247 Tenable Jobs

Join our team as a Security Analyst in India, where you will play a crucial role in assessing, triaging, and proactively responding to security-related threats, incidents, and events. You will be tasked with defending our assets, information, and systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording, or destruction. By collaborating with internal and external stakeholders, including third-party suppliers, you will ensure that incident response, user access, alert monitoring, root cause analysis, and scenario planning activities are carried out in accordance with standard operating procedures and to a high standard. This role is available at the associate vice president level. In this role, you will work across various domains, stakeholders, and specialists to anticipate and identify security events, incidents, and trends that could impact the bank, our customers, employees, or assets adversely. Your responsibilities will include contributing to security operations, conducting root cause analysis on security incidents, providing training and scenario planning, preparing reports and briefings, and developing response plans, procedures, and playbooks to enhance response capability. Moreover, you will proactively manage risks to achieve key security-related customer and compliance outcomes, participate in security operations such as production support, incident response, and on-call rotations, maintain security response processes, and ensure the delivery of security-related services align with expectations. Act swiftly in responding to customer queries and complaints, establish feedback loops to enhance service and response, and analyze large volumes of data to identify trends and causal factors. We are seeking an individual with a strong passion for cloud security and automation utilizing Agile and DevOps methodologies and promoting a shift-left culture that integrates security analysis into each CI/CD stage. The ideal candidate will have experience with Azure Cloud and security stack, including Defender, Azure Sentinel, and Azure Security Centre, automated security assessments, third-party security tools integration, and compliance standards like PCI-DSS. Additionally, you should possess expertise in security controls, the ability to communicate technical issues to various stakeholders, experience in penetration testing and vulnerability management, and an understanding of Agile methodologies gained through working in an Agile team.,

Roles and Responsibilities: Conduct vulnerability assessments using industry-leading tools (e.g., Nessus, Tenable, Qualys). Analyze vulnerability assessment results to identify and prioritize risks. Develop and maintain vulnerability management processes and procedures. Coordinate vulnerability remediation activities with relevant stakeholders. Perform penetration testing to assess the effectiveness of security controls. Stay up-to-date on the latest security threats and vulnerabilities. Relevant Skills and Experience: 5-7 years of experience in vulnerability assessment, penetration testing. Strong understanding of vulnerability management concepts, principles, and best practices. Proficiency in using vulnerability assessment tools (e.g., Nessus, Tenable, Qualys). Experience in conducting penetration testing using various methodologies (e.g., black box, Gray box, white box) and custom scripting. Knowledge of common security threats, vulnerabilities, and attack vectors. Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). Experience with scripting languages (e.g., Python, PowerShell). Experience with cloud security (e.g., AWS, Azure, GCP). Familiar with KALI Linux & Parrot OS Qualifications: Bachelor's degree in computer science, information technology, or a related field. Security certifications (e.g., CISSP, CISM, CEH, OSCP). Strong problem-solving and analytical skills. Excellent communication and interpersonal skills. Ability to work independently and as part of a team. Additional Skills (Preferred) Experience with source code analysis tools. Experience with web application security testing. Experience with mobile application security testing. Experience with security incident response.

Vulnerability Assessment and Configuration Audit Scope • Perform scheduled and on-demand VA & CA scans across servers, endpoints, databases, applications, and network devices . • Identify all configuration items (CIs), maintain updated inventory, and document configuration baselines and version histories. • Conduct authenticated and unauthenticated scans using approved tools. Analyse results, validate findings, and eliminate false positives and reporting to respective stakeholders • Prioritize vulnerabilities based on CVSS score, asset criticality, exploitability, and threat intelligence. Coordinate with application/infra teams for remediation. Track patching and configuration changes under SLAs. • Provide weekly/monthly reports, dashboards, and trends. Highlight SLA breaches, open vulnerabilities, and risk areas. • Support internal, external, and regulatory audits (RBI, CERT-In, PCI-DSS, ISO 27001) by providing evidence, gap remediation, and required documentation. • Contribute to policy enforcement and ensure adherence to security standards and mandates. • Keep VA/CA solutions updated (minimum N-1 version), stay current with latest tool versions, migration, definitions, and notify Bank VA Manager of new features. • Provide remote/off-hours/holiday support as needed. Ensure availability of backup resource and promptly raise tool/vendor issues when required • Backup analyst must be available during unavailability of primary resource to ensure business continuity • Perform Configuration Audit as per the scope defined by SPOC. • Raise case with Tenable whenever required. Coordination with Tenable support for technical issue. • Creation of SOP for Tenable SC 12 Onsite (Mumbai) Administration following Deliverable (Remote Support) • SCD's preparation/Creation for operating systems, Network Devices, Load balancer, Middleware, firewalls, AD, WAF, NAC, Proxy, DAM and others • Admin Level support for the tool • Vulnerabilities and the risk matrix based on exploitability and impact • Support for KRI submissions on quarterly or monthly basis • Interaction with various stakeholders for patching, authentication

Key Responsibilities: Lead the design and implementation of ServiceNow SecOps modules: Security Incident Response (SIR) Vulnerability Response (VR) Threat Intelligence (TI) Security Case Management Integrate ServiceNow SecOps with external security tools like Splunk, Qualys, Tenable, CrowdStrike, Palo Alto, etc. Develop custom applications, workflows, and automation using Flow Designer, Business Rules, Script Includes, and REST/SOAP APIs. Collaborate with InfoSec teams to translate business needs into technical requirements. Conduct requirements gathering, gap analysis, and solution architecture sessions. Drive automation of security processes using Security Orchestration, Automation, and Response (SOAR) capabilities. Develop and maintain dashboards and reporting for Security KPIs and SLAs. Ensure platform stability, performance optimization, and adherence to governance policies. Provide technical leadership, mentoring, and best practices guidance to junior team members. Support UAT, go-live, and post-production stabilization. Required Skills & Qualifications: Minimum 6 years of ServiceNow experience, with at least 4 years in ServiceNow SecOps. Strong hands-on experience in implementing and supporting Security Incident Response and Vulnerability Response. Experience integrating ServiceNow with external security tools and threat feeds. Solid understanding of security frameworks, incident handling, and vulnerability lifecycle. Proficiency in JavaScript, Glide API, REST/SOAP web services, and JSON/XML. Familiarity with CMDB, GRC/IRM, and ITOM modules is a plus. Knowledge of MITRE ATT&CK, NIST, or other cybersecurity frameworks. Strong analytical, troubleshooting, and problem-solving skills. Excellent communication and stakeholder management skills. Preferred Certifications: ServiceNow Certified Implementation Specialist – Security Incident Response ServiceNow Certified Implementation Specialist – Vulnerability Response ServiceNow Certified System Administrator Security certifications such as CISSP, CEH, or CompTIA Security+ are a plus. Educational Qualification: Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. Nice to Have: Experience with IRM/GRC, Threat Intelligence Platforms (TIPs), and SOAR use case design. Knowledge of DevSecOps and Agile/ITIL processes. Exposure to other ITSM/ITOM modules.

