability scanning practices and reporting strategies. 6.Exposure in doing vulnerability analysis and checking the possible patches, solutions, and work arounds. 7.Should be able to do management of zero-day vulnerabilities. 8.Skilled in vulnerability prioritization based on severity, CVSS, risk-based approach : impact analysis, business criticality and vulnerability exploitability. 9.Prepare remediation plan. Co-ordinate and follow up with the asset owners to get the vulnerabilities remediated. 10.Ensuring end to end vulnerability identification and remediation governance. 11.Understanding of asset management, tagging, creating custom dashboards, scanning, and report templates via different VM tools. 12.Ability to present reports and dashboards to customers or service line as planned or on ad hoc basis. Prepare and present the weekly/monthly vulnerability reports to executive management. 13.Experience in developing and maintaining vulnerability exception / exclusion management process and tracking all the risks associated in a risk register. 14.Experience with Policy Compliance scanning based on famous frameworks such as CIS, PCI DSS etc. 15.Integration with well-known third-party IT tools, software & data sources such as: SNOW, Jira etc. 16.Experience in preparing and maintaining technical documentation such as HLD, LLD and other Architecture documents. 17.Eagerness to upskill and reskill as per the requirements and opportunities with Service line. 18.Hands on troubleshooting experience in widely used scanning solutions such as Tenable Nessus, Tenable.sc, Tenable.io, Qualys, Rapid7, MS defender etc. 19.Work with Presales team with vulnerability management project bids to convert them to potential upcoming business opportunities. 20.Excellent verbal and written communication skills. 21.Proficiency in web application security (OWASP top 10), penetration testing will be an added advantage. 22.Professional/Technical certifications will be an added advantage.

Overview Exp. - 3-6 Years Location - Hyderabad, Bangalore, Gurgaon, Mumbai Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

Job Track Description Requires formal education and relevant expertise in a professional, sales, or technical area. Performs technical-based activities. Contributes to and manages projects. Uses deductive reasoning to solve problems and make recommendations. Interfaces with and influences key stakeholders. Leverages previous knowledge and expertise to achieve results. Ability to complete work self-guided. College or university degree required. General Profile Requires knowledge and experience in field. Uses best practices and knowledge of business to improve products or services. Solves complex problems and takes a new perspective on existing procedures. Self-starter, requiring minimal guidance. Acts as a resource for colleagues with less experience. Functional Knowledge Requires conceptual expertise of theories, practices, and procedures. Business Expertise Has knowledge of best practices and team integration. Aware of the competition and what differentiates them. Impact Impacts a range of customer, operational, project or service activities. Works within broad guidelines and policies. Leadership Acts as a resource for colleagues with less experience. May guide small projects with manageable risks and resource requirements. Problem Solving Solves complex problems. Takes a new perspective on existing solutions. Exercises judgment based on the review of multiple information sources. reviewing many sources of information. Skills Clearly articulates difficult or sensitive information. Works to build consensus within a team. Responsibility Statements Supports the development of strategies for new client offerings. Ensures the effective use and application of resources. Assesses customer requirements and assists with the development of solutions. Reviews service and operating procedures to ensure compliance with industry standards and regulations. Works closely with the solutions team and sales, practice, and delivery leaders to develop the solution strategy and approach. Developing proficiency in market trends, best practices, and innovation. Performs other duties as assigned. Complies with all policies and standards. Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded:click here to access or download the form. Complete the form and then email it as an attachment toFTADAAA@conduent.com.You may alsoclick here to access Conduent's ADAAA Accommodation Policy. At Conduent we value the health and safety of our associates, their families and our community. For US applicants while we DO NOT require vaccination for most of our jobs, we DO require that you provide us with your vaccination status, where legally permissible. Providing this information is a requirement of your employment at Conduent.

