1050 Security+ Jobs - Page 30

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Associate Security Platform Engineer is an entry level subject matter expert, responsible for learning how to facilitate problem resolution and mentoring for the overall team. This role performs operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). The Associate Security Platform Engineer is responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments). What You'll Be Doing Key Responsibilities: Works as part of a 24/7 team working on rotational shifts. Works as part of Platform and Content Engineering handling tunings, stake holder requests, escalations, reporting, trainings. Administers the organization's security tools to gather security logs from environment. Lifecycle management of the supported security tools/technologies, Break-fix, Patching, Live update. Adheres to SOPs and notify stake holders on log flow/log format issues. Documents best practices. Identifies opportunities to make automations which will help the incident response team. Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics, and a broad range of skills in LAN technologies, Windows and Linux O/S’s, and general security infrastructure. Knowledge and Attributes: Entry level knowledge on implementation and monitoring of any SIEM or security tools/technologies. Entry level knowledge on security architecture, worked across different security technologies. Customer service orientated and pro-active thinking. Ability to problem solve and is highly driven and self-organized. Great attention to detail. Good analytical and logical thinking. Excellent spoken and written communication skills. Team player with the ability to work well with others and in group with colleagues and stakeholders. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or related field. Relevant level of Networking certifications such as CCNA, JNCIA, ACCA, PCNSA, CCSA etc. preferred. Relevant level of Security certifications such as AZ-500, SC-200, Security+, CEH etc. will be added advantage. Required Experience: Entry level experience in Security technologies like (Firewall, IPS, IDS, Proxy etc.). Entry level experience in technical support to clients. Entry level experience in diagnosis and troubleshooting. Entry level experience providing remote support in Security Technologies. Entry level experience in SOC/CSIRT Operations. Entry level experience in handling security incidents end to end. Entry level experience in Security engineering. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Experience- 8+ years Shift Timing: 24/7 Job Summary: An experienced professional to set up SOC L1 operations, including processes, procedures, and team integration. The role requires collaboration with Cadence SOC L2/L3 teams and the ability to establish a fully operational L1 framework. Candidate should be SME in various tools being used in SOC ecosystem in Cadence – Splunk, Devo and Sentinel One Key Responsibilities: Design and implement SOC L1 workflows, processes, and escalation paths. Onboard and guide the L1 team, ensuring alignment with L2/L3 operations. Develop SOPs, incident response playbooks, and documentation. Configure monitoring tools and dashboards for effective threat management. Provide full-time onsite support for 6-8 weeks, transitioning to part-time remote. Qualifications: Proven experience in SOC operations and team setup. Strong knowledge of SOC tools (e.g., SIEM) and cybersecurity frameworks Excellent documentation and communication skills. Relevant certifications (e.g., Security+, CSA) are a plus. Job Type: Full-time Pay: ₹1,500,000.00 - ₹2,500,000.00 per year Schedule: Rotational shift Ability to commute/relocate: Noida, Uttar Pradesh: Reliably commute or planning to relocate before starting work (Required) Application Question(s): What is your current CTC? What is your expected CTC? What is your notice period? What is your current location? Which level are you supporting? How many years of experience do you have in SOC tools (e.g., SIEM) and cybersecurity frameworks? How many years of experience do you have in SOC operations? Do you have experience in Splunk and Sentinel One? Are you comfortable with the 24/7 support? Experience: total work: 8 years (Required) Work Location: In person

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Qualys, a leading cybersecurity firm, is seeking an experienced Senior Technical Support Engineer for Security Applications to resolve global customer and partner service requests promptly. Collaborate across teams for high customer satisfaction in a secure environment. Ideal for security enthusiasts with solid networking skills. Lead in resolving technical issues, provide top-tier support, and contribute to world-class assistance. Responsibilities: Promptly resolve global customer and partner service requests in a highly secured environment. Collaborate with cross-functional teams for high customer satisfaction. Provide support via phone, email, and MS Teams for Product modules over the SaaS platform. Ensure friendly and professional customer interactions throughout the service life cycle. Act as the main point of contact for technical issues, collaborating directly with Development and QA teams. Thrive in a challenging and dynamic environment, delivering world-class support and technical solutions. Qualifications: 2+ years of technical support experience. Experience in Vulnerability Management and Web Application Security/Firewall application support. In-depth TCP/IP understanding and LAN/WAN infrastructure knowledge. Strong foundation in Windows and/or solid Linux/Unix experience in an enterprise environment. Familiarity with common OS services (IIS, BIND, Apache, AD, WINS, Samba, SSH). Knowledge of firewalls, Intrusion Detection System technologies, and Network Vulnerability Scanners. Outstanding troubleshooting and analytical skills. Excellent written and verbal communication skills. Bachelor of Science in Computer Science or equivalent experience. Networking: OSI Layer understanding. Knowledge of broadcast domain vs. collision domain. Familiarity with different records zones in DNS and how it works. Understanding of SSL Handshake and TCP/IP Handshake. Proficiency in ARP, DHCP, proxy servers, and DNS cache clearing. Differentiation between TCP and UDP, and protocols & their workings. Linux/Unix: Understanding of the boot process and run levels. Various ways to assign an IP address to a Unix/Linux/Debian machine. Proficient in checking running processes, hidden files, and installing packages. Knowledge of sudo, permissions, file systems, and SSH banner. Windows: Insight into the Windows boot process and control panel basics. Understanding of UAC, registry hives, and remote registry manipulation tools. Knowledge of kernel mode vs. user mode, Active Directory, and Group Policies. Familiarity with Kerberos and NTLM authentication, Procmon, and service control manager. Security: Understanding of vulnerabilities, the vulnerability cycle, and exploits. Knowledge of malware types (virus, trojan, worm) and False/True Positive/Negative concepts. Understanding of False Positive, False Negative, True Positive, and True Negative in the security context. Preferred: Experience with packet capture review and diagnosis. Previous API support and Regex knowledge. Scripting experience (Bash, Python). Knowledge of major web server software, UNIX/Windows web services, and diverse platforms. Oracle and Microsoft SQL knowledge. CCNA, MCSE, CISSP, CompTIA Security+, and CEH certifications are highly desirable. Experience with Customer Support and Development Tools (Salesforce, Jira, etc.). Preferred Candidates With a CDAC Background. Willing to work in 24/7 rotational shifts. Show more Show less

Company Description WissenHive is an online platform that offers comprehensive training in CyberSecurity, covering offensive, defensive, and forensics domains. The company focuses on providing practical knowledge and real-world experience to its learners through courses, boot camps, challenge labs, and a CTF platform. WissenHive aims to bridge the skills gap in cybersecurity and enhance technical workforce development. Role Description This is a contract Cyber Security Trainer role located on-site in Noida. The Cyber Security Trainer will be responsible for delivering training sessions, developing curriculum, and creating educational content. The role involves mentoring students, conducting workshops, and assessing their progress in mastering cybersecurity concepts and techniques. Qualifications Application Security and Malware Analysis skills Experience in Cybersecurity, Network Security, and Information Security Strong understanding of cybersecurity principles and best practices Ability to explain complex technical concepts in a clear and concise manner Certifications such as CEH, or CompTIA Security+ are a plus Bachelor's degree in Computer Science, Information Technology, or related field Show more Show less

