6 Security Threats Jobs

HMH is a learning technology company committed to delivering connected solutions that engage learners, empower educators, and improve student outcomes. As a leading provider of K12 core curriculum, supplemental and intervention solutions, and professional learning services, HMH partners with educators and school districts to uncover solutions that unlock students" potential and extend teachers" capabilities. HMH serves more than 50 million students and 4 million educators in 150 countries. HMH Technology India Pvt. Ltd. is our technology and innovation arm in India focused on developing novel products and solutions using cutting-edge technology to better serve our clients globally. HMH aims to help employees grow as people, and not just as professionals. The Senior Manager of Information Security (External Role Description Application / Product Security Architect) will report to the Chief Information Security Officer. As a leader in the Information Security organization, this role will lead the task of refining, managing, and executing a strategic product/application security roadmap that is based on industry-standard software security frameworks. You will plan, implement, and track key initiatives focused on product/application security strategy, metrics, compliance, policy, developer awareness, training, and stakeholder engagement. You will work closely with multiple teams that make up Information Security, Product Management, Engineering, Legal, Risk, and Compliance to improve product/application security controls and drive impactful change to the team and its members. Responsibilities: - Bring a deep background and broad experience in Information Security, Application Security, & Application Development or related business areas. - Lead a team of high-performing individuals who create remediation plans, perform security reviews, and recommend security solutions to meet current and future needs for HMH products and applications. - Drive the development and implementation of product and application standard security review processes that result in effective methods for reducing security risks before product releases. - Demonstrate an ability to influence all project and portfolio stakeholders; communicate relevant security information to both executive leaders and individual contributors in an effective manner. - Provide input into the Information Security strategy to ensure that future security investments are aligned appropriately when considering key priorities such as business requirements, industry threat landscape, and risk appetite of HMH. - Collaborate closely with the Architecture teams. - Demonstrated experience handling the demand/supply of project and program resources and tracking allocation. - Track policy exceptions and remediation dates through active engagement with development teams and operations teams. Partner with Audit teams to periodically audit controls and secure coding practices being followed by development teams. - Staying abreast of the latest cybersecurity threats both internal and external. - Oversee projects, program delivery, daily monitoring, response; review of cloud infrastructure, physical infrastructure, and the full life cycle of alerts through incident response; and the threat landscape to ensure ongoing and continued maturity of the organization's security controls in addition to service support. - Drive operational efficiency and excellence leveraging tools, process, and automation with appropriate and transparent visibility and metrics that can meet SLAs/SLOs. - Support and implement controls and visibility to meet third-party attestations (SOC2, ISO27001, GDPR, SOX). - Balance being collaborative, open, and approachable while still being firm on security policies and in facilitating progress and compromise. What you should have: - 5 to 6+ years hands-on experience in application security utilizing SAST, DAST, IAST, RASP, and WAF. - 5+ years of application engineering, architecture, or development management experience. - Proficient in analyzing ambiguous problems, compelling communicator with the ability to receive and analyze information, translating security risk to business risk to driving actionable decisions across multiple levels and departments. - Experience in leading application security remediation work, leading the mitigation initiative to accommodate the developer community priority. - Proficient experience with common web application attack vectors and related mitigation strategies that translate to controls within the organization. - Highly organized. With many people doing many things in a fast-moving company, strong organizational skills both for yourself and for the team will be required.,

You are an experienced professional sought by the Security Operations Centre for the SOC Lead position in Pune (Baner). You should possess expertise in SIEM setup, operational knowledge, and cloud environments. The ideal candidate is highly motivated, inquisitive, and adept at problem-solving. A must-have is knowledge of Incident response and SOAR methodologies. Your primary responsibilities include security event monitoring, management, and response. You must have experience with Open Source SIEM Tools, implementation, and at least one Security Information and Event Management (SIEM) solution. Generating reports, dashboards, and metrics for SOC operations, along with presenting to Senior Management, is part of the role. It is essential to have a deep understanding of security threats, attack methods, and the current threat landscape. Proficiency in identifying common attacks and their SIEM signatures is required. Hands-on experience in security monitoring, Incident Response (IR), security tools configuration, and remediation is crucial. Excellent troubleshooting and analytical skills are a must, along with the ability to propose security solutions in business terms. You should be capable of multitasking in a fast-paced environment and have knowledge of containers, orchestration technologies, log parsing, network protocols, and AWS Services for security detection and mitigation. Understanding Operating Systems, Web Servers, databases, and Security devices (firewall/NIDS/NIPS) logs and formats is necessary. With an experience range of 3 - 7 years in IT Infrastructure and Security, you must have prior experience in Cybersecurity & SOC/SIEM, preferably in the Banking and Financial domain. Expertise in Endpoint Security, Network Security, SIEM, SOC Advanced security tools, SOAR platform, Vulnerability Management, SIEM, and building Threat Modeling practice is expected. Strong communication skills are essential for this role. The role offers an opportunity to work with a modern cloud-native security stack, learn and develop in an innovative FinTech environment, receive mentorship and training on advanced threat detection and response practices, be part of a team culture focused on collaboration and technical excellence, and receive a competitive salary and shift allowances.,

