668 Qualys Jobs - Page 3

DevOps Engineering (DevOps and Security) Experience: 5 Years Security and code quality tools: WiZ, Snyk, Qualys, Mend, Checkmarx, Dependabot Required Education and Professional Experience 5+ years of overall professional IT experience. 2+ years of hands-on experience in DevOps/Site Reliability Engineering (SRE) roles on major cloud platforms. Bachelor’s degree in Engineering, Computer Science, or IT; advanced degrees preferred . Industry certifications in Cloud Architecture or Development (Preferred: Azure; Also: AWS, GCP) . Skills Any Cloud experience (Azure/AWS) Terraform, Kubernetes, Any CI/CD tool Security and code quality tools: WiZ, Snyk, Qualys, Mend, Checkmarx, Dependabot, etc. (Experience with any of these tools) Secret management: Hashicorp vault / Akeyless

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Bangalore Req ID: 769624

About The Company Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of Communications Experience Required: 3+ years in Cybersecurity, with 2+years hands-on Imperva DAM Reports To: Security Operations Lead / SOC Manager Location: Jaipur Job Type: Full-time, Customer locations Job Summary We are seeking an experienced ITSM and CIS BenchmarkingSpecialist to drive service management excellence and ensure systems arehardened according to industry best practices. The ideal candidate will havedeep knowledge of ITIL-based ITSM practices and hands-on experience applying CISBenchmarks for endpoint and server security compliance. Itsm Key Responsibilities: Oversee the implementation and continuous improvement of ITSM processes aligned with ITIL framework (e.g., Incident, Change, Problem, Asset, and Configuration Management). Ensure accurate and timely incident/ticket management via ITSM tools (e.g., ServiceNow, BMC Remedy, Freshservice). Develop ITSM dashboards and reports to track SLAs, service availability, and operational KPIs. Collaborate with technical and business teams to streamline service workflows and automate manual tasks. Provide training and guidance on ITSM processes across teams. CIS Benchmarking Perform security baseline assessments of servers, endpoints, and cloud environments using CIS Benchmarks. Coordinate with IT infrastructure and application teams to implement and validate CIS hardening steps. Use tools such as CIS-CAT Pro, SCAP, Tenable, or Qualys for benchmark scanning and reporting. Maintain a central repository of system configurations, benchmark reports, and deviation justifications. Support internal and external audits by providing CIS compliance evidence and remediation plans. Required Skills And Qualifications 1+ years of experience in implementing and managing ITSM processes and tools. 1+ years of experience applying CIS Benchmarks across Windows, Linux, databases, or cloud platforms. Strong understanding of ITIL v3 or v4, with certification preferred. Familiarity with endpoint/server hardening, system configuration management, and patching. Experience using configuration and compliance management tools (e.g., Ansible, Chef, SCCM, GPO). Ability to document policies, procedures, and control deviations. Preferred Qualifications ITIL Foundation or Practitioner certification. Experience in audit/compliance functions, particularly in regulated industries (BFSI, healthcare, government). Familiarity with ISO 27001, NIST 800-53, or other security frameworks. Education Requirements BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification Any ITSM Certification/CEH

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are looking for a Security Analyst to join our Cyber Fusion Center team, focusing on vulnerability management, policy compliance, and security posture management. In this role, you will support the day-to-day execution of security assessments using industry-leading tools including Qualys TruRISK Platform to detect, report, and coordinate remediation of vulnerabilities across Qualys environments. You will also contribute to improving compliance posture through policy enforcement, container and web application security testing, and audit readiness. This role is ideal for professionals passionate about security operations, compliance, and automation—driven to make an impact in a fast-paced, technology-focused environment. Key Responsibilities Vulnerability Management Program Deploy, configure, and maintain Qualys VMDR for continuous vulnerability scanning across on-premises and cloud-based assets. Manage asset groups, tag configurations, scan schedules, and coverage to ensure full visibility of security posture. Analyze scan results, identify high-risk vulnerabilities, and track remediation efforts across IT and engineering teams. Work with application owners and infrastructure teams to prioritize and resolve security issues within SLA. Generate detailed reports and executive summaries to communicate findings and track trends over time. Support integration of vulnerability data into dashboards or ticketing systems for automation and workflow management. Policy Compliance Configure and maintain the Qualys Policy Compliance (PC) module to assess systems against CIS, NIST, and internal benchmarks. Regularly review compliance scan results and coordinate with system administrators to resolve violations. Assist in developing and maintaining custom compliance policies based on organizational and regulatory requirements. Container Security Integrate container scanning tools (e.g., Qualys Container Security) into CI/CD pipelines to identify vulnerabilities in images before deployment. Monitor running containers for misconfigurations, outdated components, or privilege escalation risks. Partner with DevOps and engineering teams to embed container security best practices into the build and release lifecycle. Web Application Scanning Set up and manage Qualys WAS (Web Application Scanning) for internal and external web assets. Identify common vulnerabilities such as SQL injection, XSS, and misconfigurations in custom and third-party applications. Collaborate with application developers to review and resolve reported security issues efficiently. File Integrity Monitoring (FIM) Configure and maintain File Integrity Monitoring solutions to detect unauthorized changes in critical system and application files. Monitor alerts and ensure baselines are accurate, relevant, and maintained in line with system updates. Assist in defining rulesets and thresholds for actionable alerting. Audit & Compliance Support Contribute to internal and external audits by providing accurate reports, remediation evidence, and tool configurations. Ensure vulnerability and compliance-related controls are aligned with regulatory requirements such as ISO 27001, SOC 2, PCI-DSS, and FedRAMP. Maintain clear documentation for security tool configurations, scan schedules, and compliance mappings. Security Operations & Automation Identify opportunities for automation within the vulnerability management lifecycle using scripting or orchestration platforms. Maintain dashboards, reports, and alerting mechanisms to provide continuous visibility into security posture. Collaborate with tool vendors, especially Qualys, to resolve issues, evaluate new features, and apply platform updates. Qualifications & Experience Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field. 2–4 years of hands-on experience in vulnerability management and security operations. Strong knowledge of Qualys VMDR, PC, WAS, Container Security, and FIM. Solid understanding of security control frameworks (e.g., CIS, NIST, ISO 27001) and compliance requirements. Familiarity with cloud environments (AWS, Azure, GCP) and hybrid infrastructure security. Proficiency in reading scan results, interpreting risk levels, and advising on remediation strategies. Excellent problem-solving skills and attention to detail. Strong written and verbal communication for documentation and stakeholder coordination. Preferred certifications: Security+, CEH, Qualys Certified Specialist, ISO 27001 Internal Auditor, or similar. Good to Have Experience with automation (e.g., Python, PowerShell, APIs). Exposure to security ticketing systems (e.g., ServiceNow, Jira). Knowledge of CI/CD security integration and DevSecOps practices.