Job Title: IT Administrator with Networking & Server Administration Location : Hyderabad Experience : 6 months – 2 years Job Type: Paid Internship About Us: Instaresz Business Services Pvt Ltd is a forward-thinking, fast-growing technology company that thrives on innovative solutions. We are currently looking for an experienced IT Administrator who will take responsibility for managing and maintaining the network infrastructure, servers, and systems while ensuring smooth day-to-day IT operations across the organization. Key Responsibilities: Set up, configure, and maintain LAN/WAN networks, routers, switches, firewalls, and VPNs. Administer Windows/Linux servers, Active Directory, DNS, DHCP, and user access controls. Manage software and OS package installations using tools like apt, yum, dnf, and rpm. Monitor and troubleshoot network and system performance issues. Maintain web, file, mail, and database servers (Apache, Nginx, Postfix, MySQL, etc.). Implement and monitor IT security measures including firewalls, antivirus, and access policies. Perform system backups, restore processes, and support disaster recovery plans. Support virtualization platforms (VMware, Hyper-V) and assist with basic cloud infrastructure (AWS, Azure). Automate tasks using PowerShell or Bash scripting. Document IT procedures, configurations, and network diagrams. Required Skills & Qualifications: Proven Experience in IT system administration, networking, and server management. Hands-on Knowledge of networking protocols, IP addressing, subnetting, and VPNs. Experience with network devices such as routers, switches, and firewalls. Proficient in Windows Server (Active Directory, Group Policies, DNS, DHCP) and Linux administration (Ubuntu, CentOS, RHEL). In-depth knowledge of server administration , including web servers (Apache, Nginx), databases (MySQL, PostgreSQL), and mail servers (Postfix, Exchange). Experience with package management tools (apt, yum, dnf, rpm). Familiarity with cloud platforms (AWS, Azure) and virtualization tools (VMware, Hyper-V). Strong understanding of IT security practices , including firewalls, antivirus, VPNs, and access management. Scripting skills for automation (PowerShell, Bash). Excellent problem-solving and troubleshooting abilities. Preferred Certifications: CompTIA Network+ CompTIA Security+ Microsoft Certified: Windows Server / Azure Administrator Cisco Certified Network Associate (CCNA) Red Hat Certified System Administrator (RHCSA) ITIL Foundation (For IT Service Management) Additional Skills (Good to Have): Experience with containerization technologies (Docker, Kubernetes). Knowledge of Version Control Systems (Git). Why Join Us: Competitive salary and performance-based incentives Dynamic and collaborative work environment Opportunities for learning and growth Exposure to cutting-edge technologies and industry trends Show more Show less

Role: Technical Executive - Network & Web Security Location: Thiruvananthapuram, Kerala, India Experience: 3 - 5 Years Salary Range: INR 12,00,000 - 14,00,000 per annum Notice Period: Immediate to 30 Day’s About Company: It one of the leading Digital Systems & Services Integrator company in South Asia. We accelerate Customer’s Business Transformation Journey through our competence in Consulting, Integration and Security, delivering Next-Gen Digital Infrastructure Technologies, Solutions and Services. About The Role We are seeking a highly skilled and proactive Technical Executive specializing in Network and Web Security to join our team in Thiruvananthapuram . This role is crucial for ensuring the secure operation of web gateways, zero-trust environments, and data loss prevention (DLP) solutions. You will be responsible for implementing, supporting, and troubleshooting advanced security solutions, working closely with various teams to maintain high standards of security and operational excellence. Responsibilities & Key Performance Indicators (KPIs) Configuration Management: Create, verify, and manage configuration changes to Secure Web Gateway (SWG), zero-trust, and Data Loss Prevention (DLP) solutions. Incident Resolution: Provide advanced troubleshooting and effective resolution of network and web security incidents. Root Cause Analysis (RCA): Perform detailed Root Cause Analysis for recurring issues and implement comprehensive corrective and preventive actions to enhance system stability. Collaboration & Improvement: Collaborate effectively with Original Equipment Manufacturers (OEMs) and other technical teams for complex issue resolution, system enhancements, and continuous improvements. Meeting Participation: Actively participate in quarterly and monthly review meetings to discuss deployment status, new features, and ongoing Business As Usual (BAU) operations. Documentation: Develop and maintain detailed documentation, including cookbooks, run books, Standard Operating Procedures (SOPs), and configuration guides, ensuring knowledge transfer and operational efficiency. Integration Support: Support the integration of the Security Service Edge (SSE) platform with other technologies and cloud solutions to build a cohesive security ecosystem. Continuous Learning: Proactively upskill with any new or added features released by OEMs, ensuring you stay updated with the latest security technologies and trends. Escalation Handling: Demonstrate flexibility and readiness to work during escalations, providing timely and effective support to resolve critical issues. Must-Have Skills Networking Fundamentals: Strong understanding of networking concepts, including TCP/IP, routing, and firewalls. Zero-Trust Architecture: Solid understanding and practical experience with zero-trust architecture principles for web security. Secure Web Gateway & DLP: Proven experience in the implementation and support of Secure Web Gateway (SWG) and Data Loss Prevention (DLP) solutions. Troubleshooting Expertise: Hands-on experience with troubleshooting complex network and security issues. Incident Management: Experience with incident management, Root Cause Analysis (RCA), and forensic activities in a security context. System Management: Proficiency in performing system updates, upgrades, and configuration management for security tools. Zscaler Proficiency: Direct experience with Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) platforms. Certification (Preferred): Zscaler certification. Good-to-Have Skills Strong analytical and problem-solving skills. Excellent communication and documentation skills. Other relevant security certifications (e.g., CompTIA Security+, CCNA Security, CISSP). Academic Qualifications Graduate (bachelor’s degree in a relevant field such as Computer Science, Information Technology, or Engineering is preferred). Skills: zero-trust architecture,networking fundamentals,troubleshooting expertise,technical executive - network & web security,secure web gateway & dlp,tcp/ip, routing, and firewalls,secure web gateway,data loss prevention,incident management,zscaler proficiency,system management,zscaler certification Show more Show less

Roles & Responsibilities: Professional Services Delivery Network Security Engineer L4 Network Security Engineer L4: Key Responsibilities Proven expertise in configuring and managing Cisco ASA, Palo Alto, Fortinet & Juniper firewalls Firewall & Security: Advanced configuration and troubleshooting of firewalls (Cisco ASA, Palo Alto, Fortinet), VPNs (IPSec, SSL), IDS/IPS Demonstrated ability to implement advanced features on Palo Alto firewalls, including converting Layer 4 to Layer 7 traffic Hands-on experience with F5 Load Balancers and NetScaler Load Balancing & Redundancy: Implementing solutions using F5, Citrix NetScaler, HA/Failover systems Demonstrated ability to manage and execute complex firewall migrations and load balancer migrations in dynamic environments , ensuring minimal disruption and adherence to best practices. Routing & Switching: Deep expertise with protocols like BGP, OSPF, EIGRP, MPLS, STP, VXLAN, etc NSX,CDN,CASB, SD-WAN / SDN: Deep knowledge of software-defined networking platforms (Cisco SD-WAN, VMware NSX) Network Automation: Scripting (Python, Ansible, Terraform) to automate configurations and monitoring Lead the design, implementation of firewall and load balancing solutions for clients Create and review all technical diagrams of infrastructure using Visio or Smart draw Work directly with Clients/PMs to understand their network security needs and translate them into effective technical solutions Stakeholder Communication: Translating technical issues into business-impact language for management or clients Knowledge of NSX,CDN,CASB will be added advantage Linux & Virtualization skills will be added advantage Preferred Certifications: Cisco Certified Network Professional (CCNP Security) or equivalent, CCIE or equivalent Palo Alto Networks Certified Network Security Engineer (PCNSE) or equivalent F5 Certified Administrator or equivalent certification CompTIA: Network+, Security+ Linux & Virtualization certifications will be added advantage Full project life-cycle experience and knowledge of best-practice project methodologies Stakeholder Communication: Translating technical issues into business-impact language for management or clients. Show more Show less