As a global leader in assurance, tax, transaction and advisory services, EY is committed to hiring and developing passionate individuals to contribute to building a better working world. We foster a culture that believes in providing training, opportunities, and creative freedom to help individuals reach their full potential. At EY, we focus not only on who you are at present, but also on who you aspire to become. We believe that your career is yours to shape, offering limitless potential, and we are dedicated to providing motivating and fulfilling experiences throughout your professional journey to support you in becoming your best self. The opportunity available is for the role of Consultant-FS-Business Consulting Risk-CNS - Risk - Digital Risk in Mumbai within the Financial Services sector. Today's financial services institutions face significant challenges such as comprehensive regulatory changes, digital transformation, convergence, and disruption from non-traditional competitors, while also meeting increasing demands for trust and transparency. In response to these complex issues, our team of proficient business strategists, technologists, and industry leaders bring fresh perspectives and sector knowledge across banking and capital markets, insurance, and wealth and asset management. This collaboration results in innovative problem-solving, breakthrough performance gains, and sustainable value creation. Within the CNS - Risk - Digital Risk sector, EY Consulting is dedicated to transforming businesses through the power of people, technology, and innovation. Our client-centric approach focuses on delivering long-term value by addressing our clients" most strategic challenges. EY Consulting comprises three sub-service lines: Business Consulting (including Performance Improvement and Risk Consulting), Technology Consulting, and People Advisory Services. We assist clients in identifying and managing the interplay between upside and downside risks to make informed decisions that align with their future business strategies and objectives across Enterprise Risk, Technology Risk, and Financial Services Risk. Your responsibilities in this role include demonstrating technical excellence by understanding project requirements, engaging with key stakeholders, providing timely updates to seniors, preparing reports and presentations, attending training sessions, and delivering outputs in line with EY's quality standards. You will also be responsible for multitasking and managing multiple projects as directed by managers. To qualify for this role, you must hold a Master's degree in computer science, information technology, business administration, be a Chartered Accountant, Certified Internal Auditor, or have a Bachelor's in Engineering along with 1 to 3 years of relevant experience. We are looking for individuals who can work collaboratively across client departments, adhere to commercial and legal requirements, offer practical solutions to complex problems, and demonstrate agility, curiosity, mindfulness, positive energy, adaptability, and creativity. EY offers a dynamic work environment with numerous opportunities for growth and learning. With a vast client base, a global team of over 300,000 professionals, and a strong presence in India, EY is a leading employer known for market-leading growth and innovation. We are committed to investing in the skills and development of our people, providing personalized career journeys, and promoting inclusivity to maintain a balanced and supportive work environment. If you meet the criteria outlined above and are eager to contribute to building a better working world, we encourage you to apply and join us on this exciting journey. Apply now to be part of our team at EY.,

