250 Tenable Jobs - Page 3

Job Title: Cybersecurity Consultant – VAPT Specialist Location: Riyadh Experience Level: Mid to Senior Employment Type: Full-time Job Summary We are seeking a highly skilled and passionate Cybersecurity Consultant with deep expertise in Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, and API platforms . The ideal candidate will have a strong background in identifying and remediating high-risk vulnerabilities, collaborating with cross-functional teams, and implementing robust security strategies tailored to diverse industries. This role requires a proactive approach to threat mitigation, excellent technical capabilities, and a commitment to continuous learning. Roles & Responsibilities Conduct in-depth Vulnerability Assessment and Penetration Testing (VAPT) for web, mobile, and API platforms, addressing OWASP Top 10, identifying business logic flaws, and uncovering complex attack vectors. Collaborate with IT and development teams to remediate vulnerabilities effectively and within defined SLAs. Design and implement yearly cybersecurity plans aligned with regulatory standards including SAMA CSF, SAMA ITGF, NCA CSCC, NCA ECC , and PCI-DSS . Perform advanced threat hunting, source code reviews , and SIEM audits to detect integration flaws and hidden threats. Carry out network and server configuration reviews in line with NIST, CIS benchmarks , or customized Minimum Baseline Security Standards (MBSS) . Utilize advanced security tools such as: Core Impact, Tenable SC, Nessus, Nmap, Metasploit, Acunetix, AppScan, Splunk, QRadar, Volatility, Hydra, Burp Suite, SonarQube, SQLMap, Fortify , etc. Conduct risk assessments, compromise assessments , and provide tailored recommendations to strengthen the organization’s security posture. Demonstrate strong communication and interpersonal skills , ensuring seamless collaboration across departments and with clients. Stay ahead of evolving threats by researching the latest technologies and attack vectors , and apply this knowledge to secure client environments. Required Qualifications Bachelor of Science Deep understanding of security frameworks, methodologies, and risk-based prioritization. Certifications (Preferred) Certified Information Security Manager (CISM) Certified Red Team Professional (CRTP) eLearn Certified Threat Hunting Professional (eCTHP) eLearn Web Penetration Tester (eWPT) Certified Ethical Hacker (Practical) (CEH) NSE1 – Network Security Associate Key Skills VAPT (Web, Mobile, API) Threat Hunting & Compromise Assessment Source Code & Network Configuration Review Regulatory Compliance (PCI-DSS, NCA, SAMA) Security Tool Proficiency (BurpSuite, Nessus, Metasploit, etc.) Risk Analysis & Communication Skills Report Writing & Executive Summarization

About Netskope Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive. Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter@Netskope. About The Position Netskope is looking for an analyst on the Threat and Vulnerability Management team. This position will focus on the identification and proactive mitigation of Netskope’s attack surface, threat landscape, security gaps , and cyber threats which could impact the business. In addition, this role will be responsible for performing the vulnerability management function such as finding, reporting, and supporting business units in their vulnerability remediation efforts. Roles & Responsibilities Continuous development and execution of the enterprise Threat and Vulnerability Management strategic plan to identify and reduce vulnerable attack surfaces Perform complex analysis to understand emerging threats, and continuously demonstrates awareness of current threat posture Reviews emerging and existing threat methodologies and exploit code / proof of concept code to develop mitigations, prioritize risks and navigating sources for identification of vulnerable assets. Execute on core team functions such as scanning, reporting, custom checks, asset tagging, as well as incorporating threat intelligence into vulnerability checks Automate security tasks using scripting languages such as python. Maintain and contribute to the threat models understanding emerging/existing threats and countermeasures to them. Partners with internal teams to lead, develop, test, and continuously validate detection signatures for various attacks Provide internal teams with hardening guidance and develop tooling for auditing Support teams by being a Remediation Champion giving them guidance on various strategies to remediate a vulnerability and supporting them in their testing and validation efforts. Provides expertise in incident response activities. Teach and understand CVSS, CVE, and additional vulnerability ratings and methodologies Qualifications/Requirements Experience 2 to 5 Yrs in Security Should possess relevant university degree and/or professional qualifications/certification (e.g. CEH, OSCP) Must have knowledge with tools Tenable, Qualys, NMAP, SCAPY, and other tools. Must have the ability to understand hardening guidelines for new technologies and applications being adopted by Netskope. Understanding of containerization and containerized applications, their security weaknesses and how to secure them Must have an understanding of patch automation, security orchestration, and management tooling for on premise, private cloud, and cloud infrastructure. Knowledge of OWASP Web and Mobile Top 10 vulnerabilities and identifying them. Knowledge of TCP/IP and other application and network level protocols. Knowledge of Cloud Applications like AWS, Azure and other SAAS Applications. Excellent written and verbal communication skills. Self-motivated, curious, knowledgeable pertaining to news and current events. Ability to be effective in a remote global work environment. Netskope is committed to implementing equal employment opportunities for all employees and applicants for employment. Netskope does not discriminate in employment opportunities or practices based on religion, race, color, sex, marital or veteran statues, age, national origin, ancestry, physical or mental disability, medical condition, sexual orientation, gender identity/expression, genetic information, pregnancy (including childbirth, lactation and related medical conditions), or any other characteristic protected by the laws or regulations of any jurisdiction in which we operate. Netskope respects your privacy and is committed to protecting the personal information you share with us, please refer to Netskope's Privacy Policy for more details.