Preferred Candidate Profile:- Bachelors degree in Computer Science, Information Security, or related field. 3-6 years of experience in DevOps or Security Engineering roles. Relevant certifications such as CISSP, CEH, Security+ (preferred). Hands-on experience with cloud security across AWS, Azure, or GCP . Proficiency in scripting languages such as Python, Java, or Bash . Strong understanding of DevSecOps practices , threat modeling, and risk assessment. Excellent problem-solving skills and the ability to work in a fast-paced, collaborative environment.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Cyber Governance Risk and Compliance Consultant - Senior The opportunity This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, designing security and privacy controls, advising client stakeholders, facilitating workshops and supporting business development. Your Key Responsibilities As a Cyber GRC Professional in our Cyber Security practice, you will be occupied in the following domains: a) Strategy, b) Risk, c) Compliance. As part of our team strategy you will be expected to take on responsibility and initiative early, providing you with real experience working with a wide range of major clients in EY. You will be taking responsibility for the quality of your work, while continually developing your personal and professional skills through formal training, hands-on experience and coaching. Skills And Attributes For Success To qualify for the role, you must have: Degree, or equivalent, in Information Security, Cyber Security, Information Technology, Informatics, or other similar and technical areas Evidence of self-motivation to continuously develop in the areas of cybersecurity Good organizational and time management skills with the ability to prioritize and complete multiple complex projects under tight deadlines Ability to translate security issues into business risks Excellent interpersonal skills and ability to work effectively within a team at all hierarchical levels Willingness to research client inquiries and emerging issues, including regulations, industry practices, and new technologies Experience, knowledge and strong interest in information and cyber security domains are essential for this role Experience on Cyber Governance, Risk & Compliance (GRC), Cyber risk assessments & management methodologies Experience on assessing, designing and implementing security strategies, governance frameworks over processes and controls, allowing organisations to optimally manage cyber security Experience on design and implementation of security policies, procedures, standards and controls in line with regulation and/or current standards, such as ISO27001, NIST, SANS etc. Experience in data classification exercises and controls / mechanisms enforcement Working knowledge of control frameworks such as ISO 27001/27002, COBIT, NIST, ITIL, etc. Ability to conduct Security regulatory and compliance assessment independently Hands on with assessment report preparation and presenting to senior technical and business stakeholders Hand on knowledge of excel, PowerPoint and word Articulative and confident in presentation to senior stakeholders Ability to lead workstreams or dedicated portions of projects Cyber maturity assessments, recommendations, roadmap and strategy creation knowledge of use of and risks related to modern and emerging technologies Cybersecurity audit Ability to plan and deliver cyber security training and awareness Ideally, you’ll also have: Security-related qualifications / certifications such as CISSP, SSCP, CISM, ISO27001 lead implementer or auditor, CompTIA Security+, are desirable Experience in Third Party Risk Management (TPRM) and / or vendor risk assessment engagements Experience in design and implementation of Information Security Management Systems (i.e. security policies, procedures and guidelines) according to leading International Standards Security-related vendor / technology certifications are desirable EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Encryption Engineer Today’s world is fueled by vast amounts of information which makes data more valuable than ever before. Best security practices have informed many organizations to take full control of their cryptographic keys which encrypt data on-premises and in the cloud rather than leaving those responsibilities to cloud providers or third-party companies. Protecting data in information systems is central to this role, and everyone in EY Information Security has a critical role to play. Join a global team of almost 900 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity The Encryption Engineer will be a member of the Cryptography team within the Information Security Identity and Access Management Services (IAMS) team. This Engineer will deploy, configure and maintain a centralized key management tool and ensure that storage of sensitive key material reside only in a Hardware Security Module (HSM). Your Key Responsibilities Deploy and configure enterprise key management and HSM tools, which will centralize key lifecycle administration across the global EY platform for data at rest and data in transit. Your responsibilities include: Deploy and configure the Firm’s enterprise key management tools. Deploy and configure the Firm’s Hardware Security Module. Implement process automations as it relates to enterprise key management and HSM administration. Maintain and update the enterprise key management tools to support new business requirements while maintaining the fundamentals of a centralised key management service. Support integration of HSMs to support Apache, Nginx, Windows IIS and Java keystores. Support cloud application teams in centralizing storage of sensitive key material in proprietary repositories such as Azure Key Vault (AKV) and Goggle Cloud Key Management Services while aligning to the overall EY key management strategy. Provide Level 3 and 4 support to operational team on key management which has a direct impact of the Recovery Time Objective (RTO). Document operational procedures for deployment and configuration of security appliance. Update system configuration runbook regularly. Lead HSM engineering and enterprise key management efforts across the internal infrastructure and cloud environments. Work with cross functional teams and collaborate with IAM Operations. Research on impact of future computer security standard such as Federal Information Processing Standard 140-3 (FIPS 140-3), Cryptographic Module Validation Program (CMVP), Common Criteria (ISO/IEC 15408) on EY KMS strategy. Research on business problems that can be solved by a quantum computer faster than a classical computer and suggest areas in EY KMS strategy which require updates. Provide subject matter expertise on HSM, FIPS, CMVP, ISO/IEC 15408 to project teams, and other audiences as needed Skills And Attributes For Success A successful candidate for this role impacts EY business by deploying and configuring security tools recommended in EY key management strategy. As such, candidates must possess: Experience with Key Management Life Cycle - Key Generation, Storage, Distribution, Backup, Rotation, Revocation, Destruction, etc. Experience with major enterprise key management system as well as cloud based key management services Hands on experience and knowledge of TLS, PKI, HSMs, KMIP, Digital Certificate Management, Azure Key Vault, and transparent database encryption Experience with FIPS 140-2 compliance requirements and implementation Experience in security key management, security standards, cryptography, certificate management lifecycle and PKI Understanding of cloud computing architecture, technical design, and implementation To qualify for the role, you must have Degree in Computer Science, Computer Engineering or 5 years Security Engineering Experience or equivalent 3+ years’ experience in enterprise key management, HSM configuration, application layer encryption, and transparent data encryption Ideally, you’ll also have Experience working with diverse, globally distributed teams Ability to work well in a highly matrixed environment yet builds credibility to drive execution outside of direct chain of command while working across all organizational levels. Strong analytical and problem-solving skills. A security industry certification such as Security+, Network+, Cryptography Certification. Ability to work independently or with a team, under minimum supervision What We Look For A successful candidate for this role would be expected to think like an Engineer. Thinking like an engineer means looking at situations from multiple lenses. It means persistence, originality and apply technical concepts rather than popular opinion. Networking with key stakeholders and sponsors, cross-teaming across the organization is required for this role, as such we would look out for relationship builder. As an engineer slowing down to enjoy the process rather than fixating on its conclusion is key in this role. What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Confidence: We will provide you the insights, coaching and self-assurance in your decision making that the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. Show more Show less

