252 Tenable Jobs - Page 5

Job Title: Application Security Analyst Work Mode: Hybrid Location: Gurugram Experience Required: 5 to 7 Years Required Skills: Prior work experience in application security is mandatory. Should have solid experience in Penetration testing. Candidates should be familiar with Azure WAF. Candidates must have excellent verbal and written communication skills. Candidates should be familiar with waterfall and agile development processes and have experience integrating secure development practices into both models. Familiarity with a variety of development and testing tools Candidates must be able to explain all vulnerabilities and weaknesses in the OWASP Top 10, WASC TCv2, and CWE 25 to any audience and discuss effective defensive techniques. Familiarity with industry standards and regulations including PCI, FFIEC, SOX, and ISO27001 is desired. linux Experienced in tools like Snyk, Tenable WAS, Invicti, Burp suite, Postman, kali Experience in conducting Threat Modelling using STRIDE, PASTA etc Job Type: Full-time Pay: ₹800,000.00 - ₹1,600,000.00 per year Experience: Application Security: 5 years (Required) Penetration testing: 5 years (Required) Threat Modeling: 5 years (Required) Work Location: In person

About Us: Barry-Wehmiller is a diversified global supplier of engineering consulting and manufacturing technology for the packaging, corrugating, sheeting and paper-converting industries. By blending people-centric leadership with disciplined operational strategies and purpose-driven growth, Barry-Wehmiller has become a $3 billion organization with nearly 12,000 team members united by a common belief: to use the power of business to build a better world. Job Description: Position Description: The Enterprise IT Service Desk Workstation Vulnerability Analyst’s role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Full time – Five days a week - In the office position Potential for evening and weekend hours. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 1-3 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Supervisory/Responsibility: Individual contributor w/no direct reports Work Environment: This is an office position. Position Type: This is a regular, full-time position with frequent overtime. Must be able, available, and willing to work more than 40 hours per week, including scheduled and unscheduled overtime. Travel: Travel could be up to 15% (in country) as needed for remote support. Physical Demands: The physical demands described here are representative of those performed in the job duties. The employee sits at a desk and uses a computer for prolonged periods of time. Performing the role frequently uses close vision, speech, hearing, and dexterity to operate office equipment. The employee must occasionally lift and/or move up to 15 pounds. At Barry-Wehmiller we recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying. We know that our differences often can bring about innovation, excellence and meaningful work—therefore, people from all backgrounds are encouraged to apply to our positions. Please let us know if you require reasonable accommodations during the interview process. Company: BW Corporate US

Who is Tenable? Tenable® is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey! What makes Tenable such a great place to work? Ask a member of our team and they’ll answer, “Our people!” We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you’re part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together! Your Role The Regional Channel Sales Manager (RCM) is responsible for establishing and managing relationships with named Channel Partners. The Regional Channel Sales Manager will act as a sales liaison between distributors, named Channel Partners and Tenable sales personnel. The Regional CSM will support sales endeavors across all of Tenable’s products lines in their assigned Region. Your Opportunity Define strategy and its execution for named Channel partners Recruit new strategic partners in defined region Serve as the partner main point of contact as it relates to activity centric to the named Channel partners assigned to the region Create and present quarterly and ad-hoc reviews to the Director of Channels, Americas as well as to all levels of internal management Oversee the negotiations of legal agreements as they relate to the CM’s named partner recruitment and management Create and deliver accurate quarterly and annual forecasts and strategic plans Develop engagement plan with named Channel partners and Tenable’s Sales Teams Drive Channel partners sales and technical certification In conjunction with the marketing team, develop and assist with the execution of lead generation campaigns for the purpose of pipeline development Provide input to marketing and/or program managers regarding additions or changes needed to our partner tools, on-line interfaces, or similar May perform other duties and responsibilities that management may deem necessary from time to time What You'll Need A minimum of 8+ years of experience managing channel partners in relation to technology sales Experience working with one and two tier channel models Experience working with both national and regional Channel partners Documented track record of success College Degree strongly preferred Experience and comfort level working with C-level executives Familiarity with the network security marketplace strongly preferred Ability to sit and work at a computer for extended periods of time Travel is a requirement for this position We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels. If you need a reasonable accommodation due to a disability during the application or recruiting process, please contact Recruiting@Tenable.com for further assistance. Tenable Data Consent Statement Tenable is committed to protecting the privacy and security of your personal data. This Notice describes how we collect and use your personal data during and after your working relationship with us, in accordance with the General Data Protection Regulation (“GDPR”). Please click here to review. For California Residents: The California Consumer Privacy Act (CCPA) requires that Tenable advise you of certain rights related to the collection of your private information. Please click here to review.

