256 Tenable Jobs - Page 4

Join our digital revolution in NatWest Digital X In everything we do, we work to one aim. To make digital experiences which are effortless and secure. So we organise ourselves around three principles: engineer, protect, and operate. We engineer simple solutions, we protect our customers, and we operate smarter. Our people work differently depending on their jobs and needs. From hybrid working to flexible hours, we have plenty of options that help our people to thrive. This role is based in India and as such all normal working days must be carried out in India. Job Description Join us as a Security Analyst We’ll look to you to assess, triage, and respond proactively and effectively to security related threats, incidents, requests, and events The work you do will be vital in defending our assets, information, and systems from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording, or destruction Collaborating with internal and external stakeholders including third party suppliers, you’ll ensure activities relating to incident response, user access, alert monitoring, root cause analysis, and scenario planning are completed in line with standard operating procedures and to a high standard This role is available at associate vice president level What you’ll do Working with an array of domains, stakeholders, and specialists, you’ll take a proactive role to anticipate and identify security events, incidents, and trends that could adversely impact the bank, our customers, employees, or assets. You’ll contribute to security operations including production support, incident response, and on-call rota, and you’ll carry out and contribute to root cause analysis on security incidents and events, conduct training and scenario planning to prepare for and anticipate future events. As such, you’ll minimise future reoccurrence, and prepare reports and briefings as needed and to a high quality. You’ll also develop and maintain response plans, procedures, and playbooks to increase consistency and effectiveness of response capability. As well as this, you’ll: Proactively identify and effectively manage risks to deliver key security related customer and compliance outcomes, escalating and driving actions as necessary Actively contribute to security operations such as production support, incident response and on-call rota Maintain the end-to-end security response as directed, and ensure that security related services are delivered in line with expectations and that process change is implemented smoothly Act with pace when responding to customer queries and complaints and when responding to security events, make sure that feedback loops are in place to learn how to improve service and response Interrogate and interpret large volumes of data and analyse and assess data to understand trends and causal factors The skills you’ll need We’re looking for someone with a passion for cloud security and automation using Agile and DevOps methodologies, as well as promoting shift-left culture, which integrates security analysis into each CI/CD stage. You’ll have experience with Azure Cloud and security stack including Defender, Azure Sentinel and Azure Security Centre. You’ll also have expertise in automated security assessments and familiarity with third-party security tools integration such as Qualys and Tenable and compliance standards like PCI-DSS. In addition to this, you’ll demonstrate: Experience and knowledge of security controls The ability to communicate technical issues in business terms to range of stakeholders Experience in penetration testing and vulnerability management An understanding of Agile methodologies with experience of working in an Agile team

Netradyne harnesses the power of Computer Vision and Edge Computing to revolutionize the modern-day transportation ecosystem. We are a leader in fleet safety solutions. With growth exceeding 4x year over year, our solution is quickly being recognized as a significant disruptive technology. Our team is growing, and we need forward-thinking, uncompromising, competitive team members to continue to facilitate our growth. Job Title: Senior Cybersecurity Offensive Engineer Location: Netradyne, Bangalore About Netradyne Netradyne is a leader in AI-powered safety and fleet management technology. Our mission is to enhance driver safety, operational efficiency, and overall user experience through innovative and advanced solutions. We are dedicated to building a secure and connected future for the transportation industry by leveraging cutting-edge technology. We are seeking a Senior Cybersecurity Offensive Engineer with 7 to 10 years of hands-on experience in offensive security, penetration testing, and vulnerability assessments. The ideal candidate will play a critical role in strengthening our systems, identifying vulnerabilities, and enhancing our security posture. Roles & Responsibilities Offensive Security Operations Conduct vulnerability assessments and penetration testing on applications, networks, and cloud systems. Execute red team engagements to simulate real-world attacks and identify vulnerabilities and exploitation paths. Threat Analysis & Research Stay updated on the latest cybersecurity threats, vulnerabilities, and attack vectors. Proactively identify and mitigate risks relevant to the transportation and technology sectors. Security Audits & Incident Response Perform regular security audits, including code reviews and architecture assessments. Investigate potential security breaches, recommend corrective actions, and support incident response activities. Collaboration & Training Collaborate with product development, DevOps, and engineering teams to integrate secure practices. Lead internal training programs to promote a security-first culture across the organization. Requirements Experience 7 to 10 years of experience in offensive security, ethical hacking, penetration testing, or related roles. Proven expertise as a Cybersecurity Offensive Engineer or a similar position. Technical Skills Proficiency with security tools such as Burp Suite, Metasploit, Nessus, Nmap, Kali Linux, Qualys, SonarQube, and BlackDuck. Strong understanding of web, network, mobile, and IoT security. In-depth knowledge of OWASP Top 10 and common attack vectors (SQL injection, XSS, CSRF, buffer overflow, etc.). Familiarity with vulnerability management tools (e.g., Qualys, Tenable) and secure coding practices. Hands-on experience with reverse engineering, exploit development, and malware analysis (preferred). Familiarity with DevSecOps tools and processes (static/dynamic code analysis). Knowledge of security frameworks and compliance standards (e.g., OWASP, NIST, SOC, CIS, GDPR, HIPAA, PIPEDA). Programming & Problem-Solving Skills Proficiency in scripting languages like Python, Bash, Ruby, or PowerShell. Familiarity with programming languages such as C, C++, Java, or Go. Strong problem-solving and creative thinking abilities to simulate real-world attacks and devise effective mitigation strategies. Soft Skills Exceptional verbal and written communication skills for documentation and collaboration. Excellent organizational skills and attention to detail. Education & Certification Bachelor’s/Master’s degree in Computer Science, Information Security, or a related field (preferred). Relevant certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Cloud Security Certified Professional (CSCP). This role offers an exciting opportunity to work in a dynamic and fast-paced environment where you can make a significant impact on the security of next-generation technologies. We are committed to an inclusive and diverse team. Netradyne is an equal-opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status, or any legally protected status. If there is a match between your experiences/skills and the Company's needs, we will contact you directly. Netradyne is an equal-opportunity employer. Applicants only - Recruiting agencies do not contact. Recruitment Fraud Alert! There has been an increase in fraud that targets job seekers. Scammers may present themselves to job seekers as Netradyne employees or recruiters. Please be aware that Netradyne does not request sensitive personal data from applicants via text/instant message or any unsecured method; does not promise any advance payment for work equipment set-up and does not use recruitment or job-sourcing agencies that charge candidates an advance fee of any kind. Official communication about your application will only come from emails ending in ‘@netradyne.com’ or ‘@us-greenhouse-mail.io’. Please review and apply to our available job openings at Netradyne.com/company/careers. For more information on avoiding and reporting scams, please visit the Federal Trade Commission's job scams website.

Role: L3-Information Security Job Description: Primary Responsibility would be to manage the organizational practices for the following: Vulnerability Assessment Infrastructure(Cloud/Traditional DC) Penetration Testing Configuration Review Red Teaming Should be able to lead the team for delivery of Vulnerability Management operations. Conduct penetration testing as per the calendar activities and on demand request for Infrastructure Vulnerability Assessment. Conduct Vulnerability Assessment and Penetration Testing on Cloud Environment (AWS, GCP, Azure). Conduct configuration review as per the calendar activities and on demand request for server, database, network components. Identify and propose work around for critical vulnerabilities. Explain vulnerabilities to System owners and provide recommendations for mitigation Monitor progress of vulnerability mitigations and maintain track of remediation Provide advisory support to internal IT team for closure of identified vulnerability during the security testing Coordinate fixing of identified and accepted vulnerabilities with Airtel Payments Bank and Security Vendors. Stay abreast of newer trends in tools and technologies used for application security Develop POCs to demonstrate security issues Qualification: B.Tech, B.E, MCA or equivalent from a Recognized university At least 8 years of experience in similar role Certifications Preferred: OSCP, EC-council LPT. Hands on experience with popular security tools – Nessus, Metasploit, KALI Linux. Working knowledge of CIS Security benchmarks Has practical experience in auditing various OS , DB , Network and Security technologies