Job Track Description Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Expands skills within an analytical or operational process. Maintains appropriate licenses, training, and certifications. Applies experience and skills to complete assigned work. Works within established procedures and practices. Works with a moderate degree of supervision. Functional Knowledge Has developed skillset in a range of processes, procedures, and systems. Business Expertise Understanding of how teams integrate and work best together to support the achievement of company goals. Impact Impacts a team, by example, through the quality service and information provided. Follows standardized procedures and receives moderate supervision and guidance. Leadership Has no supervisory responsibilities. Manages own workload. Problem Solving Uses existing procedures to solve standard problems without supervisory approval. Interpersonal Skills Exchanges information and ideas effectively. Responsibility Statements Manages client employee data for recruitment records of potential employees, online tests, and travel expenses. Coordinates logistics for recruiting events with vendors and prepares event reports. Administers pre-employment screening checks in collaboration with other departments and vendors. Ensures proper paperwork for new candidates, including medical and fit reports. Ensures new hires have required information and instruction in preparation for their first day of work. Performs other duties as assigned. Complies with all policies and standards. Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded:click here to access or download the form. Complete the form and then email it as an attachment toFTADAAA@conduent.com.You may alsoclick here to access Conduent's ADAAA Accommodation Policy. At Conduent we value the health and safety of our associates, their families and our community. For US applicants while we DO NOT require vaccination for most of our jobs, we DO require that you provide us with your vaccination status, where legally permissible. Providing this information is a requirement of your employment at Conduent.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Has a developed proficiency of analytical or operational processes. Completes atypical assignments. Works within established procedures and practices. Establishes the appropriate approach for new assignments. Acts as a resource for colleagues. Completes work with limited supervision. Functional Knowledge Has developed skills in a range of processes, procedures, and systems. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Impacts a team, by example, through the quality service and information provided Uses discretion to change work procedures and practices. Leadership Provides guidance and support to junior team members. Problem Solving Provides solutions to atypical problems based on existing precedents or procedures. Interpersonal Skills Exchanges information and ideas effectively. Responsibility Statements Responsible for RFQ management buying activities, negotiation, exception management, quality control, and vendor relations. Assists Project Team Lead to identify process gaps, improvement, and any other ancillary tasks as project support. Ensures integrity of the entire sourcing process through the proper approval process. Assists the Project Team Lead in preparation and assignment of open un-reconciled item to the reviewers. Provides real-time suggestions to bring accuracy and efficiency. Provides feedback to reviewers on errors and training. Performs other duties as assigned. Complies with all policies and standards. Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded:click here to access or download the form. Complete the form and then email it as an attachment toFTADAAA@conduent.com.You may alsoclick here to access Conduent's ADAAA Accommodation Policy. At Conduent we value the health and safety of our associates, their families and our community. For US applicants while we DO NOT require vaccination for most of our jobs, we DO require that you provide us with your vaccination status, where legally permissible. Providing this information is a requirement of your employment at Conduent.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Has advanced, specialized expertise within a range of analytical or operational processes. Completes assignments and facilitates the work of others. May coordinate assignments beyond work area. Proposes improvements to processes and methods. Acts as a lead, coordinating the work of others, but is not a supervisor. Works autonomously within established procedures. Functional Knowledge Has developed skills in a range of processes, procedures, and systems. Acts as a technical expert in some areas. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Impacts a team, by example, through the quality service and information provided. Suggests enhancements to work procedures and practices to improve efficiency. Leadership Serves as a team lead. May allocate work to team members. Provides subject matter guidance to junior team members. Problem Solving Provides solutions to atypical problems with little or no precedent. Interpersonal Skills Exchanges information and ideas effectively. Uses tact and diplomacy when dealing with others. Responsibility Statements Supports emergency procurement processes as needed by the client. Monitors open requisitions, expedite, and closeout before turnaround. Works with stakeholders to ensure proper recommendation and documentation is received for the procurement process. Assists Team Leaders in extracting data for dashboard on process and reconciliation metrics. Provides supporting records and documentation to assist with audits. Ensures that adequate and updated process documentation and desktop procedures exist and are utilized. Contributes towards quality efforts and guides the quality verifiers team. Participates in first-level tasks and quality check tasks. Performs other duties as assigned. Complies with all policies and standards. Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded:click here to access or download the form. Complete the form and then email it as an attachment toFTADAAA@conduent.com.You may alsoclick here to access Conduent's ADAAA Accommodation Policy. At Conduent we value the health and safety of our associates, their families and our community. For US applicants while we DO NOT require vaccination for most of our jobs, we DO require that you provide us with your vaccination status, where legally permissible. Providing this information is a requirement of your employment at Conduent.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Job Description WHAT YOU’LL DO We are seeking a skilled and experienced Attack Surface Reduction Analyst with a strong background in penetration testing to join our cybersecurity team. The successful candidate will be responsible for identifying potential security risks and vulnerabilities in our organization's systems, applications, and networks, performing penetration testing, and facilitating and managing third-party penetration testing engagements. Who You’ll Work With Attack Surface Reduction team helps and contribute to improve the security posture of H&M by operating within an Agile model. We play a crucial role in proactively identifying and help in mitigating potential security risks and vulnerabilities across H&M's systems, applications, and networks, with the aim of preventing unauthorized access, data breaches, and other security incidents. Key Responsibilities: Conduct comprehensive vulnerability assessments (VA) and penetration tests (PT) on H&M's systems, networks, and applications. Utilize industry-standard tools and methodologies to identify potential vulnerabilities and weaknesses in our attack surface. Collaborate with cross-functional teams to prioritize and remediate identified vulnerabilities in a timely manner. Experience in designing, implementing, and managing vulnerability management processes and workflows. Facilitate and manage penetration testing engagements with third-party vendors. Collaborate with other members of the cybersecurity team to develop and implement strategies to reduce our attack surface. Develop and maintain security policies and procedures for our organization's systems, applications, and networks. Monitor our organization's systems, applications, and networks for unauthorized access, suspicious activity, and other security threats. Stay up to date with the latest trends and developments in the field of cybersecurity, specifically related to attack surface reduction techniques. Who You Are We are looking for people with… Bachelor's degree in computer science, information security, or a related field. 6-10 years of experience in vulnerability scanning, vulnerability management, and penetration testing. Solid knowledge of common vulnerabilities and exposures (CVEs), common attack vectors, and security best practices. Strong knowledge of security assessment tools, vulnerability scanning, and penetration testing. Proficient in using industry-standard vulnerability assessment and penetration testing tools (e.g., Kali Distro, Qualys, Burp Suite, etc.). Familiarity with industry frameworks and standards, such as NIST, OWASP, and CIS. Effective communication skills, with the ability to clearly convey technical concepts to both technical and non-technical stakeholders. Excellent analytical, problem-solving, and communication skills. Relevant certifications, such as SANS, OSCP, OSEP, CompTIA Security+ or CREST are a plus. WHY YOU’LL LOVE WORKING HERE At H&M, we are proud to be a vibrant and welcoming company. We offer our employees attractive benefits with extensive development opportunities around the globe. We offer all our employees at H&M attractive benefits with extensive development opportunities around the globe. All our employees receive a staff discount card, usable on all our H&M brands in stores and online. Brands covered by the discount are H&M (Beauty and Move included), COS, Weekday, Monki, H&M HOME, & Other Stories, ARKET, Afound. In addition to our staff discount, all our employees are included in our H&M Incentive Program – HIP. You can read more about our H&M Incentive Program here. In addition to our global benefits, all our local markets offer different competitive perks and benefits. Please note that they may differ between employment types and countries. JOIN US Our uniqueness comes from a combination of many things – our inclusive and collaborative culture, our strong values, and opportunities for growth. But most of all, it’s our people who make us who we are. Take the next step in your career together with us. The journey starts here. We are committed to a recruitment process that is fair, equitable, and based on competency. We therefore kindly ask you to not attach a cover letter in your application. Additional Information This is a full-time position, starting in June 2025 . Apply by sending in your CV in English as soon as possible, but no later than the 30th of May 2025 . Due to data policies, we only accept applications through the SmartRecruiters or career page Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. TEM Senior – Vulnerability Management As a Senior with EY’s Global Delivery Services (GDS) Cybersecurity Team, you will contribute technically to client engagements and internal initiatives. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and report and escalate any engagement related issues to senior team members as appropriate. The opportunity In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help senior members with business development activities. Your Key Responsibilities Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components Strong knowledge and experience in Linux Experience in Nexpose and Tenable administration Working in shifts and provide weekend support Experience working with vendors to troubleshoot issues and/or operationalize new features Scripting rest API for automation (Python and/or Bash) Familiarity on databases (Oracle, Sql Server, AWS Aurora, Hadoop, MongoDB) Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business. Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices) Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives Skills And Attributes For Success Knowledge of Windows, Linux, UNIX, any other major operating systems. Familiarized with the latest security vulnerabilities and exploit, understanding of web-based application vulnerabilities (OWASP Top 10), cloud security and architecture Experience with scripting / programming skills (e.g., Python, PowerShell) Hands on operational experience with vulnerability management tools (e.g. Qualys, Nexpose) including the ability to deploy, configure, and run these tools Fluency in English, other language skills are considered an asset Experience in handling data using Pandas, XML libraries Exposure to handling computer networking and operating systems use cases using python. Required knowledge for Python libraries: netaddr, ipaddress, qualysapi, lxml, pandas, numpy To qualify for the role, you must have Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment. Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM Knowledge of Windows, Linux, UNIX, any other major operating systems Willingness to work in shifts and weekend Ideally, you’ll also have Project management skills Certifications: CEH, Qualys Certified Specialist, CISM What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Overview: We are seeking a highly skilled and experienced Cloud Security Engineer to join our team. As a Cloud Security Engineer, you will be responsible for designing, implementing, and maintaining Cloud Security Platform and security technologies to protect Qualys systems across various cloud environments as: Oracle Cloud Infrastructure (OCI) Amazon Web Services (AWS) Microsoft Azure Google Cloud Platform (GCP) Alibaba IBM Responsibilities: You would be responsible for cloud resource provisioning, IAM, policy creation, UAR, establishing cloud security monitoring, cloud security posture management along with designing and architecting the cloud environments as per security best practices and cloud security guidelines of various standards. You will work closely with cross-functional teams to ensure the effectiveness of security measures and help establish and enforce cloud security policies and procedures. Security Architecture Review : Review and assess the security architecture of cloud-based systems and applications to identify gaps and recommend improvements in alignment with industry best practices and regulatory requirements. Cloud Compliance Management : Ensure cloud environments adhere to relevant compliance standards and regulations by implementing appropriate security controls, conducting compliance assessments, and generating compliance reports. Cloud Security Governance : Establish and maintain cloud security governance frameworks, policies, and procedures to ensure consistent and effective management of security risks across cloud environments. Incident Response : Actively participate in incident response activities related to cloud security incidents, including investigation, containment, eradication, and recovery. Cloud Security Tooling : Evaluate, select, deploy, and manage security tools and technologies specifically designed for cloud environments, such as cloud access security brokers (CASBs), cloud workload protection platforms (CWPPs), and cloud-native security services. Tools like Prisma Cloud, Orca Security, etc. Cloud Security Automation : Develop and implement automation scripts and workflows to streamline security operations tasks, such as configuration management, vulnerability scanning, and incident response orchestration. Cloud Risk Assessment : Conduct risk assessments of cloud services, configurations, and deployments to identify and prioritize security risks, and