Join us as a Security Consultant at Barclays, responsible for supporting the successful delivery of Location Strategy projects to plan, budget, agreed quality and governance standards. You'll spearhead the evolution of our digital landscape, driving innovation and excellence. You will harness cutting-edge technology to revolutionise our digital offerings, ensuring unparalleled customer experiences. To be successful as a Security Consultant you should have experience with: Deploy and maintain vulnerability assessment tools (e.g., Tenable) across enterprise-level global infrastructure Leverage proficiency with enterprise-grade vulnerability scanning tools, complex application architecture, and large-scale deployment methodologies Onboard devices at scale for both credentialed and non-credentialed scanning across multiple business units Manage local and network credentials for scanning tools and provision system access Implement comprehensive asset scan policies in collaboration with the vulnerability management team Troubleshoot network and asset coverage issues to ensure compliance requirements are met Consult with stakeholders and partner teams to resolve scan coverage problems Work independently and with vendor professional services to diagnose tool-related issues Develop and maintain standard processes, technical architecture diagrams, and system build documentation Create stakeholder presentations and technical documentation Apply understanding of enterprise on-premise and cloud-based network technologies in complex environments Utilize strong problem-solving skills to resolve intricate scan coverage issues across large-scale infrastructure Communicate effectively through excellent written and verbal skills with diverse enterprise audiences Engage effectively with technical and non-technical stakeholders across various organizational levels Desirable Skills The candidate should be able to demonstrate: Understanding of security risk landscape and vulnerability management's role in risk reduction Experience with cloud platforms (AWS, Azure) Knowledge of firewalls and network monitoring capabilities Location: Pune Purpose of the role To develop, implement and maintain solutions that support the safeguarding of the banks systems and sensitive information. Accountabilities Provision of subject matter expertise on security systems and engineering patterns. Development and implementation of protocols, algorithms, and software applications to protect sensitive data and systems. Management and protection of secrets, ensuring that they are securely generated, stored, and used. Execution of audits to monitor, identify and assess vulnerabilities in the banks infrastructure/software and support the response to potential security breaches. Identification of advancements in to support the innovation and adoption of new cryptographic technologies and techniques. Collaboration across the bank, including developers and security teams, to ensure that cryptographic solutions align with business objectives, security policies and regulatory requirements. Development/ Implementation and maintenance of Identity and Access Management solutions and systems. Analyst Expectations To perform prescribed activities in a timely manner and to a high standard consistently driving continuous improvement. Requires in-depth technical knowledge and experience in their assigned area of expertise Thorough understanding of the underlying principles and concepts within the area of expertise They lead and supervise a team, guiding and supporting professional development, allocating work requirements and coordinating team resources. If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others. OR for an individual contributor, they develop technical expertise in work area, acting as an advisor where appropriate. Will have an impact on the work of related teams within the area. Partner with other functions and business areas. Takes responsibility for end results of a team’s operational processing and activities. Escalate breaches of policies / procedure appropriately. Take responsibility for embedding new policies/ procedures adopted due to risk mitigation. Advise and influence decision making within own area of expertise. Take ownership for managing risk and strengthening controls in relation to the work you own or contribute to. Deliver your work and areas of responsibility in line with relevant rules, regulation and codes of conduct. Maintain and continually build an understanding of how own sub-function integrates with function, alongside knowledge of the organisations products, services and processes within the function. Demonstrate understanding of how areas coordinate and contribute to the achievement of the objectives of the organisation sub-function. Make evaluative judgements based on the analysis of factual information, paying attention to detail. Resolve problems by identifying and selecting solutions through the application of acquired technical experience and will be guided by precedents. Guide and persuade team members and communicate complex / sensitive information. Act as contact point for stakeholders outside of the immediate function, while building a network of contacts outside team and external to the organisation. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : DevSecOps Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :To play a key role in enabling successful project delivery across multiple projects. This role expects you to specialize in a range of security domains, including penetration testing, dynamic and static application security testing, software composition analysis, security architecture review and container security. Additionally, you provide comprehensive support in vulnerability management, service monitoring, and DevSecOps practices. Roles & Responsibilities:-Should have hands-on experience and knowledge of manual and automated penetration testing on the web, mobile and cloud-based applications.-Should have hands-on experience and knowledge of DAST (Dynamic Application Security Testing) to identify runtime vulnerabilities in staging and production environments.-Should have hands-on experience and knowledge of SAST (Static Application Security Testing) for early-stage source code and binary analysis.-Should have hands-on experience and knowledge of SCA (Software Composition Analysis) to detect open-source risks and license compliance issues.-Should have hands-on experience and knowledge of executing SAR (Security Architecture Review) of complex and cloud-based application and should be able to strategize risk remediation with the stakeholders or Security Architect.-Should have hands-on experience and knowledge of integrating security tools into CI/CD pipelines (e.g., Jenkins, GitHub Actions, GitLab CI).-Should have hands-on experience and knowledge of enforcing policy-as-code, shift-left security testing, and secure code delivery practices and automate security checks for container images and Kubernetes workloads.-Should be able to scan and harden docker containers using industry-standard tools.-Should be able to monitor vulnerabilities in container registries and orchestrators (e.g., Kubernetes, ECS).-Skilled in communicating security findings to technical and non-technical stakeholders.-Contribute to secure architecture reviews, risk assessments, and compliance initiatives.-Should be able to manage clients and various stakeholders.Should be a good people manager and should have experience of people and project management. Professional & Technical Skills: Tools & Technologies:Pentest Tools:Burp Suite Pro, OWASP ZAP, Nmap, Postman, Kali Linux,DAST/SAST/SCA:Fortify, Checkmarx, Veracode, Coverity, AppScan, Black Duck, Snyk,DevSecOps:GitHub Actions, Jenkins, GitLab, Docker, Kubernetes,VM Tools:Qualys, Tenable, ThreadFix,Monitoring:ServiceNow, Jira, Confluence-Should be able to collaborate with infrastructure and DevOps teams to secure cloud-native deployments.-Should be able to identify, triage, and manage vulnerabilities using centralized platforms (e.g., ThreadFix).-Should track vulnerability lifecycle from detection through remediation and reporting.-Should support real-time service monitoring to maintain system integrity and threat detection coverage. Additional Information:- The candidate should have minimum 7.5 years of experience in DevSecOps.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Skills:- vulnerability management, information security, or a related discipline, Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls), Experience with ITSM tools and ticketing systems for remediation tracking. Experience:- 3-5 Years Location:- Hyderabad Shift Timing:- 11.00 am - 8.00 pm Analyst, Vulnerability Management Omnicom Global Solutions, Hyderabad IN About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyze technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking.

Job Responsibilities: 5-10 years of experience in vulnerability assessment, penetration testing, or a related field. Strong understanding of vulnerability management concepts, principles, and best practices. Proficiency in using vulnerability assessment tools (e.g., Nessus, Tenable, Qualys). Experience in conducting penetration testing using various methodologies (e.g., black box, gray box, white box). Knowledge of common security threats, vulnerabilities, and attack vectors. Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). Experience with scripting languages (e.g., Python, PowerShell). Experience with cloud security (e.g., AWS, Azure, GCP). Flexible to work in shifts. Contact Person: Ackshaya Email ID: ackshaya@gojobs.biz