Your tasks Operation, maintenance, improvement and troubleshooting of the global vulnerability management platform like scanner appliances or systems for the management of vulnerabilities Analysis of vulnerabilities Continuous improvement of our vulnerability management process as well as development and implementation of improvements Close cooperation with interface teams within the organization, e.g. with the Cyber Defense and Response Center, the network or the client / server teams Handling of service problems in line with our internal SLAs Production or expansion of documentation for our global vulnerability management infrastructure Participation in security initiatives to increase security in the company Possibility of working in a shift model in the future Your qualifications Engineering degree in Computer Science, Information Security from reputed college/ University Minimum of 3-6 years of professional experience in the cybersecurity in a multinational company Experience with vulnerability scanner products and technologies like Qualys, Tenable, Servicenow (Vulnerability Response) Good knowledge of techniques and tools for vulnerability analysis Good knowledge of network and system technologies such as the ISO/OSI model, operating systems, applications and databases Administration of RedHat Enterprise Linux operating systems Proficient working knowledge of Python is must Capabilities to analyze complex processes Good communication skills and collaboration with different internal stakeholders Experience with IT Service Management and ITIL framework are preferred Certifications such as OCSP, ITIL, ISMS professional, CISSP or similar are added advantage Experience with malware defense tools and technologies such as anti-virus software, endpoint security, sandboxing and DLP are beneficial Excellent communication skills with fluency in speaking & writing English; German is added advantage

At Capgemini Invent, you will play a crucial role in driving transformation by blending strategic, creative, and scientific capabilities to deliver cutting-edge solutions for our clients. Your expertise in Vulnerability Management tools such as Rapid7, Qualys, and Tenable will be instrumental in implementing and managing security vulnerabilities both on-premises and in the cloud. You will also be responsible for setting up vulnerability scanning profiles and demonstrating a strong understanding of the vulnerability management lifecycle. In addition, your role will entail in-depth knowledge across various core domains including Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management. It is essential for you to possess knowledge of system security vulnerabilities, remediation techniques, and tactics, as well as the ability to effectively communicate testing findings to managers and network administrators. Your proficiency in simplifying complex technology concepts for non-technical audiences will be highly valued. Your profile should showcase a good understanding of the risk score acceptance process for vulnerabilities, the ability to generate customized reports, and support in mitigating vulnerabilities. Automation knowledge in existing processes, familiarity with Zero Day Vulnerabilities, and understanding of TTPs, MITRE ATT&CK framework, CVSS, OSINT, and deception techniques are also important aspects of this role. Moreover, your comprehension of operating systems, applications, infrastructure, cloud computing services, OWASP, CVSS, MITRE ATT&CK framework, and the software development lifecycle will be beneficial. Strong oral, verbal, and written communication skills are essential for effective collaboration and sharing of insights. Working at Capgemini offers a supportive environment with flexible work arrangements that prioritize work-life balance. You will have access to career growth programs and diverse professional opportunities tailored to your development. Additionally, you can enhance your skills with valuable certifications in cutting-edge technologies like Generative AI. Capgemini is a global leader in business and technology transformation, empowering organizations to navigate the digital and sustainable world with tangible impact. With a diverse team of over 340,000 members in more than 50 countries, Capgemini leverages its 55-year heritage to unlock the value of technology for clients worldwide. From strategy and design to engineering, the company delivers end-to-end services and solutions driven by market-leading capabilities in AI, cloud, and data, complemented by deep industry expertise and a robust partner ecosystem. In 2023, Capgemini reported global revenues of 22.5 billion, reflecting its commitment to addressing the comprehensive business needs of its clients.,

At Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities, collaborating closely with clients to deliver cutting-edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow. Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose. Your role involves expertise in Vulnerability Management tools such as Rapid7, Qualys, and Tenable. You should have hands-on experience in implementing and managing security vulnerabilities both on-premises and in the cloud. Additionally, setting up vulnerability scanning profiles and a strong knowledge and understanding of the vulnerability management lifecycle are essential. It is crucial to have in-depth knowledge across all core domains including Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management. Understanding system security vulnerabilities, remediation techniques, and tactics is required. You should be able to comprehend vulnerability testing methodology and effectively communicate testing findings to managers and network administrators. Furthermore, the ability to communicate complex technology to non-tech audiences in a simple and precise manner is essential. Your Profile should include a good understanding of the risk score acceptance process of vulnerabilities, ability to create customized reports, support in the mitigation of vulnerabilities, and knowledge of automation in the existing process. Understanding of Zero Day Vulnerabilities and their process, TTPs, MITRE ATT&CK framework, CVSS, OSINT, and deception techniques are also important. You should have knowledge of operating systems, applications, infrastructure, and cloud computing services, along with an understanding of OWASP, CVSS, MITRE ATT&CK framework, and the software development lifecycle. Good oral, verbal, and written communication skills are necessary for this role. What you will love about working here is the recognition of the significance of flexible work arrangements to provide support. Whether it's remote work or flexible work hours, you will have an environment that allows for a healthy work-life balance. Career growth is at the heart of our mission, with an array of career growth programs and diverse professions crafted to support you in exploring a world of opportunities. Equip yourself with valuable certifications in the latest technologies such as Generative AI. Capgemini is a global business and technology transformation partner, helping organizations accelerate their dual transition to a digital and sustainable world while creating tangible impact for enterprises and society. With a responsible and diverse group of 340,000 team members in more than 50 countries, Capgemini is trusted by clients to unlock the value of technology to address the entire breadth of their business needs. The Group reported 2023 global revenues of 22.5 billion.,