collaborate with relevant teams to mitigate identified risks. Cloud Security Research and Innovation : Stay abreast of emerging threats, vulnerabilities, and security trends in cloud computing, and actively engage in research and innovation to enhance the organization's cloud security posture. Skills: Understanding of cloud platforms like AWS, Azure, Google Cloud, OCI etc., including their services and architecture. Skills in designing secure cloud architectures, including network segmentation, data encryption, and disaster recovery strategies. Proficiency in managing user identities, permissions, roles, and access controls within cloud environments. Ability to set up monitoring tools, analyze security logs, and respond to security incidents promptly. Familiarity with cloud-native security services and tools provided by cloud providers (e.g., AWS Security Hub, Azure Security Center). Ability to assess security risks, prioritize them based on impact and likelihood, and develop strategies to mitigate them. Knowledge of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and other network security concepts. Familiarity with encryption algorithms, SSL/TLS protocols, and cryptographic key management for data protection. Experience with vulnerability scanning tools, penetration testing methodologies, and patch management processes. Knowledge of scripting languages (e.g., Python, PowerShell) and automation tools (e.g., Terraform, Ansible) to automate security tasks and configurations. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications such as CCSK, CCSP and cloud native certifications like AWS, Azure, OCI, GCP are highly desirable. Proven track record of designing and implementing complex cloud environments preferably in a cloud security engineer role. Experience implementing security controls in cloud environments using tools such as AWS Security Hub, AWS GuardDuty, AWS IAM Analyzer, Azure Security Center, or Azure Defender or Google Cloud Security Command Center or Oracle Cloud Guard. Knowledge of industry-standard security frameworks and regulations (e.g., NIST, CIS, GDPR, HIPAA). In-depth knowledge of cloud components, IAM, and best practices, including user provisioning, access/policy management, authentication mechanisms Familiarity with CSP environments like OCI, AWS, Azure, GCP etc Experience with cloud governance processes, cloud security implementation, cloud security monitoring etc. Strong problem-solving and analytical skills, with the ability to assess complex cloud requirements, identify gaps, and propose effective solutions. Excellent communication and collaboration skills to work effectively with cross-functional teams, stakeholders, and external vendors. Strong project management skills to drive cloud initiatives, manage timelines, and deliver successful outcomes. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Join our advanced cybersecurity team as a Senior Security Analyst , where your expertise will be instrumental in strengthening our organizational security framework. In this pivotal role, you will lead the strategic implementation and management of vulnerability management programs, with a specialized focus on Qualys solutions , while also driving improvements in Cloud Security Posture Management (CSPM) and Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP) . As a senior member of our security team, you will provide technical leadership , mentor junior analysts, and collaborate closely with cross-functional teams to proactively identify and mitigate cybersecurity risks. Your role extends beyond daily security operations to influencing security strategy, policy development, and automation initiatives . If you have a deep understanding of evolving threats and a commitment to enhancing enterprise security, we invite you to bring your expertise to our team. Key Responsibilities: Leadership & Strategy: Serve as a subject matter expert on vulnerability management, cloud security, and endpoint protection. Mentor and provide guidance to junior security analysts. Develop and refine security policies, best practices, and frameworks. Lead cross-functional security initiatives, collaborating with IT, DevOps, and engineering teams. Qualys Vulnerability Management: Oversee and optimize Qualys deployment across enterprise infrastructure. Design and implement advanced scanning configurations to ensure complete asset coverage. Analyze vulnerability data to identify critical risks, trends, and areas for proactive improvement. Coordinate remediation efforts, providing strategic guidance to IT and system administration teams. Cloud Security Posture Management (CSPM): Lead cloud security audits and compliance enforcement for multi-cloud environments. Implement and fine-tune CSPM tools to enforce industry regulations and internal security policies. Develop best practices for secure cloud configurations and integrate security into DevOps pipelines. Endpoint Security (EDR/EPP): Deploy and manage EDR/EPP solutions for advanced threat detection and response. Assist Qualys SOC in threat hunting and forensic investigations to identify and mitigate advanced threats. Configure and monitor EDR/EPP tools, conduct regular audits, and ensure proper integration with other security controls. Respond promptly to endpoint security