Summary Position Summary Red Team — Senior Consultant 2 – Senior Solution Delivery Lead Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do Manages Cyber Threat Management projects, guides the team on a day-to-day basis and ensures that assigned tasks and responsibilities are fulfilled in a timely fashion Demonstrates understanding of complex business and information technology management processes Interacts with clients, managers and partners to build and nurture strong relationships Tailors firm tools and methodologies as per client requirements Assists in implementing standard operating procedures Adheres to Service Level Agreements Identified opportunities for service optimization Evaluates, counsels, mentors and provides feedback on performance of others Manages day-to-day client relationships with their direct client contacts at a minimum at appropriate management levels Participates in proposal development efforts to sell quot;add-on quot; work to clients Identifies opportunities to improve engagement economics Lead practice development initiatives The Team Deloitte’s Red Team is a standardized process, to help clients combat today’s growing array of system threats. We help organizations assess their infrastructure, networks and application environments to identify vulnerabilities and controlweaknesses.Wedevelopanddeploythetechnicalandarchitecturalimprovementsnecessarytoreduceattack exposure OurApplicationandVulnerabilityManagementserviceshelporganizationsidentifythetechnicalandarchitectural improvements needed to minimize exposure to attacks. With our customized methodology, we assess the many aspects of risk to support identification of both internal and external facing threats. Required: - Core Skills: Advanced communication skills (written and verbal) with experience delivering high-level technical presentations, detailed engagement reports, and executive briefings to stakeholders and leadership teams. Proven ability to design and execute complex red team operations, providing tactical and strategic guidance for enhancing organizational security posture through actionable insights. Comprehensive project management skills, with experience in leading large-scale offensive security engagements from inception to execution, including coordinating cross-functional teams. Expert-level understanding of threat analysis, enterprise-level defense mechanisms, and advanced mitigation strategies, with a focus on bridging offensive techniques with defensive improvements. Hands-on experience in bypassing complex security defenses such as firewalls, EDR, IDS/IPS, SIEM solutions (e.g., Splunk, QRadar, ArcSight), using cutting-edge evasion techniques. Extensive knowledge of cyber kill chains, advanced multi-stage attack scenarios, and the ability to execute sophisticated adversarial campaigns using real-world TTPs. Deep expertise in reverse engineering, malware analysis, and exploiting vulnerabilities to uncover security flaws within complex infrastructures. Strong knowledge of cloud security (AWS, Azure, GCP) and demonstrated ability to conduct adversarial simulations targeting cloud-based environments. Advanced knowledge of operating systems (Windows/Linux) and networking technologies critical to red team operations, with the ability to exploit system misconfigurations and weaknesses. Mastery of adversarial simulation tools like Cobalt Strike, Sliver, Metasploit, Empire, Nessus, nmap, Qualys, and Tenable, with the capability to customize attack vectors. Mandatory Certifications - OSCP, OSWP, GPEN, OSCE, CRTO, GXPN, CREST Certified Simulated Attack Specialist Preferred Certifications - OSCE3, OSWE, OSEP, OSED, CREST Certified Simulated Attack Specialist, SABSA, AWS Security Specialist Proven experience leading red teaming, purple teaming, and Breach Attack Simulations (BAS) at the enterprise level, simulating advanced persistent threats (APTs) to assess security defenses. Expertise in spear-phishing campaigns, HTML smuggling, payload delivery mechanisms, and opsec strategies to evade detection throughout engagements. Deep understanding of advanced attack frameworks like MITRE ATT&CK and SANS Top 25, using them to design tailored attack scenarios specific to client environments. In-depth knowledge of EDR/AV evasion techniques, privilege escalation, lateral movement, and persistence in both on-premise and hybrid cloud infrastructures. Ability to architect, deploy, and optimize custom Red Team/Offensive Security solutions, including managing command and control infrastructure, payload obfuscation, and real-time response actions. Ability to manage cross-functional teams across red, blue, and purple engagements, fostering collaboration and improving overall security resilience through continuous improvement cycles. High-level proficiency in strategic planning, engaging with leadership to define security objectives, risk prioritization, and translating technical findings into business-centric solutions. Strong knowledge of attack surface management and vulnerability management, with experience discovering and analyzing hidden or misconfigured assets, especially shadow IT. Advanced OpSec and tradecraft knowledge, ensuring red team engagements are conducted without exposing tools or tactics to detection, while continuously adapting methods to outpace blue team defenses. As a Senior Solutions Delivery Lead, you will lead the charge in adversarial simulation operations, pushing the boundaries of offensive security capabilities. You will: Architect and lead advanced red team engagements, simulating the tactics, tools, and techniques used by sophisticated threat actors to test client defenses. Conduct multi-phase, coordinated attack campaigns, including phishing simulations, exploitation of vulnerabilities, and covert lateral movement across complex environments. Develop and optimize adversarial simulation tactics, ensuring constant evolution of red team methodologies in response to emerging threats. Provide in-depth reports and post-engagement briefings with a focus on strategic remediation advice that aligns with organizational security goals. Oversee the red team infrastructure, ensuring all tools, C2 systems, and exploit frameworks are continually updated and configured for optimal effectiveness. Lead purple team exercises, working closely with blue teams to collaboratively improve detection, response, and mitigation strategies in real time. Remain at the forefront of offensive security innovations, guiding the team through new techniques, tools, and adversarial simulations to enhance effectiveness. Ensure OpSec best practices are strictly followed to avoid detection during engagements and protect the integrity of the red team toolkit. Collaborate with clients and stakeholders to review attack scenarios, findings, and deliver customized security enhancements tailored to their specific business risks. Preferred: B. E / B.Tech / M.S in any engineering discipline; 7-9 years of cyber risk services experience. Proven ability to emulate sophisticated adversary tactics, techniques, and procedures (TTPs) to identify and exploit weaknesses in organizational defenses. Familiarity with red teaming methodologies, offensive security tools, and frameworks such as MITRE ATT&CK. Experience with tools like Cobalt Strike, Metasploit, and Empire for command and control, exploitation, and lateral movement within environments. Proficiency in scripting languages like Python, PowerShell, or Bash for automation and custom tool creation. Knowledge of evasion techniques to bypass antivirus (AV), endpoint detection and response (EDR), and network monitoring tools. Strong understanding of privilege escalation, lateral movement, and persistence mechanisms in both Windows and Linux environments. Hands-on experience conducting phishing campaigns, social engineering attacks, and delivering payloads via HTML smuggling or other covert techniques. Ability to assess and manipulate Active Directory configurations, conduct password spraying, and exploit common misconfigurations. Strong knowledge of reverse engineering tools such as IDA Pro and Ghidra for analyzing malware or binaries. Excellent ability to create detailed post-engagement reports and recommendations for improving detection and response capabilities. Knowledge of operational security (OpSec) best practices to avoid detection during adversarial engagements. Ability to think creatively in developing offensive strategies and adapting to blue team defenses. Strong desire to continuously learn emerging attack vectors and defensive countermeasures. Outstanding communication skills, with the ability to explain offensive security techniques to both technical and non-technical stakeholders. Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin their own way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-based learning,and eLearning.Deloitte University(DU):The LeadershipCenter in India,our state-of-the-art, world-class learning centerin the Hyderabad office, is an extension of the DU in Westlake, Texas, and represents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best workeveryday. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandarecontinuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesourdiversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 306123

OT Security Experince: 5 Years Location: Pune Requirement Specification Bachelor’s degree in computer science/ electrical electronics, Information Security, Engineering, or a related field. 4-7 years of experience in cybersecurity, with a focus on OT security operations. Strong understanding of OT systems, including SCADA, DCS, PLC, and other industrial control systems. Experience with security monitoring tools, Claroty, Nozomi, Tenable, CrowdStrike EDR, SIEM platforms, and incident response procedures. Excellent client-facing skills with the ability to communicate complex technical concepts to non-technical stakeholders. Relevant certifications such as GICSP, CISSP, CISM, or similar are preferred. Strong problem-solving skills and the ability to work under pressure during security incidents. Excellent written and verbal communication skills.

Job Description Job Title – Vulnerability Analysis (VAPT) Location- Chennai /Navi Mumbai Position - 3 Job Responsibilities 5-10 years of experience in vulnerability assessment, penetration testing, or a related field. Strong understanding of vulnerability management concepts, principles, and best practices. Proficiency in using vulnerability assessment tools (e.g., Nessus, Tenable, Qualys). Experience in conducting penetration testing using various methodologies (e.g., black box, gray box, white box). Knowledge of common security threats, vulnerabilities, and attack vectors. Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). Experience with scripting languages (e.g., Python, PowerShell). Experience with cloud security (e.g., AWS, Azure, GCP). Flexible to work in shifts Skills Required RoleVulnerability Analysis (VAPT) – Analyst/Senior Analyst – Chennai / Navi Mumbai Industry TypeITES/BPO/KPO Functional Area Required Education Employment TypeFull Time, Permanent Key Skills NESSUS PENETRATION TESTING VULNERABILITY ASSESSMENT Other Information Job CodeGO/JC/634/2025 Recruiter NameAckshaya