Department Chemistry Salary £37,174 - £45,413 per year Grade Grade 6 Contract status Fixed term Hours of work Full-time Based at University of York campus Interview date To be confirmed Posted Date 30/07/2025 Apply by 27/08/2025 Job Reference 14271 Documents Job description 14271.pdf (PDF, 329.73kb) Role Description Applications are invited for a Postdoctoral Research Associate position for up to 36 months to work with Professor Gideon Grogan and Dr William Unsworth in the Department of Chemistry. The project is funded by the EPSRC. Department The Department of Chemistry is one of the largest and most successful departments at York and we are renowned internationally for our research. As a department, we strive to provide a working environment that allows all staff and students to contribute fully, to flourish, and to excel. We are proud of our Athena Swan Gold Award Role The project will focus on exploring the application of Amine Dehydrogenase enzymes to the generation of pharmaceutically relevant intermediates. There will be a special focus on the evolution of these enzymes and their applications in synthetic organic and process chemistry. This appointment will suit a candidate with strong training in chemical synthesis and analysis, ideally also with experience in enzyme production and biocatalytic approaches. The position is tenable for a period of 36 months available from September 2025. Main Duties And Responsibilities To conduct research under the supervision of Professor Gideon Grogan and Dr William Unsworth and to contribute to the production of research into the application of Amine Dehydrogenase enzymes to the generation of pharmaceutically relevant intermediates. To assist in the identification and development of potential areas of research and the development of proposals for independent or collaborative research projects. To provide guidance to other staff and students, as required, as well as coordinating the work of small research teams and assist with undergraduate project supervision. Skills, Experience & Qualification Needed An undergraduate degree and PhD in Chemistry or equivalent Knowledge in organic synthesis and analysis to engage in high quality research using a range of research techniques and methodologies Extensive skills in synthetic organic chemistry and analysis including analysis of small organic molecules using NMR spectroscopy Experience of enzyme production and biocatalytic reactions advantageous Highly developed communication skills, attention to detail and commitment to high quality Evidenced ability to develop research objectives, plan and prioritise work, and conduct individual and collaborative research Ability to write up research work for publication and competency at presenting at conferences Positive attitude to colleagues and students and a willingness to work proactively Commitment to personal development and an understanding of equality and diversity issues Interview date: To be confirmed For informal enquiries: please contact Prof Gideon Grogan, email gideon.grogan@york.ac.uk, or Dr William Unsworth, email william.unsworth@york.ac.uk The University strives to be diverse and inclusive – a place where we can ALL be ourselves. We particularly encourage applications from people who identify as Black, Asian or from a Minority Ethnic background, who are underrepresented at the University. We offer family friendly, flexible working arrangements, with forums and inclusive facilities to support our staff. #EqualityatYork

We are Hiring for one of our MNC client Job Title: Patching Engineer Location: [Mohali Office, India] Job Type: Full-time Department: Infrastructure Management Job Summary We are seeking a highly skilled Patching Engineer to oversee and execute patch management processes across our cloud-hosted environments and enterprise network infrastructure. This role plays a critical part in ensuring system security, compliance, and optimal performance by proactively managing software updates, firmware patches, and vulnerability remediation strategies. Key Responsibilities Patch Management & System Updates: Plan, schedule, and execute patching for Windows and Linux virtual machines in a cloud-hosted environment. Manage and maintain firmware and software updates for networking devices, including switches, firewalls, and wireless controllers . Automate patch deployment and compliance reporting using endpoint management tools . Security & Compliance: Collaborate with security teams to conduct vulnerability assessments and ensure timely remediation of identified threats. Ensure patching processes align with industry security, the best practices, regulatory requirements, and internal IT policies . Track and report on compliance metrics to ensure adherence to organizational and security standards. Monitoring & Troubleshooting: Continuously monitor patching status, performance, and success rates across all environments. Diagnoses and resolve patching failures, compatibility issues, and system performance concerns . Generate detailed reports for internal stakeholders and audits on patch deployment status, security improvements, and compliance tracking. Documentation & Process Improvement: Maintain comprehensive documentation of patching schedules, configurations, rollback procedures, and compliance records. Develop and refine best practices and automation strategies to improve patch deployment efficiency. Provide guidance and training to IT teams on patching strategies and security hardening. Qualifications & Experience Technical Skills: Extensive experience in managing Windows and Linux virtual machines in cloud environments (Azure, AWS, or Google Cloud) . Strong knowledge of networking concepts and experience configuring and patching switches, firewalls, and wireless controllers . Hands-on experience with endpoint management and patching tools such as Microsoft SCCM, Intune or Endpoint Central Familiarity with vulnerability management tools (Rapied7, Nessus, Tenable, etc.) and security patching methodologies. Proficiency in automation and scripting (PowerShell, Bash, Python, or Ansible) to streamline patching processes. Soft Skills: Strong problem-solving and troubleshooting abilities to address patching failures and system performance issues. Excellent documentation and communication skills for collaboration with IT, security, and compliance teams. Ability to work in a fast-paced, high-availability environment while ensuring minimal downtime. Preferred Qualifications: Certifications such as Microsoft Azure Administrator (AZ-104), Red Hat Certified Engineer (RHCE), Cisco Certified Network Associate (CCNA), or CompTIA Security+ . Experience working in retail, enterprise IT, or highly distributed environments . Understanding of ITIL processes and best practices in change management, incident handling, and security compliance . Why Join Us? Opportunity to work in a dynamic, cloud-first environment ensuring the security and stability of enterprise infrastructure. Hands-on experience with leading cloud, security, and automation technologies . A key role in enhancing cybersecurity resilience and ensuring high availability for business-critical systems.