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Encryption Engineer Today’s world is fueled by vast amounts of information which makes data more valuable than ever before. Best security practices have informed many organizations to take full control of their cryptographic keys which encrypt data on-premises and in the cloud rather than leaving those responsibilities to cloud providers or third-party companies. Protecting data in information systems is central to this role, and everyone in EY Information Security has a critical role to play. Join a global team of almost 900 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity The Encryption Engineer will be a member of the Cryptography team within the Information Security Identity and Access Management Services (IAMS) team. This Engineer will deploy, configure and maintain a centralized key management tool and ensure that storage of sensitive key material reside only in a Hardware Security Module (HSM). Your Key Responsibilities Deploy and configure enterprise key management and HSM tools, which will centralize key lifecycle administration across the global EY platform for data at rest and data in transit. Your responsibilities include: Deploy and configure the Firm’s enterprise key management tools. Deploy and configure the Firm’s Hardware Security Module. Implement process automations as it relates to enterprise key management and HSM administration. Maintain and update the enterprise key management tools to support new business requirements while maintaining the fundamentals of a centralised key management service. Support integration of HSMs to support Apache, Nginx, Windows IIS and Java keystores. Support cloud application teams in centralizing storage of sensitive key material in proprietary repositories such as Azure Key Vault (AKV) and Goggle Cloud Key Management Services while aligning to the overall EY key management strategy. Provide Level 3 and 4 support to operational team on key management which has a direct impact of the Recovery Time Objective (RTO). Document operational procedures for deployment and configuration of security appliance. Update system configuration runbook regularly. Lead HSM engineering and enterprise key management efforts across the internal infrastructure and cloud environments. Work with cross functional teams and collaborate with IAM Operations. Research on impact of future computer security standard such as Federal Information Processing Standard 140-3 (FIPS 140-3), Cryptographic Module Validation Program (CMVP), Common Criteria (ISO/IEC 15408) on EY KMS strategy. Research on business problems that can be solved by a quantum computer faster than a classical computer and suggest areas in EY KMS strategy which require updates. Provide subject matter expertise on HSM, FIPS, CMVP, ISO/IEC 15408 to project teams, and other audiences as needed Skills And Attributes For Success A successful candidate for this role impacts EY business by deploying and configuring security tools recommended in EY key management strategy. As such, candidates must possess: Experience with Key Management Life Cycle - Key Generation, Storage, Distribution, Backup, Rotation, Revocation, Destruction, etc. Experience with major enterprise key management system as well as cloud based key management services Hands on experience and knowledge of TLS, PKI, HSMs, KMIP, Digital Certificate Management, Azure Key Vault, and transparent database encryption Experience with FIPS 140-2 compliance requirements and implementation Experience in security key management, security standards, cryptography, certificate management lifecycle and PKI Understanding of cloud computing architecture, technical design, and implementation To qualify for the role, you must have Degree in Computer Science, Computer Engineering or 5 years Security Engineering Experience or equivalent 3+ years’ experience in enterprise key management, HSM configuration, application layer encryption, and transparent data encryption Ideally, you’ll also have Experience working with diverse, globally distributed teams Ability to work well in a highly matrixed environment yet builds credibility to drive execution outside of direct chain of command while working across all organizational levels. Strong analytical and problem-solving skills. A security industry certification such as Security+, Network+, Cryptography Certification. Ability to work independently or with a team, under minimum supervision What We Look For A successful candidate for this role would be expected to think like an Engineer. Thinking like an engineer means looking at situations from multiple lenses. It means persistence, originality and apply technical concepts rather than popular opinion. Networking with key stakeholders and sponsors, cross-teaming across the organization is required for this role, as such we would look out for relationship builder. As an engineer slowing down to enjoy the process rather than fixating on its conclusion is key in this role. What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Confidence: We will provide you the insights, coaching and self-assurance in your decision making that the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. Show more Show less

About BPM: BPM is a full-service accounting firm providing comprehensive assurance, tax, and consulting services to clients globally. We are one of the largest California-based accounting firms and have built our success by focusing on our clients and our people. Our client base encompasses a complex array of sophisticated clients that keep our staff intellectually challenged every day. Our people-centered culture and firm motto “Because People Matter” has allowed us to be consistently recognized as one of the Best Places to Work in the Bay Area. We are dedicated to providing meaningful careers for all of our employees along with fostering an environment that allows an integrated lifestyle. Our flexible culture allows our professionals to live a balanced lifestyle between their work responsibilities and personal commitments. Burr Pilger Mayer India Pvt. Ltd. (BPM India) is a subsidiary of BPM LLP. Founded in 1986, BPM is one of the largest California-based accounting and consulting firms, ranking in the top 35 in the country. With 14 different office locations, BPM serves emerging and mid-cap businesses as well as high-net-worth individuals in a broad range of industries, including financial services, technology, life science, manufacturing, food, wine and craft brewing, automotive, nonprofits, real estate and construction. The Firm’s International Tax Practice is one of the largest on the West Coast and its well-recognized SEC practice serves approximately 35 public reporting companies, mostly in the technology industry. About the role: The IT Security Analyst performs two core functions for BPM. The first is the day-to-day operations of the in-place security solutions, while the second is identifying, investigating, and resolving security incidents detected by those systems. Secondary tasks may include implementing new security solutions, creating and maintaining policies, standards, baselines, guidelines, and procedures, conducting vulnerability audits and assessments, and assisting with E-Discovery. The IT Security Analyst is expected to be fully aware of the enterprise’s security goals established by its stated policies, procedures, and guidelines and to uphold those goals. Responsibilities: Strategy & Planning Participate in the planning and design of enterprise security architecture under the direction of the IT Security Manager, where appropriate. Participate in creating and maintaining enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate. Acquisition & Deployment Maintain up-to-date detailed knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors. Recommend additional security solutions or enhancements to existing solutions to improve overall enterprise security. Deploy, integrate, and initial configure all new security solutions and enhancements to existing security solutions, following standard best operating procedures generically and the enterprise’s security documents specifically. Operational Management Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether under direct control (i.e., security tools) or not (e.g., workstations, servers, network devices). Maintain operational configurations of all in-place security solutions per the established baselines. Monitor all in-place security solutions for efficient and appropriate operations. Review logs and reports of all in-place devices, whether they are under direct control (i.e., security tools) or not (e.g., workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution. Participate in investigations into problematic activity. Participate in E-Discovery projects. Participate in the design and execution of vulnerability assessments, penetration tests, and security audits. Provide on-call support for end users for all in-place security solutions. Position Requirements: College diploma or university degree in Computer Science and/or two years equivalent work experience. One or more of the following certifications: GIAC Information Security Fundamentals Microsoft Certified Systems Administrator: Security GIAC Certified Intrusion Analyst Certification (GCIA) Associate of (ISC)2 Palo Alto Network Certified Network Security Engineer CompTIA Security+ Knowledge & Experience: Extensive experience working in a SOC environment or handling incidents and breaches. Experience with Palo Alto firewalls, intrusion detection systems, intrusion prevention systems, anti-virus software, data encryption, and other industry-standard techniques and practices. Working technical knowledge of network, PC, and platform operating systems Strong understanding of networking, including network traffic analysis. Familiarity with switches, routers, and Firewalls. Experience with current systems software, protocols, and standards. Experience in E-Discovery, including content searches and relevant procedures and practices. Strong understanding of applicable practices and laws relating to data privacy and protection. Personal Attributes: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a high-pressure environment. Good written, oral, and interpersonal communication skills. Ability to conduct research into IT security issues and products as required. Ability to present ideas in business-friendly and user-friendly language. Highly self-motivated and directed. Keen attention to detail. Team-oriented and skilled in working within a collaborative environment. Show more Show less