The Information Security Analyst is responsible for Develops and executes security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce, and web-based systems. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Responds to cybersecurity breaches, identifies intrusions, and isolates, blocks, and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding impact on the business caused by theft, destruction, alteration, or denial of access to information and systems. Responsibilities: Analyze threats to existing processes and systems and stay updated on evolving threats and vulnerabilities. Respond to indications of attack or compromise, ensuring timely resolution. Use security tools and identify automation opportunities. Evaluate risks using established frameworks and methodologies. Apply information security, compliance, assurance, and other security practices professionally. Proactively address and resolve security-related issues. Identify and implement opportunities to enhance security systems and protocols. Develop and maintain documentation for best practices, system configurations, and troubleshooting guidelines. Lead and coordinate security projects to ensure timely completion. Support team members to promote a collaborative environment. Contribute to defining and evolving security best practices within the organization. Conduct or facilitate security awareness training sessions for employees. Regularly perform vulnerability assessments and recommend mitigation strategies. Monitor and review security patches for timely applications. Assist in developing, reviewing, and updating organizational security policies and procedures. Collaborate with IT departments to integrate security measures into projects and systems. Configure and fine-tune security tools for improved capabilities. Ensure compliance with industry regulations and standards, such as SOC-2, ISO27001. Assist in digital forensics investigations during security incidents. Evaluate the security postures of third-party vendors and recommend security requirements for contracts. Required Skills: Understanding of common Information Security concepts, practices, and procedures. Understanding of vulnerability analysis, penetration testing, encryption technologies, intrusion detection, incident response. Proficiency in Microsoft tools such as Azure, Defender, and Office. Proficiency with the Atlassian suite Proficiency in Endpoint detection and Response tools such as CrowdStrike or SentinelOne Experience with vulnerability management tools such as Tenable or Radpi7 InsightVM Experience with SIEM tools such as Splunk, Rapid7 IDR, Google Chronicle Excellent attention to detail and strong documentation skills. Outstanding verbal and written communication skills. Exceptional problem-solving abilities. Education & Experience: Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related area of study. 2+ years of relevant experience. Industry certifications in cyber security incident management preferred. Experience in analyzing network logs. Experience in Network Security or Application Security. Experience with security tools such as EDR, SIEM, EUBA, SOAR.

Senior SOC Eng to lead incident response, threat detection & automation initiatives for Rocket EMS's globl security operatn. SIEM/SOAR optimization, advanced threat hunting & direct response to cyberattacks across endpoints, cloud & identity systems.

Security Engineer – Security Operations Center - SOC ( India) Let’s be unstoppable together! Circana is the leading advisor on the complexity of consumer behavior. Through unparalleled technology, advanced analytics, cross-industry data, and deep expertise, we provide clarity that helps almost 7,000 of the world’s leading brands and retailers take action and unlock business growth. We understand more about the complete consumer, the complete store, and the complete wallet so our clients can go beyond the data to apply insights, ignite innovation, meet consumer demand, and outpace the competition. At Circana, we are fueled by our passion for continuous learning and growth, we seek and share feedback freely, and we celebrate victories both big and small in an environment that is flexible and accommodating to our work and personal lives. We have a global commitment to diversity, equity, and inclusion as we believe in the undeniable strength that diversity brings to our business, employees, clients, and communities (with us you can always bring your full self to work). Join our inclusive, committed team to be a challenger, own outcomes, and stay curious together. Learn more at www.circana.com. What will you be doing? This role will be part of a highly energetic, experienced SOC team for various IT Security platforms and practices. You will work directly with the entire Security, IT and business teams to enforce and safeguard cybersecurity at Circana. You will play a critical role in maintaining a strong defensive posture, including Incident Response. As part of the SOC First Responders Team, you will monitor, assess, handle and resolve active security alerts and escalate as needed while still being involved. The idea candidate will have the ability to communicate both clearly and effectively with all levels of global colleagues across Circana. You will be a valued contributor to suggest, enhance and utilize IT Security solutions to ensure assets are properly safeguarded. Job Responsibilities First responders in monitoring, investigating and handling events / alerts. Perform threat detection, investigation, and response to security incidents. Maintain and manage endpoint protection platforms including Antivirus and EDR Perform security audits of internal systems for compliance Perform , report and track active vulnerability scanning processes and remediation Work with the Security Compliance, Risk, Audit and Governance Teams to ensure security, regulatory and compliance best practices are followed. Proactively utilize all IT Security tools to guard against , identify and remediate threats. Contribute to the on-going review and expansion of IT Security tools, policies, and processes Utilize Security solutions to ensure assets are properly safeguarded Proactively assess safeguards to identify potential risks and perform trend analysis Compile and validate statistical data to be used to determine the viability of implementing specific Ability to handle sensitive matters with discretion and maintain confidentiality. Strong verbal and written English language skills Ability to multi-task with attention to detail Requirements Bachelor’s or Master’s degree in Information Technology, Computer Science, or equivalent experience 3 to 5 years experience in IT Systems or Network Engineering / Administration. Min 3+ years relevant experience in an IT Security Analyst or IT Security Administration role Cloud security experience is additional and preferable. Knowledgeable of the following information security disciplines: Data loss prevention (DLP), intrusion detection system (IDS) monitoring, security information and event management (SIEM), incident response, IT Security best practices, system hardening, vulnerability assessment, management and remediation, EDR, antivirus, firewalls, and techniques for analyzing TCP/IP network traffic and event logs Strong hands-on experience with: TrendMicro Deep Security(Antivirus), CrowdStrike(EDR) , Tenable Nessus (Vulnerability Scan) and Knowledge of SIEM tools (ExaBeam) Relevant certifications preferred (e.g., CEH, Security+,) Excellent Interpersonal Skills - Team player and Self Starter. Independent Thinker and Collaborator. Circana Behaviors As well as the technical skills, experience and attributes that are required for the role, our shared behaviors sit at the core of our organization. Therefore, we always look for people who can continuously champion these behaviors throughout the business within their day-to-day role: Stay Curious: Being hungry to learn and grow, always asking the big questions Seek Clarity: Embracing complexity to create clarity and inspire action Own the Outcome: Being accountable for decisions and taking ownership of our choices Center on the Client: Relentlessly adding value for our customers Be a Challenger: Never complacent, always striving for continuous improvement Champion Inclusivity: Fostering trust in relationships engaging with empathy, respect and integrity Commit to each other: Contributing to making Circana a great place to work for everyone Location This position is 100% remote and based in Bangalore.

Job Description Qualifications Required . Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent professional experience is acceptable. Minimum 5+ years of experience in Azure cloud operations, with a demonstrated focus on security and vulnerability management. Proven track record of managing and securing large-scale Azure environments in production. Hands-on experience with vulnerability scanning, remediation, and compliance in enterprise cloud environments. Extensive experience in responding to and managing security incidents and threat mitigation in Azure. Technical Skills Azure Expertise : In-depth knowledge of Azure services, including but not limited to: Azure Security Center Azure Defender Azure Key Vault Azure Policy Azure Sentinel (SIEM) Azure Active Directory (Azure AD) Security and Vulnerability Tools : Proficiency with vulnerability scanning and management tools like Qualys, Tenable Nessus, or Rapid7. Experience with Azure-native security tools for threat detection and remediation. Infrastructure Hardening : Strong knowledge of security best practices for securing virtual machines, storage accounts, AKS, and network components. Familiarity with zero-trust architecture principles and implementation in Azure. Automation & Scripting : Advanced skills in scripting languages such as PowerShell , Azure CLI , Python , or other automation tools to remediate vulnerabilities and improve operational efficiency. Experience in integrating security checks into CI/CD pipelines. Certifications (Preferred or Mandatory) Azure Cloud Certifications: Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) Security Certifications: Certified Information Systems Security Professional ( CISSP ) Certified Ethical Hacker ( CEH ) CompTIA Security+ GIAC certifications (e.g., GCIH, GSEC, or GCED) Other Requirements Familiarity with regulatory and compliance standards, such as ISO 27001 , SOC 2 , GDPR , or HIPAA . Experience in performing and supporting audits related to cloud security. Proven ability to stay current with evolving cloud and cybersecurity trends.