Atos Group, with an annual revenue of circa € 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come. Role - Vulnerability Management Services team. Location Mumbai (Onsite) Experience 5 to 8 years Highest Qualification Any Full Time Graduate Job Responsibilities Execute vulnerability scanning and manage VM programs for clientsComplete the projects within budgeted efforts and agreed timelines with high quality deliverables Perform vulnerability scanning using different scanning solutions including SAINT, Nessus, Tenable.io, Tenable.sc, Qualys, etc. Gain good understanding of client network architecture and infrastructure to be scanned Be involved in threat identification, vulnerability identification and control analysis Develop customized reports and dashboards as per client expectations Be proactive in project planning and execution Perform likelihood determination, impact analysis and risk determination Showcase prioritization of risks including solution recommendation and documentation Identify and infer the business risk posed by the weaknesses identified during the assessments Engage with both business and technical teams within and outside the organization from a project scope definition, project execution, project closure perspectives Skills Required 5+ year of experience in Vulnerability Scanning - Expertise in Vulnerability Scanning tools such as Qualys, Tenable, Rapid7, etc. - Experience with understanding and explaining vulnerabilities to stakeholders - Good knowledge of various platforms such as Windows, Linux, Unix, Mac OS, Cisco, Juniper, etc. - Insights on standards such as PCIDSS, CIS Benchmarks, etc. - Flexible in working on challenging activities and creative in problem solving - Good communication and writing skills with ability to talk fluently Let’s grow together.

Our technology services client is seeking multiple System Administrator to join their team on a contract basis. These positions offer a strong potential for conversion to full-time employment upon completion of the initial contract period. Below are further details about the role: Role: System Administrator Experience: 1.5 - 3 Years Location: Chennai, Kolkata Notice Period: Immediate- 15 Days Mandatory Skills: VMware , Onpremise, Windows, VMare Configuration Job Description: Maintenance, Administration, Configuration, Monitoring and Troubleshooting of Windows 2012 / 2016 / 2019 / 2025 Servers. VMware vSphere Infrastructure - Installation, configuration, troubleshooting of VMware ESXi servers, Virtual appliance, vCenter, ESXI host upgrade and patching. Creating and managing VMware cluster, Enabling HA, and DRS features in a cluster. Configuration of Virtual switches, port groups and network connections Creating and managing standard templates and keeping them update. Deploying VMs from template and allocates resources as per client requirements. Security hardening of VMs and Esxi servers for security compliance. Performing snapshots, cloning, migrations of VMs Vulnerability Management - Assist in providing support and resolution for the Critical/High open vulnerabilities on Windows/ VMware Servers. Providing support to mitigate external Vulnerabilities reported by KPMG team. Coordinate with Server Owners to fix Application related vulnerabilities with the defined SLA. Providing support to raise a risk on insight360 portal for servers which have surpassed the SLA. Data Centre Operations - Installation, Configuration, Monitoring and Troubleshooting of physical servers like DELL PowerEdge, HP ProLiant, Cisco UCS servers. Coordination with OEM/Partners Technical Support Team to resolve problems. Support for Windows Defender, SOC SIEM, BigFix, Qualys, CIS CAT, SolarWinds team for installation, configuration, upgradation and troubleshooting of applications. Coordination with Backup team, Database and Network team to resolve problems. Incident and RITM Management - Work on Incidents, RITM raised for Server OS issue, backup failure, access management, performance alerts etc. Change Management – Work on Change Requests for Commission of new servers, Decommission, Operating system upgradation, IP change Activity, virtual machine CPU/Memory/Disk upgradation and others. Installation of monthly windows security updates for the on-prem windows servers. If you are interested, share the updated resume to sushmitha.r@s3staff.com

The healthcare industry is the next great frontier of opportunity for software development, and Health Catalyst is one of the most dynamic and influential companies in this space. We are working on solving national-level healthcare problems, and this is your chance to improve the lives of millions of people, including your family and friends. Health Catalyst is a fast-growing company that values smart, hardworking, and humble individuals. Each product team is a small, mission-critical team focused on developing innovative tools to support Catalyst’s mission to improve healthcare performance, cost, and quality. Job Summary/Responsibilities Participate in the entire development lifecycle, from planning through implementation, security, testing, and deployment, all the way to production. Own the ideal pipeline blueprint that developers will base new applications on Own upgrades, manage systems integrations and guide tool selection. Build tools that help engineers rapidly develop new applications and have confidence that their changes will work flawlessly in production. Learn our stack inside and out, and triage cross-cutting issues in our environment. Experienced in Linux platform and shell scripting. Should be able to troubleshoot and perform installation of opensource toolsets in Linux OS. Familiar with CI/CD tools sets like Bitbucket, Jenkins and release process. Familiar with docker containers and deployment with Kubernetes. Qualification/Education Requirements Bachelor’s degree in Computer Science or equivalent. 3+ years of experience in DevOps Engineering. Public Cloud experience on AWS is a must. Experience with continuous integration platforms such as Jenkins, CodeBuild, Gitlab, etc. AWS certification is plus. Requirements Close involvement with developer communities and open-source web technologies. Strong sense of ownership and passion for engineering great products with stellar user experiences. Good background building fully automated CI/CD pipelines. Good DevOps experience, with significant time spent with web services. Experience working on various AWS services such as EKS, CloudFront, Lambda Functions etc. Experience working with Kubernetes Familiarity with agile methodology. Experience with Security and performance tools would be a plus. Key Competencies/Skills Ability to visualize automation in CI/CD. Hands-on experience on containerization platforms such as Docker, Kubernetes, EKS, ECS etc. Good programming skills with scripting languages such as Python, NodeJS, Shell Ability to learn and adapt to new technology. Good knowledge of Continuous Integration environment (i.e., Test and build systems such as CodeBuild, Jenkins, Maven, Ant) Code Quality performance tools integration with build pipelines. (SonarQube, Nessus, Qualys etc) Experience in Linux system administration Ability to follow documented specifications and plans with minimal supervision. Good verbal and written communication skills Good understanding on software development life cycle (analysis, design, coding, testing etc.,) Good experience writing Infrastructure as a Code (IaaC) – Terraform scripts **Equal Employment Opportunity has been, and will continue to be, a fundamental principle at Health Catalyst, where employment is based upon personal capabilities and qualification without discrimination or harassment on the basis of race, color, national origin, religion, sex, sexual orientation, gender identity, age, disability, citizenship status, marital status, creed, genetic predisposition or carrier status, sexual orientation or any other characteristic protected by law.. Health Catalyst is committed to a work environment where all individuals are treated with respect and dignity.**

At Arctic Wolf, we are redefining the cybersecurity landscape with our global team of Pack members committed to setting new industry standards. Our achievements speak for themselves, from being recognized in prestigious lists like the Forbes Cloud 100, CNBC Disruptor 50, and winning awards like the CRN Products of the Year. We are proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and to have earned the Customers" Choice distinction from Gartner Peer Insights. Arctic Wolf is not just leading but also shaping the future of security operations. Our mission is straightforward: End Cyber Risk. We are currently seeking a Security Developer to join us in achieving this goal. About The Role As a Security Developer at Arctic Wolf, you will work as a software developer focusing on enhancing the platforms threat, vulnerability, and configuration risk detection capabilities. Your primary objective will be to contribute to making security better for our clients daily. This role involves collaborating with team members, Product Management, Security Services, and other specialists to enhance the coverage and effectiveness of our Manage solution continuously. Your Responsibilities - Collaborate with team members to enhance coverage, efficiency, and deliver customer-facing and internal services. - Engage in the full software development lifecycle. - Develop well-designed, testable, efficient, and secure code for vulnerability and misconfiguration detection in areas such as Classic Endpoint Vulnerability And Config Management, Cloud Config And Posture Management. - Assist operational teams in resolving unexpected results, receiving feedback, and improving detection efficacy. Skills Requirements - Proficiency in at least one backend programming language like Go, Node.js, or Python. - Strong understanding and practical application of secure development practices. - Security-focused mindset with hands-on experience in operational security or security engineering. - Full understanding and use of DevOps methods and practices. - Familiarity with test-driven development (TDD) and robust testing strategies. - Experience with AWS, Docker, Kubernetes, IaC is an asset. Bonus Considerations For - Experience with 3rd Party Vulnerability Management tools, Cloud-based configuration and Security Posture Management tools, open-source vulnerability and pen-testing platforms. - IT Deployment backgrounds leveraging deployment automation tools like Salt or Ansible. Why Arctic Wolf At Arctic Wolf, we nurture a collaborative and inclusive work environment that values diversity of thought, background, and culture. Our commitment to growth and shaping the future of security operations is complemented by our dedication to customer satisfaction, with a vast customer base and global channel partners. We celebrate unique perspectives through our Pack Unity program and believe in corporate responsibility, giving back to the community. All employees at Arctic Wolf receive competitive compensation and benefits packages, including equity, flexible leave policies, training programs, comprehensive private benefits plan, fertility support, and more. Join us in our mission to End Cyber Risk and contribute to a safer digital world.,

Job Description About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Strong understanding of IT security standards and frameworks (OWASP, NIST, CIS) Strong understanding of security risks in networks and application platforms Strong understanding of network security, infrastructure security and application security Strong understanding of OSI, TCP/IP model and network basics Demonstrate technical penetration testing skills on IT infrastructure, web applications, mobile platforms and Red teaming Strong technical skills: Information security, network security, Windows security, UNIX/Linux security, web and mobile application security, Cloud platforms Broad knowledge of security technologies for applications, databases, networks, servers, and desktops Solid technical skills in both information security architecture and penetration testing and ability to assess testing tools and deploy the right ones. Scripting and programming experience is beneficial Ability to perform manual penetration testing Experience in Application Security Testing (Web, Mobile & ERP [SAP]), or related functions Vulnerability Assessment, Penetration testing Perform penetration testing of various thick client software, web applications, and communications infrastructure to assist in hardening the cybersecurity posture against malicious actors Conduct security research on the latest emerging advanced persistent threats (APTs), malware, and other security developments to assist in enterprise security efforts. Apply this security research into assessments. Perform technical writing to communicate the preparation, testing, and recommendation phases for various security tests. Work with stakeholders to remediate system vulnerabilities. Train team members and colleagues on the latest cybersecurity tactics, techniques, and procedures (TTPs) to grow the skill of the firm Understanding of various security technologies including end point security, perimeter security, advanced threat protection, malware defense and security management Expertise in the phases of penetration testing. Familiarity with Kali Linux distribution and the associated penetration testing tools suite. Experience in penetration testing simulations like Hack the Box or Capture the Flag exercises considered a plus. Good Understanding of OWASP top 10 and mitigation techniques Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, Security Misconfiguration, CSRF, authentication/ authorization issues Database testing: MySQL, Oracle, NoSQL Understanding of cyber security management, cyber analytics, security intelligence platforms and threat intelligence frameworks Writing business proposals and response to client RFP/ RFIs Identifying business opportunities and lead delivery and program management for large cyber security programs Delivery team and client relationship management Experience on both commercial, open source tools and frameworks but not limited: Burpsuite, Metasploit, Core-Impact, Kali-Linux, AppScan, WebInspect, SSLScan, Soap UI Pro, SonarQube, Qualys, Nikto, Nessus, nmap, sqlmap, OWASP ZAP Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Qualifications B.Tech, B.E.

Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities As part of the Infosys delivery team, your primary role would be to ensure effective Design, Development, Validation and Support activities, to assure that our clients are satisfied with the high levels of service in the technology domain. You will gather the requirements and specifications to understand the client requirements in a detailed manner and translate the same into system requirements. You will play a key role in the overall estimation of work requirements to provide the right information on project estimations to Technology Leads and Project Managers. You would be a key contributor to building efficient programs/ systems . If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Additional Responsibilities: Job Opening is for multiple locations- Bangalore, Hyderabad, Trivandrum, Chennai, Pune Technical and Professional Requirements: Security testing with 3-10 years exp - SAST/DAST/API, Network, Mobile Security/DevSecops/Cloud Security/Threat Modelling/Vulnerability Management/Logging & Audit/GRC/Security Operations/IAMSkills Required - Security Testing--Primary skills:Application Security,Application Security-Burpsuite,Application Security-Devsecops,Application Security-Ethical Hacking(CEH),Application Security-Nessus,Application Security-SSL(Secure Sockets Layer),Application Security-Threat Modeling,Application Security-Vulnerability Assessment/Penetration Testing,Application Security-Vulnerability Management,Application Security-Web Security,Application Security-Webservices Security,Security testing-Vulnerability testing,Technology-Application Security-Vulnerability Management-Qualys,Mobile Testing-Mobile Security Testing Preferred Skills: Technology-Application Security-Application Risk Profiling Threat Modeling Technology-Application Security-Ethical Hacking Technology-Application Security-Mobile Application Security Technology-Application Security-Penetration Testing (Black/White/Grey Box Testing) Technology-Application Security-Vulnerability Management Technology-Mobile Testing-Mobile Security Testing Technology-Security Testing-Security Testing - ALL Technology-Infrastructure Security-Secure Web Gateway-TrendMicro Interscan web security Virtual appliance

Join our Team About this opportunity: We are now looking for a Senior Security Engineer professional for our Managed Security team. This job role has accountability for researching, designing, engineering, implementing, and supporting security solutions in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured. What you will do: Design, implement, manage, monitor, and troubleshoot cybersecurity defenses, including configuration management, network security, systems security, and monitoring systems / tools. Participate in planning and audit scope development as well as project execution as a critical team member on complex technology related assessments. Play an active role in the design and execution of infrastructure initiatives to ensure an evolving adherence to industry best practices for information security. Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where needed. Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating and modifying rules, investigating and resolving alerts, automating tasks. Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team. Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Innovate and automate repetitive activities and corrective actions, including broader automation initiatives. Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance Responds to information security incidents, including investigation of countermeasures to and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement The skills you bring: Strong knowledge of information security Strong knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.) Strong knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving Strong understanding of enterprise, network, system and application level security issues Strong understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks along with available security controls (technical & process controls) for respective layers Good understanding of the system hardening processes, tools, guidelines and benchmarks Fundamental understanding of encryption technologies Participate in the out-of-hours on call rotation, providing technical support to the business for incidents Strong knowledge sharing and collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key Qualifications: Education: BE/ B.Tech (Telecommunication/ Computer Science) Minimum years of relevant experience: 8 to 15 years experience with at least 8 years in IT and 7 years in Security ITIL certification, CCSP, OSCP, Security +, CISSP or similar will be an advantage Basic knowledge of telecommunications networks will be an added advantage Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Bangalore Req ID: 769624