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Encryption Engineer Today’s world is fueled by vast amounts of information which makes data more valuable than ever before. Best security practices have informed many organizations to take full control of their cryptographic keys which encrypt data on-premises and in the cloud rather than leaving those responsibilities to cloud providers or third-party companies. Protecting data in information systems is central to this role, and everyone in EY Information Security has a critical role to play. Join a global team of almost 900 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust. Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value. The opportunity The Encryption Engineer will be a member of the Cryptography team within the Information Security Identity and Access Management Services (IAMS) team. This Engineer will deploy, configure and maintain a centralized key management tool and ensure that storage of sensitive key material reside only in a Hardware Security Module (HSM). Your Key Responsibilities Deploy and configure enterprise key management and HSM tools, which will centralize key lifecycle administration across the global EY platform for data at rest and data in transit. Your responsibilities include: Deploy and configure the Firm’s enterprise key management tools. Deploy and configure the Firm’s Hardware Security Module. Implement process automations as it relates to enterprise key management and HSM administration. Maintain and update the enterprise key management tools to support new business requirements while maintaining the fundamentals of a centralised key management service. Support integration of HSMs to support Apache, Nginx, Windows IIS and Java keystores. Support cloud application teams in centralizing storage of sensitive key material in proprietary repositories such as Azure Key Vault (AKV) and Goggle Cloud Key Management Services while aligning to the overall EY key management strategy. Provide Level 3 and 4 support to operational team on key management which has a direct impact of the Recovery Time Objective (RTO). Document operational procedures for deployment and configuration of security appliance. Update system configuration runbook regularly. Lead HSM engineering and enterprise key management efforts across the internal infrastructure and cloud environments. Work with cross functional teams and collaborate with IAM Operations. Research on impact of future computer security standard such as Federal Information Processing Standard 140-3 (FIPS 140-3), Cryptographic Module Validation Program (CMVP), Common Criteria (ISO/IEC 15408) on EY KMS strategy. Research on business problems that can be solved by a quantum computer faster than a classical computer and suggest areas in EY KMS strategy which require updates. Provide subject matter expertise on HSM, FIPS, CMVP, ISO/IEC 15408 to project teams, and other audiences as needed Skills And Attributes For Success A successful candidate for this role impacts EY business by deploying and configuring security tools recommended in EY key management strategy. As such, candidates must possess: Experience with Key Management Life Cycle - Key Generation, Storage, Distribution, Backup, Rotation, Revocation, Destruction, etc. Experience with major enterprise key management system as well as cloud based key management services Hands on experience and knowledge of TLS, PKI, HSMs, KMIP, Digital Certificate Management, Azure Key Vault, and transparent database encryption Experience with FIPS 140-2 compliance requirements and implementation Experience in security key management, security standards, cryptography, certificate management lifecycle and PKI Understanding of cloud computing architecture, technical design, and implementation To qualify for the role, you must have Degree in Computer Science, Computer Engineering or 5 years Security Engineering Experience or equivalent 3+ years’ experience in enterprise key management, HSM configuration, application layer encryption, and transparent data encryption Ideally, you’ll also have Experience working with diverse, globally distributed teams Ability to work well in a highly matrixed environment yet builds credibility to drive execution outside of direct chain of command while working across all organizational levels. Strong analytical and problem-solving skills. A security industry certification such as Security+, Network+, Cryptography Certification. Ability to work independently or with a team, under minimum supervision What We Look For A successful candidate for this role would be expected to think like an Engineer. Thinking like an engineer means looking at situations from multiple lenses. It means persistence, originality and apply technical concepts rather than popular opinion. Networking with key stakeholders and sponsors, cross-teaming across the organization is required for this role, as such we would look out for relationship builder. As an engineer slowing down to enjoy the process rather than fixating on its conclusion is key in this role. What We Offer As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer: Continuous learning: You will develop the mindset and skills to navigate whatever comes next. Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way. Confidence: We will provide you the insights, coaching and self-assurance in your decision making that the world needs. Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs. EY | Building a better working world EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. Show more Show less

The HiLabs Story HiLabs is a leading provider of AI-powered solutions to clean dirty data, unlocking its hidden potential for healthcare transformation. HiLabs is committed to transforming the healthcare industry through innovation, collaboration, and a relentless focus on improving patient outcomes. HiLabs Team Multidisciplinary industry leaders Healthcare domain experts AI/ML and data science experts Professionals hailing from the worlds best universities, business schools, and engineering institutes including Harvard, Yale, Carnegie Mellon, Duke, Georgia Tech, Indian Institute of Management (IIM), and Indian Institute of Technology (IIT). Be a part of a team that harnesses advanced AI, ML, and big data technologies to develop cutting-edge healthcare technology platform, delivering innovative business solutions. Job Title : Security Test Engineer Job Location : Pune, Maharashtra, India Job summary: We are a leading Software as a Service (SaaS) company that specializes in the transformation of data in the US healthcare industry through cutting-edge Artificial Intelligence (AI) solutions. HiLabs is looking for highly motivated and technical Sr. Software Development Engineers focused on the application of emerging technologies, who should continually strive to advance engineering excellence and technology innovation. The mission is to power the next generation of digital products and services through innovation, collaboration, and transparency. Responsibilities Design, implement, and manage security controls across cloud environments. Conduct regular vulnerability assessments, penetration tests, and risk analyses. Develop and execute test plans, test cases, and security automation scripts. Lead incident response activities including identification, containment, mitigation, and post-incident analysis. Collaborate with cross-functional teams to remediate vulnerabilities and strengthen defenses Work collaboratively with IT and engineering teams to integrate security best practices into daily operations and development cycles. Assess security controls and ensure compliance with relevant standards (e.g., OWASP, NIST, HIPAA, SocII Type2) by working closely with the compliance team. Maintain detailed security documentation and provide periodic reports to management Stay up to date with emerging threats, vulnerabilities, and security best practices. Desired Profile Bachelor’s degree in Computer Science, Information Security, or a related field. 3-6 years of experience in IT security, or related roles. Strong knowledge of IT security frameworks, best practices, and standards (e.g., NIST, ISO 27001). Hands-on experience with vulnerability management tools, SIEM solutions, and endpoint security technologies. Hands-on experience with security tools such as Kali Linux, Metasploit, Burpsuite, Wireshark, SonarQube, AppSec, Nmap, OWASP ZAP, and Nessus Understanding of security vulnerabilities, exploits, and mitigation techniques Proficiency in cloud security (AWS, Azure, or GCP) is a plus Solid understanding of network protocols, firewalls, VPNs, and IDS/IPS systems. Knowledge of security frameworks and standards (e.g., OWASP Top 10, CVSS, CIS Benchmarks). Excellent problem-solving skills and the ability to respond effectively under pressure Passionate about technology and delivering solutions to solve complex business problems Great collaboration and interpersonal skills Ability to work with team members and lead by example in code, feature development, and knowledge sharing Nice to Have Certifications such as CEH, OSCP or CompTIA Security+. Experience in the healthcare industry and knowledge of HIPAA compliance. Familiarity with container security and DevSecOps practices. Experience with automation and scripting (Python, Bash) for security tasks HiLabs is an equal opportunity employer (EOE). No job applicant or employee shall receive less favorable treatment or be disadvantaged because of their gender, marital or family status, color, race, ethnic origin, religion, disability, or age; nor be subject to less favorable treatment or be disadvantaged on any other basis prohibited by applicable law. HiLabs is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse and inclusive workforce to support individual growth and superior business results. Thank you for reviewing this opportunity with HiLabs! If this position appears to be a good fit for your skillset, we welcome your application. HiLabs Total Rewards Competitive Salary, Accelerated Incentive Policies, H1B sponsorship, Comprehensive benefits package that includes ESOPs, financial contribution for your ongoing professional and personal development, medical coverage for you and your loved ones, 401k, PTOs & a collaborative working environment, Smart mentorship, and highly qualified multidisciplinary, incredibly talented professionals from highly renowned and accredited medical schools, business schools, and engineering institutes. CCPA disclosure notice - https://www.hilabs.com/privacy Show more Show less