Attack Surface Reduction Analyst Swedium Global is looking for Attack Surface Reduction Analyst Period from: 2025-08-01 Period to: 2026-01-31 Job description: Attack Surface Reduction (ASR) Analyst Purpose of the Role The ASR Analyst is an entry-to-mid-level role focused on supporting the organization's attack surface reduction (ASR) efforts. This role involves conducting vulnerability scanning , attack path analysis , and penetration testing while participating in remediation campaigns to address identified risks. The ASR Analyst collaborates with cross-functional teams to ensure the organization's attack surface is proactively managed and aligned with security best practices , DevSecOps principles , and compliance standards . Responsibilities Perform vulnerability scanning across cloud , on-premise , and containerized environments , ensuring comprehensive coverage. Assist in attack path analysis to identify potential risks, prioritize vulnerabilities, and recommend mitigation strategies. Support penetration testing activities, including internal and external testing, under the guidance of senior analysts. Deploy, configure, and manage security tools (e.g., Qualys, Prisma Cloud, Tenable) to enhance the organization's security posture. Contribute to remediation campaigns , tracking progress, coordinating with stakeholders, and ensuring timely resolution of vulnerabilities. Document findings, prepare detailed technical reports , and communicate actionable insights to stakeholders. Collaborate with cross-functional teams to integrate security policies and standards into DevSecOps pipelines and operational processes. Support cloud security assessments , container security reviews , and digital shadow monitoring to identify and mitigate external threats. Assist in implementing CI/CD security controls , ensuring secure software development and deployment practices. Participate in automation initiatives , leveraging tools to streamline vulnerability management, patching, and security monitoring. Qualifications & Experience : 2-4+ years in cybersecurity , offensive security , or IT-related field Skills and Abilities : Secure operations and service delivery (80% of CIISec Level 3 of Primary Skills). Foundational knowledge of vulnerability management , penetration testing , and attack surface monitoring . Basic understanding of DevSecOps , CI/CD pipelines , and container security . Foundational understanding of cloud security and secure software development . Certifications : OSCP, CompTIA Security+ , GIAC Certified Penetration Tester (GPEN), CEH or equivalent. Cloud foundational certifications (e.g., Microsoft AZ-900 , AWS Certified Cloud Practitioner). Optional: Certificate of Cloud Security Knowledge (CCSK), Azure Security Engineer-AZ500, AWS Security Specialist, or Certified Kubernetes Security Specialist (CKS). Role-Specific Skills Vulnerability Management : Proficiency in tools like Qualys , Nessus , and Prisma Cloud for identifying and mitigating vulnerabilities. Attack Surface Monitoring : Foundational knowledge of monitoring tools and processes to identify risks across the organization's digital footprint. Penetration Testing : Familiarity with methodologies and tools (e.g., Metasploit , Burp Suite ) to simulate adversarial tactics and uncover security gaps. Cloud Security : Basic understanding of securing cloud-based services (e.g., AWS , Azure , GCP ) and implementing cloud-native security solutions . Container Security : Foundational knowledge of securing containerized environments (e.g., Docker , Kubernetes ) and implementing runtime security controls. DevSecOps : Understanding of integrating security into CI/CD pipelines , including automated testing and secure deployment practices. Data Protection : Knowledge of data classification, encryption, and compliance with standards like GDPR and CCPA . Key Behaviors Technical Proficiency : Demonstrates foundational skills in vulnerability scanning, penetration testing, and security tool management while showing curiosity to learn new security technologies. Analytical Thinking : Applies logical reasoning to identify patterns in vulnerability data, demonstrates attention to detail in security assessments, and prioritizes vulnerabilities based on risk level. Communication : Documents technical findings clearly, communicates security concepts effectively to various stakeholders, and actively incorporates feedback from senior team members. Collaboration : Works effectively with cross-functional teams to integrate security into development processes and supports remediation efforts by coordinating with system owners. Continuous Improvement : Regularly updates knowledge of emerging threats and security practices while seeking opportunities to enhance skills in cloud security, container security, and DevSecOps. Initiative & Problem-Solving : Proactively identifies security issues, takes ownership of assigned tasks, and applies creative thinking to develop practical solutions for identified vulnerabilities. Ethical Conduct & Reliability : Maintains confidentiality of sensitive security information, adheres to security policies, and consistently delivers quality work within established timeframes. Job Overview Location : Bangalore, Karnataka Vacancy : 1 Key Skills : Cyber Security, Azure, Devsecops, CI/CD

The Information Security Analyst is responsible for Develops and executes security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce, and web-based systems. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Responds to cybersecurity breaches, identifies intrusions, and isolates, blocks, and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding impact on the business caused by theft, destruction, alteration, or denial of access to information and systems. Responsibilities: Analyze threats to existing processes and systems and stay updated on evolving threats and vulnerabilities. Respond to indications of attack or compromise, ensuring timely resolution. Use security tools and identify automation opportunities. Evaluate risks using established frameworks and methodologies. Apply information security, compliance, assurance, and other security practices professionally. Proactively address and resolve security-related issues. Identify and implement opportunities to enhance security systems and protocols. Develop and maintain documentation for best practices, system configurations, and troubleshooting guidelines. Lead and coordinate security projects to ensure timely completion. Support team members to promote a collaborative environment. Contribute to defining and evolving security best practices within the organization. Conduct or facilitate security awareness training sessions for employees. Regularly perform vulnerability assessments and recommend mitigation strategies. Monitor and review security patches for timely applications. Assist in developing, reviewing, and updating organizational security policies and procedures. Collaborate with IT departments to integrate security measures into projects and systems. Configure and fine-tune security tools for improved capabilities. Ensure compliance with industry regulations and standards, such as SOC-2, ISO27001. Assist in digital forensics investigations during security incidents. Evaluate the security postures of third-party vendors and recommend security requirements for contracts. Required Skills: Understanding of common Information Security concepts, practices, and procedures. Understanding of vulnerability analysis, penetration testing, encryption technologies, intrusion detection, incident response. Proficiency in Microsoft tools such as Azure, Defender, and Office. Proficiency with the Atlassian suite Proficiency in Endpoint detection and Response tools such as CrowdStrike or SentinelOne Experience with vulnerability management tools such as Tenable or Radpi7 InsightVM Experience with SIEM tools such as Splunk, Rapid7 IDR, Google Chronicle Excellent attention to detail and strong documentation skills. Outstanding verbal and written communication skills. Exceptional problem-solving abilities. Education & Experience: Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related area of study. 2+ years of relevant experience. Industry certifications in cyber security incident management preferred. Experience in analyzing network logs. Experience in Network Security or Application Security. Experience with security tools such as EDR, SIEM, EUBA, SOAR.

Role & responsibilities About the Role: We are seeking a skilled and proactive Vulnerability & Patch Management Engineer to join our offshore cybersecurity team supporting Rocket EMS. You will lead the end-to-end vulnerability management and patching program across global infrastructure. This is a strategic, hands-on role requiring expert knowledge in tools like TenableOne, Automox, CrowdStrike Falcon, and Azure security solutions. Key Responsibilities: Manage enterprise-wide vulnerability lifecycle using TenableOne Rapid response to zero-day threats with scripting via CrowdStrike RTR Execute patch deployment using Automox across OS and cloud workloads Develop PowerShell/Python scripts for automation and rollback procedures Perform Azure Sentinel threat hunting using KQL Lead weekly vulnerability/patch management meetings and prepare executive dashboards Collaborate with global IT, SecOps, DevOps, and Engineering teams Required Skills: 5+ years in enterprise patch and vulnerability management Hands-on experience with TenableOne , Automox , CrowdStrike Falcon Complete , Azure Sentinel , and KQL Proficient in PowerShell and/or Python Strong understanding of Azure Cloud security posture and incident response Preferred: Knowledge of Infrastructure-as-Code (Terraform/ARM) Experience in regulated industries or manufacturing Additional certifications: Azure Security Engineer, CrowdStrike Certified

vulnerability assessments using Nessus , Tenable , Qualys ,Develop and maintain vulnerability management processes and procedures ,Coordinate vulnerability remediation activities, penetration testing, scripting languages KALI ,Linux Parrot

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : DevSecOps Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: To play a key role in enabling successful project delivery across multiple projects. This role expects you to specialize in a range of security domains, including penetration testing, dynamic and static application security testing, software composition analysis, security architecture review and container security. Additionally, you provide comprehensive support in vulnerability management, service monitoring, and DevSecOps practices. Roles & Responsibilities: -Should have hands-on experience and knowledge of manual and automated penetration testing on the web, mobile and cloud-based applications. -Should have hands-on experience and knowledge of DAST (Dynamic Application Security Testing) to identify runtime vulnerabilities in staging and production environments. -Should have hands-on experience and knowledge of SAST (Static Application Security Testing) for early-stage source code and binary analysis. -Should have hands-on experience and knowledge of SCA (Software Composition Analysis) to detect open-source risks and license compliance issues. -Should have hands-on experience and knowledge of executing SAR (Security Architecture Review) of complex and cloud-based application and should be able to strategize risk remediation with the stakeholders or Security Architect. -Should have hands-on experience and knowledge of integrating security tools into CI/CD pipelines (e.g., Jenkins, GitHub Actions, GitLab CI). -Should have hands-on experience and knowledge of enforcing policy-as-code, shift-left security testing, and secure code delivery practices and automate security checks for container images and Kubernetes workloads. -Should be able to scan and harden docker containers using industry-standard tools. -Should be able to monitor vulnerabilities in container registries and orchestrators (e.g., Kubernetes, ECS). -Skilled in communicating security findings to technical and non-technical stakeholders. -Contribute to secure architecture reviews, risk assessments, and compliance initiatives. -Should be able to manage clients and various stakeholders. Should be a good people manager and should have experience of people and project management. Professional & Technical Skills: Tools & Technologies:Pentest Tools: Burp Suite Pro, OWASP ZAP, Nmap, Postman, Kali Linux,DAST/SAST/SCA: Fortify, Checkmarx, Veracode, Coverity, AppScan, Black Duck, Snyk,DevSecOps: GitHub Actions, Jenkins, GitLab, Docker, Kubernetes,VM Tools: Qualys, Tenable, ThreadFix,Monitoring: ServiceNow, Jira, Confluence -Should be able to collaborate with infrastructure and DevOps teams to secure cloud-native deployments. -Should be able to identify, triage, and manage vulnerabilities using centralized platforms (e.g., ThreadFix). -Should track vulnerability lifecycle from detection through remediation and reporting. -Should support real-time service monitoring to maintain system integrity and threat detection coverage. Additional Information: - The candidate should have minimum 7.5 years of experience in DevSecOps. - This position is based at our Gurugram office. - A 15 years full time education is required.

Role & responsibilities About the Role: We are hiring a Senior SOC Engineer to lead incident response, threat detection, and automation initiatives for Rocket EMS's global security operations. This is not an analyst roleyoull be hands-on, driving SIEM/SOAR optimization, advanced threat hunting, and direct response to cyberattacks across endpoints, cloud, and identity systems. Key Responsibilities: Design and build SOC infrastructure using Microsoft Sentinel and SOAR Lead deep investigations using CrowdStrike Falcon, MDE, Tenable, and Palo Alto/Fortinet firewalls Perform threat hunting using MITRE ATT&CK framework and dark web intelligence Develop KQL queries and automation scripts in PowerShell/Python Integrate and respond to incidents across Azure and Microsoft 365 environments Collaborate with MSOC and global teams for escalations and knowledge sharing Required Skills: 7+ years in cybersecurity roles, focused on SOC/IR/Threat Hunting Expertise with Microsoft Sentinel , CrowdStrike Falcon , MDE , Tenable Deep understanding of MITRE ATT&CK , lateral movement, and APTs Scripting experience in KQL , Python , PowerShell Strong communication, leadership, and mentoring skills Preferred: Certifications: GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, OSCP, or MITRE ATT&CK Defender Experience with Palo Alto XSOAR and cloud-based threat monitoring Interested candidates please share your resume to Sirishad@ca-one.com

Join our digital revolution in NatWest Digital X In everything we do, we work to one aim. To make digital experiences which are effortless and secure. So we organise ourselves around three principles: engineer, protect, and operate. We engineer simple solutions, we protect our customers, and we operate smarter. Our people work differently depending on their jobs and needs. From hybrid working to flexible hours, we have plenty of options that help our people to thrive. This role is based in India and as such all normal working days must be carried out in India. Job Description Join us as a Security Analyst We’ll look to you to assess, triage, and respond proactively and effectively to security related threats, incidents, requests, and events The work you do will be vital in defending our assets, information, and systems from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording, or destruction Collaborating with internal and external stakeholders including third party suppliers, you’ll ensure activities relating to incident response, user access, alert monitoring, root cause analysis, and scenario planning are completed in line with standard operating procedures and to a high standard This role is available at associate vice president level What you’ll do Working with an array of domains, stakeholders, and specialists, you’ll take a proactive role to anticipate and identify security events, incidents, and trends that could adversely impact the bank, our customers, employees, or assets. You’ll contribute to security operations including production support, incident response, and on-call rota, and you’ll carry out and contribute to root cause analysis on security incidents and events, conduct training and scenario planning to prepare for and anticipate future events. As such, you’ll minimise future reoccurrence, and prepare reports and briefings as needed and to a high quality. You’ll also develop and maintain response plans, procedures, and playbooks to increase consistency and effectiveness of response capability. As well as this, you’ll: Proactively identify and effectively manage risks to deliver key security related customer and compliance outcomes, escalating and driving actions as necessary Actively contribute to security operations such as production support, incident response and on-call rota Maintain the end-to-end security response as directed, and ensure that security related services are delivered in line with expectations and that process change is implemented smoothly Act with pace when responding to customer queries and complaints and when responding to security events, make sure that feedback loops are in place to learn how to improve service and response Interrogate and interpret large volumes of data and analyse and assess data to understand trends and causal factors The skills you’ll need We’re looking for someone with a passion for cloud security and automation using Agile and DevOps methodologies, as well as promoting shift-left culture, which integrates security analysis into each CI/CD stage. You’ll have experience with Azure Cloud and security stack including Defender, Azure Sentinel and Azure Security Centre. You’ll also have expertise in automated security assessments and familiarity with third-party security tools integration such as Qualys and Tenable and compliance standards like PCI-DSS. In addition to this, you’ll demonstrate: Experience and knowledge of security controls The ability to communicate technical issues in business terms to range of stakeholders Experience in penetration testing and vulnerability management An understanding of Agile methodologies with experience of working in an Agile team

