Who You’ll Work With You’ll be joining a dynamic, fast-paced Global EADP (Enterprise Architecture & Developer Platforms) team within Nike. Our team is responsible for building innovative cloud-native platforms that scale with the growing demands of the business. Collaboration and creativity are at the core of our culture, and we’re passionate about pushing boundaries and setting new standards in platform development. Who We Are Looking For This role is part of Enterprise Architecture & Developer Platforms, EADP aggressively innovates solutions to drive growth while creating and implementing tools that help make everything else in the company possible. The candidate needs to have a strong understanding of technical concepts, leadership skills, excellent attention to detail, data accuracy, and data analysis, strong verbal and written communication skills, and be self-motivated and operates with a high sense of urgency and a high level of integrity. Hands-on multi-year (8+) experience with information technologies like operating systems, Java, Sailpoint, Okta, CyberArk and advanced information security along with 2+ years’ experience in managing teams Good to have experience in Sailpoint IIQ (Any IDM tool), Okta (Any SAAS Authentication), CyberArk, Active Directory, Radius and AAA account management, MFA and vaults Ability to lead and grow IAM platform Professional education and certification (like CompTIA Security+, SSCP, CISSP, CISA, or CISM) are preferred Managing team performance by discussing ongoing and future projects, identifying growth opportunities, and evaluating performance metrics. Create conducive and collaborating environment fostering engineering culture Coaching, mentoring and nurturing talent, providing feedback and developing people Partnering with stake holders, product and leadership on priority of resource and work. Proficient in managing cloud-native platforms, with a strong PaaS (Platform as a Service) focus. Knowledge of software engineering best practices including version control, code reviews, and unit testing. A proactive approach with the ability to work independently in a fast-paced, agile environment. Strong collaboration and problem-solving skills. Mentoring team through the complex technical problems What You’ll Work On You will play a key role in shaping and delivering Nike’s next-generation platforms. As a engineering Manager, you’ll leverage your technical expertise to build resilient, scalable solutions, manage platform performance, and ensure high standards of code quality. You’ll also be accountable for end-to-end delivery for IAM platforms. Day-to-Day Activities: Communicates effectively with engineers, Operations, Counter parts in various geographical locations and other stakeholders in the organization Planning, Prioritisation, Executions, Design Reviews, Code Reviews, Change management and resource allocation Providing leadership in designing, Developing scalable and secure IAM solutions Hiring, Performance review, Mentoring and People development Establishing, managing, and measuring quality processes for enterprise user throughout its lifecycle. Developing and documenting procedures to address Identity and access Management functions Ensuring compliance with Nike policies and regulations. Providing regular status updates to leadership and handling complex technical escalations. Handling and excelling at collaborations within and across teams Effectively able to communicate, comprehend and respond to the communication and events Automate infrastructure provisioning and configuration using Infrastructure as Code (IaC) tools such as Terraform or CloudFormation Familiarity with governance, security features, and performance optimization. Keen attention to detail with a growth mindset and the desire to explore new technologies. Show more Show less

Who You’ll Work With This role is part of the EADP and work with Identity and Access Management Team, EADP aggressively innovates solutions to drive growth while creating and implementing tools that help make everything else in the company possible. The candidate needs to have a strong understanding of technical concepts, excellent attention to detail, data accuracy, and data analysis, strong verbal and written communication skills, and be self-motivated and operates with a high sense of urgency and a high level of integrity. Who We Are Looking For S/MS in CS, a related field or equivalent experience Hands-on multi-year (7+) experience with information technologies like operating systems, Java/C#/Python/Golang, Locust/Apach, Jmeter/Postman, Selenium, and advanced information security Experience testing Serverless/ APIs/Cloud enabled (AWS/AZURE etc.), Cloud agnostic ,Enterprise web Application, SAAS, Geographically distributed and highly available applications, Managed platform services/ MDM services Capability to develop rest based/UI based Quality Assurance framework Code Coverage tools and Dev Code Debugging skills experience is must, Security centric approach and secure by design champion Experience in implementing complex functional tests that require an understanding of the application logic Experience developing automation scripts in Selenium/ Java/ TestNG Has the ability to work with limited guidance and debug and resolve automation scripts issues independently Practice of creating manual test cases, creating test data and reporting the defects in test management tool Familiar with ant test/ defect management tools such as Jira, GIT etc. Good to have experience in Sailpoint IIQ (Any IDM tool), Okta (Any SAAS Authentication), Cyberark, Active Directory, Radius and AAA account management, MFA and vaults Professional education and certification (like CompTIA Security+, SSCP, CISSP, CISA, or CISM) are preferred What You’ll Work On We are building and supporting petabyte-class solutions that consume fast moving streams from eCommerce, retail and partner channels to power the critical decisions that drive our business. You will be a key part of Nike’s Digital Transformation initiative to help deliver efficient data access, reliable data warehousing platforms, enhanced compliance and reduced risk. We’re hiring a Senior Engineer with talent and persistence who can leverage their existing skills and learn new ones. You should have extensive experience in many of the specific technical skills we’re looking for and be expert enough to help ramp up others quickly. Communicate effectively with engineers, Operations, Counter parts in various geographical locations and other stakeholders in the organization Ability to support, develop and enhance platforms Exposure to Information security and experience into IAM technologies like PKI, Authentication, Authorizations, ACME, SCIM, SIEM, OAuth, SAML etc. Capability to drive operation as IC and lead yourself Leading yourself, Setting example, through projects and troubleshoot/resolve security control configuration issues Demonstrated ability to coach others to quickly learn new IT and security concepts and technologies Demonstrated ability to model and design methodical procedures to define routine work; demonstrated ability to be innovative in procedure design Demonstrated ability to perform quality work during stressful and high pressure projects or initiatives Demonstrated ability to model independent sound decision making and coach others to grow their ability in decision making skills Experience leading other technical security staff; mentoring junior engineers Show more Show less

Why join us? Our purpose is to design for the good of humankind. It’s the ideal we strive toward each day in everything we do. Being a part of MillerKnoll means being a part of something larger than your work team, or even your brand. We are redefining modern for the 21st century. And our success allows MillerKnoll to support causes that align with our values, so we can build a more sustainable, equitable, and beautiful future for everyone. Role: Security Analyst Location: Bangalore Purpose / Profile As a Security Analyst at Miller Knoll, you will help reduce enterprise risk by safeguarding the organization’s digital assets from cyber threats. You will work closely with the Security Operations Center to continuously monitor, analyze, and respond to security alerts and events. You will collaborate directly with the greater Information Security team to ensure compliance with industry regulations, standards, and best practices, as well as educate employees on proper cyber hygiene. You will help guarantee the confidentiality, integrity, and availability of the organization’s network and compute resources and aid in shaping strategies to reduce cyber risk. Essential Functions Provide timely detection and identification of possible attacks/intrusions and distinguish findings from benign activities. Correlate incident data to identify specific vulnerabilities and make recommendations that enable prompt containment and remediation. Coordinate with the greater organization to resolve cyber incidents. Provide technical summaries of findings in accordance with established reporting procedures. Escalate and triage incidents that may cause an immediate impact to the organization. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats. Perform event correlation to gain situational awareness and to determine the effectiveness of an observed attack. Assist in the development and implementation of security policies and procedures. Track and document cyber incidents from initial detection through final resolution. Assist in reducing risk by actively identify areas of non-compliance and making recommendations for improvement. This role will work either in the UK shift (12 noon to – 9 pm) and/or US shift (5:30PM to 2:30 AM). Additional Functions Stay current with cybersecurity news and trends relevant to the business and industry. Participate in the information security on-call rotation, providing emergency support for security-related incidents. Provide input into the development of security policies and procedures. Interface with other business units such as Governance, Risk, and Compliance to communicate program status and overall security posture. Promote a positive security culture through knowledge sharing, influences, and conduct. Create and maintain role-specific documentation. Participate in the Change Advisory Board (CAB). Knowledge, Skills, And Abilities Knowledge of system administration concepts for operating systems such as Unix/Linux, IOS, Android, and Windows operating systems. Knowledge of cloud service models and cloud security best practices. Knowledge of procedures used for documenting and querying reported incidents, problems, and events. Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. Knowledge of auditing and logging procedures (including server-based logging). Knowledge of common software applications and their associated vulnerabilities. Knowledge of host-based security products and how they reduce exploitation. Knowledge of approach, strategy, and structure of exploitation tools (e.g., sniffers, keyloggers) and techniques (e.g., gaining backdoor access, collecting/exfiltrating data, conducting vulnerability analysis). Knowledge of MITRE ATT&CK and similar cybersecurity frameworks. Knowledge of what constitutes a “threat” to a network. Skill of identifying, capturing, containing, and reporting malware. Skill in using incident handling methodologies. Skill in using security event correlation tools. Skill in developing analytic approaches to problems and situations for which information is incomplete or where no precedent exists. Ability to identify unusual activity amongst a defined baseline. Qualifications Education/Experience Bachelor’s in computer science, Information Systems, Cybersecurity, or Software Engineering. 6-8 years of relevant experience in cybersecurity or information technology. 3+ years of hands-on experience with an EDR/XDR solution, SEG, and SIEM. Experienced in a scripting language such as Python, PowerShell, or VBA. Licenses and Certifications One or more technical or cybersecurity certification preferred (e.g., CISA, CCSP, CRISC, CEH, Security+, GSEC, SSCP) Who We Hire? Simply put, we hire everyone. MillerKnoll is comprised of people of all abilities, gender identities and expressions, ages, ethnicities, sexual orientations, veterans from every branch of military service, and more. Here, you can bring your whole self to work. We’re committed to equal opportunity employment, including veterans and people with disabilities. MillerKnoll complies with applicable disability laws and makes reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact MillerKnoll Talent Acquisition at careers_help@millerknoll.com. Show more Show less