As an L2 SOC Analyst specializing in LogRhythm SIEM, your role will involve strengthening the Security Operations Center in Mumbai. With 2 to 5 years of hands-on experience in security monitoring and incident analysis, particularly focusing on LogRhythm SIEM, you will play a crucial part in the in-depth analysis, incident investigation, escalation, and coordination with response teams. Your key responsibilities will include monitoring, analyzing, and triaging security alerts from LogRhythm SIEM and other security platforms. You will be responsible for investigating and validating security incidents with detailed analysis and impact assessment, conducting threat hunting, and advanced log correlation as per SOC playbooks. Additionally, you will respond to incidents following defined escalation matrices, perform root cause analysis, recommend containment and mitigation actions, and provide guidance and mentorship to L1 SOC Analysts for escalated incidents. Moreover, you will prepare incident reports, analysis summaries, and dashboards for management, monitor and report SIEM health, log source integration issues, and tuning requirements. Your role will also involve participating in the continuous improvement of detection rules and SOC processes. Being ready to work in 24x7 rotational shifts with a constant readiness for critical incident handling is essential for this position. To excel in this role, you should possess 2 to 5 years of SOC operations experience, with a specific focus on SIEM monitoring and incident handling. Strong hands-on experience with LogRhythm SIEM is mandatory, in addition to a good understanding of security threats, attack vectors, malware behavior, and common vulnerabilities. Practical experience in analyzing logs from firewalls, IDS/IPS, endpoint security, and cloud platforms is required, along with familiarity with the MITRE ATT&CK framework and the usage of threat intelligence. Furthermore, you should exhibit strong analytical thinking, incident response capabilities, and problem-solving skills. Effective communication skills for incident reporting and escalation are essential for this role. Preferred certifications include LogRhythm Certified Deployment Engineer (LCDE) or LogRhythm Certified SOC Analyst (LCSA), while certifications such as CompTIA Security+, CEH, CySA+, or equivalent security certifications are optional. Any threat hunting or incident response certification would be considered a plus. This is a full-time role based at the Mumbai SOC facility, requiring you to work in 24x7 rotational shifts, including nights and weekends.,

A career in our Advisory Acceleration Centre is the natural extension of PwC's leading-class global delivery capabilities. We provide premium, cost-effective, high-quality services that support process,

We're Hiring: Subject Matter Expert Security (Checkpoint & Fortinet) Location: Hyderabad, India Designation: Subject Matter Expert Security (L3) Experience: 5+ Years (Implementation & Support) Join SHILOCUZ as a Security SME and be at the forefront of next-generation firewall deployments and enterprise security architecture. Were looking for professionals with deep hands-on expertise in Checkpoint and Fortinet (FortiGate) to secure, optimize, and scale mission-critical environments. Key Responsibilities & Technical Skills: Design, deploy, and manage Checkpoint and Fortinet firewalls and security appliances (e.g., FortiManager , FortiAnalyzer ). Extensive hands-on experience in NGFW deployments (FW, IPS, IDS, Remote Access VPN). Strong architecture-level understanding of various deployment modes and real-world use cases. Integrate firewalls with Active Directory, DUO, Azure AD, Okta for MFA and identity-based policies. Deep knowledge of Fortinet hardware components: NP6 , CP9 , Security Processing Units (SPUs) . Configure and manage: Firewall Policies NAT IPSec/SSL VPNs Web Filtering, Application Control Explicit Proxy, Captive Portal, Antivirus, IPS Multicast, Routing (OSPF, BGP) Proficient in CLI-based troubleshooting, including debug commands and packet capture . Experience in implementing Fortinet SD-WAN . Working knowledge of Network Access Control (NAC) FortiNAC or Cisco ISE. Strong understanding of firewall high availability, failover , and multi-context environments . Familiarity with Site-to-Site VPN (IKEv1/v2), SSL VPN, DMVPN, GRE tunneling . Ability to analyze and respond to real-time security incidents and alerts . Collaborate with infrastructure and app teams to ensure policy compliance. Basic understanding of other security vendors: Palo Alto, Cisco ASA . Working knowledge of Port Security, STP, VTP, SNMP, Syslog . Soft Skills & Daily Tasks: Must be flexible for field support and travelling Strong analytical and troubleshooting skills Good written and verbal communication Daily firewall health checks, offense analysis, escalation handling Correlate suspicious events with broader application/network activity Educational & Certification Requirements: Education: Diploma / Bachelor's / Engineering in Computer Science, Electronics, or related field Experience: Minimum 5 years of experience in firewall implementation and designing roles Certifications (Must-Have): Fortinet FCP (Fortinet Certified Professional) or Checkpoint CCSM (Check Point Certified Security Master) Interested can reach us on gayathri.ramaraj@locuz.com along with the below mentioned details. Current CTC: Expected CTC: Notice Period: