9 Stride Jobs

Role: Senior Security Engineer ServiceNow Security & Threat Modelling Key Responsibilities: Drive security by design across ServiceNow initiatives through threat modelling and security design reviews . Implement and improve Secure Development Lifecycle (SDLC) practices. Manage and automate SAST/DAST tools (Checkmarx, Veracode, Burp, ZAP). Analyze scan results, perform risk assessments, and ensure timely remediation. Collaborate with engineering/DevOps teams to instill secure coding practices . Provide architectural guidance, vendor risk reviews, and document/report findings. Mentor teams on security tools, threats, and best practices. Stay updated on emerging security threats and compliance standards. Mandatory Requirements: 6+ years in application/cloud security engineering. Strong expertise in threat modelling (STRIDE, PASTA, attack trees). Experience with security design reviews for enterprise apps/APIs. Hands-on with SAST/DAST tools . ServiceNow platform expertise (security architecture & app dev). Deep knowledge of OAuth, SAML, SSO, secure APIs, access control . Proficient in JavaScript/Python with strong troubleshooting skills. Excellent communication and risk explanation ability. Preferred: Security certifications (CISSP, CEH, OSCP, CSSLP, ServiceNow CIS). Knowledge of cloud security (AWS/Azure/GCP) , governance frameworks (ISO, SOC2, GDPR), incident response, and SIEM tools. Role & responsibilities Preferred candidate profile

Location Hinjewadi, Pune - Maharashtra, India FORVIA HELLA is a listed, international automotive supplier. Coming together with Faurecia in the FORVIA Group, we build the world&aposs seventh largest supplier of automotive technologies. As a global market leader in high-growth areas, FORVIA employs 157,000 people worldwide. FORVIA HELLA therein stands for high-performance lighting technology and automotive electronics. At the same time, we cover a broad service and product portfolio for the spare parts and workshop business as well as for manufacturers of special vehicles with our Business Group Lifecycle Solutions. With around 37,500 employees at over 125 locations, the Company is active worldwide and generated adjusted sales of 8.1 billion on a preliminary basis in the fiscal year 2023. YOUR TASKS We are seeking Certified Information Systems Security Professional (CISSP) candidates to join our team at Pune. Major Tasks Lead and manage product cyber security in high-complexity development projects from acquisition to start of production (SOP) in compliance with ISO/SAE 21434 or UNECE R-155 standards. Ensure the integration of security requirements into the product lifecycle. Planning & Development Develop and implement comprehensive security activities, including threat modeling, security requirements definition, and secure design practices. Evaluate development efforts to ensure adherence to security standards and best practices. Evaluation & Approval Review and approve security concepts, architectures, and strategies throughout the development phases. Conduct security reviews and audits to ensure compliance with security policies and standards. QCT Targets Achieve Quality, Cost, and Time (QCT) targets related to cyber security work products, ensuring efficient and effective security implementations. Tasks / Areas Of Responsibility Planning & Guidance: Independently plan and execute necessary cyber security activities, providing technical guidance and mentorship to colleagues. Develop and maintain security documentation, including security plans, risk assessments, and test reports. Risk Analysis Perform detailed risk analysis of product scope, identifying and mitigating cyber security risks based on known vulnerabilities and threat intelligence. Utilize tools and methodologies such as STRIDE, DREAD, and CVSS for risk assessment. Coordination Define and implement a holistic product cyber security concept, ensuring alignment with overall product strategy. Coordinate with customers, suppliers, and subcontractors to ensure security requirements are met. Report security status to customers and gather necessary information from subcontractors. Support Assist the development team in selecting and integrating security-compliant technologies and cryptographic procedures. Provide technical support for security-related issues and incidents. Verification Methods Define and implement verification methods such as fuzzing, vulnerability scanning, penetration testing, and static/dynamic code analysis. Develop and execute security test plans to validate the effectiveness of security controls. Assessments & Training Prepare and conduct cyber security assessments, including security audits, penetration tests, and compliance checks. Implement training measures to enhance the security awareness and skills of the development team. Communication Facilitate communication within the global HELLA cyber security network to share knowledge, improve processes, and promote best practices. Represent the organization in external security forums and working groups. CISSP certificate is Mandatory Your Qualifications Bachelor&aposs degree BE /B. Tech/ M.E/ M. Tech in Electronics/Electronics & Communication/Industrial Electronics ISO-21434 certification OR working experience Location - Hinjewadi Phase - 1. // Hybrid Working. Even if you do not meet all our requirements, do not hesitate to apply to us, because the further development of our employees is very important to us and opens up a wide range of opportunities for you in our company. FORVIA HELLA stands for the variety of all employees. Inclusion and diversity are firmly anchored in our company culture. We are continuously looking for new team players and welcome applications from all interested parties, regardless of their ethical and social background, age, religion, gender, disability, sexual orientation or identity. HELLA India Automotive Pvt Ltd. Rimsha Shaikh Show more Show less

