At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Encryption Engineer Today’s world is fueled by vast amounts of information which makes data more valuable than ever before. Best security practices have informed many organizations to take full control of their cryptographic keys which encrypt data on-premises and in the cloud rather than leaving those responsibilities to cloud providers or third-party companies. Protecting data in information systems is central to this role, and everyone in EY Information Security has a critical role to play. Join a global team of almost 900 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity The Encryption Engineer will be a member of the Cryptography team within the Information Security Identity and Access Management Services (IAMS) team. This Engineer will deploy, configure and maintain a centralized key management tool and ensure that storage of sensitive key material reside only in a Hardware Security Module (HSM). Your Key Responsibilities Deploy and configure enterprise key management and HSM tools, which will centralize key lifecycle administration across the global EY platform for data at rest and data in transit. Your responsibilities include: Deploy and configure the Firm’s enterprise key management tools. Deploy and configure the Firm’s Hardware Security Module. Implement process automations as it relates to enterprise key management and HSM administration. Maintain and update the enterprise key management tools to support new business requirements while maintaining the fundamentals of a centralised key management service. Support integration of HSMs to support Apache, Nginx, Windows IIS and Java keystores. Support cloud application teams in centralizing storage of sensitive key material in proprietary repositories such as Azure Key Vault (AKV) and Goggle Cloud Key Management Services while aligning to the overall EY key management strategy. Provide Level 3 and 4 support to operational team on key management which has a direct impact of the Recovery Time Objective (RTO). Document operational procedures for deployment and configuration of security appliance. Update system configuration runbook regularly. Lead HSM engineering and enterprise key management efforts across the internal infrastructure and cloud environments. Work with cross functional teams and collaborate with IAM Operations. Research on impact of future computer security standard such as Federal Information Processing Standard 140-3 (FIPS 140-3), Cryptographic Module Validation Program (CMVP), Common Criteria (ISO/IEC 15408) on EY KMS strategy. Research on business problems that can be solved by a quantum computer faster than a classical computer and suggest areas in EY KMS strategy which require updates. Provide subject matter expertise on HSM, FIPS, CMVP, ISO/IEC 15408 to project teams, and other audiences as needed Skills And Attributes For Success A successful candidate for this role impacts EY business by deploying and configuring security tools recommended in EY key management strategy. As such, candidates must possess: Experience with Key Management Life Cycle - Key Generation, Storage, Distribution, Backup, Rotation, Revocation, Destruction, etc. Experience with major enterprise key management system as well as cloud based key management services Hands on experience and knowledge of TLS, PKI, HSMs, KMIP, Digital Certificate Management, Azure Key Vault, and transparent database encryption Experience with FIPS 140-2 compliance requirements and implementation Experience in security key management, security standards, cryptography, certificate management lifecycle and PKI Understanding of cloud computing architecture, technical design, and implementation To qualify for the role, you must have Degree in Computer Science, Computer Engineering or 5 years Security Engineering Experience or equivalent 3+ years’ experience in enterprise key management, HSM configuration, application layer encryption, and transparent data encryption Ideally, you’ll also have Experience working with diverse, globally distributed teams Ability to work well in a highly matrixed environment yet builds credibility to drive execution outside of direct chain of command while working across all organizational levels. Strong analytical and problem-solving skills. A security industry certification such as Security+, Network+, Cryptography Certification. Ability to work independently or with a team, under minimum supervision What We Look For A successful candidate for this role would be expected to think like an Engineer. Thinking like an engineer means looking at situations from multiple lenses. It means persistence, originality and apply technical concepts rather than popular opinion. Networking with key stakeholders and sponsors, cross-teaming across the organization is required for this role, as such we would look out for relationship builder. As an engineer slowing down to enjoy the process rather than fixating on its conclusion is key in this role. What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Confidence: We will provide you the insights, coaching and self-assurance in your decision making that the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. Show more Show less

The HiLabs Story HiLabs is a leading provider of AI-powered solutions to clean dirty data, unlocking its hidden potential for healthcare transformation. HiLabs is committed to transforming the healthcare industry through innovation, collaboration, and a relentless focus on improving patient outcomes. HiLabs Team Multidisciplinary industry leaders Healthcare domain experts AI/ML and data science experts Professionals hailing from the worlds best universities, business schools, and engineering institutes including Harvard, Yale, Carnegie Mellon, Duke, Georgia Tech, Indian Institute of Management (IIM), and Indian Institute of Technology (IIT). Be a part of a team that harnesses advanced AI, ML, and big data technologies to develop cutting-edge healthcare technology platform, delivering innovative business solutions. Job Title : Security Test Engineer Job Location : Pune, Maharashtra, India Job summary: We are a leading Software as a Service (SaaS) company that specializes in the transformation of data in the US healthcare industry through cutting-edge Artificial Intelligence (AI) solutions. HiLabs is looking for highly motivated and technical Sr. Software Development Engineers focused on the application of emerging technologies, who should continually strive to advance engineering excellence and technology innovation. The mission is to power the next generation of digital products and services through innovation, collaboration, and transparency. Responsibilities Design, implement, and manage security controls across cloud environments. Conduct regular vulnerability assessments, penetration tests, and risk analyses. Develop and execute test plans, test cases, and security automation scripts. Lead incident response activities including identification, containment, mitigation, and post-incident analysis. Collaborate with cross-functional teams to remediate vulnerabilities and strengthen defenses Work collaboratively with IT and engineering teams to integrate security best practices into daily operations and development cycles. Assess security controls and ensure compliance with relevant standards (e.g., OWASP, NIST, HIPAA, SocII Type2) by working closely with the compliance team. Maintain detailed security documentation and provide periodic reports to management Stay up to date with emerging threats, vulnerabilities, and security best practices. Desired Profile Bachelor’s degree in Computer Science, Information Security, or a related field. 3-6 years of experience in IT security, or related roles. Strong knowledge of IT security frameworks, best practices, and standards (e.g., NIST, ISO 27001). Hands-on experience with vulnerability management tools, SIEM solutions, and endpoint security technologies. Hands-on experience with security tools such as Kali Linux, Metasploit, Burpsuite, Wireshark, SonarQube, AppSec, Nmap, OWASP ZAP, and Nessus Understanding of security vulnerabilities, exploits, and mitigation techniques Proficiency in cloud security (AWS, Azure, or GCP) is a plus Solid understanding of network protocols, firewalls, VPNs, and IDS/IPS systems. Knowledge of security frameworks and standards (e.g., OWASP Top 10, CVSS, CIS Benchmarks). Excellent problem-solving skills and the ability to respond effectively under pressure Passionate about technology and delivering solutions to solve complex business problems Great collaboration and interpersonal skills Ability to work with team members and lead by example in code, feature development, and knowledge sharing Nice to Have Certifications such as CEH, OSCP or CompTIA Security+. Experience in the healthcare industry and knowledge of HIPAA compliance. Familiarity with container security and DevSecOps practices. Experience with automation and scripting (Python, Bash) for security tasks HiLabs is an equal opportunity employer (EOE). No job applicant or employee shall receive less favorable treatment or be disadvantaged because of their gender, marital or family status, color, race, ethnic origin, religion, disability, or age; nor be subject to less favorable treatment or be disadvantaged on any other basis prohibited by applicable law. HiLabs is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse and inclusive workforce to support individual growth and superior business results. Thank you for reviewing this opportunity with HiLabs! If this position appears to be a good fit for your skillset, we welcome your application. HiLabs Total Rewards Competitive Salary, Accelerated Incentive Policies, H1B sponsorship, Comprehensive benefits package that includes ESOPs, financial contribution for your ongoing professional and personal development, medical coverage for you and your loved ones, 401k, PTOs & a collaborative working environment, Smart mentorship, and highly qualified multidisciplinary, incredibly talented professionals from highly renowned and accredited medical schools, business schools, and engineering institutes. CCPA disclosure notice - https://www.hilabs.com/privacy Show more Show less