Job Description The primary responsibilities of a cloud architect include: Developing cloud strategy: Creating a cloud strategy and plan for adoption Designing cloud architecture: Designing cloud environments that meet the organization's needs Managing cloud resources: Overseeing the integration and migration of systems into the cloud Ensuring security: Developing security frameworks to protect data and applications Monitoring cloud activities: Keeping track of cloud activities and responding to technical issues Advising on cloud use: Providing advice on how to use cloud technology and deal with high-risk situations Developing and implementing cloud governance policies and procedures. Collaborating with teams: Working with IT security, vendors, and other teams Evaluating and selecting cloud applications, hardware, and software that align with business requirements. Designing and organizing cloud systems, including servers, storage, and network infrastructure. Defining best practices for migrating infrastructure, including bulk migrating applications to the cloud. Identifying and recommending cloud architecture solutions that effectively meet the company's needs. Ensuring compliance with relevant industry regulations and security standards. Training and supporting development teams on cloud architecture best practices. Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats. Conducting regular security assessments and audits to identify vulnerabilities and develop plans to address them. Collaborating with other IT professionals, including network engineers, developers, and system administrators, to integrate cloud security measures into existing systems and processes. A strong understanding of cloud computing technologies, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Knowledge of security frameworks such as ISO 27001, NIST Cybersecurity Framework, and CIS Controls. Operational experience in Tenable Cloud security application is a must Technical Skills Extensive knowledge of cloud computing technologies and current trends. Proficiency in cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform. Understanding of application architecture, orchestration, virtualization, and security protocols. Familiarity with programming languages like Python, Java, and C#. Experience with infrastructure as code (IaC) and automation technologies. Knowledge of networking concepts, including DNS, TCP/IP, and HTTP. Expertise in big data architecture, cost management, and disaster recovery planning. Familiarity with cloud security best practices, including encryption, access controls, and identity management. Understanding of cloud governance and compliance requirements. Having hands-on experience on Cloud governance which includes Data privacy, Risk management, Security and compliance management, Data quality, Data lifecycle management and ownership Continuous integration and delivery (CI/CD): Writing scripts to automatically integrate new code and features into the deployment environment Automation: Using automation to make software development more consistent, reliable, and efficient Infrastructure as Code (IaC): Using scripts to automatically configure the deployment environment Configuration management: Using tools to automate the provisioning and configuration of infrastructure and servers DevOps engineers use tools like Ansible, Puppet, Chef, Docker, and Kubernetes to perform their duties. Design and implement cloud security architecture, including Identity and Access Management (IAM) Monitor for security risks, vulnerabilities, and controls Analyze, log, and respond to incidents in the cloud environment Conduct threat simulations and penetration tests to identify potential threats Manage cryptography and encryption for cloud-based data Ensure that policies and processes are in place to protect business data Certifications such as Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), or Certified Cloud Architect (CCA) are preferred. At Nextracker, we are leading in the energy transition, providing the most comprehensive portfolio of intelligent solar tracker and software solutions for solar power plants, as well as strategic services to capture the full value of solar power plants for our customers. Our talented worldwide teams are transforming PV plant performance every day with smart technology, data monitoring and analysis services. For us at Nextracker, sustainability is not just a word. It's a core part of our business, values and our operations. Our sustainability efforts are based on five cornerstones: People, Community, Environment, Innovation, and Integrity. We are creative, collaborative and passionate problem-solvers from diverse backgrounds, driven by our shared mission to provide smart solar and software solutions for our customers and to mitigate climate change for future generations. Culture is our Passion

Vulnerability Identification & Assessment: Manage and oversee vulnerability scanning tools (Qualys, Tenable, Rapid7, etc.). Analyze vulnerability data from multiple sources and assess the impact on business operations. Perform risk assessments and categorize vulnerabilities based on severity and exploitability. Remediation & Risk Mitigation:Collaborate with IT and development teams to ensure timely remediation of identified vulnerabilities. Prioritize vulnerabilities based on risk to the business and potential exploitability. Track remediation efforts and ensure proper closure of security gaps. Process & Policy Development:Define and maintain vulnerability management policies, standards, and procedures. Establish workflows for vulnerability detection, reporting, remediation, and validation. Ensure compliance with security frameworks such as NIST, CIS, ISO 27001, and regulatory standards like GDPR, HIPAA, and PCI-DSS. Security Monitoring & Threat Intelligence Integration:Work with threat intelligence teams to understand emerging threats and vulnerabilities. Ensure vulnerability management aligns with incident response and threat-hunting processes. Continuously enhance detection mechanisms to improve vulnerability discovery and response. Compliance & Audit Readiness:Ensure that vulnerability management practices align with regulatory and compliance requirements. Maintain records of assessments, remediation efforts, and compliance reports for audits. Support internal and external audits related to vulnerability management. Reporting & Metrics: Develop and present vulnerability status reports to security leadership and executive teams. Track key performance indicators (KPIs) related to vulnerability remediation SLAs and risk reduction Provide insights on security posture improvements based on trend analysis. Security Awareness & Collaboration:Conduct training sessions to educate teams on vulnerability risks and remediation best practices. Work closely with DevSecOps, SOC, and infrastructure teams to integrate security best practices into the development lifecycle Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Vulnerability Management Preferred technical and professional experience Qualys

Who We Are: Take-Two Interactive Software, Inc. is a leading developer, publisher, and marketer of interactive entertainment for consumers around the globe. The Company develops and publishes products principally through Rockstar Games, 2K, Private Division, and Zynga. Our products are currently designed for console gaming systems, PC, and Mobile, including smartphones and tablets, and are delivered through physical retail, digital download, online platforms, and cloud streaming services. The Company’s common stock is publicly traded on NASDAQ under the symbol TTWO. While our offices (physical and virtual) are casual and inviting, we are deeply committed to our core tenets of creativity, innovation and efficiency, and individual and team development opportunities. Our industry and business are continually evolving and fast-paced, providing numerous opportunities to learn and hone your skills. We work hard, but we also like to have fun, and believe that we provide a great place to come to work each day to pursue your passions. What You’ll Take On Analyze vulnerability scan results from scanning tools and threat intel to identify risks, prioritize remediation based on regulatory and business requirements, while leveraging the tool's capabilities for asset grouping, dynamic analysis, and reporting. Develop and execute remediation plans in close collaboration with technical teams across our Label subsidiaries (Zynga, Rockstar, 2K) and development studios documenting and tracking progress within our ticketing and workflow management system. Lead validation of remediation effectiveness through post-remediation assessments, leveraging scanning tools for rescans and confirming closure within our ticketing and workflow management system. Enforce patch compliance by tracking deployments, managing exceptions, and ensuring adherence to SLAs, utilizing our ticketing and workflow management system for assignment, tracking, and escalation of exceptions, informed by scanning tool data. Monitor and report remediation progress, providing detailed metrics, trends, and outstanding issues, generating reports directly from our ticketing and workflow management system and leveraging scanning tool data for context. Communicate remediation updates to stakeholders, addressing potential business impacts, utilizing our ticketing and workflow management system for clear communication and workflow updates. Collaborate with the broader Information Security team to align remediation with the overall security strategy, leveraging insights from our scanning and ticketing/workflow management tools to inform strategic decisions. Build strong partnerships with teams across our Labels to foster an integrated vulnerability management approach, utilizing our ticketing and workflow management system as the central platform for collaboration and tracking. Work with engineering to maintain integrations between our scanning tools and ticketing/workflow management system to ensure seamless data flow and efficient workflow automation. Develop and customize workflows within our ticketing and workflow management system to optimize the vulnerability remediation lifecycle. Create and maintain dashboards and reports within both our scanning tools and ticketing/workflow management system to provide clear visibility into the vulnerability landscape and remediation progress. Troubleshoot issues related to scanning processes, data ingestion into our ticketing system, and the overall functionality of the vulnerability management toolset. What You Bring 3+ years in a security operations role, with a focus on vulnerability management, patching, and remediation workflows. Hands-on experience with vulnerability scanners (Tenable, Qualys, Rapid7) and enterprise patching platforms (SCCM, JAMF). Strong familiarity with workflow/ticketing systems like ServiceNow, Jira, or similar — including workflow automation, dashboarding, and reporting. A deep understanding of common vulnerabilities, CVSS scoring, EPSS, KEV, threat exposure, and remediation best practices across OS, network, and application layers. Comfort working cross-functionally with infrastructure, development, and support teams to drive remediation at scale. Strong scripting or automation experience is a plus (Python, PowerShell, API integration). Excellent communication skills — able to explain technical risk to non-technical stakeholders and influence without authority. Security certifications (e.g., SecurityX / CASP+, CySA+, GEVA, ) are a plus, but not required. What We Offer You Great Company Culture. We pride ourselves as being one of the most creative and innovative places to work, creativity, innovation, efficiency, diversity and philanthropy are among the core tenets of our organization and are integral drivers of our continued success. Growth: As a global entertainment company, we pride ourselves on creating environments where employees are encouraged to be themselves, inquisitive, collaborative and to grow within and around the company. Work Hard, Enjoy Life. Our employees’ bond, blow-off steam, and flex some creative muscles – through corporate boot camp classes, company parties, our Office gaming spaces, game release events, monthly socials, and team challenges. Benefits. Benefits include, but are not limited to; Discretionary bonus, Provident fund contributions, 1+5 medical insurance + top up options and access to Practo online Doctor consultation App, Employee assistance program, 3X CTC Life Assurance, 3X CTC Personal accident insurance, childcare services, 20 days holiday + statutory holidays, Perks. Gym reimbursement up to INR1150 per month, wellbeing program with the chance to earn up to $93 per annum, charitable giving program, access to learning platforms, employee discount program’s plus free games and events! Please be aware that Take-Two does not conduct job interviews or make job offers over third-party messaging apps such as Telegram, WhatsApp, or others. Take-Two also does not engage in any financial exchanges during the recruitment or onboarding process, and the Company will never ask a candidate for their personal or financial information over an app or other unofficial chat channel. Any attempt to do so may be the result of a scam or phishing exercise. Take-Two’s in-house recruitment team will only contact individuals through their official Company email addresses (i.e., via a take2games.com email domain). If you need to report an issue or otherwise have questions, please contact Careers@take2games.com.* As an equal opportunity employer, Take-Two Interactive Software, Inc. (“Take-Two”) is committed to fostering and celebrating the diverse thoughts, cultures, and backgrounds of its talent, partners, and communities throughout its organization. Consistent with this commitment, Take-Two does not discriminate or retaliate against any employee or job applicant because of their race, color, religion, sex (including pregnancy, sexual orientation, and gender identity), national origin, age, disability, and genetic information (including family medical history), or on the basis of any other trait protected by applicable law. If you need to report a concern or have questions regarding Take-Two’s equal opportunity commitment, please contact Careers@take2games.com.