About the Role: Minimum experience of 8 years in the field of Threats and Vulnerability management in a corporate environment This is a HANDS-ON engineering position for individuals with a passion for Vulnerability Management, managing related tools and supporting business. The role is 70% focused on providing operations support and 30% focused on new projects, enhancements. Hybrid working model is available. Role & Responsibilities: Manage Qualys console using various modules. Make sure client agent coverage is managed at a good level. Support business with Qualys and/or Vulnerability Management requests Understand the current state of the technology components in the IT stack ranging from networking, storage, compute (virtualization, containers), applications & security mgmt. Collaborate with team-mates and understand the threats, vulnerabilities, and risks to the enterprise. Establish non-production and production environments for testing and hosting the applications. Own the end-to-end technical design, unit testing and the maintenance of the hosting environment. Adhere to the Scaled Agile Framework methodologies and tools that exists in the environment. Participate in daily stand-up sessions of Compliance & Security release train and contribute to bi-weekly sprints. Learn System Engineering concepts to analyse existing environment and find more efficient ways. Identify ways of doing things with full automation, AI and ML which needs knowing/learning the concepts of these technologies. If interested please do share your updated profile to archana.r@bahwancybertek.com

Role Description We are seeking a highly skilled and self-driven Cybersecurity Specialist with hands-on experience in Imperva Database Activity Monitoring (DAM) to join our security operations team. The ideal candidate will have deep expertise in deploying, configuring, and troubleshooting Imperva DAM solutions, along with broad knowledge of various other enterprise security tools. The role requires strong problem-solving abilities, attention to detail, and a proactive mindset for enhancing our security posture. Job Responsibilities Install, configure, and manage Imperva DAM across diverse environments. Perform ongoing administration, health checks, and tuning of Imperva systems. Develop and maintain security policies, rulesets, and custom alerts within Imperva DAM. Work closely with DBAs, system admins, and compliance teams to support audit and monitoring requirements. Troubleshoot and resolve performance, connectivity, and configuration issues related to security tools. Deploy and support other security tools such as SIEMs, vulnerability scanners, endpoint security platforms, firewalls, etc. Maintain detailed technical documentation, SOPs, and architectural diagrams. Stay current with emerging threats, vulnerabilities, and best practices in data protection and security monitoring. Assist in incident response and investigations involving data access or database-related threats. Required Qualifications 3+ years of experience in cybersecurity, with 2+ years of hands-on work with Imperva DAM . Strong understanding of database environments (Oracle, SQL Server, MySQL, etc.) and how DAM integrates with them. Proven experience in installation, configuration, upgrade, and troubleshooting of security tools in enterprise environments. Working knowledge of Linux and Windows systems. Familiarity with SIEM (e.g., Splunk, QRadar), endpoint protection (e.g., CrowdStrike, SentinelOne), and vulnerability scanners (e.g., Qualys, Nessus). Strong scripting skills (e.g., Shell, PowerShell, Python) are a plus. Excellent communication, documentation, and analytical skills. Job Type: Full-time Pay: ₹10,523.07 - ₹67,466.61 per month Work Location: In person

Company Description Aguna Solutions is an IT services company that leverages the power of technology to build better futures for our customers, colleagues, environment, and communities. We focus on modernizing operations and driving innovations through Robotics Process Automation, Product Development, Custom Development, Cyber/Information Security, Cloud services, Consulting, Implementation, Support, and Business Intelligence. Our mission is to fuel the future of digital innovation through inspired creativity, breaking free from traditional software, security, and systems limitations. Located at the nexus of Innovation and Engineering, we are committed to delivering high-quality services managed by proven processes and models. Role Description We are seeking a highly skilled and self-driven Cybersecurity Specialist with hands-on experience in Imperva Database Activity Monitoring (DAM) to join our security operations team. The ideal candidate will have deep expertise in deploying, configuring, and troubleshooting Imperva DAM solutions, along with broad knowledge of various other enterprise security tools. The role requires strong problem-solving abilities, attention to detail, and a proactive mindset for enhancing our security posture. Job Responsibilities Install, configure, and manage Imperva DAM across diverse environments. Perform ongoing administration, health checks, and tuning of Imperva systems. Develop and maintain security policies, rulesets, and custom alerts within Imperva DAM. Work closely with DBAs, system admins, and compliance teams to support audit and monitoring requirements. Troubleshoot and resolve performance, connectivity, and configuration issues related to security tools. Deploy and support other security tools such as SIEMs, vulnerability scanners, endpoint security platforms, firewalls, etc. Maintain detailed technical documentation, SOPs, and architectural diagrams. Stay current with emerging threats, vulnerabilities, and best practices in data protection and security monitoring. Assist in incident response and investigations involving data access or database-related threats. Required Qualifications 3+ years of experience in cybersecurity, with 2+ years of hands-on work with Imperva DAM . Strong understanding of database environments (Oracle, SQL Server, MySQL, etc.) and how DAM integrates with them. Proven experience in installation, configuration, upgrade, and troubleshooting of security tools in enterprise environments. Working knowledge of Linux and Windows systems. Familiarity with SIEM (e.g., Splunk, QRadar), endpoint protection (e.g., CrowdStrike, SentinelOne), and vulnerability scanners (e.g., Qualys, Nessus). Strong scripting skills (e.g., Shell, PowerShell, Python) are a plus. Excellent communication, documentation, and analytical skills. Preferred Qualifications Imperva Certified Implementation Specialist (if applicable). Experience with cloud deployments (AWS, Azure) of security tools. Prior experience supporting GRC/audit requirements (e.g., PCI-DSS, SOX). Knowledge of database security best practices and insider threat detection.

Job description: Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Qualys, Inc is a pioneer and leading provider of disruptive cloud-based IT, security, and compliance solutions with over 11,000 active customers in more than 130 countries, many of which are in the Forbes Global 100 and Fortune 100 companies. Qualys helps organizations streamline and consolidate their security and compliance solutions in a single platform and build security into digital transformation initiatives for greater agility, better business outcomes, and substantial cost savings. We are seeking a talented Senior Software Engineer to work on the Qualys Scanner Platform which is Qualys flagship offering. Working with a team of engineers and architects, you will be responsible for prototyping, designing, developing and supporting a highly scalable security platform Responsibilities: Analyze, design, code, and debug complex security software Provide ongoing maintenance, support and enhancements in existing systems and platforms. Provide recommendations for continuous improvement. Work alongside other engineers on the team to elevate technology and consistently apply best practices. Required Skills: ------------------ Bachelor’s in computer science 4-8 years of experience as a hands-on engineer developing software products and solutions for service-oriented deployment in public or private clouds. 4-8 years of C/C programming in a Linux environment Working knowledge in Linux Kernel Demonstrated skills including design, prototype, development, unit test, performance profiling, etc. Hands-on with development tools like VIM, Jira, GIT, Nexus, Maven, JIRA Agile Development with Scrum Desired Skills: --------------- Takes complete ownership of successful delivery of the products components, modules and dependencies assigned Demonstrated high quality focus and exposure to Test-Driven Development. Must have launched or developed complex software projects with multiple complex features with short release cycles Excellent communications skills, both verbal and written Self-directed; requires minimal supervision on work products Assertive and must be able to influence team members to meet their commitments in a timely manner and also be able to forge consensus and resolve issues in the face of conflicting goals or interests Team player with a “can do” attitude yet modest and humble attitude when it comes to collaborating within team and across other teams Uncompromising attitude when it comes to quality and help raise bar of product, team members and hence overall engineering organization

Job Summary: We are seeking a highly experienced “Senior VAPT & Penetration Testing Specialist” to lead and ensure the quality and effectiveness of our vulnerability assessment and penetration testing operations. This role involves findings, validating findings, reviewing technical reports, ensuring compliance with standards (OWASP, PTES, NIST, etc.), and improving methodologies and tools. Key Responsibilities: Conduct in-depth vulnerability assessments and penetration tests on web, mobile, network, API, and cloud infrastructure using manual and automation. Utilize industry-standard tools like SQLMap, Burp Suite, Nessus, Nmap, and custom scripts for advanced exploitation techniques. Simulate various cyber-attacks including DDoS, Brute Force, XSS, SQL Injection, DNS attacks, and Social Engineering to identify system vulnerabilities. Perform peer reviews of technical deliverables and verify accuracy of findings and recommendations. Ensure that all assessments are aligned with industry standards such as OWASP, PTES, MITRE ATT&CK, and NIST. Act as a technical lead and mentor for junior VAPT team and QA team members. Identify gaps in the current testing methodologies and implement process improvements. Prepare detailed documentation and the VA report and ensure clear, actionable, and risk-rated reporting. Collaborate with clients and internal teams to understand scope and provide post-assessment clarifications. Present the client meeting for the future VAPT assignments. Stay updated with emerging threats, tools, techniques, and frameworks. Required Skills & Qualifications: Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field. 3 to 5 years of hands-on experience in VAPT and penetration testing. In-depth knowledge of web, network, mobile, cloud, and API security. Strong understanding of secure coding practices and vulnerability management. Expertise in tools like Burp Suite, Nmap, Nessus, Metasploit, Qualys, Kali Linux, Wireshark, etc. Familiarity with SIEM, IDS/IPS, EDR tools is a plus. Excellent report writing and documentation skills. Strong communication and overseas client-interaction skills. Preferred Certifications: OSCP (Offensive Security Certified Professional) – Highly preferred CEH (Certified Ethical Hacker) CREST / GPEN / GWAPT / CISSP – Optional but desirable ISO 27001 Lead Auditor or Lead Implementer – Added advantage

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Vulnerability Assessment Specialist is a seasoned subject matter expert, responsible for conducting advanced vulnerability assessments, identifying vulnerabilities, and provides expert recommendations to mitigate security risks to ensure the security and integrity of the organization's systems and infrastructure. This role requires collaboration with cross-functional teams, and they lead/perform vulnerability assessments, analyze findings, and provide recommendations to mitigate security risks and contributes to the improvement of vulnerability management practices. Key responsibilities: Conducts vulnerability assessments using automated scanning tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components. Analyzes scan results and prioritizes vulnerabilities based on severity, impact, and exploitability. Assesses the potential risks associated with identified vulnerabilities. Analyzes the business impact, likelihood of exploitation, and potential attack vectors to prioritize remediation efforts based on risk severity. Provides detailed remediation recommendations to system owners, administrators, and IT teams. Collaborates to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities. Utilizes vulnerability scanning tools such as Nessus, OpenVAS, Qualys, or similar tools to conduct scans, configure scan policies, and fine-tune scan parameters for accurate and comprehensive assessments. Prepares vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions. Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner. Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, coordination, and alignment on vulnerability management efforts. Communicates technical concepts and recommendations to non-technical stakeholders. Participates in security awareness programs and provides training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Promotes a culture of security awareness within the organization. Collaborates with incident response teams to identify and address vulnerabilities associated with security incidents. Provides support during incident response efforts and contribute to post-incident analysis and remediation. Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices. Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools. Shares knowledge and provides guidance to improve vulnerability management practices. Performs any other related task as required. To thrive in this role, you need to have: Seasoned understanding of vulnerability assessment methodologies, tools, and industry best practices. Seasoned understanding of networking concepts, operating systems, and common software vulnerabilities. Solid proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Seasoned knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities. Solid knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases. Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions. Excellent written and verbal communication skills to prepare vulnerability assessment reports and effectively communicate technical information to diverse stakeholders. Excellent collaboration and teamwork skills to work effectively with cross-functional teams and stakeholders. Seasoned familiarity with security frameworks, standards, and regulatory compliance requirements. Academic qualifications and certifications: Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Vulnerability Assessor (GCVA) are beneficial. Required experience: Seasoned demonstrated experience in information security or related roles, with a focus on conducting vulnerability assessments and providing remediation recommendations. Seasoned demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review. Workplace type : Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Job Description: Job Summary: We are seeking a talented Security Engineer to join our growing security team. In this role, you will play a critical part in designing, implementing, and managing security controls across key areas, including but not limited to Cloud Security, Endpoint Detection & Response (EDR), Vulnerability Management, SASE/Firewall, Data Leakage Prevention . Key Responsibilities: Design, implement, and maintain security solutions to safeguard cloud environments, endpoints, networks, and applications. Lead or support vulnerability assessments , coordinate remediation activities with IT and development teams, and track mitigation progress. Configure, maintain, and optimize firewall rules and network security policies , ensuring secure and compliant connectivity. Collaborate with cloud engineers and DevOps teams to embed security best practices in cloud infrastructure and deployments. Develop and maintain documentation, including security standards, procedures, and runbooks. Stay current with emerging threats, vulnerabilities, and regulatory requirements, and proactively recommend improvements. Participate in security audits and compliance efforts as needed. Qualifications Required: Bachelor’s degree in Computer Science, Information Security, or related field; or equivalent practical experience. 3–5 years of experience working in information security area. Hands-on experience with at least one of the following areas: Cloud Security (AWS, Azure, security configurations and tools) EDR (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint) Vulnerability Management (e.g., Qualys, Tenable, Rapid7) Firewall Management (e.g., Palo Alto Networks, Fortinet, Cisco ASA) Network Security / SASE / SSE (e.g. Cato, Zscaler, Netscope) Solid understanding of security principles, networking fundamentals, and common threat vectors. Strong problem-solving skills and attention to detail. Excellent communication and collaboration skills. Preferred: Relevant industry certifications (e.g., Security+, CEH, CISSP, Azure Security Engineer, AWS Security Specialty). Scripting or automation skills (e.g., Python, PowerShell) are a plus. Familiarity with compliance frameworks (e.g., ISO 27001, SOC 2, GDPR) is desirable. AML RightSource is committed to fostering a diverse work environment and is proud to be an equal opportunity employer. We provide equal employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Long Description Our exciting Opportunity We are now looking for a Security Vulnerability Engineer for our security team. This job role is responsible for identifying, researching, prioritizing, remediating, and mitigating vulnerabilities as part of the vulnerability management practice. The professional will work alongside a highly Skilled, diverse team, making Sure that the information assets, that we are responsible to protect, are secured! We believe in trust – we trust each other to do the right things! We believe in taking decisions as close to the product and technical expertise as possible. We believe in Creativity – trying new things and learning from our mistakes. We believe in Sharing our insights and helping one another to build an even better user plane. We truly believe in happiness, we enjoy and feel passionate about what we do And value each other’s technical competence deeply. You will Daily operations and maintenance of vulnerability scanning tools and Supporting infrastructure Register the assets in the scanning tool and perform scanning as per the agreed schedule. Perform Vulnerability Management, including but not limited to: Supporting scan tools, executing vulnerability scans, performing analysis, recommending / tracking mitigations Periodic validation of assets through Central depository. Register assets in scanning tool and perform periodic scans. Perform, review and analyze security vulnerability data & CIS Hardening data to identify applicability and false positives, recommend corrective actions for mitigation Publish report as per the defined schedule on identified security vulnerabilities & CIS Hardening as well the Control gaps identified during security Control review. Overall responsible for governance and tracking of Vulnerability Remediation action Plan Maintain risk register for exploitable Vulnerability & discuss remediation with stakeholders Act on after hours (on-Call Support) for IT security incidents as required Analyze results of Web application assessment and provide executive reports with recommendations for mitigation. Perform, review and analyze security vulnerability data to identify applicability and false positives, recommend corrective actions for mitigation publish report as per the defined schedule on identified security vulnerabilities as well the Control gaps identified during security Control review. Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and Support teams. Assist in metrics development and reporting. Devise methods to automate testing activities and Streamline testing processes Provide oral briefings to leadership and technical Staff, as necessary. Support and run vulnerability management scans of the customer systems (using tools like Tenable nessus, qualys, etc.) Plan and handshake Vulnerability schedule with customer & stakeholders. You must have Solid understanding of security controls (e.g. Access Control, auditing, authentication, encryption, integrity, physical security, and application security). Working knowledge of scanning tools (nessus, qualys, netsparker, Fortify, etc.) Strong understanding of enterprise, network, system and application level security issues Understanding of enterprise Computing environments, distributed applications, and a Strong understanding of TCP/IP networks also with available security Control (technical & process Control) for respective layers Experience writing technical reports and executive summaries. The ability to provide Support after normal business hours The ability to work constructively under pressure Ability to work both in a team as well as individually Participate in the out-of-hours on Call rotation, providing technical Support to the business for major and critical incidents Knowledge Sharing and Collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key qualifications: Bachelor's Degree (B.E./B.tech) in Computer science or related field. Experience: 8-10 years What’s in it for you? Here at Ericsson, our Culture is built on over a Century of courageous decisions. With us, you will no longer be dreaming of what the future holds – you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a way To move your Career in any direction you want; with hundreds of Career opportunities in locations all over the world, in a place where Co-Creation and Collaboration are embedded into the walls. You will find yourself in a Speak-up environment where empathy and humanness Serve as cornerstones for how we work, and where work-life Balance is a priority. Welcome to an inclusive, global Company where your opportunity to make an impact is endless. What happens once you apply? To prepare yourself for next steps, please explore here: https://www.ericsson.Com/en/careers/job-opportunities/hiring-process Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. We are committed to providing reasonable accommodations to all individuals participating in the application and interview process. If you need assistance or to request an accommodation due to a disability please reach out to Contact us We are proud to announce Ericsson India is ranked 19th among all 50 countries and is once again officially Great Place to Work Certified™ in 2024. Every year, more than 10,000 organizations from over 60 countries partner with the Great Place to Work® Institute for assessment, benchmarking and planning actions to strengthen their workplace culture and this Certification acknowledges our employees value their employee experience and our workplace culture. Primary country and city: India (IN) || Noida Req ID: 770317

Our exciting Opportunity We are now looking for a Security Vulnerability Analyst professional for our security team. This job role is responsible for identifying, researching, prioritizing, remediating, and mitigating vulnerabilities as part of the vulnerability management practice. The professional will work alongside a highly Skilled, diverse team, making Sure that the information assets, that we are responsible to protect, are secured! We believe in trust – we trust each other to do the right things! We believe in taking decisions as close to the product and technical expertise as possible. We believe in Creativity – trying new things and learning from our mistakes. We believe in Sharing our insights and helping one another to build an even better user plane. We truly believe in happiness, we enjoy and feel passionate about what we do and value each other’s technical competence deeply. You will Daily operations and maintenance of vulnerability scanning tools and Supporting infrastructure Register the assets in the scanning tool and perform scanning as per the agreed schedule. Perform Vulnerability Management, including but not limited to: Supporting scan tools, executing vulnerability scans, CIS Hardening, performing analysis, recommending / tracking mitigations Monitor ticket / email queue for Vulnerability & Pen test request. Monitor email / Web based reporting of vulnerabilities from outside reporters. Responsible for Completion status and reporting Vulnerability assessment scan. Periodic validation of assets through Central depository. Perform, review and analyze security vulnerability data to identify applicability and false positives, recommend corrective actions for mitigation Publish report as per the defined schedule on identified security vulnerabilities as well the Control gaps identified during security Control review. Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and Support teams. Overall responsible for governance and tracking of Vulnerability Remediation action Plan Plan and handshake Vulnerability schedule with customer & stakeholders. Assist in metrics development and reporting. You must have Solid understanding of security controls (e.g. Access Control, auditing, authentication, encryption, integrity, physical security, and application security). Working knowledge of scanning tools (nessus, qualys, netsparker, Fortify, etc.) Strong understanding of enterprise, network, system and application level security issues understanding of enterprise Computing environments, distributed applications, and a Strong understanding of TCP/IP networks also with available security Control (technical & process Control) for respective layers The ability to provide Support after normal business hours The ability to work constructively under pressure Ability to work both in a team as well as individually participate in the out-of-hours on Call rotation, providing technical Support to the business for major and critical incidents Knowledge Sharing and Collaboration skills Deliver results and meet customer expectations excellent communication skills; English is a must Key qualifications: Bachelor's Degree (B.E./B.tech) in Computer science or related field. Experience: 5 years What’s in it for you? Here at Ericsson, our Culture is built on over a Century of courageous decisions. With us, you will no longer be dreaming of what the future holds – you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a Way to move your Career in any direction you want; with hundreds of Career opportunities in locations all over the world, in a place where Co-Creation and Collaboration are embedded into the walls. You will find yourself in a Speak-up environment where empathy and humanness Serve as cornerstones for how we work, and where work-life balance is a priority. Welcome to an inclusive, global Company where your opportunity to make an impact is endless. What happens once you apply? To prepare yourself for next steps, please explore here: https://www.ericsson.Com/en/careers/job-opportunities/hiring-process Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. We are committed to providing reasonable accommodations to all individuals participating in the application and interview process. If you need assistance or to request an accommodation due to a disability please reach out to Contact us We are proud to announce Ericsson India is ranked 19th among all 50 countries and is once again officially Great Place to Work Certified™ in 2024. Every year, more than 10,000 organizations from over 60 countries partner with the Great Place to Work® Institute for assessment, benchmarking and planning actions to strengthen their workplace culture and this Certification acknowledges our employees value their employee experience and our workplace culture. Primary country and city: India (IN) || Noida Req ID: 770318

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Job Description About Us: Qualys is the leading provider of information security and compliance cloud solutions. We are currently seeking a highly skilled Lead Performance Engineer to join our team and lead the Performance efforts of backend systems. Job Summary: As a Lead Performance Engineer, you will play a critical role in ensuring the highest performance and quality benchmarks. You will lead performance engineering efforts, mentor team members, and collaborate with cross-functional teams to drive performance initiatives. Your deep expertise in performance methodologies, automation, and leadership will be instrumental in shaping our quality strategies and ensuring the delivery of high-quality software. Key Responsibilities: Plan, design, and execute automated performance tests to evaluate system scalability, stability, and reliability. Lead the creation of test strategies, workload models, estimation, test data setup, and performance test cases. Utilize tools such as JMeter for scripting and executing performance tests. Perform deep performance analysis and tuning in both pre-production and production environments. Use AppDynamics and similar APM tools for monitoring application behavior and identifying performance bottlenecks. Analyze system-level metrics including CPU, memory, garbage collection, network usage, and database performance to diagnose issues. Work closely with development and DevOps teams to troubleshoot and resolve performance problems. Generate detailed performance reports, graphs, and dashboards using tools like Grafana, Elasticsearch, OpenSearch. Identify and address memory leaks, connection pool issues, thread contention, and other scalability concerns. Prepare and publish performance test results, reports, and sign-off documentation. Support cloud-based environments and containerized deployments using Docker/Kubernetes. Provide leadership and mentorship in performance engineering best practices. Communicate clearly and effectively with stakeholders on test progress, results, and risk assessments. Experience : Over 9 years of experience in software performance engineering, with at least 2 years in a leadership or similar role. Extensive hands-on experience with performance testing tools and frameworks such as JMeter, AppDynamics, Dynatrace ,LoadRunner, etc. Strong understanding of performance engineering methodologies, tools, and processes, including scalability, stress, and load testing. Proven ability to lead performance test planning, execution, and reporting, ensuring high-quality software performance and optimal system behavior under load. Qualifications: Bachelor's degree in computer science, information technology, or a related field. Good verbal and written communication skills. Strong analytical and problem-solving skills to identify, document, and report issues effectively. Meticulous attention to detail is essential for effective testing. Familiarity with software testing concepts, types of testing, and the software development life cycle (SDLC). Willingness to learn and adapt to new tools and technologies. Knowledge of programming languages like Java or Python. A strong desire to ensure software quality and improve processes. Why Join Us: Innovative Environment: Work with cutting-edge technology and be part of a team that values innovation. Growth Opportunities: We offer continuous learning and development opportunities to help you grow in your career. Impactful Work: Play a key role in delivering high-quality products that has wide impact. Collaborative Culture: Join a supportive and collaborative team that values diverse perspectives.

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are seeking a highly motivated and talented Senior Director, Engineering to work on Qualys' next-generation products. Working with multiple teams of engineers and architects, you will be responsible for prototyping, designing, developing and supporting highly scalable SaaS-based cloud security services. This is a great opportunity to build Qualys' next generation micro-services based products that process over a 100 million transactions and terabytes of data per day, leveraging open source and proprietary technologies. The ideal candidate has a proven track record of building large, scalable SaaS products, and is a creative thinker, problem solver, teacher, learner, and a fantastic manager of people. Responsibilities Develop best-in-class Qualys' next-generation products. Passionate about building world class teams that excel at developing innovative Security SaaS products. Customer focused and highly driven to solve real problems for customers. Create high-performance APIs, libraries and microservices that scale to meet/exceed the demands of processing over a 100 million transactions and terabytes of data per day. Ensure highly available services with zero downtime. Be responsible for developing and running the SaaS services in partnership with the SRE and operations teams. Ensure that you maximize the productivity of your team, especially by predicting and resolving obstacles and dependencies before they're needed. Ensure collaboration, communication, and proper expectation setting across teams. Put in place and enforce best-in-class processes for ensuring high quality and high uptime for the products developed by the team. Research, evaluate and adopt next-generation technologies. Produce high-quality software following good architecture and design principles that you and your team will find easy to work with in the future. Participate in architecture reviews related to performance and scalability of products. Requirements 15+ years hands-on development experience including relevant experience developing SaaS-based software products and solutions for service-oriented deployments in public (AWS, Azure, Rackspace, etc.) or private clouds. Significant experience with managing global engineer teams. Ability to lead and influence team members to forge consensus on technical discussions including architectural and design guidelines, code reviews, release process, etc. Strong Java/C++ programming skills. Object-oriented design, prototyping, development, testing & profiling. Knowledge of JVM concepts like garbage collection, heap, stack, profiling, class loading, etc.Have built scalable SaaS platforms utilizing microservices/distributed systems architecture using RESTful API's consumed by internal and external partners. Messaging middleware using JMS, AMQP, Kafka, NATS, etc. In-memory caching using Redis, Memcached, etc. Persistence in RDBMS or NoSQL Systems. Applied principles of site reliability engineering for monitoring and alerting of applications. Strong analytical and debugging skills. Strong in data structures and algorithms. BS/MS degree in Computer Science, Applied Math or related field. Experience with RDBMS systems (preferably Oracle). Experience with NoSQL databases (preferably Cassandra). Bonus Points If You Have Built Security services from the ground up. Experience with container and orchestration technologies such as Docker, Kubernetes etc. Experience with monitoring tools such as Graphite, Grafana, and Prometheus. Experience with Hashicorp technologies such as Consul, Vault, Terraform and Vagrant. Experience with configuration management tools such as Chef, Puppet or Ansible. In-depth experience with continuous integration and continuous deployment pipelines. Exposure to Maven, Ant or Gradle for builds.

Qualifications Required . Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent professional experience is acceptable. Minimum 5+ years of experience in Azure cloud operations, with a demonstrated focus on security and vulnerability management. Proven track record of managing and securing large-scale Azure environments in production. Hands-on experience with vulnerability scanning, remediation, and compliance in enterprise cloud environments. Extensive experience in responding to and managing security incidents and threat mitigation in Azure. Technical Skills Azure Expertise : In-depth knowledge of Azure services, including but not limited to: Azure Security Center Azure Defender Azure Key Vault Azure Policy Azure Sentinel (SIEM) Azure Active Directory (Azure AD) Security and Vulnerability Tools : Proficiency with vulnerability scanning and management tools like Qualys, Tenable Nessus, or Rapid7. Experience with Azure-native security tools for threat detection and remediation. Infrastructure Hardening : Strong knowledge of security best practices for securing virtual machines, storage accounts, AKS, and network components. Familiarity with zero-trust architecture principles and implementation in Azure. Automation & Scripting : Advanced skills in scripting languages such as PowerShell , Azure CLI , Python , or other automation tools to remediate vulnerabilities and improve operational efficiency. Experience in integrating security checks into CI/CD pipelines. Certifications (Preferred or Mandatory) Azure Cloud Certifications: Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) Security Certifications: Certified Information Systems Security Professional ( CISSP ) Certified Ethical Hacker ( CEH ) CompTIA Security+ GIAC certifications (e.g., GCIH, GSEC, or GCED) Other Requirements Familiarity with regulatory and compliance standards, such as ISO 27001 , SOC 2 , GDPR , or HIPAA . Experience in performing and supporting audits related to cloud security. Proven ability to stay current with evolving cloud and cybersecurity trends.