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Kyndryl’s Security & Resiliency is one of our most critical practices, ensuring enterprises, regardless of their size and complexity, remain secure, available, reliable, and resilient. We take Cybersecurity seriously. We're not just invested; we're committed. We're not just protecting data; we're empowering. Kyndryl is committed to making the world safer, not only by investing in state-of-the-art services and technologies but also by empowering underserved communities with essential cyber skills. When you walk through our doors, you're not only joining a team but you're also becoming part of a legacy. Welcome to Kyndryl, where Cybersecurity isn't just a job – it’s a passion; a commitment to designing, running, and managing the most modern and reliable technology infrastructure that the world depends on every day. Join us as a Cybersecurity Infrastructure Professional, where you'll be entrusted with the crucial task of maintaining and enhancing the infrastructure that is the backbone of our cybersecurity operations for our Fortune 500 clients. You'll be responsible for the orchestration of infrastructure, keeping our systems protected from the relentless advances of physical and cyber adversaries. Your vigilance and technical expertise will be the shield that safeguards our computer systems, networks, and invaluable data from the threat of unauthorized access, theft, damage, and other malicious activities. Your domain will revolve around preserving the integrity of an IT infrastructure, the security of networks, and the sanctity of data. If you have a passion for cybersecurity and are looking for a role that combines cutting-edge technology with the thrill of safeguarding critical assets, then this role is your gateway to the world of cybersecurity heroism. Join us at Kyndryl, and let's build the future of digital security together. Your Future at Kyndryl When you join Kyndryl, you're not just joining a company – you're entering a space of opportunities. Our partnerships with industry alliances and vendors mean you'll have access to skilling and certification programs needed to excel in Security & Resiliency, while simultaneously supporting your personal growth. Whether you envision your career path as a technical leader within cybersecurity or transition into other technical, consulting, or go-to-market roles – we’re invested in your journey. . Manage Information Security technologies that fall under the team’s responsibilities, confirming they are operating within agreed service levels and at peak possible performance Coordinate planned maintenance activities with relevant stakeholders Manage incident response efforts Provide 24/7 network support for troubleshooting, diagnosing, and resolving network security-related issues. Ensure compliance with required security regulations such as ISO 27001, PCI-DSS and others applicable policies and frameworks. Incident Handling: Respond to escalated incidents from L1, performing deeper investigation and analysis. Enhancements: Propose improvements in security monitoring, detection, and response protocols. Risk Management: Assist in identifying security risks, supporting vulnerability remediation efforts for the above security technologies Reporting: Document incidents, update knowledge bases, and report complex issues to the L3 team. Analysis: Perform initial assessment and triage of security events; escalate incidents as per the defined protocols. Response: Conduct basic troubleshooting for Firewall - Fortinet Firewall, Forti analyzer, Palo Alto Firewall and other security technologies Documentation: Maintain accurate logs and documentation, updating incident reports and tickets. Who You Are Who You Are You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills And Experience Mastery of security tools and technologies, such as firewalls, intrusion detection/prevention systems, endpoint security, , and SIEM solutions Deep understanding of operating systems (e.g., Windows, Linux) and their security mechanisms Knowledge of security standards and compliance requirements (e.g., ISO 27001, NIST, GDPR) Experience with key market leading technologies in the relevant area Ability to assess and follow best practices in technology deployment and configuration Experience with the design and implementation of security architectures, segmentation and zero trust frameworks Preferred Skills And Experience Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or other related fields Experience with workload, server, network architectures and associated security controls 5+ years of experience in managing security technologies such as Firewalls, VPN, NAC & Secure DNS Proficient in OSI model and TCP/IP Protocols Handson experience in firewalls such as Palo Alto, FortiGate, SonicWall or Citrix NetScaler or NAC or secure DNS solutions Basic skills in network, compute, cloud computing Understanding and daily use of Microsoft Office 365 Suite and other productivity tools Certifications: Security: Product related certifications from OEMs such as Palo Alto and FortiGate CompTIA Security+ or Certified Ethical Hacker (CEH) Being You Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address. Show more Show less

Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. Information Security Engineer – Vulnerability Management Analyst What You Will Do Let’s do this. Let’s change the world. In this vital role is focused on identifying, assessing, prioritizing, and tracking the remediation of vulnerabilities across the organization’s technology stack. The Vulnerability Management Analyst plays a key role in the security operations team by ensuring known vulnerabilities are managed through their lifecycle using structured processes and tools. The individual will analyze vulnerability scan data, correlate threat intelligence (e.g., KEV, EPSS), and work closely with infrastructure, application, and business teams to drive risk-based remediation. Roles & Responsibilities: Analyze vulnerability scan results from tools like Tenable, Qualys, or Rapid7 to identify security weaknesses across infrastructure and applications. Prioritize vulnerabilities using multiple criteria, including CVSS, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), asset criticality, and business context. Partner with IT and DevOps teams to track remediation progress and provide technical guidance on mitigation strategies. Monitor threat intelligence feeds to correlate vulnerabilities with current exploit activity. Create and maintain vulnerability metrics, dashboards, and reports for leadership and compliance teams. Support vulnerability assessment activities in cloud environments (AWS, Azure, etc.). Maintain documentation related to the vulnerability management lifecycle. Assist in policy and process development related to vulnerability and patch management. Participate in audits and compliance efforts (e.g., SOX, ISO, NIST, PCI). What We Expect Of You We are all different, yet we all use our unique contributions to serve patients. Master’s degree and 1 to 3 years of experience in Cybersecurity, vulnerability management or information security operations OR Bachelor’s degree and 3 to 5 years of experience in Cybersecurity, vulnerability management or information security operations OR Diploma and 7 to 9 years of experience in Cybersecurity, vulnerability management or information security operations Must-Have Skills: Familiarity with vulnerability management tools (e.g., Tenable, Qualys, Rapid7). Understanding of CVSS scoring, vulnerability lifecycle, and remediation workflows. Basic knowledge of threat intelligence and how it applies to vulnerability prioritization. Working knowledge of network, operating system, and application-level security. Ability to analyze scan data and correlate it with business context and threat intelligence. Preferred Qualifications: Good-to-Have Skills: Experience with KEV, EPSS, and other threat-based scoring systems. Familiarity with patch management processes and tools. Exposure to cloud security and related scanning tools (e.g., Prisma Cloud, AWS Inspector). CompTIA Security+ GIAC GSEC / GCIH Qualys Vulnerability Management Specialist (QVMS) Tenable Certified Nessus Auditor (TCNA) Soft Skills: Analytical Thinking – Ability to interpret complex data sets and assess risk effectively Attention to Detail – Precision in identifying and tracking vulnerabilities and remediation status Communication Skills – Ability to communicate technical findings to both technical and non-technical audiences Collaboration & Teamwork – Able to work across IT, DevOps, and security teams to drive resolution Curiosity & Continuous Learning – Willingness to know the latest with evolving threats and technologies Problem-Solving Approach – Capability to identify solutions to security weaknesses in diverse environments What You Can Expect Of Us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Show more Show less

Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. What You Will Do Role Description: Let’s do this. Let’s change the world. In this vital role you will collaborate closely with cybersecurity departments to identify and define automation requirements that streamline security processes and incident responses. The engineer will create and refine automation playbooks using low-code platforms, integrate new and existing security tools, and develop custom APIs to ensure seamless inter-connectivity among systems. Additionally, the engineer will engage in the selection and tuning of machine learning algorithms tailored to address specific security challenges faced by the organization. A key component of the role is to maintain up-to-date technical documentation and user guides to support the ongoing use and understanding of automated systems. The Security Automation Engineer must also keep abreast of the latest cybersecurity trends and technologies, sharing insights and standard processes with the team to continually enhance the organization’s security posture. Roles & Responsibilities: Create playbooks using a low-code platform to streamline security operations Integrate new and existing security tools and platforms; Design, code, and integrate custom APIs. Create technical documentation and user guides. Continuously monitor and maintain the automation platform and ensure that all systems and applications are up to date with the latest security patches and updates. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST). Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations. Triage issues found by tools, external reports, and various tests, to accurately assess the real risks. Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues. What We Expect Of You We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master’s degree and 1 to 3 years of directly related experience OR Bachelor’s degree and 3 to 5 years of directly related experience OR Diploma and 7 to 9 years of directly related experience. Must-Have Skills: Proficiency in Python scripting and automation Experience with REST API technology Experience with Linux is a MUST Experience with Security Orchestration Automation and Response (SOAR) tools (e.g. Swimlane, Cortex XSOAR, etc.) Experience with development of automation playbooks and integrating multiple security tools to enhance efficiency and effectiveness Preferred Qualifications: Knowledge of cybersecurity frameworks, technologies, and standard methodologies Experience in risk management, incident response, and security governance Knowledge of security architecture frameworks and principles Professional Certifications: CEH (preferred) CompTIA Security+ (preferred) RHCSA (preferred) CISSP (preferred) Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What You Can Expect Of Us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Equal opportunity statement Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided with reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation. Apply now and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Show more Show less

Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. Information Security Engineer – Vulnerability Management Analyst What You Will Do Let’s do this. Let’s change the world. In this vital role is focused on identifying, assessing, prioritizing, and tracking the remediation of vulnerabilities across the organization’s technology stack. The Vulnerability Management Analyst plays a key role in the security operations team by ensuring known vulnerabilities are managed through their lifecycle using structured processes and tools. The individual will analyze vulnerability scan data, correlate threat intelligence (e.g., KEV, EPSS), and work closely with infrastructure, application, and business teams to drive risk-based remediation. Roles & Responsibilities: Analyze vulnerability scan results from tools like Tenable, Qualys, or Rapid7 to identify security weaknesses across infrastructure and applications. Prioritize vulnerabilities using multiple criteria, including CVSS, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), asset criticality, and business context. Partner with IT and DevOps teams to track remediation progress and provide technical guidance on mitigation strategies. Monitor threat intelligence feeds to correlate vulnerabilities with current exploit activity. Create and maintain vulnerability metrics, dashboards, and reports for leadership and compliance teams. Support vulnerability assessment activities in cloud environments (AWS, Azure, etc.). Maintain documentation related to the vulnerability management lifecycle. Assist in policy and process development related to vulnerability and patch management. Participate in audits and compliance efforts (e.g., SOX, ISO, NIST, PCI). What We Expect Of You We are all different, yet we all use our unique contributions to serve patients. Master’s degree and 1 to 3 years of experience in Cybersecurity, vulnerability management or information security operations OR Bachelor’s degree and 3 to 5 years of experience in Cybersecurity, vulnerability management or information security operations OR Diploma and 7 to 9 years of experience in Cybersecurity, vulnerability management or information security operations Must-Have Skills: Familiarity with vulnerability management tools (e.g., Tenable, Qualys, Rapid7). Understanding of CVSS scoring, vulnerability lifecycle, and remediation workflows. Basic knowledge of threat intelligence and how it applies to vulnerability prioritization. Working knowledge of network, operating system, and application-level security. Ability to analyze scan data and correlate it with business context and threat intelligence. Preferred Qualifications: Good-to-Have Skills: Experience with KEV, EPSS, and other threat-based scoring systems. Familiarity with patch management processes and tools. Exposure to cloud security and related scanning tools (e.g., Prisma Cloud, AWS Inspector). CompTIA Security+ GIAC GSEC / GCIH Qualys Vulnerability Management Specialist (QVMS) Tenable Certified Nessus Auditor (TCNA) Soft Skills: Analytical Thinking – Ability to interpret complex data sets and assess risk effectively Attention to Detail – Precision in identifying and tracking vulnerabilities and remediation status Communication Skills – Ability to communicate technical findings to both technical and non-technical audiences Collaboration & Teamwork – Able to work across IT, DevOps, and security teams to drive resolution Curiosity & Continuous Learning – Willingness to know the latest with evolving threats and technologies Problem-Solving Approach – Capability to identify solutions to security weaknesses in diverse environments What You Can Expect Of Us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Governance Risk and Compliance Consultant - Senior The opportunity This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development. Your Key Responsibilities As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching. Skills And Attributes For Success To qualify for the role, you must have: Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you’ll also have: Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Risk and Compliance Consultant - Senior The opportunity This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development. Your Key Responsibilities As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching. Skills And Attributes For Success To qualify for the role, you must have: Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you’ll also have: Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Risk and Compliance Consultant - Senior The opportunity This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development. Your Key Responsibilities As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching. Skills And Attributes For Success To qualify for the role, you must have: Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you’ll also have: Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Get to know Okta Okta is The World’s Identity Company. We free everyone to safely use any technology—anywhere, on any device or app. Our Workforce and Customer Identity Clouds enable secure yet flexible access, authentication, and automation that transforms how people move through the digital world, putting Identity at the heart of business security and growth. At Okta, we celebrate a variety of perspectives and experiences. We are not looking for someone who checks every single box - we’re looking for lifelong learners and people who can make us better with their unique experiences. Join our team! We’re building a world where Identity belongs to you. Access Management Engineering Team The Okta Access Management Team builds the foundation for authentication and authorization across Okta-protected resources. Our mission is to enable customers to access these resources securely. We develop Okta cloud services and client software that allow users to seamlessly login to devices and use Okta authenticators to access applications securely. Multiple opportunities are available for .NET developers within Access Management. The Access Management team is part of Workforce Identity Cloud (WIC) Engineering. Learn more about Okta’s Engineering on our blog. About You We seek a passionate and experienced .NET Software Engineer to join our dynamic team. The ideal candidate should possess: Solid experience in .NET software development for Windows platform, with a strong command of C# and the .NET Framework/Core. Enthusiasm for developing high-quality, secure, and performant .NET client applications. A keen interest in learning about cutting-edge security and identity management challenges. A collaborative mindset and excellent communication skills to work effectively with cross-functional teams. This role offers an exciting opportunity to join a team building innovative identity and security products from the ground up. You will have the chance to work on challenging problems, contribute to the product roadmap, and continuously expand your skills in a rapidly evolving industry. Job Duties and Responsibilities: Collaborate with cross-functional teams (QA, Product, Support, UX) for seamless integration. Gather and refine requirements with Product and Engineering teams for prototyping Windows client components. Following best practices, contribute to technical designs, proposals, and architectural decisions. Develop high-quality, maintainable software components with comprehensive unit/functional tests. Participate in code reviews, providing feedback and ensuring adherence to coding standards and security best practices. Contribute to technical documentation and knowledge sharing within the team. Minimum Requirements: Strong hands-on experience developing applications using C# and the .NET Framework (or .NET Core). Proficient in object-oriented programming principles, design patterns, and best practices for writing clean, maintainable, and scalable code. Proven experience with Agile methodologies (Scrum/Kanban), CI/CD pipelines, and automation tools. Skilled in debugging and troubleshooting .NET applications using tools like Visual Studio Debugger, WinDbg, and profilers or other platform-specific debuggers on Windows or Linux. Familiarity with cloud platforms, databases, and front-end frameworks. Excellent communication and interpersonal skills. Proficiency in Windows UI frameworks like WPF and XAML for desktop apps (or frameworks such as Avalonia UI) Nice to have: Experience with Windows IPC mechanisms (COM, Pipes, RPC, Sockets) and kernel debugging. Proficiency in Windows UI frameworks like WPF and XAML for desktop app development. Strong understanding of IAM protocols (FIDO, WebAuthn, SSO, SAML, OAuth) and identity management best practices. Knowledge of cybersecurity principles, secure coding practices, and certifications like CISSP or Security+. Education and Training: Bachelor’s degree in Computer Science or equivalent experience. 3-5 years of software development experience, with at least 2 years of experience designing and building enterprise software on Windows. What you can look forward to as a Full-Time Okta employee! Amazing Benefits Making Social Impact Developing Talent and Fostering Connection + Community at Okta Okta cultivates a dynamic work environment, providing the best tools, technology and benefits to empower our employees to work productively in a setting that best and uniquely suits their needs. Each organization is unique in the degree of flexibility and mobility in which they work so that all employees are enabled to be their most creative and successful versions of themselves, regardless of where they live. Find your place at Okta today! https://www.okta.com/company/careers/. Some roles may require travel to one of our office locations for in-person onboarding. Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation. Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at https://www.okta.com/privacy-policy/. Show more Show less