SENIOR EXPERT ENGINEER role for the Vulnerability Management Services team. Designation Senior Expert Engineer Location Mumbai ( Onsite) Experience 5 to 8 years Here are the Job Responsibilities Execute vulnerability scanning and manage VM programs for clients Complete the projects within budgeted efforts and agreed timelines with high quality deliverables - Perform vulnerability scanning using different scanning solutions including SAINT, Nessus, Tenable.io, Tenable.sc, Qualys, etc. - Gain good understanding of client network architecture and infrastructure to be scanned - Be involved in threat identification, vulnerability identification and control analysis - Develop customized reports and dashboards as per client expectations - Be proactive in project planning and execution - Perform likelihood determination, impact analysis and risk determination - Showcase prioritization of risks including solution recommendation and documentation - Identify and infer the business risk posed by the weaknesses identified during the assessments - Engage with both business and technical teams within and outside the organization from a project scope definition, project execution, project closure perspectives Skills required 5+ year of experience in Vulnerability Scanning - Expertise in Vulnerability Scanning tools such as Qualys, Tenable, Rapid7, etc. - Experience with understanding and explaining vulnerabilities to stakeholders - Good knowledge of various platforms such as Windows, Linux, Unix, Mac OS, Cisco, Juniper, etc. - Insights on standards such as PCIDSS, CIS Benchmarks, etc. - Flexible in working on challenging activities and creative in problem solving - Good communication and writing skills with ability to talk fluently

Who is Tenable? Tenable® is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey! What makes Tenable such a great place to work? Ask a member of our team and they’ll answer, “Our people!” We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you’re part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together! Your Role The Senior Customer Success Manager (Sr. CSM) acts as a trusted advisor for strategic accounts, driving customer retention, expansion, and satisfaction. Building on foundational customer success practices, the Sr. CSM takes ownership of complex accounts, proactively addressing adoption challenges and delivering measurable business outcomes. This role leverages advanced knowledge of Tenable’s product suite to develop tailored strategies that align customer goals with organizational solutions. The Sr. CSM collaborates across internal teams to resolve escalations, guide advanced product adoption, and ensure alignment between customer objectives and business priorities. Your Opportunity Lead the onboarding process for high-value or complex accounts, ensuring a seamless transition and establishing a strong foundation for success. Build and maintain strategic relationships with senior stakeholders, acting as a trusted advisor to align customer goals with organizational solutions. Own and execute renewal and expansion strategies by applying the MEDDPICC sales methodology, while using metrics like adoption rates and customer satisfaction scores to monitor success and refine approaches. Proactively monitor customer health metrics to identify risks, mitigate challenges, and implement advanced adoption strategies aligned with customer goals. Leverage advanced technical knowledge of Tenable’s product suite to design and implement tailored adoption strategies, ensuring alignment with the objectives of high-value or complex accounts. Advocate for customers internally by capturing and communicating feedback to influence product roadmaps, service enhancements, and business priorities. Collaborate with cross-functional teams, including Marketing, Sales, Professional Services, Engineering, Finance, Training, and Support, to align efforts and deliver impactful customer outcomes. Mentor Associate and Customer Success Managers, providing guidance on best practices, professional growth, and adoption strategies. Contribute to refining customer success frameworks, tools, and processes by providing feedback and actionable insights from the field. What You'll Need BA/BS degree or equivalent work experience, with 8+ years in customer-facing roles, including 5+ years in account management, sales, or similar positions focused on customer retention, growth, and engagement. Proven expertise in managing high-value SaaS or subscription-based accounts, driving adoption and delivering measurable outcomes. Strong relationship management skills, with the ability to engage senior stakeholders and align solutions to business objectives. Demonstrated success in meeting or exceeding renewal and expansion targets while maintaining high customer satisfaction. Deep understanding of Customer Success best practices, including metrics-driven approaches to customer health and adoption. Exceptional communication (written and verbal), problem-solving, and time-management skills. Proficiency in tools such as Salesforce.com and Google Suite, with the ability to learn new technologies quickly. Ability to manage multiple accounts and priorities in a fast-paced, revenue-focused environment. Experience mentoring or coaching team members, with a collaborative and team-oriented mindset. Willingness to travel occasionally, typically a few times per year, to support customer engagements or attend business events such as Sales Kickoff or training sessions. We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels. If you need a reasonable accommodation due to a disability during the application or recruiting process, please contact Recruiting@Tenable.com for further assistance. Tenable Data Consent Statement Tenable is committed to protecting the privacy and security of your personal data. This Notice describes how we collect and use your personal data during and after your working relationship with us, in accordance with the General Data Protection Regulation (“GDPR”). Please click here to review. For California Residents: The California Consumer Privacy Act (CCPA) requires that Tenable advise you of certain rights related to the collection of your private information. Please click here to review.

Who is Tenable? Tenable® is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey! What makes Tenable such a great place to work? Ask a member of our team and they’ll answer, “Our people!” We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you’re part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together! Your Role The Senior Customer Success Manager (Sr. CSM) acts as a trusted advisor for strategic accounts, driving customer retention, expansion, and satisfaction. Building on foundational customer success practices, the Sr. CSM takes ownership of complex accounts, proactively addressing adoption challenges and delivering measurable business outcomes. This role leverages advanced knowledge of Tenable’s product suite to develop tailored strategies that align customer goals with organizational solutions. The Sr. CSM collaborates across internal teams to resolve escalations, guide advanced product adoption, and ensure alignment between customer objectives and business priorities. Your Opportunity Lead the onboarding process for high-value or complex accounts, ensuring a seamless transition and establishing a strong foundation for success. Build and maintain strategic relationships with senior stakeholders, acting as a trusted advisor to align customer goals with organizational solutions. Own and execute renewal and expansion strategies by applying the MEDDPICC sales methodology, while using metrics like adoption rates and customer satisfaction scores to monitor success and refine approaches. Proactively monitor customer health metrics to identify risks, mitigate challenges, and implement advanced adoption strategies aligned with customer goals. Leverage advanced technical knowledge of Tenable’s product suite to design and implement tailored adoption strategies, ensuring alignment with the objectives of high-value or complex accounts. Advocate for customers internally by capturing and communicating feedback to influence product roadmaps, service enhancements, and business priorities. Collaborate with cross-functional teams, including Marketing, Sales, Professional Services, Engineering, Finance, Training, and Support, to align efforts and deliver impactful customer outcomes. Mentor Associate and Customer Success Managers, providing guidance on best practices, professional growth, and adoption strategies. Contribute to refining customer success frameworks, tools, and processes by providing feedback and actionable insights from the field. What You'll Need BA/BS degree or equivalent work experience, with 8+ years in customer-facing roles, including 5+ years in account management, sales, or similar positions focused on customer retention, growth, and engagement. Proven expertise in managing high-value SaaS or subscription-based accounts, driving adoption and delivering measurable outcomes. Strong relationship management skills, with the ability to engage senior stakeholders and align solutions to business objectives. Demonstrated success in meeting or exceeding renewal and expansion targets while maintaining high customer satisfaction. Deep understanding of Customer Success best practices, including metrics-driven approaches to customer health and adoption. Exceptional communication (written and verbal), problem-solving, and time-management skills. Proficiency in tools such as Salesforce.com and Google Suite, with the ability to learn new technologies quickly. Ability to manage multiple accounts and priorities in a fast-paced, revenue-focused environment. Experience mentoring or coaching team members, with a collaborative and team-oriented mindset. Willingness to travel occasionally, typically a few times per year, to support customer engagements or attend business events such as Sales Kickoff or training sessions. We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels. If you need a reasonable accommodation due to a disability during the application or recruiting process, please contact Recruiting@Tenable.com for further assistance. Tenable Data Consent Statement Tenable is committed to protecting the privacy and security of your personal data. This Notice describes how we collect and use your personal data during and after your working relationship with us, in accordance with the General Data Protection Regulation (“GDPR”). Please click here to review. For California Residents: The California Consumer Privacy Act (CCPA) requires that Tenable advise you of certain rights related to the collection of your private information. Please click here to review.

Position Overview: The Enterprise Account Manager will play a critical role in managing and nurturing existing enterprise accounts, with a primary focus on farming and upselling opportunities. This individual will build strong relationships with clients, identify their evolving needs, and deliver tailored solutions that enhance their cybersecurity posture. Key Responsibilities: Manage a portfolio of enterprise accounts, ensuring high levels of customer satisfaction and engagement. Identify opportunities for upselling and cross-selling additional products and services within existing accounts. Conduct regular check-ins and business reviews with clients to understand their evolving needs and challenges. Collaborate with technical teams to deliver tailored solutions that address client-specific requirements. Develop and execute account growth strategies to meet or exceed revenue targets. Maintain detailed records of account activities, sales opportunities, and customer interactions in CRM. Stay informed about industry trends, competitor offerings, and emerging cybersecurity threats to provide informed recommendations to clients. Work closely with marketing and product teams to ensure alignment on client needs and feedback. Serve as a trusted advisor to clients, advocating for their needs within the organization. Qualifications: Bachelor’s degree in Business, Marketing, or a related field; MBA preferred. 5+ years of experience in account management, sales, or a related role, preferably in the cybersecurity industry. Proven track record of success in farming existing accounts and driving revenue growth through upselling. Strong understanding of cybersecurity products, services, and industry trends. Excellent communication, interpersonal, and negotiation skills. Ability to build and maintain strong relationships with clients and internal stakeholders. Strong analytical skills and a strategic mindset. Proficiency in CRM software and sales analytics tools. Willingness to travel as needed to meet clients and attend industry events. Desired Skills: Basic understanding of cybersecurity concepts – SOC & SIEM Tools Knowledge of Tools like Imperva, CyberArk, Zscaler, Palo Alto, Tenable, DLP, FIM, WAF, CyberArk etc.