A powerful desireto learn new skills and understand new features as they are added Provenrecord of accomplishmentof working within and across groups. Effective communicationskills Responsible for exploring opportunities to improveproduct Work closely with other team members to understand design architecture and to propose solutions to improveandenhanceproducts PREFERRED EXPERIENCE: Proficiency in C, C++ and Python Knowledge of Object Oriented programming principles and practices Understanding of Software design and development methodologies Strong problem-solving skills and analytical skills Experience developing applications in Linux and Windows Exposure to low-level hardware interactions Experience running, analyzing, and system benchmarks Familiarity with unit testing frameworks Basic understanding of database systems and related concepts. Familiarity with JTAG debugging will be nice to have skill Familiarity with Scripting will be nice to have ACADEMIC CREDENTIALS: BachelorsorMasters in ElectricalEngineer, Computer Engineering, ComputerScience,or a closely related fieldwith Relevant work experience of about 12 - 18 years in product development

Your curiosity will drive your learning and innovation to improve how we as a group, and an organization, can get better every day. Your peers will provide you a results-oriented and encouraging environment for your career growth, fueling your opportunity to be a part of Delighting Our Customers. KEY RESPONSIBILITIES: Looking for security engineer with strong system and software security fundamentals. Candidate should have : Strong knowledge in cryptography fundamentals, including asymmetric and symmetric cryptography: All modes of symmetric algorithm AES Asymmetric algorithm like RSA, ECC Knowledge for Digital signature and Digital certificate X.509 format. Understanding of system design and security component in it. Understanding of different phases of Secure Development lifecycle of a solution Experience in threat modeling techniques, preferably with hands-on experience using Microsofts threat modeling tool and STRIDE methodology Experience in Root of Trust-based security development and trusted OS development Strong analytical skills required Secure communication protocols like TLS, SSH C language (Essential), C++ and RUST (desired). Must be a self-starter, and able to independently drive tasks to completion PREFERRED EXPERIENCE: Product development or systems engineering background with hardware platforms and their software & firmware ecosystems Excellent verbal communication andwritten,presentation skills Excellent interpersonal, organizational, analytical, planning, and technical leadership skills Provenrecord of accomplishmentin deliveringlarge multi-functionalproduct solutions

As a candidate for the DevOps position, you should have a strong background in Linux/Unix Administration and experience with automation/configuration management tools like Jenkins, Puppet, Chef, or their equivalents. It is essential to be proficient in a variety of open-source technologies and cloud services, with specific experience in AWS, VMware, Azure, and GCP. Your role will involve working with SQL and MySQL databases, and familiarity with NoSQL databases like Redis is a plus. You should have a working understanding of coding and scripting languages such as PHP, Python, Perl, or Ruby. Knowledge of best practices in IT operations for maintaining an always-up, always-available service is crucial. In this position, you will be responsible for implementing integrations requested by customers, deploying updates and fixes, providing Level 2 technical support, and building tools to enhance customer experience by reducing errors. Root cause analysis for production errors, resolving technical issues, and developing scripts for automation are also key responsibilities. Experience with CI/CD tools like Ansible, Jenkins, Git, and Terraform, as well as cloud formation, is required. You should have a good understanding of IaaS, SaaS, and PaaS, along with experience in NFV technologies. Knowledge of OWASP, Threat Modelling Methodologies (STRIDE, PASTA, NIST, SAST), and handling security analysis tools for infrastructure improvements is important. Hands-on experience with Docker and Kubernetes is necessary, including creating secure container images, implementing container network security, and automating security testing. Familiarity with container security tools for scanning containers, registries, and runtime monitoring is expected. In terms of skills and education, a Bachelor's Degree or MS in Engineering is preferred, along with experience in managing Linux-based infrastructure and proficiency in at least one scripting language. Hands-on experience with databases like PSQL, MySQL, Mongo, and Elasticsearch, as well as knowledge of Java/JVM based languages, are beneficial. Critical thinking, problem-solving skills, a sense of ownership, and teamwork are essential qualities for this role. Good time-management, interpersonal, and communication skills are also required. Mandatory qualifications include AWS Certification, hands-on experience with VMware, Azure, and GCP cloud services. The job type is full-time, with benefits such as health insurance and performance bonuses. The work schedule is during the day shift. If you are currently serving a notice period, please specify your last working day. Experience of at least 2 years in DevOps, Kubernetes, Helm Chart, and Terraform is required for this position, with the work location being in person.,