Description Position at LeadVenture India IT Specialist We are looking for an IT Specialist who will be responsible for the ongoing development and improvement of our technology infrastructure, internal enterprise systems, endpoints, and users. We are looking for a technology enthusiast and go-getter who can adapt to a complex, changing, and variably paced environment while demonstrating top-tier IT and infrastructure support principles to support operations across geographies. You will also be working alongside various software development teams to guarantee service availability and respond quickly to adverse events within our infrastructure that impact our customers. Here is more of what you’ll get to do: Monitor and respond to Tier 1 & Tier 2 tickets, including escalated tickets requiring advanced/time-sensitive troubleshooting. This role will require working out of Gurgaon office. Investigate and resolve routine hardware, software, and network issues Install and update client software in an enterprise environment Educate and train users on proper use of company supported systems and software Follow all standard operating procedures (SOP) through the effective use of Knowledge Management Work with Level 2 Tech to update knowledgebase documentation Work with Level 2 Tech to create accounts and configure hardware as part of the on-boarding process Provision hardware following the current process Repair or replace client hardware as necessary Monitor internal assets to ensure accurate inventory records Support VoIP phone systems and infrastructure Support Office 365 and Google Workspace environments Perform network troubleshooting and issue resolution Willing to follow through with odd jobs and tasks as needed or asked, if not to perform personally, but to ensure the right person is found for continuation. You’ll thrive in this role if you have: Strong English spoken and written skills. Experience managing Microsoft Cloud Services: Azure, Office 365, Exchange, Intune, etc. Experience in Active Directory, O365 Admin and Google Workspace experience in an enterprise setting Understanding of networking fundamentals (TCP/IP, VPN, QoS, VoIP, routing) Certifications in ITIL, MCSA/E, CCNA, Network+, Security+, A+ Experience working with Windows Server 2019/2022 and virtualization technologies (Hyper-V, VMware) Experience supporting, troubleshooting, and deploying Windows 10 & 11 operating systems. Possess a basic understanding of networking principles and concepts and have experience troubleshooting common problems. Experience supporting MacOS Possess excellent documentation, attention to detail, time management, and prioritization skills. Bachelor’s degree in IT from a recognized university. Who we are: LeadVenture is the market-leading SaaS provider of digital retailing, eCommerce, digital marketing and eCatalog solutions for dealerships across 12 industry verticals including powersports, marine, RV, pre-owned auto, agriculture and more. Our family of brands includes Dealer Spik, Dealer Car Search, Frazer, TCS Technologies, Net Driven, Direct Communications, Inc. (DCi), Powersports Support, Level 5, PSM Marketing, Monroney Labels, and Interact RV. We are an international company with offices located in the United States, Mexico (Juniper Data Center), Belize (Dealer Spike Belize), India and The Netherlands. Together, we are LeadVenture. LeadVenture provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, LeadVenture complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, transfer, leaves of absence, compensation, and training. LeadVenture expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of LeadVenture employees to perform their job duties may result in discipline up to and including discharge. Show more Show less

Position: AWS Vulnerability Management Engineer Location: Gurugram Experience: 5+ years Job Description: We are seeking a highly motivated and skilled Security Engineer with 5+ years of experience to join our dynamic team. The ideal candidate will have a strong background in vulnerability management and remediation activities in an enterprise environment. This role requires a proactive approach to identifying, assessing, and mitigating security vulnerabilities to ensure the safety and integrity of our systems. Responsibilities Conduct regular vulnerability assessments and scans to identify security weakness in our systems and applications. Collaborate with cross-functional teams to prioritize and remediate identified vulnerabilities in timely manner. Develop and implement remediation plans ensuring compliance with industry standards and best practices. Requires comprehensive knowledge and practical experience with one or more cutting-edge cyber tools for vulnerability assessment. Recommend security tools and solutions to improve overall security posture. Create and maintain documentation related to vulnerability management process and remediation activities. Provide support and guidance to other team members on best practices and possible remediation efforts. Generate and present regular reports on vulnerability metrics with progress and anomalies detected. Required Skills: 5+ years of experience in vulnerability management and remediation activities within an enterprise environment. Strong understanding of security principles, vulnerabilities, and remediation planning. Proficiency in Scripting and automation using python or similar. Experience with API's and integrating security tools with other systems. Strong communication and collaboration skills. Experience with vulnerability assessment tools such as SNYK, Qualys, Wiz, Container security, Prisma Cloud, and GitHub Advanced Security . Experience with security frameworks and standards such as NIST, ISO 27001, or CIS. Knowledge of cloud security best practices and experience with cloud platform such as AWS. Relevant Security certifications such as CISSP, CEH, or CompTIA Security+. About Stratacent: Stratacent is a Global IT Consulting and Services firm, headquartered in Jersey City, NJ, with global delivery centres in Pune and Gurugram plus offices in USA, London, Canada and South Africa. We are a leading IT services provider focusing in Financial Services, Insurance, Healthcare and Life Sciences. We help our customers in their transformation journey and provides services around Information Security, Cloud Services, Data and AI, Automation, Application Development and IT Operations. URL - http://stratacent.com Employee Benefits: Group medical and accidental insurance Transport facility One-time meal Continuous Learning Program Stratacent India Private Limited is an equal opportunity employer and will not discriminate against any employee or applicant for employment on the basis of race, color, creed, religion, age, sex, national origin, ancestry, handicap, or any other factor protected by law. Show more Show less

India - Hyderabad JOB ID: R-217073 ADDITIONAL LOCATIONS: India - Hyderabad WORK LOCATION TYPE: On Site DATE POSTED: Jun. 03, 2025 CATEGORY: Information Systems Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. Junior Vulnerability Management Analyst What you will do Let’s do this. Let’s change the world. In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organization’s IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e.g., KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organization’s security posture through structured vulnerability management processes. Roles & Responsibilities: Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7. Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality. Collaborate with IT and security teams to track remediation status and escalate high-risk findings. Monitor public threat intelligence sources to understand the context of vulnerabilities. Contribute to the development of dashboards and reports for tracking vulnerabilities and trends. Assist in documenting vulnerability management processes and remediation workflows. Support compliance and audit requests by providing vulnerability data as needed. Learn and follow policies related to patch management and secure configurations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelor’s degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools Must-Have Skills: Basic familiarity with vulnerability management platforms (e.g., Tenable, Qualys, or Rapid7) Understanding of basic CVSS scoring and vulnerability classification Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment Foundational knowledge of networking and common IT systems Willingness to learn and grow in the field of vulnerability management Preferred Qualifications: Good-to-Have Skills: Exposure to KEV, EPSS, or similar threat-based scoring frameworks Basic experience with scripting languages (e.g., Python, PowerShell) Awareness of cloud security tools (e.g., AWS Inspector, Azure Defender) Familiarity with compliance standards such as NIST, ISO, or PCI-DSS CompTIA Security+ (preferred) Tenable Certified Nessus Auditor (Preferred) Qualys Vulnerability Management Specialist (Preferred) Soft Skills: Analytical Thinking – Comfortable working with data and identifying patterns Attention to Detail – Careful review and tracking of vulnerabilities Communication Skills – Able to clearly document and explain findings Collaboration & Teamwork – Works well with cross-functional teams Curiosity & Continuous Learning – Strong interest in cybersecurity and professional growth Problem-Solving Mindset – Seeks practical solutions to real-world security issues What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

*Job Title:* IT Administrator – Security & Access Control *Location:* Hyderabad *Department:* Information Technology *Reports To:* Head of Technology *Type:* Full-time --- *About Estetica* Estetica is a technology-driven appointment platform for salons, spas, and skin clinics, committed to providing a secure and seamless experience for both customers and partners. We are seeking a skilled IT professional to take charge of our internal access control, site security, and employee access management. --- *Key Responsibilities:* * *Secure Access Management:* * Define and implement role-based access controls (RBAC) for all employees and departments. * Manage and monitor access to internal tools, databases, admin panels, and sensitive portals. * Configure VPNs, firewalls, and endpoint protection solutions to enforce secure connections. * *System & Network Security:* * Ensure secure handling of Estetica’s web portals and internal dashboards. * Regularly update and patch systems to prevent vulnerabilities and unauthorized access. * Conduct routine audits of access logs and usage patterns to detect anomalies. * *Employee Onboarding & Offboarding:* * Set up and revoke access permissions for employees as part of HR onboarding/offboarding workflows. * Maintain documentation of access credentials and policies per employee role. * *Compliance & Monitoring:* * Ensure compliance with data protection policies and internal SOPs. * Maintain logs, backups, and security configurations according to best practices. * Work with the development team to secure staging, production, and admin environments. * *Incident Response:* * Investigate and respond to security incidents, unauthorized access attempts, or breaches. * Develop internal SOPs for access revocation, recovery, and incident handling. --- *Requirements:* * Bachelor’s degree in IT, Computer Science, or related field. * 3–5 years of experience in IT administration or cybersecurity roles. * Strong knowledge of access control mechanisms, firewalls, VPNs, and encryption. * Experience with Linux/Unix systems and cloud platforms (AWS, GCP, or Azure). * Familiarity with tools like Active Directory, Okta, or similar IAM solutions. * Understanding of compliance frameworks (e.g., ISO 27001, GDPR, or similar). * Strong troubleshooting and documentation skills. --- ### *Preferred:* * Experience in a startup or tech product environment. * Knowledge of security aspects related to mobile and web-based platforms. * Certifications like CompTIA Security+, CEH, or CISSP are a plus. --- *What We Offer:* * Competitive salary and performance incentives. * Opportunity to work with a fast-growing tech product in the beauty & wellness industry. * A culture of learning, ownership, and innovation. Job Type: Full-time Pay: ₹514,368.57 - ₹900,000.77 per year Schedule: Day shift Morning shift Work Location: In person

Job Title: SOC Analyst (SA- Security Analyst – L1 Threat Hunt) Location: Kochi We are seeking a highly motivated Level 1 SOC Threat Hunte r to join our Security Operations Center team. This entry-level role is ideal for individuals with a foundational understanding of cybersecurity who are eager to grow their skills in proactive threat detection and response. As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Requirements Must-have: 2 - 3 Year Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Knowledge of creating and modifying the dashboards. Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows Deep Knowledge in SIEM, Ticketing tool, EDR, Vulnerability Management, MimeCast, Email security. Excellent written and verbal communication skills. Good to have: Good to have industry certifications on any SIEM Platform, CEH, C|SA, CompTIA Security+ & Others Main Responsibilities Monitor security alerts and events from SIEM and other security tools. Perform basic threat hunting across endpoints, network traffic, and log sources using predefined queries and playbooks. Investigate anomalies, potential indicators of compromise (IOCs), and low-fidelity alerts. Escalate verified threats to L2/L3 analysts with relevant context and documentation. Assist in identifying false positives and refining detection rules in collaboration with senior analysts. Document findings, maintain accurate logs of activities, and contribute to reports. Follow standard operating procedures and incident handling workflows. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Leading efforts to counter SLA breaches and anticipating the likelihood of future security alerts, incidents. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Keep updated with the likes of OWASP Top 10 vulnerabilities, Bleeping Computer articles etc., for acquiring the knowledge over current threats in security perspective. Other responsibilities and additional duties as assigned by the security management team or service delivery manager. Job Types: Full-time, Permanent Pay: ₹20,000.00 - ₹50,000.00 per month Benefits: Internet reimbursement Supplemental Pay: Performance bonus Application Question(s): Did you have worked in the role Threat Hunting and SIEM Tools ? Education: Bachelor's (Required) Experience: minimum: 2 years (Required) Language: English (Required) Location: Kochi, Kerala (Required) Work Location: In person

Required minimum 7 years of experience in system administration. Design, build, and maintain secure IT infrastructure tailored for healthcare environments, ensuring compliance with healthcare data protection standards (e.g., HIPAA or local regulations) . Knowledge of Cloud Infrastructure management (AWS, Azure, GCP) within healthcare setups. Implement strong security protocols to safeguard sensitive healthcare data , including patient records and critical systems. Maintain, upgrade, and support software, hardware, and networks to ensure uninterrupted healthcare operations. Knowledge of healthcare compliance standards such as HIPAA, ISO 27001, or NABH IT Guidelines. Manage and lead a team of system administrators, offering guidance, mentorship, and technical training. Troubleshoot and resolve complex technical issues promptly , with availability for after-hours support for critical systems. Administer and maintain server hardware and software, operating systems (Windows, Linux, Mac), and scripting tools (PowerShell, Bash). Configure and secure Fortinet and Sophos firewalls, VPNs, local servers, and networking equipment. Perform system backups, disaster recovery procedures, and malware protection to ensure data integrity and business continuity. Collaborate with various departments to understand and resolve technical concerns efficiently. Develop and enforce IT policies and procedures aligned with healthcare industry standards and compliance. Conduct regular security audits, manage software patches, and ensure regulatory and internal policy adherence . Ensure infrastructure is scalable, resilient, and capable of supporting future healthcare data and system growth. Proficiency in server environments, firewall configuration (Fortinet preferred), VPN, endpoint security, and data backup systems . Excellent analytical, troubleshooting, and communication skills. Good to have if you have certifications such as CCNA, CCNP, Fortinet NSE, RHCE, Microsoft Certified: Azure or GCP Administrator Associate, or CompTIA Security+. Experience working with electronic health record (EHR) systems or health information systems (HIS). Show more Show less

Job Description As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. Current Employees apply HERE Current Contingent Workers apply HERE Secondary Language(s) Job Description Senior Manager, Cybersecurity Engineering Cloud and App Security The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Lead the development of enhanced cloud and application security control integrations and architectural best practices. Lead the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Lead the maintenance and monitoring security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Lead adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 7+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Required Skills Design Applications, Information Security, Security Operations, SLA Management, Software Development, Software Development Life Cycle (SDLC), System Designs, Technical Advice, Vulnerability Scanning Preferred Skills Job Posting End Date 07/2/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R335954 Show more Show less

Job Description Current Employees apply HERE Current Contingent Workers apply HERE Secondary Language(s) Job Description Manager, Cybersecurity Engineering Cloud and App Security The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Contribute to the development of enhanced cloud and application security control integrations and architectural best practices. Contribute to the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Identify and prioritize adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Assist in implementing and maintaining specific security controls as required by organisational policy and local risk assessments and contribute to identifying risks that arise from potential technical solution architectures. Monitor and log the actual service provided, compared to that required by service level agreements. Undertake low-complexity routine vulnerability assessments using automated and semi-automated tools and contribute to evaluating and documenting the scope of results. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 3+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms.. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Not Applicable Shift Valid Driving License Hazardous Material(s) Required Skills Design Applications, Information Security, Security Operations, SLA Management, Software Development, Software Development Life Cycle (SDLC), System Designs, Technical Advice, Vulnerability Scanning Preferred Skills Job Posting End Date 06/23/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R335941 Show more Show less

Job Description Manager, Cybersecurity Engineering Cloud and App Security The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Contribute to the development of enhanced cloud and application security control integrations and architectural best practices. Contribute to the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Identify and prioritize adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Assist in implementing and maintaining specific security controls as required by organisational policy and local risk assessments and contribute to identifying risks that arise from potential technical solution architectures. Monitor and log the actual service provided, compared to that required by service level agreements. Undertake low-complexity routine vulnerability assessments using automated and semi-automated tools and contribute to evaluating and documenting the scope of results. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 3+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms.. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Current Employees apply HERE Current Contingent Workers apply HERE Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Required Skills Design Applications, Information Security, Security Operations, SLA Management, Software Development, Software Development Life Cycle (SDLC), System Designs, Technical Advice, Vulnerability Scanning Preferred Skills Job Posting End Date 06/23/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R342299 Show more Show less

Job Description Associate Specialist, Cybersecurity Operations The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Collaborate with product teams to enforce application security best practices, conduct reviews, perform scans and assist in threat modeling to identify and mitigate security risks throughout the development lifecycle. Contribute with penetration testing efforts to evaluate the security posture of applications and containers, providing detailed reports on findings and working with development teams to remediate identified issues. Collaborate to the oversight of security-related bugs and vulnerabilities using tracking systems. Help prioritize security issues based on risk and impact and ensuring that reported issues are triaged and addressed in a timely manner. Contribute to the creation and delivery of training materials for the workforce to raise awareness and increase adoption of application security best practices, cloud security best practices, including secure usage of cloud applications and availability of compensating controls. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Monitor and log the actual service provided, compared to that required by service level agreements. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. 3-4 years of hands-on experience in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Preferred working in any cloud environments AWS, Azure, or GCP. Familiarity with software development/delivery lifecycle and related technologies Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Current Employees apply HERE Current Contingent Workers apply HERE Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Job Posting End Date 04/28/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R341157 Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Join our dynamic team as a Cybersecurity and Systems Security Engineer, where your expertise will be pivotal in fortifying our organizational defenses. As a key player, you will spearhead the implementation and management of cutting-edge processes with a specialized focus on Qualys solutions. Your mission is to safeguard our Qualys infrastructure by deploying advanced security measures, conducting thorough assessments, and ensuring the seamless integration of industry-leading technologies. In this role, you will not only be a guardian of our Qualys digital assets but also a catalyst for innovation, driving the continuous enhancement of our security posture. We're looking for an enthusiastic professional with a keen eye for cybersecurity trends, hands-on experience with Qualys, Cloud Security Posture Management (CSPM), and Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP), and a commitment to excellence. If you are passionate about staying one step ahead of evolving threats and contributing to a secure digital future, we invite you to bring your skills to our team. Responsibilities: CSPM (Cloud Security Posture Management): Implement and fine-tune CSPM tools to enforce compliance with industry regulations and organizational policies. Conduct regular audits of cloud infrastructure configurations, addressing security gaps and misconfigurations. Collaborate with DevOps teams to integrate security into the continuous integration/continuous deployment (CI/CD) pipeline. EDR/EPP (Endpoint Detection and Response/Endpoint Protection Platforms): Deploy and manage EDR/EPP solutions for advanced threat detection and response capabilities. Configure and monitor EDR/EPP tools, conduct regular audits, and ensure proper integration with other security controls. Respond promptly to endpoint security alerts, investigate incidents, and implement corrective actions. Training and Documentation: Provide training to relevant teams on using Qualys, CSPM, and EDR/EPP effectively for vulnerability management and security measures. Document configurations, workflows, and best practices for internal knowledge sharing. Automation and Orchestration: Implement and maintain end-to-end automation workflows for scanning Qualys infrastructure. Explore automation opportunities within Qualys, CSPM, and EDR/EPP for repetitive tasks, enhancing efficiency. Implement orchestration workflows to automate the execution of remediation steps based on findings. Collaboration with Qualys Support: Engage with Qualys support for issue resolution, updates, and to stay informed about new features and best practices. Participate in Qualys user forums and communities to share insights and learn from others' experiences. Qualifications: Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field. Relevant certifications such as COMPTIA Security+, CEH, or similar. Proficiency in deploying and managing security tools and solutions. Strong understanding of cloud security best practices. Proven experience with Cloud Security Posture Management (CSPM) tools. Hands-on experience with Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP). Excellent documentation and communication skills. Ability to collaborate effectively with cross-functional teams. Continuous learning mindset to stay updated on the evolving cybersecurity landscape. Show more Show less

Job Title: Support Level Engineer (Identity & Access Management) No. of Positions: 6 Location: Noida, Uttar Pradesh Employment Type: Full-time Experience Level: 1–4 years (L1/L2 Support) Reports To: IAM Support Lead / IT Security Manager About Us: DigiTaiken Tech LLP is at the forefront of delivering secure and seamless digital identity and access solutions. We are looking to expand our support team with professionals who have hands-on experience with leading Identity & Access Management (IAM) platforms: 1Kosmos (BlockID) , CyberArk , and OKTA . Join us and be part of a mission to build a secure digital future. Job Summary: The IAM Support Engineer will be responsible for providing Level 1 and Level 2 support for our IAM platforms – primarily 1Kosmos, CyberArk, and OKTA for our prestigious customers. The role involves monitoring system health, responding to user queries and incidents, and performing administrative tasks across these platforms to ensure the integrity and performance of our identity infrastructure. Key Responsibilities: Provide technical support for incidents and service requests related to 1Kosmos (BlockID) , CyberArk , and OKTA platforms. Perform user administration tasks : provisioning, de-provisioning, role assignment, group management, and access reviews. Monitor IAM platforms for performance, health checks, and potential security issues. Troubleshoot and resolve authentication, authorization, SSO, MFA, and password management issues. Create and maintain documentation for standard procedures, FAQs, and incident response playbooks. Work closely with internal IT teams, security teams, and vendors to resolve complex issues. Participate in on-call rotation and ensure prompt resolution of high-priority tickets. Escalate issues to L3 teams or vendors where appropriate, following internal protocols. Stay updated with product updates, patches, and best practices for IAM systems. Technical Skills & Qualifications: Mandatory Experience in one or more of the following IAM platforms : 1Kosmos (BlockID) CyberArk (PAS, PVWA, PSM, CPM, Conjur – as applicable) OKTA (Workforce Identity, Universal Directory, MFA, SSO) Understanding of IAM concepts : Identity Lifecycle Management, RBAC, least privilege, MFA, SSO, and federation protocols (SAML, OAuth, OIDC). Familiarity with Active Directory/LDAP , Windows & Linux environments. Hands-on with ticketing systems (e.g., ServiceNow, JIRA) and ITIL-based service management. Scripting knowledge (PowerShell, Bash, or Python) is a plus. Cybersecurity certifications (such as CompTIA Security+, OKTA Certified Professional, or CyberArk Trustee) are advantageous. Preferred Attributes: Strong problem-solving and communication skills. Ability to work in shifts or rotational schedules . Passion for cybersecurity and interest in advancing within the IAM domain. Fast learner with a proactive attitude and customer-first mindset . What We Offer: A collaborative work culture. Opportunity to work with cutting-edge IAM platforms and our tier1 customers. Career growth in a high-demand domain. Competitive compensation and benefits. To Apply: Send your resume to hr@digitaiken.com with subject line: “IAM Support Engineer – [Your Name]” Show more Show less