Condé Nast is a global media company producing the highest quality content with a footprint of more than 1 billion consumers in 32 territories through print, digital, video and social platforms. The company’s portfolio includes many of the world’s most respected and influential media properties including Vogue, Vanity Fair, Glamour, Self, GQ, The New Yorker, Condé Nast Traveler/Traveller, Allure, AD, Bon Appétit and Wired, among others. Job Description Location: Chennai, TN To deliver the above, we are recruiting for the post of Security Operations Centre (SOC) Analyst. The SOC analyst will, reporting to the SOC Manager, participate in the securing of Conde Nast assets across global markets by delivering a dedicated, focused and high-performing function to the organisation, which includes; Security Event Monitoring Event Triage and Escalation Insider Threat monitoring and management Security Incident Analysis and Response Vulnerability Management Threat Review and Analysis Threat Hunting Escalation point for SOC The SOC Analyst will have the opportunity to develop skills across a broad range of security tools and solutions, many of which will be cutting-edge. Required Skills: Minimum 8 years of Security Operations experience with at least 7 years of experience working with event monitoring and management, preferably in a SOC setting. 24X7 Security Operations Centre (SOC) and ensure seamless delivery of monitoring service and SLA management Coordinate with global stakeholders to understand the infrastructure, application, and business process to understand the threat hunting and SOC Monitoring coverage. Supporting SIEM platforms to ensure adequate log source integrations and fine-tuning Demonstrated experience with endpoint telemetry, Malware analysis tools, Exploit kits and SIEM platforms(Splunk/IBM QRadar/ArcSight/Logrhythm) Tactically supports the Vulnerability Management (VM), in the areas of the security patch and remediation management, must have experience in(Rapid7, Nessus, Tenable or others) Work with the security Engineer to ensure all security tools and solutions are properly configured and maintained. Incident Response - Escalation point of contact for incident response activities and acts as needed as Incident manager to ensure proper protection or corrective measures have been taken, and follows procedures to contain, analyse, and eradicate malicious activity Threat Hunting - Leverages emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack. Experience with TIPs will be beneficial in developing the hypothesis. SPAM/Phishing analysis - Executes analysis of email-based threats to include understanding of email communications, platforms, headers, transactions, and identification of malicious tactics, techniques, and procedures In-depth knowledge of cyber defensive and offensive techniques, malware families and adversary tactics, techniques and procedures, MITRE ATT&CK, NIST Frameworks Knowledge of Cloud infrastructure and security(AWS, GCP and Azure). In-depth knowledge of Antivirus - McAfee/Symantec/Sophos In-depth knowledge of EDR solutions(Sophos XDR/Crowdstrike/FireEye HX/SentinelOne/McAfee EDR/Symantec EDR) Hands-on experience in managing any of the SOAR solutions (Rapid7 SOAR/InsightConnect/Swimlane/IBM Security Resilient) Sound working knowledge of firewalls and VPNs: Palo-alto/FortiGate, VPN: Appgate VPN/Any other VPN Hands-on experience with Network Detection and Response tools (Rapid7, Cortex or any other NDR tools) Fundamental knowledge of the principles of Identity and access management Fundamental knowledge of Encryption & PKI. Good understanding of Proxies, WAF, Cyber deception technology, Windows, UNIX/Linux Security best practices Provides audit, analysis, and material support for cyber-related validation, certification, standards, governance, process, infrastructure, deployment and ongoing maintenance. Experience in using a scripting language to automate tasks. Good communication and presentation skills Experience of working in a fast-paced, globally dispersed environment Good analytical, problem-solving solving and interpersonal skills Educational Qualifications: B.Tech/M.Sc IT Certification CompTia Security+, CompTia CySA+, SIEM Associate Admin or any similar SIEM admin certification SSCP or similar certification What happens next? If you are interested in this opportunity, please apply below, and we will review your application as soon as possible. You can update your resume or upload a cover letter at any time by accessing your candidate profile. Condé Nast is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, age, familial status and other legally protected characteristics.

OT Vulnerability Management Specialist Experience - 7-13 Years Job location - Mumbai Quick joiners are preferred Perform vulnerability scans and assessments within OT environments, aligning with safety regulations and operational restrictions. Drive patch advisory tracking, remediation planning, and compliance reporting. • Experience with passive scanning in ICS networks • Risk scoring with CVSS, EPSS, and prioritization frameworks • Patch impact analysis and phased deployment planning • Reporting aligned with IEC 62443 risk models • Skilled in tools such as Tenable OT, Rapid7, Qualys, TXOne Element. • Maps CVEs to OT asset impact based on function and criticality. • Recommends compensating controls for non-patchable systems. • Reports vulnerability trends, backlog status, and mitigation priorities.

About the Company - Kempegowda International Airport, Bengaluru (KIAB/ BLR Airport), named after founder of the City – Hiriya Kempegowda – has the unique distinction of being the first Greenfield Airport in India, established on a Public-Private Partnership (PPP) model. This heralded a revolution in Indian aviation, as more airports in the Country were privatised, thereafter. Responsibilities - Managed XDR Operations: Oversee threat detection, threat prevention, identity and access management, and incident response activities. Optimize the performance of managed XDR solutions to proactively identify and mitigate risks. Ensure a well-defined incident response plan is in place and regularly tested through simulations. Continuously improve detection and response capabilities based on threat intelligence and industry trends. Regularly review and update playbooks to address emerging threats and advanced attack techniques. Conduct post-incident reviews to identify lessons learned and improve processes. Monitor and evaluate partner performance, addressing any issues related to quality, cost, or delivery. Manage escalations as per contracted frameworks. Ensure unresolved escalations are tabled in governance forums and taken up for resolution. Drive the resolution of such escalations by working with all concerned stakeholders Review and provide feedback on periodic process, SLAs and KPI reports published by various ICT teams Escalate process compliance issues to senior leadership along with suggestion on remediation plan Review all Change Requests and provide insight & recommendations ensuring CRs/amendments are fit for purpose, negotiated and executed by working with all stakeholders. Execution of Security Projects: Lead and manage the successful delivery of cybersecurity projects, ensuring they align with business needs. Define clear project milestones, KPIs, and timelines to track progress effectively. Collaborate with internal and external stakeholders to ensure smooth implementation. Transition completed projects into ongoing operations with defined ownership and support mechanisms. Anticipate potential challenges and implement proactive risk management strategies. Financial Management: Oversee the development, management, and monitoring of the InfoSec budget, ensuring optimal allocation of resources. Accountability of budgeting and periodic financial forecasting for InfoSec – ensuring that the inputs on budgeting and forecasting are as per agreed frequency. Analyze and report on InfoSec financial performance, providing insights and recommendations for cost optimization, return on investment (ROI) and/ or Value Realization. Prepare and track InfoSec PRs and invoice processing and subsequent payments to partners and vendors. Ensure all InfoSec vendor payments are validated and approved by respective InfoSec teams and are aligned to agreed vendor payments terms and conditions. Track vendor payments against approved amount in InfoSec budget. Publish reports on InfoSec Financial Management to ICT leadership for review Security Architecture: Develop and implement a robust security architecture framework that integrates IT and OT systems. Evaluate and recommend security technologies and tools to improve organizational resilience. Ensure scalability, flexibility, and future-readiness of the security architecture. Conduct regular architecture reviews to ensure compliance with evolving standards and business changes. Provide technical leadership on emerging technologies and trends, such as Zero Trust and Secure Access Service Edge (SASE). Act as the primary SPOC for InfoSec in ARB (Architecture Review Board), ensuring terms and conditions are favorable and aligned with BIAL’s strategic information security goals. Regularly review deployments for compliance with organizational policies, regulatory requirements, ARB approvals and industry standards. Use insights gained from project performance to refine future ARBs, driving continuous improvement in partner selection, infosec requirements, service delivery and cost management. Maintain accurate and up-to-date records of all contractual communications, amendments, and performance evaluations. ICS Security: Develop and enforce security policies and controls for Industrial Control Systems (ICS) and Operational Technology (OT). Work closely with BIAL Projects and E&M teams to design secure processes for OT systems/ ICS. Perform regular vulnerability assessments and penetration testing of OT systems. Ensure alignment with BIAL Operational Technology Cybersecurity Policy and other relevant ICS/OT-specific security standards, such as IEC 62443. Establish monitoring mechanisms to detect and respond to threats in real-time within OT environments. Governance, Risk, and Compliance (GRC): Develop, implement, and maintain information security policies and governance frameworks. Conduct periodic risk assessments and audits to identify vulnerabilities and ensure regulatory compliance, both internally and with external partners. Provide regular updates to executive leadership on the organization’s risk profile and mitigation strategies. Manage relationships with regulatory authorities and ensure timely reporting of compliance metrics. Promote a culture of security awareness and responsibility throughout the organization. Ensure the maintenance of the BIAL’s certifications and standards, including ISO 27001:2022. Strategic Leadership: Provide strategic direction and leadership to the InfoSec team, fostering a culture of excellence and continuous improvement. Drive innovation in information security solutions and practices, ensuring the organization remains competitive and forward-looking. Act as a key advisor to senior management on Information Security matters, contributing to strategic decision-making. Qualifications: Bachelor’s degree in computer science, Information Security, or a related field (Master’s degree preferred). Certifications such as CISSP, CISM, CISA, CEH, or equivalent are highly desirable. A minimum of 12 years of experience in information security, with at least 5 years in a leadership role. Required Skills: Comprehensive understanding of cybersecurity frameworks, technologies, and methodologies (e.g., NIST CSF, ISO 27001, MITRE ATT&CK, ITIL v3, PMP, TOGAF, ISO 20k & 27k and COBIT). Expertise in managed XDR operations, incident response, threat intelligence, and identity management. Familiarity with security architecture principles, ICS/OT security frameworks, and industrial protocols. Strong knowledge of GRC principles and regulatory standards applicable to the industry. Proficient in process improvement and development practices. Strong knowledge of SLA & service management, contract negotiation, and operations management. Knowledge with InfoSec tools like: AV/EDR, Data Leakage Prevention, Metasploit, TripWire, Rapid7, Tenable, Snort, Nessus, Burp Suite, Appscan, Nmap, Wireshark, Firewalls, SIEM, SOAR, , SASE, CASB, PIM/PAM, WAF, O365 suite (Intune, Conditional access, Data classification and protection). Preferred Skills: Experience in driving initiatives centered on continuous improvement, innovation, execution excellence, customer centricity and automation. Leadership and strategic planning skills to align cybersecurity with organizational goals. Analytical and problem-solving skills for assessing threats, vulnerabilities, and risks in complex environments. Exceptional communication and stakeholder management skills to influence decision-making and secure buy-in. Technical expertise in deploying advanced security tools and technologies. Proven ability to lead cross-functional teams, drive organizational change, and manage complex projects. Ability to build and maintain relationships with internal teams, partners, and external vendors.

Summary Position Summary Job title: IoT/OT Cybersecurity - Sr. Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do Roles & Responsibilities: Cybersecurity Strategy Development Develop and implement comprehensive cybersecurity strategies tailored for IoT and OT environments to safeguard critical infrastructure and data. This involves understanding the specific security needs of various IoT and OT systems and creating bespoke strategies to address them. Risk Assessment Conduct security risk assessments and vulnerability analyses on IoT and OT systems, identifying potential threats and proposing mitigation strategies. This includes regular audits and compliance checks to ensure security measures are up-to-date. Solution Implementation Design, deploy, and manage IoT and OT cybersecurity solutions, ensuring robust protection against cyber threats. This requires hands-on experience with IoT and OT security technologies, as well as the ability to customize and integrate these solutions into existing infrastructures. Compliance and Standards Ensure adherence to relevant industry standards, regulations, and best practices (e.g., NIST, ISO/IEC 27001, IEC 62443). This involves staying informed about changes in regulatory requirements and adjusting strategies accordingly. Incident Response: Develop and implement incident response plans for IoT and OT environments, including detection, analysis, containment, eradication, and recovery. This also involves conducting regular drills and simulations to ensure preparedness. Training and Awareness Conduct cybersecurity training and awareness programs for staff, promoting best practices and ensuring a security-conscious culture. Creating educational materials and leading workshops or seminars. Stakeholder Collaboration Work closely with cross-functional teams, including IT, engineering, and operations, to integrate cybersecurity measures into IoT and OT projects. Excellent communication and collaboration skills to ensure all stakeholders are aligned. Continuous Improvement Stay updated with the latest trends, technologies, and threat landscapes in IoT and OT cybersecurity, continuously enhancing security measures. Participating in industry conferences, webinars, and other professional development opportunities. Required Skills Understanding of: IoT and OT protocols: OPC UA, Modbus, Profibus, Profinet, DNP3, MQTT, Zigbee etc. Industrial Network Architectures: ZTNA, Purdue Model, Software Defined Network Segmentation Experience in deployment or operations of at-least one of the following solutions: OT Security Monitoring: Clority, Nozomi, Defender for IoT, Cisco Cyber Vision, Dragos, Palo Alto IoT Security, Tenable. OT etc. Knowledge of regulatory and compliance frameworks such as ISA/IEC 62443, NIST 800-82, NOG 104 Strong networking experience with understanding of switches, routers configuration. Proficiency in cybersecurity tools and platforms such as SIEM, IDS/IPS, firewalls, and vulnerability management solutions. Qualification Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Preferred specialization in Cyber Physical Systems (CPS) or IoT Security 7+ years of experience in cybersecurity, with a focus on IoT and OT environments. Proven track record of successfully securing IoT and OT systems for large organizations. Relevant certifications such as CISSP, CISM, CEH, or equivalent. Great to have IoT/OT certifications such as GICSP, GRIP or ISA 62443 Great to have networking certifications such as CCNA, CCNP etc. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2024. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300471

Summary Position Summary Job title: IoT/OT Cybersecurity - Sr. Consultant About At Deloitte, we do not offer you just a job, but a career in the highly sought-after risk Management field. We are one of the business leaders in the risk market. We work with a vision to make the world more prosperous, trustworthy, and safe. Deloitte’s clients, primarily based outside of India, are large, complex organizations that constantly evolve and innovate to build better products and services. In the process, they encounter various risks and the work we do to help them address these risks is increasingly important to their success—and to the strength of the economy and public security. By joining us, you will get to work with diverse teams of professionals who design, manage, and implement risk-centric solutions across a variety of domains. In the process, you will gain exposure to the risk-centric challenges faced in today’s world by organizations across a range of industry sectors and become subject matter experts in those areas. Our Risk and Financial Advisory services professionals help organizations effectively navigate business risks and opportunities—from strategic, reputation, and financial risks to operational, cyber, and regulatory risks—to gain competitive advantage. We apply our experience in ongoing business operations and corporate lifecycle events to help clients become stronger and more resilient. Our market-leading teams help clients embrace complexity to accelerate performance, disrupt through innovation, and lead in their industries. We use cutting-edge technology like AI/ML techniques, analytics, and RPA to solve Deloitte’s clients ‘most complex issues. Working in Risk and Financial Advisory at Deloitte US-India offices has the power to redefine your ambitions. The Team Cyber & Strategic Risk We help organizations create a cyber-minded culture, reimagine risk to uncover strategic opportunities, and become faster, more innovative, and more resilient in the face of ever-changing threats. We provide intelligence and acuity that dynamically reframes risk, transcending a manual, reactive paradigm. The cyber risk services—Identity & access management (IAM) practice helps organizations in designing, developing, and implementing industry-leading IAM solutions to protect their information and confidential data, as well as help them build their businesses and supporting technologies to be more secure, vigilant, and resilient. The IAM team delivers service to clients through following key areas: User provisioning Access certification Access management and federation Entitlements management Work you’ll do Roles & Responsibilities: Cybersecurity Strategy Development Develop and implement comprehensive cybersecurity strategies tailored for IoT and OT environments to safeguard critical infrastructure and data. This involves understanding the specific security needs of various IoT and OT systems and creating bespoke strategies to address them. Risk Assessment Conduct security risk assessments and vulnerability analyses on IoT and OT systems, identifying potential threats and proposing mitigation strategies. This includes regular audits and compliance checks to ensure security measures are up-to-date. Solution Implementation Design, deploy, and manage IoT and OT cybersecurity solutions, ensuring robust protection against cyber threats. This requires hands-on experience with IoT and OT security technologies, as well as the ability to customize and integrate these solutions into existing infrastructures. Compliance and Standards Ensure adherence to relevant industry standards, regulations, and best practices (e.g., NIST, ISO/IEC 27001, IEC 62443). This involves staying informed about changes in regulatory requirements and adjusting strategies accordingly. Incident Response: Develop and implement incident response plans for IoT and OT environments, including detection, analysis, containment, eradication, and recovery. This also involves conducting regular drills and simulations to ensure preparedness. Training and Awareness Conduct cybersecurity training and awareness programs for staff, promoting best practices and ensuring a security-conscious culture. Creating educational materials and leading workshops or seminars. Stakeholder Collaboration Work closely with cross-functional teams, including IT, engineering, and operations, to integrate cybersecurity measures into IoT and OT projects. Excellent communication and collaboration skills to ensure all stakeholders are aligned. Continuous Improvement Stay updated with the latest trends, technologies, and threat landscapes in IoT and OT cybersecurity, continuously enhancing security measures. Participating in industry conferences, webinars, and other professional development opportunities. Required Skills Understanding of: IoT and OT protocols: OPC UA, Modbus, Profibus, Profinet, DNP3, MQTT, Zigbee etc. Industrial Network Architectures: ZTNA, Purdue Model, Software Defined Network Segmentation Experience in deployment or operations of at-least one of the following solutions: OT Security Monitoring: Clority, Nozomi, Defender for IoT, Cisco Cyber Vision, Dragos, Palo Alto IoT Security, Tenable. OT etc. Knowledge of regulatory and compliance frameworks such as ISA/IEC 62443, NIST 800-82, NOG 104 Strong networking experience with understanding of switches, routers configuration. Proficiency in cybersecurity tools and platforms such as SIEM, IDS/IPS, firewalls, and vulnerability management solutions. Qualification Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Preferred specialization in Cyber Physical Systems (CPS) or IoT Security 7+ years of experience in cybersecurity, with a focus on IoT and OT environments. Proven track record of successfully securing IoT and OT systems for large organizations. Relevant certifications such as CISSP, CISM, CEH, or equivalent. Great to have IoT/OT certifications such as GICSP, GRIP or ISA 62443 Great to have networking certifications such as CCNA, CCNP etc. How You’ll Grow At Deloitte, we’ve invested a great deal to create a rich environment in which our professionals can grow. We want all our people to develop in their own way, playing to their own strengths as they hone their leadership skills. And, as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposure to leaders, sponsors, coaches, and challenging assignments—to help accelerate their careers along the way. No two people learn in the same way. So, we provide a range of resources including live classrooms, team-based learning, and eLearning. DU: The Leadership Center in India, our state-of-the-art, world-class learning Center in the Hyderabad offices is an extension of the Deloitte University (DU) in Westlake, Texas, and represents a tangible symbol of our commitment to our people’s growth and development. Explore DU: The Leadership Center in India . Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy, centered, confident, and aware. Deloitte is committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. We offer well-being programs and are continuously looking for new ways to maintain a culture that is inclusive, invites authenticity, leverages our diversity, and where our people excel and lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationships with Deloitte’s clients, our people and our communities. We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Recruiting tips Finding the right job and preparing for the recruitment process can be tricky. Check out tips from our Deloitte recruiting professionals to set yourself up for success. Check out recruiting tips from Deloitte recruiters . Benefits We believe that to be an undisputed leader in professional services, we should equip you with the resources that can make a positive impact on your well-being journey. Our vision is to create a leadership culture focused on the development and well-being of our people. Here are some of our benefits and programs to support you and your family’s well-being needs. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you . Our people and culture Our people and our culture make Deloitte a place where leaders thrive. Get an inside look at the rich diversity of background, education, and experiences of our people. What impact will you make? Check out our professionals’ career journeys and be inspired by their stories. Professional development You want to make an impact. And we want you to make it. We can help you do that by providing you the culture, training, resources, and opportunities to help you grow and succeed as a professional. Learn more about our commitment to developing our people . © 2024. See Terms of Use for more information. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300471