Dear All, We are hiring for one of our MNC Product Based Company in Bangalore location ... Please find below more about this job details Also, Please follow us on below given our company Linkedin URL for more daily job updates https://www.linkedin.com/company/hirednext-recruitment-service/ Penetration Tester Experience : 4 to 8 Yrs Skills :OSCP or CRTP Certified,Burp Suite, Metasploit,Nmap, Nikto, SQLmap, John the Ripper, Hydra,Python, Bash, PowerShell, MITRE ATT&CK, NIST, and STRIDE,Python, Bash, or PowerShell,linux,windows JD: Perform penetration testing and security assessments of web applications, APIs, Android, IOS, cloud infrastructure, embedded systems, and network environments. Conduct threat modelling and vulnerability assessments during different stages of the software development lifecycle (SDLC). Simulate real-world attacks to identify potential security weaknesses in enterprise and automotive systems. Provide detailed and well-documented reports of findings with actionable remediation guidance. Collaborate with development, architecture, DevOps, and infrastructure teams to mitigate vulnerabilities and strengthen security controls. Perform retesting to validate resolved vulnerabilities. Stay current on latest attack techniques, vulnerabilities, and tools in the cybersecurity domain. Contribute to internal knowledge bases, red team frameworks, and automation of recurring testing processes. Minimum 4-5 years of professional experience in penetration testing, ethical hacking, or red teaming. Mandatory certification: OSCP or CRTP. Solid experience using penetration testing tools such as: Burp Suite Metasploit Nmap, Nikto, SQLmap, John the Ripper, Hydra, etc. Proficiency in scripting languages like Python, Bash, or PowerShell for automation. Strong understanding of: OWASP Top 10 vulnerabilities Secure coding practices Network protocols and architecture Web and mobile application security Experience working in Linux and Windows environments. Familiarity with threat modelling and security frameworks like MITRE ATT&CK, NIST, and STRIDE. Best Regards, Prathyusha B pratyusha@hirednext.info Recruitment Executive

Greetings potential candidate, We are looking for a Security Assessment & Compliance Specialist with 3-6 years of experience to join our team at Netsach, a Cyber Security Company based in Dubai. As a Security Threat Assessment & Compliance Specialist, you will be responsible for conducting testing on bank installations using focused threat-based methodologies to identify vulnerabilities, enhance Cyber readiness, and ensure security controls and system configurations adhere to compliance standards. Your role will involve collecting open source intelligence on threats, developing Cyber assessment plans, assessing The bank group installations & controls, and providing insight on IT technology assets. Key Responsibilities: - Conduct testing on bank installations using threat-based methodologies - Identify, expose, and exploit vulnerabilities to enhance Cyber readiness - Review security controls and system configurations to ensure compliance - Collect open source intelligence on threats and vulnerabilities - Develop Cyber assessment plans and conduct assessment tests - Ensure threat controls and systems are appropriately configured - Identify and track IT risks and remediate gaps through operational activities - Provide threat activity reporting and insight on IT technology assets - Manage ad-hoc review and reporting requests from stakeholders Requirements: - Bachelor's or Master's degree in Computer Science, Mathematics, or related field - Master's Degree in Business Management or equivalent - Certifications such as CISSP, OSCP, OSCE, CREST, GPEN, SANS GWAPT - 3-5 years of experience in technical Cyber security - Proficiency in Bash scripting, Perl, Python, and Machine Learning frameworks - Experience with malware scanning tools and mobile digitization platforms - Familiarity with threat modeling frameworks such as STRIDE, PASTA, and VAST - Knowledge of Cloud, DBMS, Containerization Technologies, and Microservices/API architecture - Strong technical background covering heterogeneous technologies and multiple security domains - Deep experience in vulnerability assessment, threat evaluation, and mitigation recommendations - Extensive experience with Security scanning solutions like Tenable Security Center, Tripwire, Rapid Scan, Qualys - Ability to integrate open source frameworks and solutions for unified reporting If you meet the above requirements and are passionate about Cybersecurity, we would love to hear from you. Join us in our mission to enhance Cyber readiness and ensure compliance in the banking sector. Thank you, Emily Jha emily@netsach.co.in,

Greetings, We are looking for a Security Assessment & Compliance Specialist with 3-6 years of experience to join our team at Netsach, a Cyber Security Company in Dubai. As a Security Threat Assessment & Compliance Specialist, your role will involve conducting testing for bank installations using threat-based methodologies to identify vulnerabilities, improve Cyber readiness, and review security controls and system configurations across IT systems to ensure security posture and compliance. Your responsibilities will include collecting open-source intelligence on threats and vulnerabilities related to the bank's technology stack, participating in event planning stages to develop Cyber assessment plans, ensuring that threat controls and systems are appropriately configured across the Group, identifying and tracking IT risks and gaps for remediation, providing threat activity reporting and insights on IT technology assets, and managing ad-hoc review and reporting requests from stakeholders. The ideal candidate should have a Bachelor's or Master's degree in Computer Science, Mathematics, or equivalent discipline, along with certifications such as CISSP, OSCP, OSCE, CREST, GPEN, SANS GWAPT. You should have 3-5 years of experience in technical Cyber security, proficiency in Bash scripting, Perl, Python, or R, expertise in Machine Learning frameworks and code development, familiarity with malware scanning tools, experience with mobile and digitization platforms, and knowledge of threat modeling frameworks like STRIDE, PASTA, and VAST. Moreover, you should have a strong technical background covering heterogeneous technologies and multiple security domains, deep knowledge of vulnerabilities in banking environments, expertise in threat assessment and mitigation, and experience in evaluating threats based on the latest threat landscape in EMEA & North Africa. Additionally, you should be well-versed in security scanning solutions such as Tenable Security Center, Tripwire, Rapid Scan, Qualys, and be able to integrate open-source frameworks and solutions into the Threat and Vulnerability solution environment for unified reporting. If you are passionate about Cybersecurity and possess the required skills and experience, we would like to hear from you. Thank You, Emily Jha emily@netsach.co.in,

We are seeking a skilled and proactive Medical Device Cybersecurity Engineer to join our team. This position plays a critical role in ensuring the cybersecurity and regulatory compliance of our connected medical devices throughout the product lifecycle. The ideal candidate has hands-on experience in threat modeling, managing third-party software components, performing vulnerability scans and penetration testing, and collaborating across cross-functional teams to integrate robust cybersecurity controls in accordance with FDA and global regulatory requirements. Key Responsibilities: Perform and maintain comprehensive threat modeling (e.g., STRIDE) for embedded and connected medical devices. Perform regular vulnerability scans, penetration testing , and static/dynamic analysis using tools such as Kali Linux, Metasploit, Wireshark, NMAP, Fortify, Nessus, or similar. Develop and update cybersecurity risk assessments as part of the overall risk management process (including CVSS scoring). Define, implement, and document security controls based on threat model outcomes. Manage and maintain Software Bill of Materials (SBOM) in compliance with FDA premarket and post-market guidance and global standards (e.g., NTIA, NIST). Support secure software development lifecycle (SDLC) practices including secure coding reviews. Conduct cybersecurity surveillance for new threats, advisories, CVEs, and zero-day vulnerabilities that may impact devices post-market. Triage and assess reported vulnerabilities, coordinate remediation and update documentation accordingly. Support preparation of cybersecurity documentation for FDA submissions (e.g., premarket submissions, 510(k), PMA) including security risk management reports and architecture diagrams. Ensure compliance with FDA applicable standards (e.g., ISO 14971, IEC 62304, ANSI/AAMI SW96:2023) Collaborate with Quality, Regulatory, and Engineering to ensure cybersecurity is integrated across the product lifecycle. Collaborate with software, hardware, and systems teams to guide cybersecurity design and testing. Qualifications Required: Bachelors or Masters degree in Computer Engineering, Cybersecurity, Electrical Engineering, or related field. 57 years of experience in embedded systems or medical device cybersecurity. Strong working knowledge of SBOM, SOUP, vulnerability scanning tools, penetration testing, and threat modeling methodologies. Familiarity with relevant regulations and standards (e.g., FDA Cybersecurity Guidance, NIST SP 800-53/30/218, ANSI/AAMI SW96:2023). Experience with secure development tools and CI/CD environments. Preferred: Certified Ethical Hacker (CEH), CISSP, CSSLP, or similar certification. Experience with connected devices (IoMT), wireless protocols (BLE, Wi-Fi), and cloud security principles. Familiarity with DevSecOps practices and security tools integration.