Our exciting Opportunity We are now looking for a Security Vulnerability Analyst professional for our security team. This job role is responsible for identifying, researching, prioritizing, remediating, and mitigating vulnerabilities as part of the vulnerability management practice. The professional will work alongside a highly Skilled, diverse team, making Sure that the information assets, that we are responsible to protect, are secured! We believe in trust – we trust each other to do the right things! We believe in taking decisions as close to the product and technical expertise as possible. We believe in Creativity – trying new things and learning from our mistakes. We believe in Sharing our insights and helping one another to build an even better user plane. We truly believe in happiness, we enjoy and feel passionate about what we do and value each other’s technical competence deeply. You will Daily operations and maintenance of vulnerability scanning tools and Supporting infrastructure Register the assets in the scanning tool and perform scanning as per the agreed schedule. Perform Vulnerability Management, including but not limited to: Supporting scan tools, executing vulnerability scans, CIS Hardening, performing analysis, recommending / tracking mitigations Monitor ticket / email queue for Vulnerability & Pen test request. Monitor email / Web based reporting of vulnerabilities from outside reporters. Responsible for Completion status and reporting Vulnerability assessment scan. Periodic validation of assets through Central depository. Perform, review and analyze security vulnerability data to identify applicability and false positives, recommend corrective actions for mitigation Publish report as per the defined schedule on identified security vulnerabilities as well the Control gaps identified during security Control review. Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and Support teams. Overall responsible for governance and tracking of Vulnerability Remediation action Plan Plan and handshake Vulnerability schedule with customer & stakeholders. Assist in metrics development and reporting. You must have Solid understanding of security controls (e.g. Access Control, auditing, authentication, encryption, integrity, physical security, and application security). Working knowledge of scanning tools (nessus, qualys, netsparker, Fortify, etc.) Strong understanding of enterprise, network, system and application level security issues understanding of enterprise Computing environments, distributed applications, and a Strong understanding of TCP/IP networks also with available security Control (technical & process Control) for respective layers The ability to provide Support after normal business hours The ability to work constructively under pressure Ability to work both in a team as well as individually participate in the out-of-hours on Call rotation, providing technical Support to the business for major and critical incidents Knowledge Sharing and Collaboration skills Deliver results and meet customer expectations excellent communication skills; English is a must Key qualifications: Bachelor's Degree (B.E./B.tech) in Computer science or related field. Experience: 5 years What’s in it for you? Here at Ericsson, our Culture is built on over a Century of courageous decisions. With us, you will no longer be dreaming of what the future holds – you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a Way to move your Career in any direction you want; with hundreds of Career opportunities in locations all over the world, in a place where Co-Creation and Collaboration are embedded into the walls. You will find yourself in a Speak-up environment where empathy and humanness Serve as cornerstones for how we work, and where work-life balance is a priority. Welcome to an inclusive, global Company where your opportunity to make an impact is endless. What happens once you apply? To prepare yourself for next steps, please explore here: https://www.ericsson.Com/en/careers/job-opportunities/hiring-process Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. We are committed to providing reasonable accommodations to all individuals participating in the application and interview process. If you need assistance or to request an accommodation due to a disability please reach out to Contact us We are proud to announce Ericsson India is ranked 19th among all 50 countries and is once again officially Great Place to Work Certified™ in 2024. Every year, more than 10,000 organizations from over 60 countries partner with the Great Place to Work® Institute for assessment, benchmarking and planning actions to strengthen their workplace culture and this Certification acknowledges our employees value their employee experience and our workplace culture. Primary country and city: India (IN) || Noida Req ID: 770318

Long Description Our exciting Opportunity We are now looking for a Security Vulnerability Engineer for our security team. This job role is responsible for identifying, researching, prioritizing, remediating, and mitigating vulnerabilities as part of the vulnerability management practice. The professional will work alongside a highly Skilled, diverse team, making Sure that the information assets, that we are responsible to protect, are secured! We believe in trust – we trust each other to do the right things! We believe in taking decisions as close to the product and technical expertise as possible. We believe in Creativity – trying new things and learning from our mistakes. We believe in Sharing our insights and helping one another to build an even better user plane. We truly believe in happiness, we enjoy and feel passionate about what we do And value each other’s technical competence deeply. You will Daily operations and maintenance of vulnerability scanning tools and Supporting infrastructure Register the assets in the scanning tool and perform scanning as per the agreed schedule. Perform Vulnerability Management, including but not limited to: Supporting scan tools, executing vulnerability scans, performing analysis, recommending / tracking mitigations Periodic validation of assets through Central depository. Register assets in scanning tool and perform periodic scans. Perform, review and analyze security vulnerability data & CIS Hardening data to identify applicability and false positives, recommend corrective actions for mitigation Publish report as per the defined schedule on identified security vulnerabilities & CIS Hardening as well the Control gaps identified during security Control review. Overall responsible for governance and tracking of Vulnerability Remediation action Plan Maintain risk register for exploitable Vulnerability & discuss remediation with stakeholders Act on after hours (on-Call Support) for IT security incidents as required Analyze results of Web application assessment and provide executive reports with recommendations for mitigation. Perform, review and analyze security vulnerability data to identify applicability and false positives, recommend corrective actions for mitigation publish report as per the defined schedule on identified security vulnerabilities as well the Control gaps identified during security Control review. Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and Support teams. Assist in metrics development and reporting. Devise methods to automate testing activities and Streamline testing processes Provide oral briefings to leadership and technical Staff, as necessary. Support and run vulnerability management scans of the customer systems (using tools like Tenable nessus, qualys, etc.) Plan and handshake Vulnerability schedule with customer & stakeholders. You must have Solid understanding of security controls (e.g. Access Control, auditing, authentication, encryption, integrity, physical security, and application security). Working knowledge of scanning tools (nessus, qualys, netsparker, Fortify, etc.) Strong understanding of enterprise, network, system and application level security issues Understanding of enterprise Computing environments, distributed applications, and a Strong understanding of TCP/IP networks also with available security Control (technical & process Control) for respective layers Experience writing technical reports and executive summaries. The ability to provide Support after normal business hours The ability to work constructively under pressure Ability to work both in a team as well as individually Participate in the out-of-hours on Call rotation, providing technical Support to the business for major and critical incidents Knowledge Sharing and Collaboration skills Deliver results and meet customer expectations Excellent communication skills; English is a must Key qualifications: Bachelor's Degree (B.E./B.tech) in Computer science or related field. Experience: 8-10 years What’s in it for you? Here at Ericsson, our Culture is built on over a Century of courageous decisions. With us, you will no longer be dreaming of what the future holds – you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a way To move your Career in any direction you want; with hundreds of Career opportunities in locations all over the world, in a place where Co-Creation and Collaboration are embedded into the walls. You will find yourself in a Speak-up environment where empathy and humanness Serve as cornerstones for how we work, and where work-life Balance is a priority. Welcome to an inclusive, global Company where your opportunity to make an impact is endless. What happens once you apply? To prepare yourself for next steps, please explore here: https://www.ericsson.Com/en/careers/job-opportunities/hiring-process Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. We are committed to providing reasonable accommodations to all individuals participating in the application and interview process. If you need assistance or to request an accommodation due to a disability please reach out to Contact us We are proud to announce Ericsson India is ranked 19th among all 50 countries and is once again officially Great Place to Work Certified™ in 2024. Every year, more than 10,000 organizations from over 60 countries partner with the Great Place to Work® Institute for assessment, benchmarking and planning actions to strengthen their workplace culture and this Certification acknowledges our employees value their employee experience and our workplace culture. Primary country and city: India (IN) || Noida Req ID: 770317