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive. Position Overview: F5 is seeking a highly experienced and results-driven Technical Program Manager (TPM) to lead and manage critical programs focused on software security. This is a senior level role that will drive initiatives that enhance F5’s security posture by implementing best practices for vulnerability management, security scanners, CVE tracking, Security Software Development Life Cycle (SDLC), and more. The ideal candidate will have a deep understanding of security programs, a strong technical background in software development, and a proven track record of successfully delivering cross-functional initiatives in complex environments. As a trusted leader, you will collaborate closely with engineering, security, product, and operations teams to ensure F5’s products and processes meet the highest security standards while enabling business objectives. Key Responsibilities: Program Management: Strategically plan and deliver programs and initiatives across key security and vulnerability management areas, including implementation of security tools (scanners, CI/CD integrations), tracking and addressing vulnerabilities (e.g., CVEs), and enforcing best practices throughout the software development lifecycle. Own program roadmaps, timelines, deliverables, and reporting, ensuring execution aligns with business goals, security requirements, and resource capacity. Drive key metrics and outcomes for security, tracking improvements in vulnerability remediation, compliance, and overall risk reduction. Security SDLC and Vulnerability Management: Partner with engineering and security teams to integrate Security SDLC (Secure Software Development Lifecycle) best practices into the development process, ensuring security is considered and implemented at every stage. Manage programs for vulnerability detection, assessment, and remediation to ensure timely resolution of security risks identified across F5 products and environments. Develop and implement governance processes for tracking and addressing externally reported vulnerabilities, such as Common Vulnerabilities and Exposures (CVEs), ensuring effective prioritization and swift resolution. Cross-Functional Collaboration: Build strong relationships with software engineering, product management, cybersecurity, IT, and operations teams to foster alignment across security-related goals and projects. Act as the central point of coordination for security initiatives, driving progress and ensuring accountability across stakeholders. Facilitate efficient communication between technical and non-technical teams to ensure clarity around priorities, goals, and timelines. Risk and Compliance Management: Drive alignment on security requirements, risk tolerance, and compliance needs, partnering with internal and external security auditors where required. Ensure teams are meeting corporate and industry security standards, including regulatory and policy compliance, while achieving development velocity. Proactively identify and manage security risks through effective mitigation planning and ongoing tracking. Process Improvement and Tooling: Evaluate current security program practices, tools, and workflows, identifying gaps and opportunities for improvement in efficiency and effectiveness. Lead the implementation of automated tools for static and dynamic code analysis, dependency scanning, and configuration management to identify and address vulnerabilities earlier in the development process. Metrics and Reporting: Define, track, and report on KPIs and success metrics for security efforts, including vulnerability remediation rates, defect density reduction, and SLAs for incident response. Provide clear and actionable updates to executive leadership and key stakeholders on the status of security programs, progress, risks, and outcomes. Qualifications: Education: Bachelor’s degree in Computer Science, Software Engineering, Cybersecurity, or a related technical discipline (Master’s preferred). Experience: 8+ years of experience in program management, with at least 3 years focused on security programs, vulnerability management, or security operations (senior level); 10+ years for principal level. Proven experience implementing Security SDLC processes and collaborating with software teams to deliver secure, production-grade solutions. Solid understanding of security domains, particularly vulnerability scanning tools (e.g., Tenable Nessus, Snyk, Qualys), CVE tracking, dependency management, and secure coding practices. Technical Expertise: In-depth knowledge of software development methodologies, including Agile and DevSecOps principles. Familiarity with CI/CD pipelines, source code repositories, and tools for static/dynamic application security testing (e.g., SonarQube, Checkmarx, Veracode). Understanding of vulnerability databases (e.g., NVD), common exploitation techniques, and secure design principles. Basic understanding of threat modeling and risk assessment techniques (stronger expertise is a plus). Leadership and Collaboration: Experience working in highly cross-functional, multi-team environments, with the ability to motivate, guide, and align diverse stakeholders. Exceptional interpersonal, written, and verbal communication skills, with the ability to convey complex security requirements and issues to non-technical audiences, executives, and engineering teams alike. Demonstrated ability to influence without authority and lead by example. Problem Solving and Decision Making: Ability to analyze complex problems, evaluate trade-offs, and make sound decisions in a fast-paced environment. Strong risk management skills, with the ability to balance security needs with engineering velocity and business priorities. Preferred Qualifications: Project management certification (e.g., PMP, PgMP, or PMI-ACP) or security-related certifications (e.g., CISSP, CISM, or CISA). Experience with cloud security and platform-oriented vulnerability management tools like Bugzilla or similar. Familiarity with emerging cybersecurity trends and zero-day vulnerability exploitation techniques. Knowledge of networking and application delivery technologies (F5 experience is a plus!). The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change. Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com) . Equal Employment Opportunity It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.

We seek a highly skilled and motivated Test Architect in the core domain to join our dynamic global team. You will be a key member of our Core Solutions team, This role will be critical in providing advanced expertise in IPv4/IPv6, firewalls, cloud core technologies, and Software Test experience in Telco grade products. You Have: Any Bachelor's degree or Master's degree, or equivalent degree, with 10+ years of relevant Software Test experience in Telco-grade products 7+years of System test experience in Functional and serviceability areas with high-traffic, large-scale distributed systems, and client-server architectures Good experience in verification ofCloud Native, Microservices applications, using Containers and Virtualization Technologies like Docker, Kubernetes (K8s), Consul, Redis, gRPC, Helm, Envoy, and Open Source Integration. Good experience in security testing of a product and knowledge of various security scans like Black Duck Hub, Tenable, Codenomicon/Defensics, Malware, Anchore, NMAP, Nessus, etc. Good working experience in IMS, VoLTE, 4G/5G core technologies. In-depth and working experience with cloud-ready, cloud-native, microservices, and containers architecture, DevOps, CI/CD. It would be nice if you also had: Prior experience in interfacing with customers & customer teams is an added advantage. Should have worked on the toolsets like Jira, Jenkins, or Bamboo. Able to bring in innovative practices for chaotic programmable tests like Chaos Monkey, Janitor Monkey etc. Own and drive CNCS Functional testing across multiple core network NFs like SBC, TAS, CSCF, and MRF. Own and drive CNCS security testing and execute various security scans, and analyze the scan reports. Identify security vulnerabilities in the product. Validate security-related enhancements. Overall, Responsible for driving the Test strategy and planning for CNCS releases, Test effectiveness and Improvements for the CNCS product in functional/non-functional areas, and accountable for fault escapes. Understand new feature enhancements in SBC, NTAS, CSCF, MRF, etc. NFs and plan testing of critical features therein within CNCS. Analyse critical customer issues, help identify solutions, and ensure similar issues dont escape internal testing. Work effectively in a mixed environment and use best practices and knowledge of internal or external business issues to improve products or services. Plan technical requirements from customers needs. Apply and maintain quality standards. Participate in process and tool evolutions and identify improvements therein. Mentor junior team members and help them realize their full potential.