Job Title: SOC Analyst (SA- Security Analyst – L1 Threat Hunt) Location: Kochi We are seeking a highly motivated Level 1 SOC Threat Hunte r to join our Security Operations Center team. This entry-level role is ideal for individuals with a foundational understanding of cybersecurity who are eager to grow their skills in proactive threat detection and response. As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Requirements Must-have: 2 - 3 Year Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Knowledge of creating and modifying the dashboards. Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows Deep Knowledge in SIEM, Ticketing tool, EDR, Vulnerability Management, MimeCast, Email security. Excellent written and verbal communication skills. Good to have: Good to have industry certifications on any SIEM Platform, CEH, C|SA, CompTIA Security+ & Others Main Responsibilities Monitor security alerts and events from SIEM and other security tools. Perform basic threat hunting across endpoints, network traffic, and log sources using predefined queries and playbooks. Investigate anomalies, potential indicators of compromise (IOCs), and low-fidelity alerts. Escalate verified threats to L2/L3 analysts with relevant context and documentation. Assist in identifying false positives and refining detection rules in collaboration with senior analysts. Document findings, maintain accurate logs of activities, and contribute to reports. Follow standard operating procedures and incident handling workflows. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Leading efforts to counter SLA breaches and anticipating the likelihood of future security alerts, incidents. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Keep updated with the likes of OWASP Top 10 vulnerabilities, Bleeping Computer articles etc., for acquiring the knowledge over current threats in security perspective. Other responsibilities and additional duties as assigned by the security management team or service delivery manager. Job Types: Full-time, Permanent Pay: ₹20,000.00 - ₹50,000.00 per month Benefits: Internet reimbursement Supplemental Pay: Performance bonus Application Question(s): Did you have worked in the role Threat Hunting and SIEM Tools ? Education: Bachelor's (Required) Experience: minimum: 2 years (Required) Language: English (Required) Location: Kochi, Kerala (Required) Work Location: In person

Job Summary: We are seeking an experienced and proactive Network Administrator to manage and support our web portal infrastructure. The ideal candidate will be responsible for ensuring high availability, optimal performance, and robust security across all servers and network components. This role requires hands-on experience with Linux , Microsoft SQL Server , AWS Cloud Platform , and network security protocols. The candidate should also possess relevant industry certifications to validate their expertise. Key Responsibilities: Design, implement, and maintain secure and scalable networks for a high-traffic web portal. Administer and monitor physical and virtual S ervers , ensuring optimal performance and uptime. Manage MS SQL Server databases, including backup, restoration, and security protocols. Implement and enforce robust data security policies, including firewalls, intrusion detection/prevention, and access controls. Maintain and optimize AWS infrastructure , including EC2, RDS, S3, IAM, and VPC configurations. Monitor network traffic and troubleshoot connectivity issues across servers and endpoints. Ensure disaster recovery and backup procedures are tested and reliable. Apply patches, updates, and system hardening as part of a proactive security strategy. Coordinate with development and DevOps teams to support application deployment and infrastructure needs. Document network infrastructure, configurations, processes, and changes comprehensively. Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Technology, or a related field. 3–5 years of proven experience as a Network Administrator in a production web environment. Strong hands-on experience with Windows OS & Linux (Ubuntu/CentOS/Red Hat) systems administration. Proficient in managing and securing MS SQL Server environments. In-depth knowledge of AWS Cloud Services , including architecture, deployment, and monitoring tools. Solid understanding of TCP/IP , routing, DNS, VPN, and other core networking protocols. Experience with firewalls , VPNs , SIEM , and endpoint security tools. Familiar with network automation and monitoring tools (e.g., Ansible, Nagios, Prometheus, CloudWatch). Excellent problem-solving and documentation skills. Certifications (Preferred) AWS Certified Solutions Architect – Associate or Professional (Required) Red Hat Certified System Administrator (RHCSA) or equivalent (Preferred) Microsoft Certified: Azure/Windows Server or MS SQL Certification (Preferred) CompTIA Network+ or Security+ (Preferred) Certified Information Systems Security Professional (CISSP) (Optional but a plus) Preferred Attributes: Ability to work independently and take ownership of critical infrastructure components. Strong communication and interpersonal skills to coordinate with cross-functional teams. Keen attention to detail and commitment to ensuring secure and efficient IT operations. Show more Show less

Job Title: IT Administrator with Networking & Server Administration Location : Hyderabad Experience : 6 months – 2 years Job Type: Paid Internship About Us: Instaresz Business Services Pvt Ltd is a forward-thinking, fast-growing technology company that thrives on innovative solutions. We are currently looking for an experienced IT Administrator who will take responsibility for managing and maintaining the network infrastructure, servers, and systems while ensuring smooth day-to-day IT operations across the organization. Key Responsibilities: Set up, configure, and maintain LAN/WAN networks, routers, switches, firewalls, and VPNs. Administer Windows/Linux servers, Active Directory, DNS, DHCP, and user access controls. Manage software and OS package installations using tools like apt, yum, dnf, and rpm. Monitor and troubleshoot network and system performance issues. Maintain web, file, mail, and database servers (Apache, Nginx, Postfix, MySQL, etc.). Implement and monitor IT security measures including firewalls, antivirus, and access policies. Perform system backups, restore processes, and support disaster recovery plans. Support virtualization platforms (VMware, Hyper-V) and assist with basic cloud infrastructure (AWS, Azure). Automate tasks using PowerShell or Bash scripting. Document IT procedures, configurations, and network diagrams. Required Skills & Qualifications: Proven Experience in IT system administration, networking, and server management. Hands-on Knowledge of networking protocols, IP addressing, subnetting, and VPNs. Experience with network devices such as routers, switches, and firewalls. Proficient in Windows Server (Active Directory, Group Policies, DNS, DHCP) and Linux administration (Ubuntu, CentOS, RHEL). In-depth knowledge of server administration , including web servers (Apache, Nginx), databases (MySQL, PostgreSQL), and mail servers (Postfix, Exchange). Experience with package management tools (apt, yum, dnf, rpm). Familiarity with cloud platforms (AWS, Azure) and virtualization tools (VMware, Hyper-V). Strong understanding of IT security practices , including firewalls, antivirus, VPNs, and access management. Scripting skills for automation (PowerShell, Bash). Excellent problem-solving and troubleshooting abilities. Preferred Certifications: CompTIA Network+ CompTIA Security+ Microsoft Certified: Windows Server / Azure Administrator Cisco Certified Network Associate (CCNA) Red Hat Certified System Administrator (RHCSA) ITIL Foundation (For IT Service Management) Additional Skills (Good to Have): Experience with containerization technologies (Docker, Kubernetes). Knowledge of Version Control Systems (Git). Why Join Us: Competitive salary and performance-based incentives Dynamic and collaborative work environment Opportunities for learning and growth Exposure to cutting-edge technologies and industry trends Show more Show less