Overview Exp. - 3-6 Years Location - Hyderabad Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

Overview Exp. - 3-6 Years Location - Hyderabad Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3-5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

2 - 3 Years 1 Opening Chennai Role description Vulnerability Management Analyst Experience : 2 to 4 years Location : Hyderabad/Trivandrum/Kochi/Bangalore/Chennai Company: CyberProof, A UST Company Job Summary: We are seeking a skilled and proactive Vulnerability Management Analyst to join our security team. In this role, you’ll lead day-to-day operations of vulnerability assessment and remediation efforts for a client, while working hands-on with tools like Tenable and Wiz. Your sharp analysis, technical precision, and mentoring mindset will directly impact our enterprise security posture. Key Responsibilities: Lead and oversee vulnerability assessment scans using tools such as Tenable and Wiz , ensuring accurate execution and timely delivery. Configure and schedule scans, interpret assessment findings, and support ongoing remediation efforts in collaboration with stakeholders. Manage and maintain up-to-date vulnerability, asset, and configuration databases. Perform continuous asset discovery and ensure scan coverage remains comprehensive and consistent. Prioritize vulnerabilities based on criticality, exploitability, and potential business impact. Mentor junior analysts in scan execution, findings interpretation, and communication protocols. Escalate risks and coordinate mitigation tasks as per established security policies and response playbooks. Ensure adherence to company and customer information security standards and regulatory compliance. Preferred Qualifications: Proven experience in vulnerability management, including configuring and operating Tenable and Wiz platforms. Familiarity with CVSS scoring, patch management cycles, and vulnerability lifecycle workflows. Strong analytical skills with an ability to translate complex technical findings into actionable risk narratives. Experience working in hybrid cloud or enterprise environments is a plus. Certifications like CompTIA Security+, CEH are advantageous. Skills Vulnerability Assessment,Vulnerability Analysis,Vulnerability Scanning About UST UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

Role Description Vulnerability Management Analyst Experience : 2 to 4 years Location : Hyderabad/Trivandrum/Kochi/Bangalore/Chennai Company: CyberProof, A UST Company Job Summary We are seeking a skilled and proactive Vulnerability Management Analyst to join our security team. In this role, you’ll lead day-to-day operations of vulnerability assessment and remediation efforts for a client, while working hands-on with tools like Tenable and Wiz. Your sharp analysis, technical precision, and mentoring mindset will directly impact our enterprise security posture. Key Responsibilities Lead and oversee vulnerability assessment scans using tools such as Tenable and Wiz, ensuring accurate execution and timely delivery. Configure and schedule scans, interpret assessment findings, and support ongoing remediation efforts in collaboration with stakeholders. Manage and maintain up-to-date vulnerability, asset, and configuration databases. Perform continuous asset discovery and ensure scan coverage remains comprehensive and consistent. Prioritize vulnerabilities based on criticality, exploitability, and potential business impact. Mentor junior analysts in scan execution, findings interpretation, and communication protocols. Escalate risks and coordinate mitigation tasks as per established security policies and response playbooks. Ensure adherence to company and customer information security standards and regulatory compliance. Preferred Qualifications Proven experience in vulnerability management, including configuring and operating Tenable and Wiz platforms. Familiarity with CVSS scoring, patch management cycles, and vulnerability lifecycle workflows. Strong analytical skills with an ability to translate complex technical findings into actionable risk narratives. Experience working in hybrid cloud or enterprise environments is a plus. Certifications like CompTIA Security+, CEH are advantageous. Skills Vulnerability Assessment,Vulnerability Analysis,Vulnerability Scanning

We are looking for a Cloud-first IT Administrator with foundational Information Security (InfoSec) skills to manage and secure a modern, distributed IT environment. The ideal candidate will be responsible for overseeing cloud-native infrastructure, end-user devices, identity and access management, and maintaining InfoSec hygiene—driven by an automation-first, tools-based approach rather than traditional manual methods. Key Responsibilities Cloud-based IT Admin Manage Identity & Access Management : Google Workspace Admin or Azure AD or Okta Implement and enforce SSO, MFA policies Manage SaaS platforms used by the company: Google Workspace / Microsoft 365 / Slack / Zoom / Notion / Jira / others Setup and manage MDM (Mobile Device Management) across all endpoints (laptops / mobiles): Example tools: Hexnode, Intune, JAMF, Comodo Enforce security policies — device encryption, patching, antivirus, screen lock, remote wipe Enable self-service onboarding/offboarding — automate account provisioning and deprovisioning Manage asset inventory for cloud and physical devices Setup VPN / Zero Trust Access models where needed Manage basic networking & firewall rules in: Physical office (hardware firewalls like Fortinet / Palo Alto / Ubiquiti) Cloud (AWS Security Groups, NACLs, WAF) InfoSec (Basic / First line) Conduct regular user access reviews and implement least privilege Run basic vulnerability scans on endpoints and cloud systems Implement DLP (Data Loss Prevention) policies where needed Monitor and enforce phishing protection / SPF / DKIM / DMARC Setup endpoint monitoring / EDR tools (ex: CrowdStrike, SentinelOne) Ensure basic compliance tracking for ISO 27001 / SOC2 readiness Conduct InfoSec awareness training for employees (quarterly) AWS & Cloud Infra (Basic Admin) Monitor AWS usage and identify cost saving opportunities Manage AWS IAM users, policies, roles Manage basic AWS services : EC2, S3, RDS, CloudWatch, CloudTrail Assist DevOps team in ensuring secure cloud configurations Preferred Experience with AI-driven IT / InfoSec Tools Experience using or exploring AI-driven MDM platforms (Hexnode AI, Kandji AI, Jamf AI Assist, etc.) Familiarity with AI-assisted Identity Governance tools (Saviynt, Okta AI Assist, etc.) Understanding of AI-based Cloud Cost Optimization tools (CloudZero, OpsAI, AWS Trusted Advisor AI, Harness) Exposure to AI-based email security / DLP platforms (Abnormal Security, Material Security) Experience with AI-assisted VAPT & vulnerability scanning tools (Tenable, Plerion AI, Qualys AI) Familiarity with AI-powered IT Helpdesk platforms (Moveworks, Espressive, Aisera) Willingness to adopt AI-first approach to IT and InfoSec automation Skills & Requirements Mandatory 4+ years experience in Cloud-based IT Admin roles Hands-on experience with: Google Workspace / Azure AD / Okta MDM platforms Cloud networking & firewalls AWS IAM & basic cloud services Basic InfoSec knowledge: Endpoint security DLP Email security