Job Profile Do you want to work with some of the latest technology platforms and address exciting and sophisticated challenges? If you are ready to use your expertise to drive security excellence on a global scale, we would love to hear from you! We are seeking a Senior Cyber Security Engineer who will work with the existing team to perform security tools support activities across LSEG. The role works closely with engineering & other support teams, and customers to deliver outcomes which align to our ambition for LSEG to be one of the world’s great companies! Role Responsibilities: Participate in a 24/7 Cyber Security Support team, adhering to a rotational shift pattern. Provide Level 2 support for BeyondTrust PAM, CyberArk PAM, CrowdStrike, CyberArk EPM, Vormetric, Qualys, Varonis, McAfee (ePO, ENS, ENSSP), and other solutions, including fix technical issues reported by users or detected through monitoring systems. Knowledge of routine maintenance tasks such as system upgrades, patch installations, and configuration changes to ensure the stability and security of our environments. Complete 2nd level support tasks, which involve responding to alerts/emails, handling ServiceNow tickets (Incident, Change, Problem) within SLA, conducting root cause analysis, and resolving problems efficiently. Assist in the planning and execution of Cyber Security-related projects, such as new implementations, migrations, and enhancements, following established project management methodologies and timelines. Collaborate with various IT disciplines within the organization to deliver the outcomes. Work closely with our partners to ensure that security configurations are implemented. Take ownership of continuous improvement initiatives, focusing on process simplification and the automation of day-to-day tasks within the cyber security domain. Keep abreast of industry trends and standard methodologies in privileged access management, actively seeking opportunities to improve skills and knowledge through training, certifications, and professional development activities. Key Accountabilities: Serve as the main point of contact and liaison for support groups and internal business customers during the recovery of major incidents, offering technical expertise and domain knowledge as necessary. Adhere to the IT Service Management (ITSM) process and overarching execution framework to uphold Service Level Agreements (SLAs) and Service Level Objectives (SLOs). Take charge of major incidents, including defining and executing tasks, orchestrating break-fix changes and recovery actions, evaluating impact, and monitoring progress to ensure timely resolution and maintain business continuity. Continuously enhance and apply pertinent domain knowledge related to workflows, data pipelines, business policies, configurations, and constraints in a proactive manner. Take responsibility for the day-to-day operation and upkeep of Cyber Security Tools. This includes performing routine maintenance tasks, such as upgrades, patches, and configuration changes, to ensure optimal system performance and security. Develop and maintain comprehensive documentation related to configurations, processes, and procedures. Share knowledge and standard processes with team members and customers to facilitate effective support and promote continuous improvement. Experience: Bachelor’s degree in computer science, Information Technology, or related field preferred. Demonstrable experience in administering PAM solutions Or Endpoint Protection in enterprise environments, including installation, configuration, and troubleshooting. Solid understanding of privileged access management concepts, principles, and standard methodologies. Good understanding of Windows/Linux Administration and troubleshooting skills. Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization of Cyber Security functionalities. Excellent analytical and problem-solving skills, with the ability to diagnose and resolve complex technical issues efficiently. Effective communication and interpersonal skills, with the ability to collaborate effectively with multi-functional teams and customers. Relevant certificates such BeyondTrust Certified System Administrator (BCSA) Or CrowdStrike Certification or CyberArk EPM certification is preferred. Relevant certificates such as Microsoft Certified Solutions Expert or Red Hat Certified Engineer (RHCE) Or AWS Certified Solutions Architect – Associate OR Microsoft Certified: Azure Administrator Associate is preferred. Relevant certificates such as CompTIA Security+ OR Certified Ethical Hacker OR Certified Information Systems Security Professional (CISSP) preferred. LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership , Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions. Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject. If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice. Show more Show less

Senior GRC cybersecurity consultant Job summary We’re offering an exciting opportunity to join our rapidly growing Cyber Security Practice as a Senior GRC cybersecurity consultant specialising in Governance, Risk, and Compliance (GRC). You’ll work on a project in the energy sector. With over a decade of industry experience, you’ll help build trusted relationships and play a key part in strengthening our client’s security postures. What you’ll be doing as part of this job: You will own every facet of the GRC process and be the GRC lead for the client. Delivering high-quality consultancy in NIST CSF, ISO 27001, GDPR, and Cyber Essentials/Cyber Essentials Plus and other Cyber Security Frameworks. Performing risk assessments, gap analyses, and maturity reviews aligned to recognised security frameworks. Develop a risk assessment framework for a client. Providing advisory and hands-on support in developing and improving clients’ Information Security Management Systems (ISMS) and Cyber Security Posture. Supporting clients with certification readiness, internal audits, and remediation activities. Leading client engagements and building long-term relationships with key stakeholders. Here's what we're looking for: You must have completed Information Security Risk assessments for clients or your organisation Demonstrable experience in a GRC consultancy or senior security role, ideally within a service provider or large organisation. Proven knowledge and application of NIST CSF, ISO 27001, GDPR, and Cyber Essentials frameworks. ISO 27001 Lead Auditor and/or Implementer certification (desirable). Strong client-facing communication and stakeholder engagement skills. CISM certification and experience with risk management practices. Proficiency in managing security compliance programmes and driving improvement initiatives. Experience chairing client workshops and desktop exercises, ISO meetings, or team calls. · A good understanding of computer networks, operating systems, software, hardware and security. · An understanding of cyber security risks associated with various technologies and ways to manage them. · A good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and antivirus. · Any relevant academic or industry specific training. Must be able to attend a weekly 1-hour client meeting every Thursday at 5 pm UK time. Must be able to commit to 10 hours of flexible part-time work per week. Set yourself apart: · Understanding of basic cybersecurity principles and concepts · Knowledge of common attack vectors and malware types. · Awareness of security tools and technologies. · Basic understanding of incident response principles. · Networking fundamentals. · Analytical and problem-solving skills. Educational Qualification: Bachelor’s or above degree in a related field or equivalent full-time course CISSP or a combination of the following: CompTIA A+ CompTIA Network+ CompTIA Security+ CySA+ Pentest+ CASP+ Industry Type: IT Services & Consulting Functional Area: Information Security and Cybersecurity Employment Type: Part-Time, Contract Languages: English Location: Remote Salary: 35.000 (thirty-five thousand) INR per month for 40 hours of work per month (10 hours of work per week). Payment will be made based on “outside IR35”, meaning that the successful candidate is expected to take care of any tax payments independently after having received the payment from the company. Show more Show less

Redefine the future of customer experiences. One conversation at a time. We’re changing the game with a first-of-its-kind, conversation-centric platform that unifies team collaboration and customer experience in one place. Powered by AI, built by amazing humans. Our culture is forward-thinking, customer-obsessed and built on an unwavering belief that connection fuels business and life; connections to our customers with our signature Amazing Service®, our products and services, and most importantly, each other. Since 2008, 100,000+ companies and 1M+ users rely on Nextiva for customer and team communication. If you’re ready to collaborate and create with amazing people, let your personality shine and be on the frontlines of helping businesses deliver amazing experiences, you’re in the right place. Build Amazing - Deliver Amazing - Live Amazing - Be Amazing The AI Security and Compliance Engineer is responsible for working with development and compliance teams to ensure secure and compliant AI development throughout the product lifecycle. The engineer applies knowledge of AI and application security risks and threats to design and implement appropriate, cost-effective security controls during development, deployment, and operation of AI based applications. The engineer defines and promotes the implementation guidelines for data classification, segregation, and access controls to AI model inputs and training data to ensure data confidentiality and privacy for different data sources and user groups. The engineer performs audits and vulnerability assessments, penetration testing and supports mitigation of findings. Key Responsibilities Ensure AI products have security and privacy by design. Establish and document policies and guidelines for data classification and data used for training to prevent leaks of sensitive data. Work with development and compliance teams to ensure secure and compliant AI development throughout the product lifecycle to meet customer, regulatory, and contractual obligations. Monitor and audit AI systems and development processes for compliance with policies, regulations and contractual obligations. Monitor and respond to security incidents involving AI systems. Create AI-specific incident management procedures to address AI related security incidents. Enhance the resilience of AI systems against potential threats by implementing cyber security best practices, controls, and tools to protect AI models from threats such as those in the OWASP AI Top Ten, including supply chain and model poisoning threats and attempts to access, modify, and exfiltrate confidential information via the query interface. Establish policies and guidelines for access controls, limitations and guardrails on usage and prompts for AI inputs and API’s. Ensure proper access controls on API’s and processing pipelines, and segregation of data. Create, update, and maintain threat models for a wide variety of software projects. Provide AI security training for internal development teams. Maintain current knowledge of AI risks, threats, and AI testing tools and techniques. Perform other duties to support the technical and operational security of the organization as required. Qualifications Bachelor’s degree in an IT related field or equivalent experience and 2-5 years of experience in working in IT security, software development, or AI development. Desired certifications – one or more of the following: CISSP (Certified Information Systems Security Professional), Certified Information Security Manager (CISM), SSCP (Systems Security Certified Practitioner), CCSP (Certified Cloud Security Professional) or CompTIA Security+. Understanding of Application Security and Data Security for applications and AI, such as the OWASP Top 10 and the OWASP Top 10 for Generative AI. Proficiency in and strong working knowledge of AI technologies and models such as Llama and ChatGPT. Experience and understanding of threats and risks related to web applications and API’s, particularly with AI based applications. General knowledge of security implications of threats and vulnerabilities related to networks, servers, operating systems, applications, and databases. Experience with vulnerability management, patching, and mitigation assessment. Experience working within and implementing policies for a security framework such as ISO 27001 and NIST. Flexibility to work off-hours to support global project teams and maintenance windows. Ability to support 24x7 on-call for incident response on a rotating basis. Experience developing software, scripting and using SQL queries to automate controls, processes and reporting. Competencies Strong analytical problem-solving skills and attention to detail. Organization, Time Management & Prioritization - Self-starter that focuses on key priorities; plans, organizes, schedules and executes on tasks and projects in an efficient and productive manner. Ability to form productive relationships across the organization to accomplish information security objectives. Ability and willingness to learn all aspects of the information security field. Professional verbal and written communication skills in English. Expresses ideas using clear, effective and efficient language. Listens patiently and attentively. Adapts to the purpose of the communication with appropriate style, substance, detail, confidence and channel. Possess the ability to manage multiple channels of communication simultaneously; phone, email, tickets, and chat. Able to assess, document, and prioritize identified security flaws and vulnerabilities based on risk. Total Rewards Our Total Rewards offerings are designed to allow our employees to take care of themselves and their families so they can be their best, in and out of the office. Our compensation packages are tailored to each role and candidate's qualifications. We consider a wide range of factors, including skills, experience, training, and certifications, when determining compensation. We aim to offer competitive salaries or wages that reflect the value you bring to our team. Depending on the position, compensation may include base salary and/or hourly wages, incentives, or bonuses. Medical 🩺 - Medical insurance coverage is available for employees, their spouse, and up to two dependent children with a limit of 500,000 INR, as well as their parents or in-laws for up to 300,000 INR. This comprehensive coverage ensures that essential healthcare needs are met for the entire family unit, providing peace of mind and security in times of medical necessity. Group Term & Group Personal Accident Insurance 💼 - Provides insurance coverage against the risk of death / injury during the policy period sustained due to an accident caused by violent, visible & external means. Coverage Type - Employee Only Sum Insured - 3 times of annual CTC with minimum cap of INR 10,00,000 Free Cover Limit - 1.5 Crore Work-Life Balance ⚖️ - 15 days of Privilege leaves per calendar year, 6 days of Paid Sick leave per calendar year, 6 days of Casual leave per calendar year. Paid 26 weeks of Maternity leaves, 1 week of Paternity leave, a day off on your Birthday, and paid holidays Financial Security💰 - Provident Fund & Gratuity Wellness 🤸‍ - Employee Assistance Program and comprehensive wellness initiatives Growth 🌱 - Access to ongoing learning and development opportunities and career advancement At Nextiva, we're committed to supporting our employees' health, well-being, and professional growth. Join us and build a rewarding career! Established in 2008 and headquartered in Scottsdale, Arizona, Nextiva secured $200M from Goldman Sachs in late 2021, valuing the company at $2.7B.To check out what’s going on at Nextiva, check us out on Instagram, Instagram (MX), YouTube, LinkedIn, and the Nextiva blog. Show more Show less

India - Hyderabad JOB ID: R-216259 LOCATION: India - Hyderabad WORK LOCATION TYPE: On Site DATE POSTED: May. 30, 2025 CATEGORY: Information Systems Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. What you will do Role Description: Let’s do this. Let’s change the world. In this vital role you will collaborate closely with cybersecurity departments to identify and define automation requirements that streamline security processes and incident responses. The engineer will create and refine automation playbooks using low-code platforms, integrate new and existing security tools, and develop custom APIs to ensure seamless inter-connectivity among systems. Additionally, the engineer will engage in the selection and tuning of machine learning algorithms tailored to address specific security challenges faced by the organization. A key component of the role is to maintain up-to-date technical documentation and user guides to support the ongoing use and understanding of automated systems. The Security Automation Engineer must also keep abreast of the latest cybersecurity trends and technologies, sharing insights and standard processes with the team to continually enhance the organization’s security posture. Roles & Responsibilities: Create playbooks using a low-code platform to streamline security operations Integrate new and existing security tools and platforms; Design, code, and integrate custom APIs. Create technical documentation and user guides. Continuously monitor and maintain the automation platform and ensure that all systems and applications are up to date with the latest security patches and updates. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST). Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations. Triage issues found by tools, external reports, and various tests, to accurately assess the real risks. Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master’s degree and 1 to 3 years of directly related experience OR Bachelor’s degree and 3 to 5 years of directly related experience OR Diploma and 7 to 9 years of directly related experience. Must-Have Skills: Proficiency in Python scripting and automation Experience with REST API technology Experience with Linux is a MUST Experience with Security Orchestration Automation and Response (SOAR) tools (e.g. Swimlane, Cortex XSOAR, etc.) Experience with development of automation playbooks and integrating multiple security tools to enhance efficiency and effectiveness Preferred Qualifications: Knowledge of cybersecurity frameworks, technologies, and standard methodologies Experience in risk management, incident response, and security governance Knowledge of security architecture frameworks and principles Professional Certifications: CEH (preferred) CompTIA Security+ (preferred) RHCSA (preferred) CISSP (preferred) Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Equal opportunity statement Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided with reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation. and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Job Description: Essential Job Functions: Provide expert technical support in infrastructure services, responding to complex issues and inquiries. Assist in the implementation of infrastructure projects and initiatives, executing assigned tasks. Continuously monitor and troubleshoot infrastructure systems, ensuring optimal performance. Collaborate with the team to improve infrastructure efficiency and resolve technical challenges. Participate in the development of infrastructure documentation, including incident reports and configuration details. Apply deep technical knowledge to address complex infrastructure-related problems. Follow established best practices and standards in infrastructure service delivery. Apply critical thinking and technical skills to find solutions to infrastructure issues. Basic Qualifications: Bachelor's degree in a relevant field or equivalent combination of education and experience Typically, 5+ years of relevant work experience in industry, with a minimum of 2 years in a similar role Proven experience in infrastructure technology analysis Proficiencies in data analysis and problem-solving A continuous learner that stays abreast with industry knowledge and technology Other Qualifications: An advanced degree in a relevant field is a plus Relevant certifications, such as Cisco CCNA, AWS Certified Solutions Architect, or CompTIA Security+, are a plus Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here .

Job Summary The Security Analyst is responsible for ensuring the security and integrity of the organization's information systems and data. This role involves identifying and mitigating security risks, reviewing project security requirements, and maintaining compliance with security standards. The Security Analyst will also focus on detection engineering by designing systems to detect malicious activities and implementing automation technologies to streamline security operations, including vulnerability management and incident response. General Duties and Responsibilities Information Security Analyst duties and responsibilities include: Identify and ensure mitigation of information security risks within the organization. standards, procedures, and practices across various types of projects. Review requests for adherence to security policies, assuring requests are executed correctly. Identify security incidents and respond to ensure threats and risks are contained. Maintain integrity of security controls, toolsets, and other security-relevant services. Develop and analyze security reports, and build presentations as required. Facilitate status reports and other relevant information to compliance staff and department leadership. Monitor and audit systems for security violations, vulnerabilities, and abnormalities. Develop, implement, and maintain alignment with security control frameworks. Make updates to security policies, standards, procedures, practices, and operating procedures, as required. Assist with incident handling and other incident response activities, as required. Complete and monitor the status of corrective action plans, resolve audit findings and security issues, ensuring problems are resolved in an effective and timely manner. Implement and evaluate the effectiveness of data loss prevention (DLP) policies and detections. Design, build, and fine-tune systems and processes to detect malicious activities or unauthorized behaviors. Implement tools, processes, and procedures to identify unusual or suspicious behavior that may indicate a breach. Create actionable alerts based on detected threats to prompt immediate response from concerned teams. Implement automation technologies to streamline security operations such as vulnerability management, threat detection, and incident response. Use automation to reduce incident response time by enabling swift threat remediation through predefined actions. Educational and Certification Requirements A degree in Cybersecurity, Information Technology, Computer Science, or related field is desirable. Industry recognized certifications are a plus. Certifications may include: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), CompTIA Security+, certifications issued by the SANS Institute, etc. Certifications issued by public cloud providers (AWS, Azure, Google, Oracle, etc.) is a plus. General Knowledge, Skills, and Abilities As well as formal qualifications, an Information Security Analyst should possess: A working level understanding of controls (e.g., access control, auditing, authentication, encryption, and system integrity). Versed in operating systems such as Linux (various distributions) and Microsoft Windows. Experience with Microsoft Active Directory, encryption and algorithms, authorization and authentication mechanisms/software, network monitoring, TCP/IP networks, DNS, next generation firewalls, and intrusion detection/prevention systems. General knowledge of network design and common network protocols, and infrastructure systems. Ability to create scripts to automate processes in PowerShell, Python or Bash is a plus. Ability to recognize and analyze malware. Ability to analyze large data sets and identify patterns and anomalies. Ability to quickly create and deploy countermeasures or mitigations under pressure. Build effective relationships. Develop and use collaborative relationships to facilitate the accomplishment of work goals. Experience with the PCI-DSS, ISO-27001, and/or SOC II compliance frameworks is a plus. Experience implementing and measuring security controls aligned with NIST 800-53 and the Center for Internet Security (CIS) is a plus. Project Management skills is a plus. Experience with the following technologies is a plus: SentinelOne Singularity Platform, Tanium, Google Chronicle SIEM, Cloudflare L3-L7 security technologies, Tenable.io, Lacework, Recorded Future, KnowBe4, ServiceNow, Jira, Microsoft Defender for Endpoints, Microsoft Security and Compliance, Microsoft Azure Key Vault. Experience with the native security service solutions for public cloud service providers (AWS, Google, Azure, Oracle) is a plus. Job Type: Contractual / Temporary Contract length: 6-12 months Pay: From ₹322,415.01 per year Schedule: Day shift Monday to Friday Morning shift Night shift Rotational shift Work Location: In person

Job Description Current Employees apply HERE Current Contingent Workers apply HERE Secondary Language(s) Job Description Associate Manager,Cybersecurity Engineering Cloud and App Security The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Contribute to the development of enhanced cloud and application security control integrations and architectural best practices. Contribute to the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Identify and prioritize adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Assist in implementing and maintaining specific security controls as required by organisational policy and local risk assessments and contribute to identifying risks that arise from potential technical solution architectures. Monitor and log the actual service provided, compared to that required by service level agreements. Undertake low-complexity routine vulnerability assessments using automated and semi-automated tools and contribute to evaluating and documenting the scope of results. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 1+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms.. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Required Skills Design Applications, Information Security, Security Operations, SLA Management, Software Development, Software Development Life Cycle (SDLC), System Designs, Technical Advice, Vulnerability Scanning Preferred Skills Job Posting End Date 06/23/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R335953 Show more Show less

Job Description Current Employees apply HERE Current Contingent Workers apply HERE Secondary Language(s) Job Description Manager, Cybersecurity Engineering Cloud and App Security The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Contribute to the development of enhanced cloud and application security control integrations and architectural best practices. Contribute to the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Identify and prioritize adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Assist in implementing and maintaining specific security controls as required by organisational policy and local risk assessments and contribute to identifying risks that arise from potential technical solution architectures. Monitor and log the actual service provided, compared to that required by service level agreements. Undertake low-complexity routine vulnerability assessments using automated and semi-automated tools and contribute to evaluating and documenting the scope of results. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 3+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms.. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Required Skills Design Applications, Information Security, Security Operations, SLA Management, Software Development, Software Development Life Cycle (SDLC), System Designs, Technical Advice, Vulnerability Scanning Preferred Skills Job Posting End Date 06/23/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R335945 Show more Show less

Job Description Associate Specialist, Cybersecurity Operations The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Collaborate with product teams to enforce application security best practices, conduct reviews, perform scans and assist in threat modeling to identify and mitigate security risks throughout the development lifecycle. Contribute with penetration testing efforts to evaluate the security posture of applications and containers, providing detailed reports on findings and working with development teams to remediate identified issues. Collaborate to the oversight of security-related bugs and vulnerabilities using tracking systems. Help prioritize security issues based on risk and impact and ensuring that reported issues are triaged and addressed in a timely manner. Contribute to the creation and delivery of training materials for the workforce to raise awareness and increase adoption of application security best practices, cloud security best practices, including secure usage of cloud applications and availability of compensating controls. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Monitor and log the actual service provided, compared to that required by service level agreements. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. 3-4 years proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Familiarity with software development/delivery lifecycle and related technologies Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Current Employees apply HERE Current Contingent Workers apply HERE Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Job Posting End Date 04/28/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R341158 Show more Show less

Job Description Associate Specialist, Cybersecurity Operations The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Collaborate with product teams to enforce application security best practices, conduct reviews, perform scans and assist in threat modeling to identify and mitigate security risks throughout the development lifecycle. Contribute with penetration testing efforts to evaluate the security posture of applications and containers, providing detailed reports on findings and working with development teams to remediate identified issues. Collaborate to the oversight of security-related bugs and vulnerabilities using tracking systems. Help prioritize security issues based on risk and impact and ensuring that reported issues are triaged and addressed in a timely manner. Contribute to the creation and delivery of training materials for the workforce to raise awareness and increase adoption of application security best practices, cloud security best practices, including secure usage of cloud applications and availability of compensating controls. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Monitor and log the actual service provided, compared to that required by service level agreements. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. 3-4 years experience and need proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Good to have experience in any of the cloud environments. Familiarity with software development/delivery lifecycle and related technologies Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Current Employees apply HERE Current Contingent Workers apply HERE Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Job Posting End Date 04/28/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R341159 Show more Show less

GL Bajaj (Institute of Technology & Mgmt.) – A Glimpse! Passionate education provider in multi disciplines at undergraduate and postgraduate level (B.Tech, MBA, MCA) Vibrant Learning Ecosystem on the campus, has inspired and brilliant students. GL Bajaj Group was incepted in year 1997 , carrying a winning legacy of 12 institutions running diverse higher education programs. GL Bajaj Group, has +14,000 students, +800 faculty members , 12 institutions, and 6 campuses with +300 acres of land. NAAC A+ accredited, 4 stars from Ministry of Education, NIRF rank holder, Research & Incubation centre, Entrepreneurship development and top quality placement for students Vision to give globally competent & socially sensitive professionals to the society. Highly inquisitive students who take risks, experiment, and put novel ideas into action. Sharpens the Technical as well as Life Skills of students – Developing young leaders. Have world class collaborative LEARNING infrastructure for teaching & learning practices. Hiring Distinguished faculty members from the Institutes of repute . We nurture versatile INTRAPRENEURs . Our core belief is in nurturing Diverse, inclusive, equity knowledge gems Hi – Tech Campus has a beautiful , serene environment & students enjoy learning. Believes in relentless change and desire to improve . We are looking for passionate researchers/out of box thinkers/academicians who have a go-getter attitude, have fire to innovate , works with technology driven progressive mindset and execute the concept of sustainability in each task ( paperless ) in learning process delivery. We are offering to the right candidate an excellent compensation package along with the tools and the environment to foster intellect and new ideas. If you want to CONTRIBUTE meaningful to the society at large, join us & Find your SPARK! ABOUT JOB Designation: Cybersecurity Trainer Job Purpose : Proven experience in cybersecurity concepts, hands-on experience with tools and techniques across the security domain, and relevant industry certifications. You will be responsible for training students as per a structured semester-based roadmap that includes areas like ethical hacking, digital forensics, malware analysis, penetration testing, and more. Knowledge Strong understanding of security principles and best practices. Hands-on experience with tools and platforms used in SOC, VAPT, forensic analysis, and exploit development. Passion for teaching and mentoring. Functional Skills Deliver high-quality training in the following areas: Network Defense and Python Programming Ethical Hacking, Intrusion Detection, and Prevention Vulnerability Assessment and Penetration Testing (VAPT) Digital Forensics, Governance Risk and Compliance (GRC), Reverse Engineering Cyber Threat Intelligence (CTI), Exploit Development, OSINT Develop course content, lab exercises, and assessments aligned with semester-wise skill development. Train and mentor students on real-world scenarios and tools (e.g., Wireshark, Metasploit, Burp Suite, Splunk). Attributes Dynamic, energetic, team player, thrives among strong colleagues. Ability to work in fast paced evolving environment . Be willing and able to exercise judgment and take risks. Accept criticism and constructive feedback , while being extremely adaptable and flexible. Reflection of an impeccable persona in walk-talk while dealing with academia High spiritual quotient (Social quotient -SQ, Intelligence quotient - IQ, Emotional Quotient - EQ) Qualification & Years of Experience ME/M.Tech and BE/B.Tech in Computer Science /Information Technology from reputed university & Institute of eminence PhD Degree in the relevant field of subject is desirable. Industry and Global Experience is desirable. Certifications (Any of the following required) • CEH (Certified Ethical Hacker) • CompTIA Security+ / CySA+ • OSCP (Offensive Security Certified Professional) • CHFI (Computer Hacking Forensic Investigator) • CISA/CISM (Certified Information Systems Auditor / Manager) • CPT / CVAPT (Certified Penetration Tester / Certified VAPT Professional) • GIAC Certifications (GSEC, GCIA, GREM etc.) Salary as per norms Location: Greater Noida, Delhi/NCR Apply for the position by sending your CV at careers@glbitm.ac.in Visit our website’s career page at www.glbitm.ac.in Show more Show less

GL Bajaj (Institute of Technology & Mgmt.) – A Glimpse! Passionate education provider in multi disciplines at undergraduate and postgraduate level (B.Tech, MBA, MCA) Vibrant Learning Ecosystem on the campus, has inspired and brilliant students. GL Bajaj Group was incepted in year 1997 , carrying a winning legacy of 12 institutions running diverse higher education programs. GL Bajaj Group, has +14,000 students, +800 faculty members , 12 institutions, and 6 campuses with +300 acres of land. NAAC A+ accredited, 4 stars from Ministry of Education, NIRF rank holder, Research & Incubation centre, Entrepreneurship development and top quality placement for students Vision to give globally competent & socially sensitive professionals to the society. Highly inquisitive students who take risks, experiment, and put novel ideas into action. Sharpens the Technical as well as Life Skills of students – Developing young leaders. Have world class collaborative LEARNING infrastructure for teaching & learning practices. Hiring Distinguished faculty members from the Institutes of repute . We nurture versatile INTRAPRENEURs . Our core belief is in nurturing Diverse, inclusive, equity knowledge gems Hi – Tech Campus has a beautiful , serene environment & students enjoy learning. Believes in relentless change and desire to improve . We are looking for passionate researchers/out of box thinkers/academicians who have a go-getter attitude, have fire to innovate , works with technology driven progressive mindset and execute the concept of sustainability in each task ( paperless ) in learning process delivery. We are offering to the right candidate an excellent compensation package along with the tools and the environment to foster intellect and new ideas. If you want to CONTRIBUTE meaningful to the society at large, join us & Find your SPARK! ABOUT JOB Designation: Cybersecurity Trainer Job Purpose : Proven experience in cybersecurity concepts, hands-on experience with tools and techniques across the security domain, and relevant industry certifications. You will be responsible for training students as per a structured semester-based roadmap that includes areas like ethical hacking, digital forensics, malware analysis, penetration testing, and more. Knowledge Strong understanding of security principles and best practices. Hands-on experience with tools and platforms used in SOC, VAPT, forensic analysis, and exploit development. Passion for teaching and mentoring. Functional Skills Deliver high-quality training in the following areas: Network Defense and Python Programming Ethical Hacking, Intrusion Detection, and Prevention Vulnerability Assessment and Penetration Testing (VAPT) Digital Forensics, Governance Risk and Compliance (GRC), Reverse Engineering Cyber Threat Intelligence (CTI), Exploit Development, OSINT Develop course content, lab exercises, and assessments aligned with semester-wise skill development. Train and mentor students on real-world scenarios and tools (e.g., Wireshark, Metasploit, Burp Suite, Splunk). Attributes Dynamic, energetic, team player, thrives among strong colleagues. Ability to work in fast paced evolving environment . Be willing and able to exercise judgment and take risks. Accept criticism and constructive feedback , while being extremely adaptable and flexible. Reflection of an impeccable persona in walk-talk while dealing with academia High spiritual quotient (Social quotient -SQ, Intelligence quotient - IQ, Emotional Quotient - EQ) Qualification & Years of Experience ME/M.Tech and BE/B.Tech in Computer Science /Information Technology from reputed university & Institute of eminence PhD Degree in the relevant field of subject is desirable. Industry and Global Experience is desirable. Certifications (Any of the following required) • CEH (Certified Ethical Hacker) • CompTIA Security+ / CySA+ • OSCP (Offensive Security Certified Professional) • CHFI (Computer Hacking Forensic Investigator) • CISA/CISM (Certified Information Systems Auditor / Manager) • CPT / CVAPT (Certified Penetration Tester / Certified VAPT Professional) • GIAC Certifications (GSEC, GCIA, GREM etc.) Salary as per norms Location: Greater Noida, Delhi/NCR Apply for the position by sending your CV at careers@glbitm.ac.in Visit our website’s career page at www.glbitm.ac.in Show more Show less