Company Description Resecurity is an American cybersecurity company based in Los Angeles, California. The company provides next-generation endpoint protection and intelligence-driven cybersecurity solutions to leading Fortune 500 corporations and governments worldwide. Role Description This is a full-time hybrid role for a Threat Intelligence Analyst at Resecurity located in New Delhi, with the option for some remote work. The Threat Intelligence Analyst will be responsible for conducting threat assessments, analyzing security incidents, assessing vulnerabilities, and providing actionable intelligence to enhance cybersecurity defenses. Qualifications Cybersecurity Threat Assessment, Incident Analysis, and Vulnerability Assessment skills Experience in threat intelligence, threat modeling, and security research Proficiency in malware analysis and reverse engineering Knowledge of cyber threat landscape, threat actors, and attack techniques Strong analytical and problem-solving skills Understanding of network protocols and security technologies Relevant industry certifications (e.g., CISSP, CEH, CompTIA Security+) Bachelor's or Master's degree in Cybersecurity, Computer Science, or related field Show more Show less

Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. Junior Vulnerability Management Analyst What You Will Do Let’s do this. Let’s change the world. In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organization’s IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e.g., KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organization’s security posture through structured vulnerability management processes. Roles & Responsibilities: Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7. Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality. Collaborate with IT and security teams to track remediation status and escalate high-risk findings. Monitor public threat intelligence sources to understand the context of vulnerabilities. Contribute to the development of dashboards and reports for tracking vulnerabilities and trends. Assist in documenting vulnerability management processes and remediation workflows. Support compliance and audit requests by providing vulnerability data as needed. Learn and follow policies related to patch management and secure configurations. What We Expect Of You We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelor’s degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools Must-Have Skills: Basic familiarity with vulnerability management platforms (e.g., Tenable, Qualys, or Rapid7) Understanding of basic CVSS scoring and vulnerability classification Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment Foundational knowledge of networking and common IT systems Willingness to learn and grow in the field of vulnerability management Preferred Qualifications: Good-to-Have Skills: Exposure to KEV, EPSS, or similar threat-based scoring frameworks Basic experience with scripting languages (e.g., Python, PowerShell) Awareness of cloud security tools (e.g., AWS Inspector, Azure Defender) Familiarity with compliance standards such as NIST, ISO, or PCI-DSS CompTIA Security+ (preferred) Tenable Certified Nessus Auditor (Preferred) Qualys Vulnerability Management Specialist (Preferred) Soft Skills: Analytical Thinking – Comfortable working with data and identifying patterns Attention to Detail – Careful review and tracking of vulnerabilities Communication Skills – Able to clearly document and explain findings Collaboration & Teamwork – Works well with cross-functional teams Curiosity & Continuous Learning – Strong interest in cybersecurity and professional growth Problem-Solving Mindset – Seeks practical solutions to real-world security issues What You Can Expect Of Us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Governance Risk and Compliance Consultant - Senior The opportunity This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development. Your Key Responsibilities As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching. Skills And Attributes For Success To qualify for the role, you must have: Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you’ll also have: Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Governance Risk and Compliance Consultant - Senior The opportunity This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development. Your Key Responsibilities As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching. Skills And Attributes For Success To qualify for the role, you must have: Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you’ll also have: Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Governance Risk and Compliance Consultant - Senior The opportunity This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development. Your Key Responsibilities As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching. Skills And Attributes For Success To qualify for the role, you must have: Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you’ll also have: Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! Our IS&T (Information Services and Technology) department provides all the required technology and operational support services to run our business here in BMC! We have over 200 servers on premises to support production, disaster recovery, databases, applications and over 1000 servers in Lab environment. IS&T is transformational not only for BMC but also for the customer experience, because we give a 360 degrees view to the customer about the products they should know, opportunities in the pipeline, and any service issues outstanding with the customer. We use cutting-edge technologies to manage BMC's infrastructure and showcase it to the customers – program is called BMC on BMC! We are seeking a proactive and technically capable Cyber Threat Management Engineer to join our cybersecurity threat management team. This early-career role is ideal for individuals with foundational experience in cybersecurity who are ready to grow their technical skills and contribute to BMC’s threat detection and response capabilities. You will play an integral part in identifying, analyzing, and mitigating cyber threats across BMC’s global environment. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Monitor and analyze data from security systems including open source and enterprise solutions. Effectively communicate identified threats and track remediations until completion. Participate in the investigation and technical analysis of security incidents and provide remediation guidance. Integrate threat intelligence feeds and use frameworks like MITRE ATT&CK to assess and defend against current adversary tactics. Contribute to automation initiatives to streamline threat detection, alerting, and response workflows. Support threat hunting and red team exercises. Document findings, techniques, and outcomes in knowledge bases and reports. To ensure you’re set up for success, you will bring the following skillset & experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field—or equivalent hands-on experience. Foundational experience (e.g., 1–2 years) in cybersecurity operations, threat analysis, or incident response. Proficiency with at least one SIEM platform (e.g., Splunk, QRadar, Sentinel). Proficiency with enterprise solutions providing dark web monitoring, attack surface management, threat intelligence, and risk rating. Understanding of network protocols, operating systems, and cybersecurity fundamentals. Strong scripting or automation skills (e.g., Python, PowerShell, Bash) Excellent communication and documentation abilities. Whilst these are nice to have, our team can help you develop in the following skills: Familiarity with threat intelligence tools and frameworks (e.g., MISP, STIX/TAXII). Knowledge of cloud security practices (AWS, Azure, or GCP). Relevant certifications such as CompTIA Security+, CySA+, SC-200, or GIAC (GCIH, GCIA, GCTI). Curiosity for cybersecurity and continuous learning. Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. < Back to search results BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,725,800 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Show more Show less