Summary Position Summary Job title: IoT/OT Cybersecurity - Sr. Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do Roles & Responsibilities: Cybersecurity Strategy Development Develop and implement comprehensive cybersecurity strategies tailored for IoT and OT environments to safeguard critical infrastructure and data. This involves understanding the specific security needs of various IoT and OT systems and creating bespoke strategies to address them. Risk Assessment Conduct security risk assessments and vulnerability analyses on IoT and OT systems, identifying potential threats and proposing mitigation strategies. This includes regular audits and compliance checks to ensure security measures are up-to-date. Solution Implementation Design, deploy, and manage IoT and OT cybersecurity solutions, ensuring robust protection against cyber threats. This requires hands-on experience with IoT and OT security technologies, as well as the ability to customize and integrate these solutions into existing infrastructures. Compliance and Standards Ensure adherence to relevant industry standards, regulations, and best practices (e.g., NIST, ISO/IEC 27001, IEC 62443). This involves staying informed about changes in regulatory requirements and adjusting strategies accordingly. Incident Response: Develop and implement incident response plans for IoT and OT environments, including detection, analysis, containment, eradication, and recovery. This also involves conducting regular drills and simulations to ensure preparedness. Training and Awareness Conduct cybersecurity training and awareness programs for staff, promoting best practices and ensuring a security-conscious culture. Creating educational materials and leading workshops or seminars. Stakeholder Collaboration Work closely with cross-functional teams, including IT, engineering, and operations, to integrate cybersecurity measures into IoT and OT projects. Excellent communication and collaboration skills to ensure all stakeholders are aligned. Continuous Improvement Stay updated with the latest trends, technologies, and threat landscapes in IoT and OT cybersecurity, continuously enhancing security measures. Participating in industry conferences, webinars, and other professional development opportunities. Required Skills Understanding of: IoT and OT protocols: OPC UA, Modbus, Profibus, Profinet, DNP3, MQTT, Zigbee etc. Industrial Network Architectures: ZTNA, Purdue Model, Software Defined Network Segmentation Experience in deployment or operations of at-least one of the following solutions: OT Security Monitoring: Clority, Nozomi, Defender for IoT, Cisco Cyber Vision, Dragos, Palo Alto IoT Security, Tenable. OT etc. Knowledge of regulatory and compliance frameworks such as ISA/IEC 62443, NIST 800-82, NOG 104 Strong networking experience with understanding of switches, routers configuration. Proficiency in cybersecurity tools and platforms such as SIEM, IDS/IPS, firewalls, and vulnerability management solutions. Qualification Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Preferred specialization in Cyber Physical Systems (CPS) or IoT Security 7+ years of experience in cybersecurity, with a focus on IoT and OT environments. Proven track record of successfully securing IoT and OT systems for large organizations. Relevant certifications such as CISSP, CISM, CEH, or equivalent. Great to have IoT/OT certifications such as GICSP, GRIP or ISA 62443 Great to have networking certifications such as CCNA, CCNP etc. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2024. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300471

Summary Position Summary Job title: IoT/OT Cybersecurity - Sr. Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do Roles & Responsibilities: Cybersecurity Strategy Development Develop and implement comprehensive cybersecurity strategies tailored for IoT and OT environments to safeguard critical infrastructure and data. This involves understanding the specific security needs of various IoT and OT systems and creating bespoke strategies to address them. Risk Assessment Conduct security risk assessments and vulnerability analyses on IoT and OT systems, identifying potential threats and proposing mitigation strategies. This includes regular audits and compliance checks to ensure security measures are up-to-date. Solution Implementation Design, deploy, and manage IoT and OT cybersecurity solutions, ensuring robust protection against cyber threats. This requires hands-on experience with IoT and OT security technologies, as well as the ability to customize and integrate these solutions into existing infrastructures. Compliance and Standards Ensure adherence to relevant industry standards, regulations, and best practices (e.g., NIST, ISO/IEC 27001, IEC 62443). This involves staying informed about changes in regulatory requirements and adjusting strategies accordingly. Incident Response: Develop and implement incident response plans for IoT and OT environments, including detection, analysis, containment, eradication, and recovery. This also involves conducting regular drills and simulations to ensure preparedness. Training and Awareness Conduct cybersecurity training and awareness programs for staff, promoting best practices and ensuring a security-conscious culture. Creating educational materials and leading workshops or seminars. Stakeholder Collaboration Work closely with cross-functional teams, including IT, engineering, and operations, to integrate cybersecurity measures into IoT and OT projects. Excellent communication and collaboration skills to ensure all stakeholders are aligned. Continuous Improvement Stay updated with the latest trends, technologies, and threat landscapes in IoT and OT cybersecurity, continuously enhancing security measures. Participating in industry conferences, webinars, and other professional development opportunities. Required Skills Understanding of: IoT and OT protocols: OPC UA, Modbus, Profibus, Profinet, DNP3, MQTT, Zigbee etc. Industrial Network Architectures: ZTNA, Purdue Model, Software Defined Network Segmentation Experience in deployment or operations of at-least one of the following solutions: OT Security Monitoring: Clority, Nozomi, Defender for IoT, Cisco Cyber Vision, Dragos, Palo Alto IoT Security, Tenable. OT etc. Knowledge of regulatory and compliance frameworks such as ISA/IEC 62443, NIST 800-82, NOG 104 Strong networking experience with understanding of switches, routers configuration. Proficiency in cybersecurity tools and platforms such as SIEM, IDS/IPS, firewalls, and vulnerability management solutions. Qualification Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Preferred specialization in Cyber Physical Systems (CPS) or IoT Security 7+ years of experience in cybersecurity, with a focus on IoT and OT environments. Proven track record of successfully securing IoT and OT systems for large organizations. Relevant certifications such as CISSP, CISM, CEH, or equivalent. Great to have IoT/OT certifications such as GICSP, GRIP or ISA 62443 Great to have networking certifications such as CCNA, CCNP etc. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2024. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300471