Netradyne harnesses the power of Computer Vision and Edge Computing to revolutionize the modern-day transportation ecosystem. We are a leader in fleet safety solutions. With growth exceeding 4x year over year, our solution is quickly being recognized as a significant disruptive technology. Our team is growing, and we need forward-thinking, uncompromising, competitive team members to continue to facilitate our growth. Job Title: Senior Cybersecurity Offensive Engineer Location: Netradyne, Bangalore About Netradyne Netradyne is a leader in AI-powered safety and fleet management technology. Our mission is to enhance driver safety, operational efficiency, and overall user experience through innovative and advanced solutions. We are dedicated to building a secure and connected future for the transportation industry by leveraging cutting-edge technology. We are seeking a Senior Cybersecurity Offensive Engineer with 7 to 10 years of hands-on experience in offensive security, penetration testing, and vulnerability assessments. The ideal candidate will play a critical role in strengthening our systems, identifying vulnerabilities, and enhancing our security posture. Roles & Responsibilities Offensive Security Operations Conduct vulnerability assessments and penetration testing on applications, networks, and cloud systems. Execute red team engagements to simulate real-world attacks and identify vulnerabilities and exploitation paths. Threat Analysis & Research Stay updated on the latest cybersecurity threats, vulnerabilities, and attack vectors. Proactively identify and mitigate risks relevant to the transportation and technology sectors. Security Audits & Incident Response Perform regular security audits, including code reviews and architecture assessments. Investigate potential security breaches, recommend corrective actions, and support incident response activities. Collaboration & Training Collaborate with product development, DevOps, and engineering teams to integrate secure practices. Lead internal training programs to promote a security-first culture across the organization. Requirements Experience 7 to 10 years of experience in offensive security, ethical hacking, penetration testing, or related roles. Proven expertise as a Cybersecurity Offensive Engineer or a similar position. Technical Skills Proficiency with security tools such as Burp Suite, Metasploit, Nessus, Nmap, Kali Linux, Qualys, SonarQube, and BlackDuck. Strong understanding of web, network, mobile, and IoT security. In-depth knowledge of OWASP Top 10 and common attack vectors (SQL injection, XSS, CSRF, buffer overflow, etc.). Familiarity with vulnerability management tools (e.g., Qualys, Tenable) and secure coding practices. Hands-on experience with reverse engineering, exploit development, and malware analysis (preferred). Familiarity with DevSecOps tools and processes (static/dynamic code analysis). Knowledge of security frameworks and compliance standards (e.g., OWASP, NIST, SOC, CIS, GDPR, HIPAA, PIPEDA). Programming & Problem-Solving Skills Proficiency in scripting languages like Python, Bash, Ruby, or PowerShell. Familiarity with programming languages such as C, C++, Java, or Go. Strong problem-solving and creative thinking abilities to simulate real-world attacks and devise effective mitigation strategies. Soft Skills Exceptional verbal and written communication skills for documentation and collaboration. Excellent organizational skills and attention to detail. Education & Certification Bachelor’s/Master’s degree in Computer Science, Information Security, or a related field (preferred). Relevant certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Cloud Security Certified Professional (CSCP). This role offers an exciting opportunity to work in a dynamic and fast-paced environment where you can make a significant impact on the security of next-generation technologies. We are committed to an inclusive and diverse team. Netradyne is an equal-opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status, or any legally protected status. If there is a match between your experiences/skills and the Company's needs, we will contact you directly. Netradyne is an equal-opportunity employer. Applicants only - Recruiting agencies do not contact. Recruitment Fraud Alert! There has been an increase in fraud that targets job seekers. Scammers may present themselves to job seekers as Netradyne employees or recruiters. Please be aware that Netradyne does not request sensitive personal data from applicants via text/instant message or any unsecured method; does not promise any advance payment for work equipment set-up and does not use recruitment or job-sourcing agencies that charge candidates an advance fee of any kind. Official communication about your application will only come from emails ending in ‘@netradyne.com’ or ‘@us-greenhouse-mail.io’. Please review and apply to our available job openings at Netradyne.com/company/careers. For more information on avoiding and reporting scams, please visit the Federal Trade Commission's job scams website.

Role: L3-Information Security Job Description: Primary Responsibility would be to manage the organizational practices for the following: Vulnerability Assessment Infrastructure(Cloud/Traditional DC) Penetration Testing Configuration Review Red Teaming Should be able to lead the team for delivery of Vulnerability Management operations. Conduct penetration testing as per the calendar activities and on demand request for Infrastructure Vulnerability Assessment. Conduct Vulnerability Assessment and Penetration Testing on Cloud Environment (AWS, GCP, Azure). Conduct configuration review as per the calendar activities and on demand request for server, database, network components. Identify and propose work around for critical vulnerabilities. Explain vulnerabilities to System owners and provide recommendations for mitigation Monitor progress of vulnerability mitigations and maintain track of remediation Provide advisory support to internal IT team for closure of identified vulnerability during the security testing Coordinate fixing of identified and accepted vulnerabilities with Airtel Payments Bank and Security Vendors. Stay abreast of newer trends in tools and technologies used for application security Develop POCs to demonstrate security issues Qualification: B.Tech, B.E, MCA or equivalent from a Recognized university At least 8 years of experience in similar role Certifications Preferred: OSCP, EC-council LPT. Hands on experience with popular security tools – Nessus, Metasploit, KALI Linux. Working knowledge of CIS Security benchmarks Has practical experience in auditing various OS , DB , Network and Security technologies

Job Description The primary responsibilities of a cloud architect include: Developing cloud strategy: Creating a cloud strategy and plan for adoption Designing cloud architecture: Designing cloud environments that meet the organization's needs Managing cloud resources: Overseeing the integration and migration of systems into the cloud Ensuring security: Developing security frameworks to protect data and applications Monitoring cloud activities: Keeping track of cloud activities and responding to technical issues Advising on cloud use: Providing advice on how to use cloud technology and deal with high-risk situations Developing and implementing cloud governance policies and procedures. Collaborating with teams: Working with IT security, vendors, and other teams Evaluating and selecting cloud applications, hardware, and software that align with business requirements. Designing and organizing cloud systems, including servers, storage, and network infrastructure. Defining best practices for migrating infrastructure, including bulk migrating applications to the cloud. Identifying and recommending cloud architecture solutions that effectively meet the company's needs. Ensuring compliance with relevant industry regulations and security standards. Training and supporting development teams on cloud architecture best practices. Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats. Conducting regular security assessments and audits to identify vulnerabilities and develop plans to address them. Collaborating with other IT professionals, including network engineers, developers, and system administrators, to integrate cloud security measures into existing systems and processes. A strong understanding of cloud computing technologies, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Knowledge of security frameworks such as ISO 27001, NIST Cybersecurity Framework, and CIS Controls. Operational experience in Tenable Cloud security application is a must Technical Skills Extensive knowledge of cloud computing technologies and current trends. Proficiency in cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform. Understanding of application architecture, orchestration, virtualization, and security protocols. Familiarity with programming languages like Python, Java, and C#. Experience with infrastructure as code (IaC) and automation technologies. Knowledge of networking concepts, including DNS, TCP/IP, and HTTP. Expertise in big data architecture, cost management, and disaster recovery planning. Familiarity with cloud security best practices, including encryption, access controls, and identity management. Understanding of cloud governance and compliance requirements. Having hands-on experience on Cloud governance which includes Data privacy, Risk management, Security and compliance management, Data quality, Data lifecycle management and ownership Continuous integration and delivery (CI/CD): Writing scripts to automatically integrate new code and features into the deployment environment Automation: Using automation to make software development more consistent, reliable, and efficient Infrastructure as Code (IaC): Using scripts to automatically configure the deployment environment Configuration management: Using tools to automate the provisioning and configuration of infrastructure and servers DevOps engineers use tools like Ansible, Puppet, Chef, Docker, and Kubernetes to perform their duties. Design and implement cloud security architecture, including Identity and Access Management (IAM) Monitor for security risks, vulnerabilities, and controls Analyze, log, and respond to incidents in the cloud environment Conduct threat simulations and penetration tests to identify potential threats Manage cryptography and encryption for cloud-based data Ensure that policies and processes are in place to protect business data Certifications such as Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), or Certified Cloud Architect (CCA) are preferred. At Nextracker, we are leading in the energy transition, providing the most comprehensive portfolio of intelligent solar tracker and software solutions for solar power plants, as well as strategic services to capture the full value of solar power plants for our customers. Our talented worldwide teams are transforming PV plant performance every day with smart technology, data monitoring and analysis services. For us at Nextracker, sustainability is not just a word. It's a core part of our business, values and our operations. Our sustainability efforts are based on five cornerstones: People, Community, Environment, Innovation, and Integrity. We are creative, collaborative and passionate problem-solvers from diverse backgrounds, driven by our shared mission to provide smart solar and software solutions for our customers and to mitigate climate change for future generations. Culture is our Passion