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. We are seeking analyst level individuals with experience working in the field of cybersecurity and a desire to help organizations improve their operations to join our team and help run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have working knowledge in some or all these areas – IT operations, security monitoring, active directory, IP networking and various cloud technologies. Position And Key Responsibilities At RSM, analysts work with large and small companies in variety of industries. They develop strong working relationships with their peers within the security operations center (SOC) while learning their clients’ businesses and challenges facing their organizations. Analysts work as part of a broader team under the direction of more senior analysts, threat hunters, shift leads, intelligence analysts and SOC managers in support of multiple clients. Working in a mutually respectful team environment helps our analysts perform at their best and integrate their career with their personal life. You will have the opportunity to: Role Responsibilities: Investigate security incidents using SIEM tools, automation, and other cybersecurity technologies (i.e. ServiceNow, Stellar Cyber, Hyas Insight and DNS Protect, sentinel One, ELK Stack, Virus total, Shodan, NetFlow, Passive DNS, Silobreaker, Tenable.io, Hatching Triage Sandbox) Analyze, escalate, and assist in remediation of critical security incidents. Improve and challenge existing processes and procedures in a very agile and fast-paced information security environment serving multiple clients Process IDS alerts and identifying incidents and events in customer data. Setup and execution and analysis of vulnerability scans Perform advanced analysis and investigation into alerts as they are identified Performing initial basic malware analysis utilizing automated means (static and dynamic sandbox analysis or other available tools) Incident intake, ticket updates and reporting of cyber events and threat intelligence Understanding, identifying, and researching indicators of compromise (IOCs) from a variety of sources such as threat intelligence reports and feeds Writing incident reports, process documentation, and interact with clients as required Transcribe and implement atomic indicators into a monitoring environment. Consume policy documentation and determine applicability in a network. Work with protocols at layers 2 and higher in the OSI model, to include ARP TCP, UDP, ICMP, DNS, Telnet, SSH, HTTP, SSL, SNMP, SMTP, and other common protocols that use well-known ports. Develops the playbooks to respond and recovery from various attacks/incidents. Drives the automation efforts focused on the closing cases, responding to Cyber events and analyzing data required to enable efficient response activities. Processing of Cyber Threat Intel that is used across RSM detection platforms to understand and prepare for potential threats. Threat intel is heavily used across RSM platforms drive issue prioritization. Open to working shifts in a 24x7 operations environment. Qualifications and Experience: Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences or prior relevant military / law enforcement experience. Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security 3-5 years’ experience working in a security operations center, networking operations center or threat intelligence capacity. Possess at least one security industry certification such as CYSA+, Security+, CISSP, SANS GIAC (GSOC, GCIA, GMON, CGCDA) Knowledge of security standards and information security and compliance frameworks, controls, and best practices, including SSAE 16, SOC 2 and SOC3, OWASP Top 10, SANS, NIST Must have a naturally curious mindset and approach to solving problems. Basic understanding of cloud technologies and their operations Experience supporting various operating systems such as Windows/Linux Understanding of IP network protocols At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com. Show more Show less

General Summary: The Information Security Lead is responsible for leading the development, support, and administration of information security applications and processes including implementations, configuration changes, updates, upgrades, development of reporting, and documentation by proactively planning for and recognizing new and emerging threats to Clients information security. Essential Job Functions and Responsibilities: Provide team leadership for information security functions Implement security tools and best practices to secure Clients information security Administer information security applications applying configuration changes and updates as needed to protect Clients Information security Research known and emerging email threats and update and configure email applications as needed to prevent threats and reduce risk Research known and emerging PC and Server threats and update and configure end-point protection as needed to prevent threats and reduce risk Research known and emerging network vulnerabilities and threats and recommend changes to firewalls, switches, wireless access points, Directory as needed to prevent threats and reduce risk Oversee security incident and event detection and behavioral analysis mechanisms ensuring Clients is protected from active threats and risks to information security Develop reports and alerts and analyze data for consistency and completeness and pinpoint exceptions and/or anomalies and recommend plans of action Recommend information security policies and process changes and updates and review with management Administrator security awareness training program, executing campaigns, and reviewing reports, exceptions, and remediations with management Assist in identification of opportunities for improvement in processes and efficiency Assist in identification of opportunities for improvement of Clients information security processes Assist in identification of opportunities to improve associate training and security awareness Effectively communicate results and/or process to associates constructively and supportively Other duties as assigned by management Level of education required: College degree (4-year) -OR- Equivalent Experience: Degree in Management Information Systems, Computer Science or related major, or equivalent experience required. Equivalent years of experience are defined as one year of professional experience for each year of college requested. 2-5 years experience in information security, systems support or systems engineering Previous experience in Information Security, Active Directory, Cloud Directories, industry leading security applications is required; compliance or technology auditing experience is preferred. Information Security certification from CompTIA, ISC 2, ISACA, etc. Level of experience required: 3 years to 5 years relevant experience. Knowledge/Skills/Abilities: Results-driven, self-motivated person with the drive to maximize personal contribution to the organization Good project management skills with an ability to multi-task and manage competing priorities to meet deadlines Deals successfully with ambiguity, managing multiple priorities, and is able to lead the organization through complex changes Analytical mindset with demonstrated ability to critically evaluate end-to-end business processes Flexibility and ability to adapt to a fast-paced culture, changes in the environment, and changes in work priorities Excellent written and verbal communication skills Proficiency in Microsoft Office Suite and web-based project management applications