Summary Position Summary Job title: IoT/OT Cybersecurity - Sr. Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do Roles & Responsibilities: Cybersecurity Strategy Development Develop and implement comprehensive cybersecurity strategies tailored for IoT and OT environments to safeguard critical infrastructure and data. This involves understanding the specific security needs of various IoT and OT systems and creating bespoke strategies to address them. Risk Assessment Conduct security risk assessments and vulnerability analyses on IoT and OT systems, identifying potential threats and proposing mitigation strategies. This includes regular audits and compliance checks to ensure security measures are up-to-date. Solution Implementation Design, deploy, and manage IoT and OT cybersecurity solutions, ensuring robust protection against cyber threats. This requires hands-on experience with IoT and OT security technologies, as well as the ability to customize and integrate these solutions into existing infrastructures. Compliance and Standards Ensure adherence to relevant industry standards, regulations, and best practices (e.g., NIST, ISO/IEC 27001, IEC 62443). This involves staying informed about changes in regulatory requirements and adjusting strategies accordingly. Incident Response: Develop and implement incident response plans for IoT and OT environments, including detection, analysis, containment, eradication, and recovery. This also involves conducting regular drills and simulations to ensure preparedness. Training and Awareness Conduct cybersecurity training and awareness programs for staff, promoting best practices and ensuring a security-conscious culture. Creating educational materials and leading workshops or seminars. Stakeholder Collaboration Work closely with cross-functional teams, including IT, engineering, and operations, to integrate cybersecurity measures into IoT and OT projects. Excellent communication and collaboration skills to ensure all stakeholders are aligned. Continuous Improvement Stay updated with the latest trends, technologies, and threat landscapes in IoT and OT cybersecurity, continuously enhancing security measures. Participating in industry conferences, webinars, and other professional development opportunities. Required Skills Understanding of: IoT and OT protocols: OPC UA, Modbus, Profibus, Profinet, DNP3, MQTT, Zigbee etc. Industrial Network Architectures: ZTNA, Purdue Model, Software Defined Network Segmentation Experience in deployment or operations of at-least one of the following solutions: OT Security Monitoring: Clority, Nozomi, Defender for IoT, Cisco Cyber Vision, Dragos, Palo Alto IoT Security, Tenable. OT etc. Knowledge of regulatory and compliance frameworks such as ISA/IEC 62443, NIST 800-82, NOG 104 Strong networking experience with understanding of switches, routers configuration. Proficiency in cybersecurity tools and platforms such as SIEM, IDS/IPS, firewalls, and vulnerability management solutions. Qualification Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Preferred specialization in Cyber Physical Systems (CPS) or IoT Security 7+ years of experience in cybersecurity, with a focus on IoT and OT environments. Proven track record of successfully securing IoT and OT systems for large organizations. Relevant certifications such as CISSP, CISM, CEH, or equivalent. Great to have IoT/OT certifications such as GICSP, GRIP or ISA 62443 Great to have networking certifications such as CCNA, CCNP etc. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2024. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300471

Summary Position Summary Job title: IoT/OT Cybersecurity - Sr. Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do Roles & Responsibilities: Cybersecurity Strategy Development Develop and implement comprehensive cybersecurity strategies tailored for IoT and OT environments to safeguard critical infrastructure and data. This involves understanding the specific security needs of various IoT and OT systems and creating bespoke strategies to address them. Risk Assessment Conduct security risk assessments and vulnerability analyses on IoT and OT systems, identifying potential threats and proposing mitigation strategies. This includes regular audits and compliance checks to ensure security measures are up-to-date. Solution Implementation Design, deploy, and manage IoT and OT cybersecurity solutions, ensuring robust protection against cyber threats. This requires hands-on experience with IoT and OT security technologies, as well as the ability to customize and integrate these solutions into existing infrastructures. Compliance and Standards Ensure adherence to relevant industry standards, regulations, and best practices (e.g., NIST, ISO/IEC 27001, IEC 62443). This involves staying informed about changes in regulatory requirements and adjusting strategies accordingly. Incident Response: Develop and implement incident response plans for IoT and OT environments, including detection, analysis, containment, eradication, and recovery. This also involves conducting regular drills and simulations to ensure preparedness. Training and Awareness Conduct cybersecurity training and awareness programs for staff, promoting best practices and ensuring a security-conscious culture. Creating educational materials and leading workshops or seminars. Stakeholder Collaboration Work closely with cross-functional teams, including IT, engineering, and operations, to integrate cybersecurity measures into IoT and OT projects. Excellent communication and collaboration skills to ensure all stakeholders are aligned. Continuous Improvement Stay updated with the latest trends, technologies, and threat landscapes in IoT and OT cybersecurity, continuously enhancing security measures. Participating in industry conferences, webinars, and other professional development opportunities. Required Skills Understanding of: IoT and OT protocols: OPC UA, Modbus, Profibus, Profinet, DNP3, MQTT, Zigbee etc. Industrial Network Architectures: ZTNA, Purdue Model, Software Defined Network Segmentation Experience in deployment or operations of at-least one of the following solutions: OT Security Monitoring: Clority, Nozomi, Defender for IoT, Cisco Cyber Vision, Dragos, Palo Alto IoT Security, Tenable. OT etc. Knowledge of regulatory and compliance frameworks such as ISA/IEC 62443, NIST 800-82, NOG 104 Strong networking experience with understanding of switches, routers configuration. Proficiency in cybersecurity tools and platforms such as SIEM, IDS/IPS, firewalls, and vulnerability management solutions. Qualification Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Preferred specialization in Cyber Physical Systems (CPS) or IoT Security 7+ years of experience in cybersecurity, with a focus on IoT and OT environments. Proven track record of successfully securing IoT and OT systems for large organizations. Relevant certifications such as CISSP, CISM, CEH, or equivalent. Great to have IoT/OT certifications such as GICSP, GRIP or ISA 62443 Great to have networking certifications such as CCNA, CCNP etc. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2024. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300471