Description Position at LeadVenture India IT Specialist We are looking for an IT Specialist who will be responsible for the ongoing development and improvement of our technology infrastructure, internal enterprise systems, endpoints, and users. We are looking for a technology enthusiast and go-getter who can adapt to a complex, changing, and variably paced environment while demonstrating top-tier IT and infrastructure support principles to support operations across geographies. You will also be working alongside various software development teams to guarantee service availability and respond quickly to adverse events within our infrastructure that impact our customers. Here is more of what you’ll get to do: Monitor and respond to Tier 1 & Tier 2 tickets, including escalated tickets requiring advanced/time-sensitive troubleshooting. This role will require working out of Gurgaon office. Investigate and resolve routine hardware, software, and network issues Install and update client software in an enterprise environment Educate and train users on proper use of company supported systems and software Follow all standard operating procedures (SOP) through the effective use of Knowledge Management Work with Level 2 Tech to update knowledgebase documentation Work with Level 2 Tech to create accounts and configure hardware as part of the on-boarding process Provision hardware following the current process Repair or replace client hardware as necessary Monitor internal assets to ensure accurate inventory records Support VoIP phone systems and infrastructure Support Office 365 and Google Workspace environments Perform network troubleshooting and issue resolution Willing to follow through with odd jobs and tasks as needed or asked, if not to perform personally, but to ensure the right person is found for continuation. You’ll thrive in this role if you have: Strong English spoken and written skills. Experience managing Microsoft Cloud Services: Azure, Office 365, Exchange, Intune, etc. Experience in Active Directory, O365 Admin and Google Workspace experience in an enterprise setting Understanding of networking fundamentals (TCP/IP, VPN, QoS, VoIP, routing) Certifications in ITIL, MCSA/E, CCNA, Network+, Security+, A+ Experience working with Windows Server 2019/2022 and virtualization technologies (Hyper-V, VMware) Experience supporting, troubleshooting, and deploying Windows 10 & 11 operating systems. Possess a basic understanding of networking principles and concepts and have experience troubleshooting common problems. Experience supporting MacOS Possess excellent documentation, attention to detail, time management, and prioritization skills. Bachelor’s degree in IT from a recognized university. Who we are: LeadVenture is the market-leading SaaS provider of digital retailing, eCommerce, digital marketing and eCatalog solutions for dealerships across 12 industry verticals including powersports, marine, RV, pre-owned auto, agriculture and more. Our family of brands includes Dealer Spik, Dealer Car Search, Frazer, TCS Technologies, Net Driven, Direct Communications, Inc. (DCi), Powersports Support, Level 5, PSM Marketing, Monroney Labels, and Interact RV. We are an international company with offices located in the United States, Mexico (Juniper Data Center), Belize (Dealer Spike Belize), India and The Netherlands. Together, we are LeadVenture. LeadVenture provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, LeadVenture complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, transfer, leaves of absence, compensation, and training. LeadVenture expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of LeadVenture employees to perform their job duties may result in discipline up to and including discharge. Show more Show less

Position: AWS Vulnerability Management Engineer Location: Gurugram Experience: 5+ years Job Description: We are seeking a highly motivated and skilled Security Engineer with 5+ years of experience to join our dynamic team. The ideal candidate will have a strong background in vulnerability management and remediation activities in an enterprise environment. This role requires a proactive approach to identifying, assessing, and mitigating security vulnerabilities to ensure the safety and integrity of our systems. Responsibilities Conduct regular vulnerability assessments and scans to identify security weakness in our systems and applications. Collaborate with cross-functional teams to prioritize and remediate identified vulnerabilities in timely manner. Develop and implement remediation plans ensuring compliance with industry standards and best practices. Requires comprehensive knowledge and practical experience with one or more cutting-edge cyber tools for vulnerability assessment. Recommend security tools and solutions to improve overall security posture. Create and maintain documentation related to vulnerability management process and remediation activities. Provide support and guidance to other team members on best practices and possible remediation efforts. Generate and present regular reports on vulnerability metrics with progress and anomalies detected. Required Skills: 5+ years of experience in vulnerability management and remediation activities within an enterprise environment. Strong understanding of security principles, vulnerabilities, and remediation planning. Proficiency in Scripting and automation using python or similar. Experience with API's and integrating security tools with other systems. Strong communication and collaboration skills. Experience with vulnerability assessment tools such as SNYK, Qualys, Wiz, Container security, Prisma Cloud, and GitHub Advanced Security . Experience with security frameworks and standards such as NIST, ISO 27001, or CIS. Knowledge of cloud security best practices and experience with cloud platform such as AWS. Relevant Security certifications such as CISSP, CEH, or CompTIA Security+. About Stratacent: Stratacent is a Global IT Consulting and Services firm, headquartered in Jersey City, NJ, with global delivery centres in Pune and Gurugram plus offices in USA, London, Canada and South Africa. We are a leading IT services provider focusing in Financial Services, Insurance, Healthcare and Life Sciences. We help our customers in their transformation journey and provides services around Information Security, Cloud Services, Data and AI, Automation, Application Development and IT Operations. URL - http://stratacent.com Employee Benefits: Group medical and accidental insurance Transport facility One-time meal Continuous Learning Program Stratacent India Private Limited is an equal opportunity employer and will not discriminate against any employee or applicant for employment on the basis of race, color, creed, religion, age, sex, national origin, ancestry, handicap, or any other factor protected by law. Show more Show less

India - Hyderabad JOB ID: R-217073 ADDITIONAL LOCATIONS: India - Hyderabad WORK LOCATION TYPE: On Site DATE POSTED: Jun. 03, 2025 CATEGORY: Information Systems Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. Junior Vulnerability Management Analyst What you will do Let’s do this. Let’s change the world. In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organization’s IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e.g., KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organization’s security posture through structured vulnerability management processes. Roles & Responsibilities: Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7. Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality. Collaborate with IT and security teams to track remediation status and escalate high-risk findings. Monitor public threat intelligence sources to understand the context of vulnerabilities. Contribute to the development of dashboards and reports for tracking vulnerabilities and trends. Assist in documenting vulnerability management processes and remediation workflows. Support compliance and audit requests by providing vulnerability data as needed. Learn and follow policies related to patch management and secure configurations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelor’s degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools Must-Have Skills: Basic familiarity with vulnerability management platforms (e.g., Tenable, Qualys, or Rapid7) Understanding of basic CVSS scoring and vulnerability classification Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment Foundational knowledge of networking and common IT systems Willingness to learn and grow in the field of vulnerability management Preferred Qualifications: Good-to-Have Skills: Exposure to KEV, EPSS, or similar threat-based scoring frameworks Basic experience with scripting languages (e.g., Python, PowerShell) Awareness of cloud security tools (e.g., AWS Inspector, Azure Defender) Familiarity with compliance standards such as NIST, ISO, or PCI-DSS CompTIA Security+ (preferred) Tenable Certified Nessus Auditor (Preferred) Qualys Vulnerability Management Specialist (Preferred) Soft Skills: Analytical Thinking – Comfortable working with data and identifying patterns Attention to Detail – Careful review and tracking of vulnerabilities Communication Skills – Able to clearly document and explain findings Collaboration & Teamwork – Works well with cross-functional teams Curiosity & Continuous Learning – Strong interest in cybersecurity and professional growth Problem-Solving Mindset – Seeks practical solutions to real-world security issues What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