alerts, investigate incidents, and implement corrective actions. Automation & Security Orchestration: Design and implement security automation workflows to enhance efficiency. Explore orchestration solutions to automate remediation processes for recurring security gaps. Integrate security tools to provide a unified real-time security monitoring framework. Compliance & Risk Management: Ensure security controls align with industry standards (NIST, ISO 27001, CIS Benchmarks, DISA STIG etc.). Conduct periodic risk assessments and audits to proactively address security weaknesses. Maintain compliance with regulatory requirements and Qualys internal governance policies. Collaboration with Qualys Support: Engage with Qualys support for issue resolution, updates, and to stay informed about new features and best practices. Participate in Qualys user forums and communities to share insights and learn from others' experiences. Qualifications & Experience: Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field. 3+ years of experience in cybersecurity, with a focus on vulnerability management, cloud security, and endpoint protection. Strong expertise in Qualys Vulnerability Management and security policy enforcement. Hands-on experience with CSPM tools and cloud security best practices. Proven track record in EDR/EPP deployment and security incident handling. Experience in security automation, orchestration, and integration with SIEM and SOAR platforms. Relevant certifications such as CISSP, CISM, CEH, or OSCP are preferred. Strong analytical, problem-solving, and communication skills. Ability to lead projects and mentor junior analysts while driving a security-first culture. If you're passionate about enhancing enterprise security , driving innovation , and leading critical cybersecurity initiatives , we encourage you to apply and join our team as a Senior Security Analyst ! Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Director of Engineering, Connectors and Partner Integrations About The Role We are seeking an experienced and strategic Director of Engineering for Connectors and Platform Integrations to lead and scale our efforts in building high-impact integrations across cloud platforms, third-party applications (on-premises and cloud), security tools, and partner ecosystems. This role is crucial in enhancing the interoperability of the Qualys Enterprise TruRisk Platform with the broader security and IT operations ecosystem. You will lead multiple engineering teams focused on developing scalable connectors, APIs, SDKs, and integration solutions that empower our customers to extract maximum value from the Qualys Enterprise TruRisk Platform. The successful candidate will have a proven track record in building and managing high impact connectors in cybersecurity. Key Responsibilities Lead engineering efforts for developing and maintaining connectors and integrations with third-party platforms, including cloud providers (AWS, Azure, GCP), security tools, ITSM systems, and other enterprise applications. Build and foster strong technical partnerships with vendors, technology partners, and integration collaborators to expand the Qualys Enterprise TruRisk Platform ecosystem. Collaborate with Cross-Functional Engineering Teams, Product Management, Solution Architects, and Sales Engineering teams to define integration strategies and prioritize development based on customer needs and strategic initiatives. Oversee the architecture and delivery of integration components to ensure they meet performance, scalability, and security requirements. Manage, mentor, and scale high-performing engineering teams, focusing on execution, innovation, and excellence. Own the roadmap and execution for integration-related initiatives, ensuring on-time delivery and alignment with business goals. Act as a senior technical leader, driving engineering best practices and fostering a culture of continuous improvement and collaboration. Represent Qualys in partner-facing engagements, technical workshops, and integration strategy meetings. Qualifications 12+ years of experience in software engineering, with at least 5+ years in a senior leadership role. Proven track record in building and delivering enterprise-scale platform integrations and connectors for technologies such as SIEM, SOAR, CMDB, Ticketing Systems and ITSM integrations Strong experience working with cloud providers (AWS, Azure, GCP), RESTful APIs, webhooks, message brokers, and modern integration frameworks (Apache Camel, Apache NiFi). Knowledge of API gateways, authentication protocols (OAuth, SAML), and integration security best practices. Familiarity with data normalization, transformation, and sync mechanisms with Connector development Deep understanding of partner ecosystem management, including collaboration, co-development, and joint delivery. Exposure to working with partner certification programs Excellent stakeholder management and communication skills; able to bridge technical and business conversations across internal and external teams. Demonstrated ability to lead cross-functional initiatives and manage engineering teams in a distributed and agile environment. Expertise with programming languages such as Java Bachelor’s or Master’s degree in Computer Science, Engineering, or related field. Show more Show less