We seek a highly skilled and motivated Test Lead in the core domain to join our dynamic global team. You will be a key member of our Core Solutions team, This role will be critical in providing advanced expertise in IPv4/IPv6, firewalls, cloud core technologies, and Software Test experience in Telco grade products. You Have: Any Bachelor's degree or Master's degree, or equivalent degree, with 6+ years of relevant Software Test experience in Telco grade products. System test experience in Functional and serviceability areas with high-traffic, large-scale distributed systems and client-server architectures. Good experience in verification ofCloud Native, Microservices applications, using Containers and Virtualization Technologies like Docker, Kubernetes (K8s), Consul, Redis, gRPC, Helm, Envoy, and Open Source Integration. Experience with security testing of a product and knowledge of various security scans like Black Duck Hub, Tenable, Codenomicon/Defensics, Malware, Anchore, NMAP, Nessus etc is an added advantage. Good working experience in IMS, VoLTE, 4G/5G core technologies. Working experience with cloud-ready, cloud-native, micro services and containers architecture, DevOps, CI/CD. It would be nice if you also had: Prior experience in interfacing with customers & customer teams is an added advantage. Should have worked on the toolsets like Jira, Jenkins, or Bamboo. Able to bring in innovative practices for chaotic programmable tests like Chaos Monkey, Janitor Monkey, etc. Contribute to CNCS Functional testing across multiple core network NFs like SBC, TAS, CSCF, and MRF. Contribute to CNCS security testing and execute various security scans, and analyze the scan reports. Validate security related enhancements. Own end-to-end CNCS functional features and deliver with quality. Overall, Responsible for driving the Test strategy, Test effectiveness, and Improvements for the CNCS product in functional/non-functional areas, and accountable for fault escapes. Works effectively in a mixed environment and uses best practices and knowledge of internal or external business issues to improve products or services. Plan technical requirements from customers needs. Applies and maintains quality standards. Participates in process and tool evolutions and improvements.

Job Title: AD Security Specialist – Tenable & ManageEngine Location: Mumbai Job Type: Full-Time Experience: 4–7 years Notice Period: Immediate Joiners Preferred Job Overview: We are looking for an experienced AD Security Specialist to manage, integrate, and govern security solutions related to Active Directory (AD) using Tenable and ManageEngine . The ideal candidate will have hands-on experience in security deployment and should be capable of leading integration and governance initiatives independently. Key Responsibilities: Implement and manage security tools, primarily Tenable and ManageEngine, in AD environments. Lead the deployment and configuration of security solutions across enterprise systems. Perform integration of tools and ensure smooth interoperability with existing infrastructure. Monitor, audit, and govern security posture in Active Directory and related systems. Identify and respond to vulnerabilities using Tenable scans and reports. Support incident response and root cause analysis for AD-related security events. Collaborate with IT and security teams to enhance the overall security framework. Maintain documentation and provide regular updates on AD security status and improvements. Requirements: Proven experience in Active Directory security and governance. Strong hands-on knowledge of Tenable (Nessus, Tenable.io) and ManageEngine (AD360, Log360, etc.) . Experience in deploying and integrating security solutions in enterprise environments. Good understanding of identity and access management (IAM), security policies, and best practices. Strong troubleshooting and analytical skills. Excellent communication and documentation abilities. Preferred Qualifications: Relevant certifications (e.g., Microsoft, Tenable, CompTIA Security+). Experience working in regulated industries or environments with high compliance standards.

The Vulnerability Management Engineer is responsible for managing the identification, assessment,reporting, and mitigation of infrastructure and cloud vulnerabilities.A candidate for this role will have a mindset of a defender and be able to operate in a fast-paced environment working closely with our infrastructure team that includes Network,Firewall, Hypervisors, Servers, and business application teams. Primary Skills: • At least 4+ years’ experience in Information Security or Information Technology field. • Bachelor’s degree in computer science, Information Security, or equivalent combined experience. • Hands-on experience with a variety of vulnerability management and network scanning tools, such as Qualys, Tenable Security Center, Nmap, web scanners, etc. • Understanding of the relationship between operating systems, applications, and their dependencies, and how interrelated software vulnerabilities exist – with ability to determine remediation techniques in diverse environments. • Conduct regular vulnerability scans and assessments on network devices, servers, applications, and databases. • Perform vulnerability metrics reporting for ad-hoc and scheduled metrics report for various KPIs (Key Performance Indicators) around vulnerability management activities. • Knowledge of both Windows and UNIX-based operating systems (e.g. Windows Server and Client OS,RHEL, Ubuntu, Amazon Linux, MacOS), and container technologies (e.g. Kubernetes, Docker). • Ability to script and program using Python and other scripting and programming languages (i.e. SQL,Python, C, Java, JavaScript), notably for working with RESTful APIs. • Perform regular security audits and compliance checks to ensure adherence to security policies and standards. • Experience working with REST APIs and integrating API frameworks into wider business intelligence solutions. • Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice.Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classificationschemes (CVE, CVSS, CPE). • Capable of independently managing customer requirements, from the initial information gathering phase through to implementation. Secondary Skill: • Knowledge of the DORA Standard. • Solid experience in offensive security, adversarial tactics, techniques, and procedures (e.g. using MITRE ATT&CK framework), and common attack patterns such as binary exploitation, memory corruption, race conditions, web attacks, etc. • In-depth knowledge of security standard methodologies, technologies and products and aim to continuously improve these skills. • Knowledge of CI/CD pipelines, GitHub or other version control systems, and cloud hosting environment’s (i.e. AWS) applicable security standard methodologies. • Experience working in agile project management toolsets, creating tickets which break down work into manageable pieces, tracking capacity, and closing stories in a timely manner, and documenting work (i.e.Jira, Confluence, ServiceNow).

Education Requirements : BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification : Any ITSM Certification/CEH Job Summary: We are seeking an experienced ITSM and CIS Benchmarking Specialist to drive service management excellence and ensure systems are hardened according to industry best practices. The ideal candidate will have deep knowledge of ITIL-based ITSM practices and hands-on experience applying CIS Benchmarks for endpoint and server security compliance. Key Responsibilities: ITSM: Oversee the implementation and continuous improvement of ITSM processes aligned with ITIL framework (e.g., Incident, Change, Problem, Asset, and Configuration Management). Ensure accurate and timely incident/ticket management via ITSM tools (e.g., ServiceNow, BMC Remedy, Freshservice). Develop ITSM dashboards and reports to track SLAs, service availability, and operational KPIs. Collaborate with technical and business teams to streamline service workflows and automate manual tasks. Provide training and guidance on ITSM processes across teams. CIS Benchmarking: Perform security baseline assessments of servers, endpoints, and cloud environments using CIS Benchmarks . Coordinate with IT infrastructure and application teams to implement and validate CIS hardening steps. Use tools such as CIS-CAT Pro , SCAP , Tenable , or Qualys for benchmark scanning and reporting. Maintain a central repository of system configurations, benchmark reports, and deviation justifications. Support internal and external audits by providing CIS compliance evidence and remediation plans. Required Skills and Qualifications: 5+ years of experience in implementing and managing ITSM processes and tools. 5+ years of experience applying CIS Benchmarks across Windows, Linux, databases, or cloud platforms. Strong understanding of ITIL v3 or v4, with certification preferred. Familiarity with endpoint/server hardening, system configuration management, and patching. Experience using configuration and compliance management tools (e.g., Ansible, Chef, SCCM, GPO). Ability to document policies, procedures, and control deviations. Preferred Qualifications: ITIL Foundation or Practitioner certification. Experience in audit/compliance functions, particularly in regulated industries (BFSI, healthcare, government). Familiarity with ISO 27001, NIST 800-53, or other security frameworks.

Education Requirements : BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification : Any ITSM Certification/CEH Job Summary: We are seeking an experienced ITSM and CIS Benchmarking Specialist to drive service management excellence and ensure systems are hardened according to industry best practices. The ideal candidate will have deep knowledge of ITIL-based ITSM practices and hands-on experience applying CIS Benchmarks for endpoint and server security compliance. Key Responsibilities: ITSM: Oversee the implementation and continuous improvement of ITSM processes aligned with ITIL framework (e.g., Incident, Change, Problem, Asset, and Configuration Management). Ensure accurate and timely incident/ticket management via ITSM tools (e.g., ServiceNow, BMC Remedy, Freshservice). Develop ITSM dashboards and reports to track SLAs, service availability, and operational KPIs. Collaborate with technical and business teams to streamline service workflows and automate manual tasks. Provide training and guidance on ITSM processes across teams. CIS Benchmarking: Perform security baseline assessments of servers, endpoints, and cloud environments using CIS Benchmarks . Coordinate with IT infrastructure and application teams to implement and validate CIS hardening steps. Use tools such as CIS-CAT Pro , SCAP , Tenable , or Qualys for benchmark scanning and reporting. Maintain a central repository of system configurations, benchmark reports, and deviation justifications. Support internal and external audits by providing CIS compliance evidence and remediation plans. Required Skills and Qualifications: 2+ years of experience in implementing and managing ITSM processes and tools. 2+ years of experience applying CIS Benchmarks across Windows, Linux, databases, or cloud platforms. Strong understanding of ITIL v3 or v4, with certification preferred. Familiarity with endpoint/server hardening, system configuration management, and patching. Experience using configuration and compliance management tools (e.g., Ansible, Chef, SCCM, GPO). Ability to document policies, procedures, and control deviations. Preferred Qualifications: ITIL Foundation or Practitioner certification. Experience in audit/compliance functions, particularly in regulated industries (BFSI, healthcare, government). Familiarity with ISO 27001, NIST 800-53, or other security frameworks.

At Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities,collaborating closely with clients to deliver cutting-edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow.Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose. Your role Expertise on Vulnerability Management tools- Rapid7/Qualys/Tenable. Hands on experience in Implementation and Managing Security vulnerabilities (on-prem and cloud). Hands on experience in setting up vulnerability scanning profiles. Strong Knowledge & Understanding on vulnerability management lifecycle. In depth knowledge across all core domains Vulnerability Management, External Attack Surface Management, Container Scanning, Cloud Security Compliance scanning, and Security Configuration Management knowledge on system security vulnerabilities, remediation techniques and tactics. should understand vulnerability testing methodology and be able to communicate testing finding to managers and network administrators. Ability to communicate complex technology to no tech audience in simple and precise manner. Your Profile Good understanding on Risk score acceptance process of the vulnerabilities. Ability to create customized Reports. Support in the mitigation of vulnerabilities. Automation knowledge in the existing process. Understanding of Zero Day Vulnerabilities and their process. Understanding of TTPs, MITRE ATT&CK framework, CVSS, OSINT, and deception techniques. Understanding of operating systems, applications, infrastructure, and cloud computing services. Understanding of OWASP, CVSS, MITRE ATT&CK framework, and the software development lifecycle. Good in Oral, Verbal, and Written communication skills. What you will love about working here We recognize the significance of flexible work arrangements to provide support. Be it remote work, or flexible work hours, you will get an environment to maintain healthy work life balance. At the heart of our mission is your career growth. Our array of career growth programs and diverse professions are crafted to support you in exploring a world of opportunities. Equip yourself with valuable certifications in the latest technologies such as Generative AI.

TriNet is a leading provider of comprehensive human resources solutions for small to midsize businesses (SMBs). We enhance business productivity by enabling our clients to outsource their HR function to one strategic partner and allowing them to focus on operating and growing their core businesses. Our full-service HR solutions include features such as payroll processing, human capital consulting, employment law compliance and employee benefits, including health insurance, retirement plans and workers’ compensation insurance. TriNet has a nationwide presence and an experienced executive team. Our stock is publicly traded on the NYSE under the ticker symbol TNET. If you’re passionate about innovation and making an impact on the large SMB market, come join us as we power our clients’ business success with extraordinary HR. Don't meet every single requirement? Studies have shown that many potential applicants discourage themselves from applying to jobs unless they meet every single requirement. TriNet always strives to hire the most qualified candidate for a particular role, ensuring we deliver outstanding results for our small and medium-size customers. So if you're excited about this role but your past experience doesn't align perfectly with every single qualification in the job description, nobody’s perfect – and we encourage you to apply. You may just be the right candidate for this or other roles. JOB SUMMARY The Staff Vulnerability Management Analyst is a key member of the Global Security Cyber Defense team responsible for identifying, analyzing, and driving the remediation of vulnerabilities across enterprise systems, applications, and cloud environments. Based in Hyderabad, India, this role plays a critical part in protecting the organization's digital assets by ensuring vulnerabilities are promptly addressed and risk is effectively communicated to stakeholders. Essential Duties/Responsibilites Lead the execution of the enterprise Vulnerability Management Program, including the design, scheduling, and tuning of automated vulnerability scans across endpoints, servers, cloud assets, and container environments. Ensure the health and performance of scanning tools and infrastructure, including asset discovery, credentialed scanning, and optimization of scan coverage. Analyze scan data to identify true positive vulnerabilities, eliminate false positives, and work with asset owners to ensure timely and effective remediation. Conduct regular assessments of container images, infrastructure-as-code (IaC), and cloud-native platforms to identify misconfigurations and known vulnerabilities. Collaborate with cross-functional teams, including Cyber Defense, Security Architecture, Security Engineering, Application Security, Risk, Engineering, and Technology to coordinate remediation activities and provide technical guidance on mitigating identified risks. Support continuous improvement by tracking and reporting remediation SLAs, scan coverage metrics, and program KPIs, while partnering with system owners to ensure timely compliance with remediation timelines. Design and deliver actionable dashboards and executive-level reports to drive data-informed remediation decisions and communicate risk posture effectively. Stay current on emerging threats, vulnerability disclosures (CVEs), and industry benchmarks such as CIS, NIST, and OWASP. Act as a backup resource to the Cyber Defense team, assisting in threat hunting, incident response, and vulnerability-related investigations. Performs other duties as assigned Complies with all policies and standards QUALIFICATIONS Education Bachelor's Degree Work Experience Typically 5+ years experience in vulnerability management or a related cybersecurity domain. Licenses and Certifications CISSP – Certified Information Systems Security Professional CISM – Certified Information Security Manager GIAC Certified Incident Handler (GCIH) CEH: Certified Ethical Hacker CISA – Certified Information Systems Auditor Knowledge, Skills and Abilities: Hands-on experience with vulnerability scanning platforms such as Microsoft Defender Vulnerability Management, Tenable, Qualys, Rapid7, or similar. Experience working in ServiceNow Vulnerability Management suite is preferred. Experience with security orchestration and automation tools (e.g., Microsoft Sentinel, Logic Apps, ServiceNow SecOps, Splunk SOAR) is a plus, particularly within Microsoft Defender environments. Solid understanding of common operating systems (Linux, Windows), networking, cloud platforms (AWS, Azure, GCP, Oracle), and container technologies (Docker, Kubernetes). Expertise in security tools and technologies (e.g., SIEM, intrusion detection systems, firewalls) and the ability to analyze and interpret security data to identify vulnerabilities and threats. Strong understanding of cybersecurity principles, frameworks, and best practices, including risk management, incident response, and regulatory compliance (e.g., NIST, ISO 27001, NIST 800-53, PCI-DSS). Familiarity with vulnerability prioritization methodologies (e.g., CVSS, EPSS, threat intelligence enrichment) is a plus. Strong analytical and troubleshooting skills with the ability to interpret complex data sets, convey technical findings to both technical and non-technical audiences, and contextualize vulnerabilities in terms of business impact and operational risk. Experience building and presenting vulnerability management reports at a leadership level is preferred. Experience in creating technical documentation, runbooks, playbooks, and training materials for vulnerability management. Excellent communication and interpersonal skills. Proficient in Microsoft Office Suite. Detail-oriented and well organized. Self-motivated and capable of working independently within a small, high-performing team that values critical thinking and sound decision-making. Contributes to a team culture of inclusion, transparency, and innovation, by actively sharing ideas and taking ownership of impactful work. Highly ethical and professional. Work Environment: Work in a clean, pleasant, and comfortable office work setting. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable persons with disabilities to perform the essential functions. This position is 100% in office. Please Note: TriNet reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Position functions and qualifications may vary depending on business necessity. TriNet is an Equal Opportunity Employer and does not discriminate against applicants based on race, religion, color, disability, medical condition, legally protected genetic information, national origin, gender, sexual orientation, marital status, gender identity or expression, sex (including pregnancy, childbirth or related medical conditions), age, veteran status or other legally protected characteristics. Any applicant with a mental or physical disability who requires an accommodation during the application process should contact recruiting@trinet.com to request such an accommodation.

Job Title : Security GRC Consultant & Security Lead Experience: 10+ Years Location: [Thrissur / Cochin] Type: [Full-Time/Onsite] Industry : Information Security / Cybersecurity / Risk & Compliance Job Summary: A seasoned Security GRC (Governance, Risk, and Compliance) Consultant and Security Lead with over 10 years of experience in implementing, managing, and optimizing cybersecurity governance frameworks. Adept at bridging business and technology risk, ensuring regulatory compliance, and leading cross-functional teams to uphold enterprise security posture. Proven ability to drive enterprise risk programs, security audits, and compliance initiatives in diverse industries including finance, healthcare, and technology. Key Responsibilities: Governance, Risk, and Compliance (GRC): • Develop, implement, and manage enterprise-wide GRC strategies aligned with business and regulatory requirements (e.g., ISO 27001, NIST, SOC 2, HIPAA, GDPR, PCI-DSS). • Lead security risk assessments, third-party vendor evaluations, and business impact analyses (BIA). • Design and implement risk treatment plans, control testing programs, and continuous monitoring processes. • Maintain and enhance GRC platforms such as Archer, ServiceNow GRC, or LogicGate. Security Leadership & Strategy: • Act as the primary liaison between business stakeholders, technical teams, and executive leadership on cybersecurity initiatives. • Lead the development and execution of information security programs, policies, and procedures. • Provide expert guidance on security architecture, incident response, and data protection strategies. • Conduct security awareness training and culture-building across the organization Audit & Compliance: • Prepare organizations for internal and external audits; respond to audit findings and ensure timely remediation. • Manage and maintain documentation for control evidence, risk registers, and compliance reports. • Engage with regulatory bodies and customers during compliance reviews and assessments. Project Management & Team Leadership: • Lead or participate in cross-functional projects including cloud security assessments, privacy impact assessments (PIAs), and IT risk projects. • Mentor and lead junior security professionals; contribute to internal knowledge bases and best practices. • Manage project timelines, stakeholder expectations, and deliverables in Agile and Waterfall environments. Required Skills & Qualifications: • Bachelor’s or Master’s degree in Cybersecurity, Information Systems, or related field. • Professional certifications: CISSP, CISA, CRISC, CISM, ISO 27001 Lead Implementer/Auditor, or similar. • Strong knowledge of GRC frameworks (ISO, NIST CSF, COBIT), data protection laws (GDPR, CCPA), and industry standards. • Experience with security tools and platforms like Archer, ServiceNow GRC, Splunk, Tenable, Qualys, etc. • Excellent communication, stakeholder management, and technical writing skills. • Ability to work independently and drive multiple initiatives in complex environments. Preferred Experience: • Hands-on experience in cloud security (AWS, Azure, GCP). • Experience working in highly regulated industries (Finance, Healthcare, Pharma). • Familiarity with DevSecOps, secure SDLC, or CI/CD pipeline security controls.