*Job Title:* IT Administrator – Security & Access Control *Location:* Hyderabad *Department:* Information Technology *Reports To:* Head of Technology *Type:* Full-time --- *About Estetica* Estetica is a technology-driven appointment platform for salons, spas, and skin clinics, committed to providing a secure and seamless experience for both customers and partners. We are seeking a skilled IT professional to take charge of our internal access control, site security, and employee access management. --- *Key Responsibilities:* * *Secure Access Management:* * Define and implement role-based access controls (RBAC) for all employees and departments. * Manage and monitor access to internal tools, databases, admin panels, and sensitive portals. * Configure VPNs, firewalls, and endpoint protection solutions to enforce secure connections. * *System & Network Security:* * Ensure secure handling of Estetica’s web portals and internal dashboards. * Regularly update and patch systems to prevent vulnerabilities and unauthorized access. * Conduct routine audits of access logs and usage patterns to detect anomalies. * *Employee Onboarding & Offboarding:* * Set up and revoke access permissions for employees as part of HR onboarding/offboarding workflows. * Maintain documentation of access credentials and policies per employee role. * *Compliance & Monitoring:* * Ensure compliance with data protection policies and internal SOPs. * Maintain logs, backups, and security configurations according to best practices. * Work with the development team to secure staging, production, and admin environments. * *Incident Response:* * Investigate and respond to security incidents, unauthorized access attempts, or breaches. * Develop internal SOPs for access revocation, recovery, and incident handling. --- *Requirements:* * Bachelor’s degree in IT, Computer Science, or related field. * 3–5 years of experience in IT administration or cybersecurity roles. * Strong knowledge of access control mechanisms, firewalls, VPNs, and encryption. * Experience with Linux/Unix systems and cloud platforms (AWS, GCP, or Azure). * Familiarity with tools like Active Directory, Okta, or similar IAM solutions. * Understanding of compliance frameworks (e.g., ISO 27001, GDPR, or similar). * Strong troubleshooting and documentation skills. --- ### *Preferred:* * Experience in a startup or tech product environment. * Knowledge of security aspects related to mobile and web-based platforms. * Certifications like CompTIA Security+, CEH, or CISSP are a plus. --- *What We Offer:* * Competitive salary and performance incentives. * Opportunity to work with a fast-growing tech product in the beauty & wellness industry. * A culture of learning, ownership, and innovation. Job Type: Full-time Pay: ₹514,368.57 - ₹900,000.77 per year Schedule: Day shift Morning shift Work Location: In person

Job Title: SOC Analyst (SA- Security Analyst – L1 Threat Hunt) Location: Kochi We are seeking a highly motivated Level 1 SOC Threat Hunte r to join our Security Operations Center team. This entry-level role is ideal for individuals with a foundational understanding of cybersecurity who are eager to grow their skills in proactive threat detection and response. As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources. Your background should include exposure to security technologies including firewalls, IPS/IDS, logging, monitoring and vulnerability management. You should understand network security practices. Excellent customer service while solving problems should be a top priority for you. Requirements Must-have: 2 - 3 Year Experience as SOC Analyst – (Experience in SIEM Tool ELK & Wazuh preferable) Process and Procedure adherence General network knowledge and TCP/IP Troubleshooting Ability to trace down an endpoint on the network, based on ticket information Familiarity with system log information and what it means Understanding of common network services (web, mail, DNS, authentication) Knowledge of host-based firewalls, Anti-Malware, HIDS Knowledge of creating and modifying the dashboards. Understanding of common network device functions (firewall, IPS/IDS, NAC) General Desktop OS and Server OS knowledge TCP/IP, Internet Routing, UNIX / LINUX & Windows Deep Knowledge in SIEM, Ticketing tool, EDR, Vulnerability Management, MimeCast, Email security. Excellent written and verbal communication skills. Good to have: Good to have industry certifications on any SIEM Platform, CEH, C|SA, CompTIA Security+ & Others Main Responsibilities Monitor security alerts and events from SIEM and other security tools. Perform basic threat hunting across endpoints, network traffic, and log sources using predefined queries and playbooks. Investigate anomalies, potential indicators of compromise (IOCs), and low-fidelity alerts. Escalate verified threats to L2/L3 analysts with relevant context and documentation. Assist in identifying false positives and refining detection rules in collaboration with senior analysts. Document findings, maintain accurate logs of activities, and contribute to reports. Follow standard operating procedures and incident handling workflows. Work proactively to seek out weaknesses and stealthy attackers, review vulnerability assessments (CVEs) on monitored assets. Focus more on doing deep dives into datasets to understand what's happening during and after attacks. Leading efforts to counter SLA breaches and anticipating the likelihood of future security alerts, incidents. Staying up to date with emerging security threats including applicable regulatory security requirements. Bring enhancements to SOC security process, procedures, and policies. Keep updated with new threats, vulnerabilities, create/contribute to use cases, threat hunting etc. Keep updated with the likes of OWASP Top 10 vulnerabilities, Bleeping Computer articles etc., for acquiring the knowledge over current threats in security perspective. Other responsibilities and additional duties as assigned by the security management team or service delivery manager. Job Types: Full-time, Permanent Pay: ₹20,000.00 - ₹50,000.00 per month Benefits: Internet reimbursement Supplemental Pay: Performance bonus Application Question(s): Did you have worked in the role Threat Hunting and SIEM Tools ? Education: Bachelor's (Required) Experience: minimum: 2 years (Required) Language: English (Required) Location: Kochi, Kerala (Required) Work Location: In person

Required minimum 7 years of experience in system administration. Design, build, and maintain secure IT infrastructure tailored for healthcare environments, ensuring compliance with healthcare data protection standards (e.g., HIPAA or local regulations) . Knowledge of Cloud Infrastructure management (AWS, Azure, GCP) within healthcare setups. Implement strong security protocols to safeguard sensitive healthcare data , including patient records and critical systems. Maintain, upgrade, and support software, hardware, and networks to ensure uninterrupted healthcare operations. Knowledge of healthcare compliance standards such as HIPAA, ISO 27001, or NABH IT Guidelines. Manage and lead a team of system administrators, offering guidance, mentorship, and technical training. Troubleshoot and resolve complex technical issues promptly , with availability for after-hours support for critical systems. Administer and maintain server hardware and software, operating systems (Windows, Linux, Mac), and scripting tools (PowerShell, Bash). Configure and secure Fortinet and Sophos firewalls, VPNs, local servers, and networking equipment. Perform system backups, disaster recovery procedures, and malware protection to ensure data integrity and business continuity. Collaborate with various departments to understand and resolve technical concerns efficiently. Develop and enforce IT policies and procedures aligned with healthcare industry standards and compliance. Conduct regular security audits, manage software patches, and ensure regulatory and internal policy adherence . Ensure infrastructure is scalable, resilient, and capable of supporting future healthcare data and system growth. Proficiency in server environments, firewall configuration (Fortinet preferred), VPN, endpoint security, and data backup systems . Excellent analytical, troubleshooting, and communication skills. Good to have if you have certifications such as CCNA, CCNP, Fortinet NSE, RHCE, Microsoft Certified: Azure or GCP Administrator Associate, or CompTIA Security+. Experience working with electronic health record (EHR) systems or health information systems (HIS). Show more Show less

Job Description As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. Current Employees apply HERE Current Contingent Workers apply HERE Secondary Language(s) Job Description Senior Manager, Cybersecurity Engineering Cloud and App Security The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Lead the development of enhanced cloud and application security control integrations and architectural best practices. Lead the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Lead the maintenance and monitoring security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Lead adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 7+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Required Skills Design Applications, Information Security, Security Operations, SLA Management, Software Development, Software Development Life Cycle (SDLC), System Designs, Technical Advice, Vulnerability Scanning Preferred Skills Job Posting End Date 07/2/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R335954 Show more Show less

Job Description Current Employees apply HERE Current Contingent Workers apply HERE Secondary Language(s) Job Description Manager, Cybersecurity Engineering Cloud and App Security The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Contribute to the development of enhanced cloud and application security control integrations and architectural best practices. Contribute to the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Identify and prioritize adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Assist in implementing and maintaining specific security controls as required by organisational policy and local risk assessments and contribute to identifying risks that arise from potential technical solution architectures. Monitor and log the actual service provided, compared to that required by service level agreements. Undertake low-complexity routine vulnerability assessments using automated and semi-automated tools and contribute to evaluating and documenting the scope of results. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 3+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms.. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Not Applicable Shift Valid Driving License Hazardous Material(s) Required Skills Design Applications, Information Security, Security Operations, SLA Management, Software Development, Software Development Life Cycle (SDLC), System Designs, Technical Advice, Vulnerability Scanning Preferred Skills Job Posting End Date 06/23/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R335941 Show more Show less

Job Description Manager, Cybersecurity Engineering Cloud and App Security The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Contribute to the development of enhanced cloud and application security control integrations and architectural best practices. Contribute to the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Identify and prioritize adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Assist in implementing and maintaining specific security controls as required by organisational policy and local risk assessments and contribute to identifying risks that arise from potential technical solution architectures. Monitor and log the actual service provided, compared to that required by service level agreements. Undertake low-complexity routine vulnerability assessments using automated and semi-automated tools and contribute to evaluating and documenting the scope of results. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 3+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms.. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Current Employees apply HERE Current Contingent Workers apply HERE Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Required Skills Design Applications, Information Security, Security Operations, SLA Management, Software Development, Software Development Life Cycle (SDLC), System Designs, Technical Advice, Vulnerability Scanning Preferred Skills Job Posting End Date 06/23/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R342299 Show more Show less

Job Description Associate Specialist, Cybersecurity Operations The Opportunity Based in Hyderabad, join a global healthcare biopharma company and be part of a 130- year legacy of success backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare. Be part of an organisation driven by digital technology and data-backed approaches that support a diversified portfolio of prescription medicines, vaccines, and animal health products. Drive innovation and execution excellence. Be a part of a team with passion for using data, analytics, and insights to drive decision-making, and which creates custom software, allowing us to tackle some of the world's greatest health threats. Our Technology Centers focus on creating a space where teams can come together to deliver business solutions that save and improve lives. An integral part of our company’s IT operating model, Tech Centers are globally distributed locations where each IT division has employees to enable our digital transformation journey and drive business outcomes. These locations, in addition to the other sites, are essential to supporting our business and strategy. A focused group of leaders in each Tech Center helps to ensure we can manage and improve each location, from investing in growth, success, and well-being of our people, to making sure colleagues from each IT division feel a sense of belonging to managing critical emergencies. And together, we must leverage the strength of our team to collaborate globally to optimize connections and share best practices across the Tech Centers. Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organization's computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities, supporting the response to incidents, and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What Will You Do In This Role Collaborate with product teams to enforce application security best practices, conduct reviews, perform scans and assist in threat modeling to identify and mitigate security risks throughout the development lifecycle. Contribute with penetration testing efforts to evaluate the security posture of applications and containers, providing detailed reports on findings and working with development teams to remediate identified issues. Collaborate to the oversight of security-related bugs and vulnerabilities using tracking systems. Help prioritize security issues based on risk and impact and ensuring that reported issues are triaged and addressed in a timely manner. Contribute to the creation and delivery of training materials for the workforce to raise awareness and increase adoption of application security best practices, cloud security best practices, including secure usage of cloud applications and availability of compensating controls. Help maintain and monitor security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Follow standard approaches and established design patterns to create new designs for systems or system components. Identify and resolve minor design issues. Monitor and log the actual service provided, compared to that required by service level agreements. Assist in maintaining security infrastructure and performing system updates. Investigate minor security breaches in accordance with established procedures. Assist users in defining their access rights and privileges and perform non-standard operational security tasks. Resolve security events and operational security issues. Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns, and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What Should You Have Bachelors’ degree in Information Technology, Computer Science or any Technology stream. 3-4 years of hands-on experience in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Preferred working in any cloud environments AWS, Azure, or GCP. Familiarity with software development/delivery lifecycle and related technologies Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset. Our technology teams operate as business partners, proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver services and solutions that help everyone be more productive and enable innovation. Who We Are We are known as Merck & Co., Inc., Rahway, New Jersey, USA in the United States and Canada and MSD everywhere else. For more than a century, we have been inventing for life, bringing forward medicines and vaccines for many of the world's most challenging diseases. Today, our company continues to be at the forefront of research to deliver innovative health solutions and advance the prevention and treatment of diseases that threaten people and animals around the world. What We Look For Imagine getting up in the morning for a job as important as helping to save and improve lives around the world. Here, you have that opportunity. You can put your empathy, creativity, digital mastery, or scientific genius to work in collaboration with a diverse group of colleagues who pursue and bring hope to countless people who are battling some of the most challenging diseases of our time. Our team is constantly evolving, so if you are among the intellectually curious, join us—and start making your impact today. #HYDIT2025 Current Employees apply HERE Current Contingent Workers apply HERE Search Firm Representatives Please Read Carefully Merck & Co., Inc., Rahway, NJ, USA, also known as Merck Sharp & Dohme LLC, Rahway, NJ, USA, does not accept unsolicited assistance from search firms for employment opportunities. All CVs / resumes submitted by search firms to any employee at our company without a valid written search agreement in place for this position will be deemed the sole property of our company. No fee will be paid in the event a candidate is hired by our company as a result of an agency referral where no pre-existing agreement is in place. Where agency agreements are in place, introductions are position specific. Please, no phone calls or emails. Employee Status Regular Relocation VISA Sponsorship Travel Requirements Flexible Work Arrangements Hybrid Shift Valid Driving License Hazardous Material(s) Job Posting End Date 04/28/2025 A job posting is effective until 11 59 59PM on the day BEFORE the listed job posting end date. Please ensure you apply to a job posting no later than the day BEFORE the job posting end date. Requisition ID R341157 Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Join our dynamic team as a Cybersecurity and Systems Security Engineer, where your expertise will be pivotal in fortifying our organizational defenses. As a key player, you will spearhead the implementation and management of cutting-edge processes with a specialized focus on Qualys solutions. Your mission is to safeguard our Qualys infrastructure by deploying advanced security measures, conducting thorough assessments, and ensuring the seamless integration of industry-leading technologies. In this role, you will not only be a guardian of our Qualys digital assets but also a catalyst for innovation, driving the continuous enhancement of our security posture. We're looking for an enthusiastic professional with a keen eye for cybersecurity trends, hands-on experience with Qualys, Cloud Security Posture Management (CSPM), and Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP), and a commitment to excellence. If you are passionate about staying one step ahead of evolving threats and contributing to a secure digital future, we invite you to bring your skills to our team. Responsibilities: CSPM (Cloud Security Posture Management): Implement and fine-tune CSPM tools to enforce compliance with industry regulations and organizational policies. Conduct regular audits of cloud infrastructure configurations, addressing security gaps and misconfigurations. Collaborate with DevOps teams to integrate security into the continuous integration/continuous deployment (CI/CD) pipeline. EDR/EPP (Endpoint Detection and Response/Endpoint Protection Platforms): Deploy and manage EDR/EPP solutions for advanced threat detection and response capabilities. Configure and monitor EDR/EPP tools, conduct regular audits, and ensure proper integration with other security controls. Respond promptly to endpoint security alerts, investigate incidents, and implement corrective actions. Training and Documentation: Provide training to relevant teams on using Qualys, CSPM, and EDR/EPP effectively for vulnerability management and security measures. Document configurations, workflows, and best practices for internal knowledge sharing. Automation and Orchestration: Implement and maintain end-to-end automation workflows for scanning Qualys infrastructure. Explore automation opportunities within Qualys, CSPM, and EDR/EPP for repetitive tasks, enhancing efficiency. Implement orchestration workflows to automate the execution of remediation steps based on findings. Collaboration with Qualys Support: Engage with Qualys support for issue resolution, updates, and to stay informed about new features and best practices. Participate in Qualys user forums and communities to share insights and learn from others' experiences. Qualifications: Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field. Relevant certifications such as COMPTIA Security+, CEH, or similar. Proficiency in deploying and managing security tools and solutions. Strong understanding of cloud security best practices. Proven experience with Cloud Security Posture Management (CSPM) tools. Hands-on experience with Endpoint Detection and Response/Endpoint Protection Platforms (EDR/EPP). Excellent documentation and communication skills. Ability to collaborate effectively with cross-functional teams. Continuous learning mindset to stay updated on the evolving cybersecurity landscape. Show more Show less