Summary Position Summary Job title: IoT/OT Cybersecurity - Sr. Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do Roles & Responsibilities: Cybersecurity Strategy Development Develop and implement comprehensive cybersecurity strategies tailored for IoT and OT environments to safeguard critical infrastructure and data. This involves understanding the specific security needs of various IoT and OT systems and creating bespoke strategies to address them. Risk Assessment Conduct security risk assessments and vulnerability analyses on IoT and OT systems, identifying potential threats and proposing mitigation strategies. This includes regular audits and compliance checks to ensure security measures are up-to-date. Solution Implementation Design, deploy, and manage IoT and OT cybersecurity solutions, ensuring robust protection against cyber threats. This requires hands-on experience with IoT and OT security technologies, as well as the ability to customize and integrate these solutions into existing infrastructures. Compliance and Standards Ensure adherence to relevant industry standards, regulations, and best practices (e.g., NIST, ISO/IEC 27001, IEC 62443). This involves staying informed about changes in regulatory requirements and adjusting strategies accordingly. Incident Response: Develop and implement incident response plans for IoT and OT environments, including detection, analysis, containment, eradication, and recovery. This also involves conducting regular drills and simulations to ensure preparedness. Training and Awareness Conduct cybersecurity training and awareness programs for staff, promoting best practices and ensuring a security-conscious culture. Creating educational materials and leading workshops or seminars. Stakeholder Collaboration Work closely with cross-functional teams, including IT, engineering, and operations, to integrate cybersecurity measures into IoT and OT projects. Excellent communication and collaboration skills to ensure all stakeholders are aligned. Continuous Improvement Stay updated with the latest trends, technologies, and threat landscapes in IoT and OT cybersecurity, continuously enhancing security measures. Participating in industry conferences, webinars, and other professional development opportunities. Required Skills Understanding of: IoT and OT protocols: OPC UA, Modbus, Profibus, Profinet, DNP3, MQTT, Zigbee etc. Industrial Network Architectures: ZTNA, Purdue Model, Software Defined Network Segmentation Experience in deployment or operations of at-least one of the following solutions: OT Security Monitoring: Clority, Nozomi, Defender for IoT, Cisco Cyber Vision, Dragos, Palo Alto IoT Security, Tenable. OT etc. Knowledge of regulatory and compliance frameworks such as ISA/IEC 62443, NIST 800-82, NOG 104 Strong networking experience with understanding of switches, routers configuration. Proficiency in cybersecurity tools and platforms such as SIEM, IDS/IPS, firewalls, and vulnerability management solutions. Qualification Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Preferred specialization in Cyber Physical Systems (CPS) or IoT Security 7+ years of experience in cybersecurity, with a focus on IoT and OT environments. Proven track record of successfully securing IoT and OT systems for large organizations. Relevant certifications such as CISSP, CISM, CEH, or equivalent. Great to have IoT/OT certifications such as GICSP, GRIP or ISA 62443 Great to have networking certifications such as CCNA, CCNP etc. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2024. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300471

The Manager, Exposure Management plays a crucial role in identifying, analyzing, and mitigating cybersecurity exposures across enterprise systems. Your focus will be on vulnerability management, attack surface monitoring, and web application scanning to ensure timely detection and response to risks impacting the organization's digital footprint. It is essential to possess strong technical expertise, attention to detail, and the ability to collaborate across teams to influence remediation activities and enhance security posture. Key Responsibilities - Operate enterprise vulnerability scanning platforms, validate findings, and monitor remediation efforts effectively. - Continuously assess the organization's internal and external attack surface for untracked assets, misconfigurations, and exposed services. - Identify and manage asset ownership across business units, ensuring accurate data consistently reflected in the configuration management database (CMDB). - Collaborate with infrastructure, application, and business stakeholders for prompt and comprehensive updates to asset and ownership records. - Configure, execute, and analyze web application security scans, working closely with development teams to address identified issues. - Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tools. - Prepare detailed reports and dashboards tailored for various audiences, from technical teams to executive leadership. - Partner with IT, infrastructure, and cybersecurity stakeholders to facilitate risk-informed remediation activities. - Contribute to continuous process enhancements and tool optimization throughout the exposure management lifecycle. Basic Qualifications - A Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical field, along with a minimum of 10 years of experience in cybersecurity, focusing on vulnerability or exposure management. - A Master's degree in Computer Science, Information Security, Engineering, or a related technical field, combined with at least 8 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Preferred Qualifications - Hands-on experience with tools like Tenable, Qualys, Rapid7, or similar platforms. - Familiarity with web application scanning tools and techniques. - Experience in managing or supporting a CMDB and asset lifecycle processes in a large organization. - Understanding of frameworks such as CVSS, MITRE ATT&CK, and NIST CSF. - Strong communication and analytical skills to effectively communicate technical risks to business stakeholders. - Experience supporting compliance and regulatory programs within a global business context. In addition to competitive benefits programs, we offer health insurance, professional development opportunities, and an Employee Assistance Programme to help you achieve your personal goals. At our organization, we value the expertise, creativity, and passion of our employees and strive to create an inclusive environment that promotes growth, innovation, and diversity. Join us and be part of The Carrier Way, where you can make a difference. Apply now!,

Introduction In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. Your Role And Responsibilities Vulnerability Identification & Assessment: Manage and oversee vulnerability scanning tools (Qualys, Tenable, Rapid7, etc.). Analyze vulnerability data from multiple sources and assess the impact on business operations. Perform risk assessments and categorize vulnerabilities based on severity and exploitability. Remediation & Risk Mitigation: Collaborate with IT and development teams to ensure timely remediation of identified vulnerabilities. Prioritize vulnerabilities based on risk to the business and potential exploitability. Track remediation efforts and ensure proper closure of security gaps. Process & Policy Development: Define and maintain vulnerability management policies, standards, and procedures. Establish workflows for vulnerability detection, reporting, remediation, and validation. Ensure compliance with security frameworks such as NIST, CIS, ISO 27001, and regulatory standards like GDPR, HIPAA, and PCI-DSS. Security Monitoring & Threat Intelligence Integration:Work with threat intelligence teams to understand emerging threats and vulnerabilities. Ensure vulnerability management aligns with incident response and threat-hunting processes. Continuously enhance detection mechanisms to improve vulnerability discovery and response. Compliance & Audit Readiness:Ensure that vulnerability management practices align with regulatory and compliance requirements. Maintain records of assessments, remediation efforts, and compliance reports for audits. Support internal and external audits related to vulnerability management. Reporting & Metrics: Develop and present vulnerability status reports to security leadership and executive teams. Track key performance indicators (KPIs) related to vulnerability remediation SLAs and risk reduction Provide insights on security posture improvements based on trend analysis. Security Awareness & Collaboration: Conduct training sessions to educate teams on vulnerability risks and remediation best practices. Work closely with DevSecOps, SOC, and infrastructure teams to integrate security best practices into the development lifecycle Preferred Education Master's Degree Required Technical And Professional Expertise Vulnerability Management Preferred Technical And Professional Experience Qualys

🚨 We’re Hiring | Penetration Tester 🔐 Join a leading German multinational that’s at the forefront of cybersecurity innovation! We’re on the lookout for a talented and passionate Penetration Tester to help us strengthen our global security posture. 🛡️ Role : Penetration Tester 📍 Location : Pune 🕒 Experience : 5 to 8 Years 📅 Joining : Immediate Joiners only Job Profile for Penetration Tester: Vulnerability Assessment: Identifying & Exploiting Vulnerabilities in Applications (Including Web App), Networks, & Infrastructure. Mobile App Pen Test: Identify Vulnerabilities & Weaknesses in Mobile Applications (Android & iOS Platform) to Protect against Attacks. Simulate Real-World Attacks to find Entry Points & Assess the Security of Mobile Apps, Advising on Security Measures & Remediation Strategies. Penetration Testing: Performing Simulated attacks to Test the Security of Systems & Identify Weaknesses Reporting: Documentation of Findings, including the Identified Vulnerabilities, Level of Risk, & Recommendations for Remediation. Collaboration: Working with Stakeholders to Implement Security Improvements. Staying Up-to-Date: Keeping abreast of the latest Security Threats & Vulnerabilities Validation: Confirming that Security Improvements have been Implemented Effectively Solid understanding of OWASP Top 10, MITRE ATT&CK, and other security frameworks. Proficient in tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, and others. Skills: Web App Pen Test, Network Pen Test, Mobile App Pen Test Solid Understanding of OWASP Top 10, MITRE ATT&CK, & other Security Frameworks. Tool Expertise: Burp Suit Tenable Web App Scanning Nessus Professional/Expert Metasploit, Nmap, Wireshark, & others. Certification: CEH, OSCP #PenetrationTesting #CyberSecurityJobs #EthicalHacking #InfoSec #HiringNow #OSCP #CEH #SecurityAnalyst #CyberSecurityCareers

Required Skills & Experience: Hands-on experience in: Web Application Penetration Testing Network Penetration Testing Mobile Application Penetration Testing (Android & iOS) Strong knowledge of: OWASP Top 10 MITRE ATT&CK Other industry-recognized security frameworks Ability to simulate real-world attacks using both manual and automated tools. Experience in identifying, analyzing, and remediating vulnerabilities across diverse platforms. Tools Expertise: Burp Suite Nessus (Professional/Expert) Tenable Web App Scanning Metasploit Nmap Wireshark Additional tools for network and mobile testing as required

As a member of the Vulnerability Management Services team at Atos Group, you will play a crucial role in executing vulnerability scanning and managing VM programs for our clients. Your responsibilities will include completing projects within budgeted efforts and agreed timelines with high-quality deliverables. You will utilize various scanning solutions such as SAINT, Nessus, Tenable.io, Tenable.sc, Qualys, etc., to perform vulnerability scanning and gain a deep understanding of client network architecture and infrastructure to be scanned. Moreover, you will be involved in threat identification, vulnerability identification, and control analysis, as well as developing customized reports and dashboards based on client expectations. Proactiveness in project planning and execution, likelihood determination, impact analysis, and risk determination are key aspects of this role. You will also prioritize risks, provide solution recommendations, and document findings, identifying the business risks posed by weaknesses identified during assessments. Collaboration with both business and technical teams within and outside the organization will be essential for project scope definition, execution, and closure. The ideal candidate for this role should have at least 5 years of experience in Vulnerability Scanning, with expertise in tools like Qualys, Tenable, Rapid7, etc. Additionally, you should possess the ability to understand and explain vulnerabilities to stakeholders, knowledge of platforms such as Windows, Linux, Unix, Mac OS, Cisco, Juniper, as well as familiarity with standards like PCIDSS, CIS Benchmarks, etc. A flexible approach to working on challenging activities, creative problem-solving skills, strong communication, and writing abilities are crucial for success in this role. Join us at Atos Group to expand the possibilities of data and technology, now and for generations to come. Let's grow together.,

About The Company Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of Communications Experience Required: 3+ years in Cybersecurity, with 2+years hands-on Imperva DAM Reports To: Security Operations Lead / SOC Manager Location: Jaipur Job Type: Full-time, Customer locations Job Summary We are seeking an experienced ITSM and CIS BenchmarkingSpecialist to drive service management excellence and ensure systems arehardened according to industry best practices. The ideal candidate will havedeep knowledge of ITIL-based ITSM practices and hands-on experience applying CISBenchmarks for endpoint and server security compliance. Itsm Key Responsibilities: Oversee the implementation and continuous improvement of ITSM processes aligned with ITIL framework (e.g., Incident, Change, Problem, Asset, and Configuration Management). Ensure accurate and timely incident/ticket management via ITSM tools (e.g., ServiceNow, BMC Remedy, Freshservice). Develop ITSM dashboards and reports to track SLAs, service availability, and operational KPIs. Collaborate with technical and business teams to streamline service workflows and automate manual tasks. Provide training and guidance on ITSM processes across teams. CIS Benchmarking Perform security baseline assessments of servers, endpoints, and cloud environments using CIS Benchmarks. Coordinate with IT infrastructure and application teams to implement and validate CIS hardening steps. Use tools such as CIS-CAT Pro, SCAP, Tenable, or Qualys for benchmark scanning and reporting. Maintain a central repository of system configurations, benchmark reports, and deviation justifications. Support internal and external audits by providing CIS compliance evidence and remediation plans. Required Skills And Qualifications 1+ years of experience in implementing and managing ITSM processes and tools. 1+ years of experience applying CIS Benchmarks across Windows, Linux, databases, or cloud platforms. Strong understanding of ITIL v3 or v4, with certification preferred. Familiarity with endpoint/server hardening, system configuration management, and patching. Experience using configuration and compliance management tools (e.g., Ansible, Chef, SCCM, GPO). Ability to document policies, procedures, and control deviations. Preferred Qualifications ITIL Foundation or Practitioner certification. Experience in audit/compliance functions, particularly in regulated industries (BFSI, healthcare, government). Familiarity with ISO 27001, NIST 800-53, or other security frameworks. Education Requirements BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification Any ITSM Certification/CEH