Vulnerability Identification & Assessment: Manage and oversee vulnerability scanning tools (Qualys, Tenable, Rapid7, etc.). Analyze vulnerability data from multiple sources and assess the impact on business operations. Perform risk assessments and categorize vulnerabilities based on severity and exploitability. Remediation & Risk Mitigation:Collaborate with IT and development teams to ensure timely remediation of identified vulnerabilities. Prioritize vulnerabilities based on risk to the business and potential exploitability. Track remediation efforts and ensure proper closure of security gaps. Process & Policy Development:Define and maintain vulnerability management policies, standards, and procedures. Establish workflows for vulnerability detection, reporting, remediation, and validation. Ensure compliance with security frameworks such as NIST, CIS, ISO 27001, and regulatory standards like GDPR, HIPAA, and PCI-DSS. Security Monitoring & Threat Intelligence Integration:Work with threat intelligence teams to understand emerging threats and vulnerabilities. Ensure vulnerability management aligns with incident response and threat-hunting processes. Continuously enhance detection mechanisms to improve vulnerability discovery and response. Compliance & Audit Readiness:Ensure that vulnerability management practices align with regulatory and compliance requirements. Maintain records of assessments, remediation efforts, and compliance reports for audits. Support internal and external audits related to vulnerability management. Reporting & Metrics: Develop and present vulnerability status reports to security leadership and executive teams. Track key performance indicators (KPIs) related to vulnerability remediation SLAs and risk reduction Provide insights on security posture improvements based on trend analysis. Security Awareness & Collaboration:Conduct training sessions to educate teams on vulnerability risks and remediation best practices. Work closely with DevSecOps, SOC, and infrastructure teams to integrate security best practices into the development lifecycle Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Vulnerability Management Preferred technical and professional experience Qualys

Who We Are: Take-Two Interactive Software, Inc. is a leading developer, publisher, and marketer of interactive entertainment for consumers around the globe. The Company develops and publishes products principally through Rockstar Games, 2K, Private Division, and Zynga. Our products are currently designed for console gaming systems, PC, and Mobile, including smartphones and tablets, and are delivered through physical retail, digital download, online platforms, and cloud streaming services. The Company’s common stock is publicly traded on NASDAQ under the symbol TTWO. While our offices (physical and virtual) are casual and inviting, we are deeply committed to our core tenets of creativity, innovation and efficiency, and individual and team development opportunities. Our industry and business are continually evolving and fast-paced, providing numerous opportunities to learn and hone your skills. We work hard, but we also like to have fun, and believe that we provide a great place to come to work each day to pursue your passions. What You’ll Take On Analyze vulnerability scan results from scanning tools and threat intel to identify risks, prioritize remediation based on regulatory and business requirements, while leveraging the tool's capabilities for asset grouping, dynamic analysis, and reporting. Develop and execute remediation plans in close collaboration with technical teams across our Label subsidiaries (Zynga, Rockstar, 2K) and development studios documenting and tracking progress within our ticketing and workflow management system. Lead validation of remediation effectiveness through post-remediation assessments, leveraging scanning tools for rescans and confirming closure within our ticketing and workflow management system. Enforce patch compliance by tracking deployments, managing exceptions, and ensuring adherence to SLAs, utilizing our ticketing and workflow management system for assignment, tracking, and escalation of exceptions, informed by scanning tool data. Monitor and report remediation progress, providing detailed metrics, trends, and outstanding issues, generating reports directly from our ticketing and workflow management system and leveraging scanning tool data for context. Communicate remediation updates to stakeholders, addressing potential business impacts, utilizing our ticketing and workflow management system for clear communication and workflow updates. Collaborate with the broader Information Security team to align remediation with the overall security strategy, leveraging insights from our scanning and ticketing/workflow management tools to inform strategic decisions. Build strong partnerships with teams across our Labels to foster an integrated vulnerability management approach, utilizing our ticketing and workflow management system as the central platform for collaboration and tracking. Work with engineering to maintain integrations between our scanning tools and ticketing/workflow management system to ensure seamless data flow and efficient workflow automation. Develop and customize workflows within our ticketing and workflow management system to optimize the vulnerability remediation lifecycle. Create and maintain dashboards and reports within both our scanning tools and ticketing/workflow management system to provide clear visibility into the vulnerability landscape and remediation progress. Troubleshoot issues related to scanning processes, data ingestion into our ticketing system, and the overall functionality of the vulnerability management toolset. What You Bring 3+ years in a security operations role, with a focus on vulnerability management, patching, and remediation workflows. Hands-on experience with vulnerability scanners (Tenable, Qualys, Rapid7) and enterprise patching platforms (SCCM, JAMF). Strong familiarity with workflow/ticketing systems like ServiceNow, Jira, or similar — including workflow automation, dashboarding, and reporting. A deep understanding of common vulnerabilities, CVSS scoring, EPSS, KEV, threat exposure, and remediation best practices across OS, network, and application layers. Comfort working cross-functionally with infrastructure, development, and support teams to drive remediation at scale. Strong scripting or automation experience is a plus (Python, PowerShell, API integration). Excellent communication skills — able to explain technical risk to non-technical stakeholders and influence without authority. Security certifications (e.g., SecurityX / CASP+, CySA+, GEVA, ) are a plus, but not required. What We Offer You Great Company Culture. We pride ourselves as being one of the most creative and innovative places to work, creativity, innovation, efficiency, diversity and philanthropy are among the core tenets of our organization and are integral drivers of our continued success. Growth: As a global entertainment company, we pride ourselves on creating environments where employees are encouraged to be themselves, inquisitive, collaborative and to grow within and around the company. Work Hard, Enjoy Life. Our employees’ bond, blow-off steam, and flex some creative muscles – through corporate boot camp classes, company parties, our Office gaming spaces, game release events, monthly socials, and team challenges. Benefits. Benefits include, but are not limited to; Discretionary bonus, Provident fund contributions, 1+5 medical insurance + top up options and access to Practo online Doctor consultation App, Employee assistance program, 3X CTC Life Assurance, 3X CTC Personal accident insurance, childcare services, 20 days holiday + statutory holidays, Perks. Gym reimbursement up to INR1150 per month, wellbeing program with the chance to earn up to $93 per annum, charitable giving program, access to learning platforms, employee discount program’s plus free games and events! Please be aware that Take-Two does not conduct job interviews or make job offers over third-party messaging apps such as Telegram, WhatsApp, or others. Take-Two also does not engage in any financial exchanges during the recruitment or onboarding process, and the Company will never ask a candidate for their personal or financial information over an app or other unofficial chat channel. Any attempt to do so may be the result of a scam or phishing exercise. Take-Two’s in-house recruitment team will only contact individuals through their official Company email addresses (i.e., via a take2games.com email domain). If you need to report an issue or otherwise have questions, please contact Careers@take2games.com.* As an equal opportunity employer, Take-Two Interactive Software, Inc. (“Take-Two”) is committed to fostering and celebrating the diverse thoughts, cultures, and backgrounds of its talent, partners, and communities throughout its organization. Consistent with this commitment, Take-Two does not discriminate or retaliate against any employee or job applicant because of their race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, and genetic information (including family medical history), or on the basis of any other trait protected by applicable law. If you need to report a concern or have questions regarding Take-Two’s equal opportunity commitment, please contact Careers@take2games.com.