Job Summary The Security Analyst is responsible for ensuring the security and integrity of the organization's information systems and data. This role involves identifying and mitigating security risks, reviewing project security requirements, and maintaining compliance with security standards. The Security Analyst will also focus on detection engineering by designing systems to detect malicious activities and implementing automation technologies to streamline security operations, including vulnerability management and incident response. General Duties and Responsibilities Information Security Analyst duties and responsibilities include: Identify and ensure mitigation of information security risks within the organization. standards, procedures, and practices across various types of projects. Review requests for adherence to security policies, assuring requests are executed correctly. Identify security incidents and respond to ensure threats and risks are contained. Maintain integrity of security controls, toolsets, and other security-relevant services. Develop and analyze security reports, and build presentations as required. Facilitate status reports and other relevant information to compliance staff and department leadership. Monitor and audit systems for security violations, vulnerabilities, and abnormalities. Develop, implement, and maintain alignment with security control frameworks. Make updates to security policies, standards, procedures, practices, and operating procedures, as required. Assist with incident handling and other incident response activities, as required. Complete and monitor the status of corrective action plans, resolve audit findings and security issues, ensuring problems are resolved in an effective and timely manner. Implement and evaluate the effectiveness of data loss prevention (DLP) policies and detections. Design, build, and fine-tune systems and processes to detect malicious activities or unauthorized behaviors. Implement tools, processes, and procedures to identify unusual or suspicious behavior that may indicate a breach. Create actionable alerts based on detected threats to prompt immediate response from concerned teams. Implement automation technologies to streamline security operations such as vulnerability management, threat detection, and incident response. Use automation to reduce incident response time by enabling swift threat remediation through predefined actions. Educational and Certification Requirements A degree in Cybersecurity, Information Technology, Computer Science, or related field is desirable. Industry recognized certifications are a plus. Certifications may include: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), CompTIA Security+, certifications issued by the SANS Institute, etc. Certifications issued by public cloud providers (AWS, Azure, Google, Oracle, etc.) is a plus. General Knowledge, Skills, and Abilities As well as formal qualifications, an Information Security Analyst should possess: A working level understanding of controls (e.g., access control, auditing, authentication, encryption, and system integrity). Versed in operating systems such as Linux (various distributions) and Microsoft Windows. Experience with Microsoft Active Directory, encryption and algorithms, authorization and authentication mechanisms/software, network monitoring, TCP/IP networks, DNS, next generation firewalls, and intrusion detection/prevention systems. General knowledge of network design and common network protocols, and infrastructure systems. Ability to create scripts to automate processes in PowerShell, Python or Bash is a plus. Ability to recognize and analyze malware. Ability to analyze large data sets and identify patterns and anomalies. Ability to quickly create and deploy countermeasures or mitigations under pressure. Build effective relationships. Develop and use collaborative relationships to facilitate the accomplishment of work goals. Experience with the PCI-DSS, ISO-27001, and/or SOC II compliance frameworks is a plus. Experience implementing and measuring security controls aligned with NIST 800-53 and the Center for Internet Security (CIS) is a plus. Project Management skills is a plus. Experience with the following technologies is a plus: SentinelOne Singularity Platform, Tanium, Google Chronicle SIEM, Cloudflare L3-L7 security technologies, Tenable.io, Lacework, Recorded Future, KnowBe4, ServiceNow, Jira, Microsoft Defender for Endpoints, Microsoft Security and Compliance, Microsoft Azure Key Vault. Experience with the native security service solutions for public cloud service providers (AWS, Google, Azure, Oracle) is a plus. Job Type: Contractual / Temporary Contract length: 6-12 months Pay: From ₹322,415.01 per year Schedule: Day shift Monday to Friday Morning shift Night shift Rotational shift Application Question(s): This is a 6 month contractual position are you comfortable Experience: total: 5 years (Required) SOC: 5 years (Required) Location: Hyderabad, Telangana (Preferred) Work Location: In person

Job Description Current Employees apply HERE Current Contingent Workers apply HERE Secondary Language(s) Job Description Senior Manager, Cybersecurity Engineering, Identity & Access Management The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview We are seeking an experienced, energetic, forward-thinking Identity and Access Management (IAM) professional to serve as a senior technical Subject Matter Expert (SME) and developer responsible for the delivery of authentication and authorization services enterprise-wide. The role requires a technically strong individual who is resourceful and highly self-motivated. The successful candidate should have 10+ years of experience working in the IAM field in a large, global enterprise environment and possess broad experience working with numerous technologies like PingOne, DaVinci, SSO, MFA etc. Additionally, the candidate will have strong communication skills that allows them to successfully work with stakeholders in diverse roles ranging from IT infrastructure to individual end-users. You will also collaborate extensively with other technical and business teams to identify, develop, and provide enhancements which support the complex security, collaboration, and productivity needs of a global organization. To help meet these emerging challenges, we are seeking an energetic, forward-thinking security professional to support the delivery of Identity and Access Management services. What Will You Do In This Role Understand divisional and site business system requirements for Authentication services. Must have experience in defining Authentication & Authorization platform requirements, designing technical solutions and executing on those designs into a highly available, fault tolerant environment. Understanding of security best practices, administration and governance of Identity and Access Management the products and services including identify and evaluate security gaps. Perform vendor and technology assessments. Recommend improvements, corrections, remediation for projects or internal processes. Advocate secure computing practices and procedures and communicate Information Security and IAM best practices throughout the company. Maintain active and direct interaction with key stakeholders. Working with various technical teams to ensure we maintain high availability and uninterrupted outage of our production environment. Demonstrate ability to stay current with all industry trends/best practices, as well as new product releases so that we can maintain a proactive 3-year systems management roadmap. Ensure all third-party monitoring solutions that are integrated into the Identity & Access Management products are properly documented and function as designed. What Should You Have 10+ years of experience with IAM solutions in the area of authentication and authorization (e.g. PingFederate, PingAccess and various multifactor authentication products) In-depth knowledge of authentication and authorization solutions such as PingFederate, PingAccess and, various multifactor authentication methods including FIDO2 for passwordless. Previous work designing / implementing EntraID authentication services such as Risk-based authentication, Azure Identity Protection and, Conditional Access Policies Strong organizational skills and able to multitask and adjust to changing priorities Ability to work efficiently in a matrixed environment with a global team comprised of company staff, contractors, and vendors Excellent interpersonal, written, and oral communication skills to effectively communicate technical ideas in business- and user-friendly language Strong analytical and problem-solving skills and demonstrable ability to work independently as well as in a team environment Well versed in Federation, SAML, OpenID, OAuth and other industry standard authentication / authorization solutions Excellent communication skills and interpersonal skills are required. A demonstrated track record of making a difference and adding value. Strong organizational skills with the ability to multi-task. Ability to work and adjust to changing deadlines. Excellent interpersonal, written and oral communication skills with the ability to communicate effectively across all levels of an organization. Able to present technical ideas in business-friendly and user-friendly language Proven analytical, evaluative, and problem-solving abilities Desired Skills & Experience Previous work designing / implementing adaptive risk authentication solutions (e.g. Ping Risk, Azure Identity Protection with Conditional Access Policies, Microsoft Defender for Cloud Applications) Hands-on experience with AWS IAM and AWS IAM related services (e.g. AWS Cognito, AWS Identity Center), Passwordless authentication (e.g. FIDO2 at the desktop) or other biometric authentication solutions Authentication enhancements to support zero-trust and SASE adoption Experience working in a large healthcare environment Demonstrated understanding of Identity-related NIST standards (e.g. 800-63-3) Prior experience with the Merck enterprise environment and business applications Good working knowledge of the ITIL framework Working knowledge and understanding of Remedy for Change, Incident and Knowledge Management CISSP, Security+ or similar industry certification Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation: VISA Sponsorship Travel Requirements: Flexible Work Arrangements Hybrid Shift Valid Driving License: Hazardous Material(s) Job Posting End Date: 06/5/2025 A job posting is effective until 11:59:59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID: R341154 Show more Show less