Key Responsibilities Security Monitoring & Incident Response: Assist in monitoring security alerts and logs from SIEM tools (e.g., Splunk, ELK, AWS Security Hub). Investigate and escalate security incidents as needed. Respond to security threats and help mitigate risks. Vulnerability & Risk Management Conduct vulnerability scans and assist with patch management. Assist in security assessments and risk analysis for applications and infrastructure. Support remediation efforts for identified security weaknesses. Security Tools & Technologies Work with security tools such as IDS/IPS, firewalls, endpoint protection, and cloud security services. Assist in managing identity and access management (IAM) policies. Support logging, monitoring, and automation of security processes. Compliance & Security Best Practices Assist in ensuring compliance with security frameworks (ISO 27001, NIST, CIS, SOC 2, etc.). Maintain documentation related to security policies, incidents, and audits. Security Awareness & Training Help conduct security awareness training for employees. Stay updated on the latest security threats, vulnerabilities, and best practices. Required Qualifications Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience). Knowledge of security concepts such as network security, encryption, authentication, IAM, and malware analysis. Familiarity with security tools like Splunk, Tenable Nessus, Burp Suite, or Wireshark. Understanding of cloud security (AWS, Azure, GCP) and DevSecOps principles is a plus. Basic scripting knowledge (Python, PowerShell, Bash) for security automation. Strong analytical and problem-solving skills with attention to detail. Preferred Certifications (Nice To Have) CompTIA Security+ Certified Ethical Hacker (CEH) AWS Certified Security – Specialty Microsoft SC-900 (Security, Compliance, and Identity Fundamentals)

Job Summary A Security Analyst specializing in Vulnerability Assessment and Penetration Testing (VAPT) is responsible for evaluating and testing an organization’s digital assets for vulnerabilities. This Role is responsible to manage organization’s internal and external vulnerability management program from scan to resolution of identified vulnerabilities. Roles and Responsibilities: Perform Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications & IT Assets. Leverage threat modelling for applications to identify potential threats and suggest suitable mitigation strategies. Manage organization’s internal vulnerability management program execution, coordination, reporting and mitigation of vulnerabilities with various stakeholders. Work with external Vendor to plan, execute External VAPT on IT Assets, software applications, software code, mobile apps. Provide technical leadership in setting up SoW, complete External VAPT scan from start to closer of identified vulnerabilities. Work closely with cross function teams including IT and product development teams to close security findings, vulnerabilities. Develop and implement strategies to improve overall security posture. Knowledge And Skills Bachelor’s degree in computer science, Information Security, or a related field. Proven experience in vulnerability assessment and penetration testing. Good understanding of various Security standards like OWASP Top 10, OWASP Mobile Top 10, OWASP API Top 10, OWASP IoT Top 10, SANS Top 25, NIST. Good understanding of vulnerability severity calculation methods like CVSS Any of security certification related to VAPT, for example: Certified Security Analyst (ECSA). Licensed Penetration Tester (LPT). Offensive Security Certified Professional (OSCP). Offensive Security Certified Web Expert (OSWE). GIAC Penetration Tester (GPEN) Sound working experience with security scan products like Nessus, burp suits, Open VAS. Strong understanding of security principles, techniques, and technologies. Knowledge of application design and coding practices. Knowledge on any vulnerability management products like Qualys, Tenable, Rapid7 High level of initiative and self-direction Excellent communicator in English, both written and spoken while being able to convey information effectively at multiple levels of sensitivity and for various audiences.

As an R&D Engineer, where you'll drive security and performance in cutting-edge cloud-native technologies. You'll take the lead in managing end-to-end responses for security vulnerabilities in Kafka, RabbitMQ, and Kubernetes ingress controllersanalyzing CVEs, prioritizing risks, and working closely with developers to deliver effective fixes. You'll also run advanced scans using tools like Burp, Anchore, and Malware scanners, ensuring open-source components meet the highest standards. Alongside security, you'll contribute to delivering robust Kafka, RabbitMQ, and Ingress Controller solutions as per CSF specifications. You Have: Bachelor's or Master's degree in Engineering or equivalent with 38 years of hands-on experience in software development or testing, with strong expertise in messaging open-source tools like Kafka, RabbitMQ, and Ingress Controllers. Proficient in Python programming, with the ability to build and automate robust test and development workflows Skilled in working with microservices architectures and container technologies such as Docker, Kubernetes, Helm charts, Operators, and virtualization platforms Experienced in implementing CI/CD pipelines and DevOps best practices for scalable, efficient software delivery Well-versed in security protocols (TLS, SSH), encryption techniques, and security principles including threat analysis, hardening, and vulnerability scanning (container/non-container, web apps, DoS, penetration testing) Good to have: Familiarity with security tools like Anchore, Tenable, Netsparker, Codenomicon, Nmap, etc. Experience in SBOM (Software Bill of Materials) generation. Lead the end-to-end response process for security vulnerabilities in Kafka, RabbitMQ, and Kubernetes ingress controllers. Analyze and prioritize Common Vulnerabilities and Exposures (CVEs), collaborating with development teams to implement timely and effective remediation. Execute security scans using tools like Burp, Anchore, Malware scanners, and Codenomicon, and assess severity based on open-source software usage. Ensure secure and stable integration of open-source components within the cloud-native platform. Develop and test Kafka, RabbitMQ, and Ingress Controller components in alignment with CSF specifications.

Immediate Openings on Security Consultants with Vulnerability _Contract_Pan India 6+ Years Security Consultants with Vulnerability Pan India Period :Immediate. Type Contract Description 7 + Years Security Consultants with Vulnerability tools exp like Qualys or Tenable (prefer Qualys) and ServiceNow. Experience with Vulnerability tools such as Qualys or Tenable (prefer Qualys) and ServiceNow .

Relevant Experience Level : 7+ years Shift time: 6.00 PM to 3.00 AM Required Skills & Experience: 7+ years of experience in systems engineering, compute infrastructure, or datacenter operations. Strong expertise in Nutanix (AHV/Prism) and Rubrik. Proficient in scripting and automation using PowerShell, Python, or Shell scripting. Experience working with Windows Server and Linux/Unix platforms. Knowledge of legacy backup and virtualization platforms (VMware, Hyper-V, Commvault, Veritas, etc.). Hands-on experience with AWS and Azure infrastructure services. Working knowledge of DNS, DHCP, patching, and Tenable for vulnerability management. Familiarity with ServiceNow or similar ITSM tools. Strong troubleshooting, communication, and documentation skills. Proven ability to work independently, manage vendors, and resolve technical escalations. Preferred Qualifications: Certifications such as Nutanix Certified Professional (NCP), AWS Certified SysOps Administrator, Microsoft Azure Administrator, or RHCE. Experience with Infrastructure as Code (Terraform, Ansible) is a plus. Understanding of ITIL best practices.

Job Summary Experienced Vulnerability Management and penetration testing Governance lead will manage a team to oversee the identification, assessment, and remediation of security vulnerabilities across enterprise systems. This role will focus on establishing a proactive security posture, ensuring compliance with industry standards, and driving governance initiatives to mitigate risks effectively along with strong leadership and project management skills. Vulnerability Assessment: Lead regular vulnerability scans and penetration testing across infrastructure, cloud environments and outside-In. Security Baseline: Lead development and implementation of Security Baseline using CIS Benchmarks by determining the systems, applications, and network devices to be secured (e.g., Windows, Linux, Cloud, Docker, Kubernetes). Risk Analysis & Prioritization: Evaluate identified vulnerabilities based on severity, exploitability, and potential business impact. Remediation Planning: Collaborate with IT, security, engineering and entity teams to ensure timely remediation of high-risk vulnerabilities. Governance & Compliance: Develop and enforce security governance frameworks in line with industry standards (e.g., NIST, CIS, ISO 27001, PCI-DSS). Threat Intelligence Integration Leverage global threat intelligence feeds to stay ahead of emerging security threats and vulnerabilities. Security Policy Development: Define policies and best practices for vulnerability management, reporting, and remediation. Automation & Continuous Monitoring: Implement automated vulnerability scanning tools and ensure ongoing security assessments. Incident Response Support: Provide technical guidance in vulnerability-related security incidents and audits. Reporting & Metrics: Establish key risk indicators and provide executive reports on vulnerability trends and remediation progress. Experience: 12+ years in cybersecurity, vulnerability management, or Penetration testing roles. Technical Expertise: Hands-on experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Nessus, OpenVAS), penetration testing and threat intelligence platforms. Penetration Testing & Ethical Hacking Experience with tools like Metasploit, Burp Suite, Nmap, and Wireshark for real-world security assessments. Security Framework Knowledge: Strong understanding of NIST, CIS benchmarks, OWASP Top 10, and CVSS scoring models. Compliance Awareness: Familiarity with regulatory standards affecting security risk management. Leadership & Communication: Ability to coordinate with multiple stakeholders, drive security improvements, and articulate risks effectively. Certifications such as CISSP, CISM, CEH, OSCP or equivalent. Experience in cloud vulnerability management (AWS, Azure, GCP). Knowledge of DevSecOps practices and security automation. Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Role Description Vulnerability Management SME (Subject Matter Expert) Experience : 7 plus years Location : Hyderabad/Trivandrum/Kochi/Bangalore/Chennai Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world’s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence Job Summary We are seeking a highly experienced and knowledgeable Subject Matter Expert (SME) to join our Vulnerability Management team. The ideal candidate will have extensive experience in cybersecurity, with a deep understanding of vulnerability management processes, tools, and best practices. This role requires strong analytical skills, excellent communication abilities, and a proactive approach to identifying and mitigating security risks. Key Responsibilities Lead the vulnerability management program, ensuring comprehensive identification, assessment, and remediation of vulnerabilities. Develop and implement strategies to enhance the organization's security posture. Conduct in-depth vulnerability assessments and penetration testing to identify security weaknesses. Expertise in vulnerability management tools Qualys VMDR, MS Defender, and CrowdStrike, to detect and analyze vulnerabilities and create reports and dashboards for the customer. Interpret scan results and provide detailed reports with actionable recommendations. Prioritize vulnerabilities based on potential impact and likelihood of exploitation. Collaborate with technical teams to develop and implement effective remediation plans. Stay updated with the latest cybersecurity threats, trends, and technologies. Develop and deliver training sessions on vulnerability management best practices. Participate in incident response activities, providing expertise in vulnerability exploitation and mitigation. Ensure compliance with industry standards and regulatory requirements. Qualifications Bachelor’s degree in computer science, Information Security, or a related field. Minimum of 7 years of experience in cybersecurity, with a focus on vulnerability management. In-depth knowledge of cybersecurity principles, threats, and attack vectors. Knowledge of network protocols, architecture, and topologies. Extensive experience with various operating systems (Windows, Linux, macOS) and their security configurations. Advanced skills in using and configuring vulnerability scanning tools, specifically Qualys VMDR, MS Defender, and CrowdStrike. Experience with Rapid7, Tenable, or cloud security is a plus. Strong analytical and critical thinking abilities to identify root causes and solutions for vulnerabilities. Excellent verbal and written communication skills to effectively communicate with stakeholders. Experience in risk assessment methodologies and patch management best practices. Automation skills and experience with scripting languages (e.g., Python, PowerShell) are a plus. Relevant certifications (e.g., CISSP, CEH, OSCP) are highly desirable.

We are seeking an experienced Senior Information Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards. 1.Should take care of Infosec functions by coordinating with various stakeholders 2. Lead and manage Vulnerability Assessment (VA) and Penetration Testing (PT) programs end to end. 3. Should have technical hands-on knowledge on different VAPT tools, like Qualys, Tenable, BurpSuite, Checkmarx etc. 4.Ensure all cyber security compliance directions issued from time to time by the regulator 5.Coordination with SOC, Technology team to follow up the incidents till closure 6.Follow escalation matrix for delayed issues 7.Assist in Internal and External Audits (Regulatory) and work towards closure of observations if any 8. Should have project management espouse, to run the security PMO for ensuring the multiple initiatives with internal / external teams, vendors, and regulators. 9. Prepare and review new/existing policies, procedures, and secure configure/ hardening documents. 10. Should possess technical skills and knowledge to handle/manage security solutions if required 11. Exposure to Cloud Environment 12. Knowledge of Application Security is a plus. Qualifications and Experience: 1. 15-18 years of experience in security management. 2. Strong understanding of security best practices, frameworks, and security technologies. 3. Proven experience in managing VA, PT, Patch Management, and Audit processes. 4. Familiarity with regulatory requirements and compliance standards (e.g., RBI, SEBI). 5. Demonstrated experience in project management, including planning, execution, and stakeholder management. 6. Excellent communication, interpersonal, and leadership skills. 7. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred.

Required Skills & Experience: 7+ years of experience in systems engineering, compute infrastructure, or datacenter operations. Strong expertise in Nutanix (AHV/Prism) and Rubrik. Proficient in scripting and automation using PowerShell, Python, or Shell scripting. Experience working with Windows Server and Linux/Unix platforms. Knowledge of legacy backup and virtualization platforms (VMware, Hyper-V, Commvault, Veritas, etc.). Hands-on experience with AWS and Azure infrastructure services. Working knowledge of DNS, DHCP, patching, and Tenable for vulnerability management. Familiarity with ServiceNow or similar ITSM tools. Strong troubleshooting, communication, and documentation skills. Proven ability to work independently, manage vendors, and resolve technical escalations. Preferred Qualifications: Certifications such as Nutanix Certified Professional (NCP), AWS Certified SysOps Administrator, Microsoft Azure Administrator, or RHCE. Experience with Infrastructure as Code (Terraform, Ansible) is a plus. Understanding of ITIL best practices.

When you join Verizon You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the #VTeamLife. What You’ll Be Doing... The Verizon Product Security Team ensures security by design product engineering and architecture for both consumer and business products. As a Principal Security Architect, you will work to conduct security assessments on both Consumer and Business products and solutions. You will help to create, define, and implement security controls and tooling in conjunction with product development teams and product owners. You will manage multiple projects with a degree of impact and complexity that must be carefully controlled to support the internal business unit security requirements. You will also work in conjunction with security stakeholders in other areas of the business and make decisions and help lead initiatives to ensure timely delivery of security solutions that support business objectives. You will also manage work that involves coordination with multiple organizations and is the focal point within the group. Help implement Secure Software Development Lifecycle (SSDLC) practices and use automation where possible Work with the product development teams to perform security design/code reviews and vulnerability assessment. Provide security guidance to Engineering and Product teams. Contribute to security architecture and assist in building and rolling out processes for secure code development and deployment involving truly cutting edge technology Contribute to security policy, standards, and guidelines related to Information Security Evaluate and operationalize new technologies for securing the organization Create security user stories and security test cases for products that are tailored to the product attributes and technology Support and advise product owner and product development teams by ensuring technical and architectural feasibility, readiness and compliance. What We’re Looking For… You'll need to have: Bachelor’s degree or one or more years of work experience. Experience in cybersecurity. Experience with security requirements analyses, building threat models, performing security design reviews, applying zero trust principles. Knowledge of application security vulnerabilities, secure coding, attack surfaces and countermeasures. Knowledge of S-SDLC, best practices for secure coding, understanding of OWASP Top 10, CIS Top 20 Even better if you have one or more of the following: Understanding of Docker, Kubernetes, container security best practices. Experience with Threat Management and Monitoring tools (like CrowdSrike, GuardDuty, Tenable, CloudTrail, Cloudwatch) and container security tools. Experience with building security and hardening Cloud Containers, Cloud OS, on-premise/cloud storage, like Cassandra, MongoDB, Data Warehouse and Object-Based storage. Hands on experience on security testing like SAST, DAST, SCA and Pen testing Understanding of authentication protocols like OID, OAuth2.0, SAML Hands-on experience in securing software development projects using iOS/Android platforms Familiar with Content Streaming Services Security like DRM, CA (Widevine, Playready, FairPlay) Experience with application programming (C/C++/Java/Kotlin/Swift/JavaScript or any other languages) and the overall software development life cycle. Written and verbal skills for communicating security concepts and solutions. Ability to prioritize between and execute on multiple work streams. Excellent organizational and interpersonal skills. One of more of the following certifications: CISSP, CISM, SANS, CCSK. If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above. #TPDNONCDIO Where you’ll be working In this hybrid role, you'll have a defined work location that includes work from home and assigned office days set by your manager. Scheduled Weekly Hours 40 Equal Employment Opportunity Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics.

About Our Opportunity We are part of the global CIO function tasked to deliver world-class built-in security in Ericsson. Our 100+ employees’ organization is global with the main hubs located in Sweden (HQ), India, USA, and the Philippines. We are inviting the application for Head of IT Sec AS Attack Surface Management. In this role, you will have the chance to be part of a passionate global team dedicated to fulfilling Ericsson’s emerging journey building a strong, resilient, purposed and sustainable IT Security capability. Mandated to protect our company assets from emerging threats and risks, you will together with your colleagues lead the way to develop the future IT Security concepts and technology roadmaps in Ericsson You will Define and execute the enterprise-wide strategy for attack surface management aligned with the broader cybersecurity roadmap. Build and lead a high-performing ASM team covering asset discovery, vulnerability management, cloud security, penetration testing, and red teaming. Partner with business, IT, DevOps, and architecture teams to embed ASM principles in solution design and lifecycle. Oversee continuous asset discovery and inventory (including shadow IT, rogue systems, and exposed services). Manage vulnerability identification, classification, prioritization, and remediation across infrastructure, applications, and cloud environments. Lead API and third-party attack surface monitoring and ensure proactive risk reduction. Drive adoption of ASM platforms, exposure management tools, and threat intelligence integrations. Define KPIs, KRIs, and reporting for ASM effectiveness and risk posture across business units. Ensure alignment with security frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and regulatory compliance. Lead red/purple team exercises to validate security posture and feed improvements into the ASM program. Drive coordination with vulnerability management, SOC, architecture, DevSecOps, and compliance teams. Continuously evaluate ASM capabilities through tabletop exercises and exposure simulations. The Skills You Bring: Bachelor’s or master’s degree in computer science, Information Security, or related field. 10+ years in cybersecurity with at least 4 years in a leadership role managing attack surface or vulnerability management programs. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Proven experience in managing hybrid IT environments including cloud (AWS, Azure, GCP), SaaS, and on-premises assets. Expertise in tools such as ASM platforms (e.g., CyCognito, Randori, Microsoft Defender ASM), VM platforms (Tenable, Crowdstrike, Qualys, Rapid7), and API security tools. Deep understanding of cloud security controls, CI/CD pipelines, external threat modeling, and exposure management. Familiarity with MITRE ATT&CK, NIST 800-53/CSF, OWASP Top 10, CIS Benchmarks. Strong leadership, stakeholder management, and team development skills. Ability to communicate technical risks and attack surface exposures in business language to executives and board members. Excellent leadership and people management skills, with the ability to inspire and guide a team of security professionals. Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Gurgaon Req ID: 768823

About Our Opportunity We are part of the global CIO function tasked to deliver world-class built-in security in Ericsson. Our 100+ employees’ organization is global with the main hubs located in Sweden (HQ), India, USA, and the Philippines. We are inviting the application for Head of IT Sec AS Attack Surface Management. In this role, you will have the chance to be part of a passionate global team dedicated to fulfilling Ericsson’s emerging journey building a strong, resilient, purposed and sustainable IT Security capability. Mandated to protect our company assets from emerging threats and risks, you will together with your colleagues lead the way to develop the future IT Security concepts and technology roadmaps in Ericsson You will Define and execute the enterprise-wide strategy for attack surface management aligned with the broader cybersecurity roadmap. Build and lead a high-performing ASM team covering asset discovery, vulnerability management, cloud security, penetration testing, and red teaming. Partner with business, IT, DevOps, and architecture teams to embed ASM principles in solution design and lifecycle. Oversee continuous asset discovery and inventory (including shadow IT, rogue systems, and exposed services). Manage vulnerability identification, classification, prioritization, and remediation across infrastructure, applications, and cloud environments. Lead API and third-party attack surface monitoring and ensure proactive risk reduction. Drive adoption of ASM platforms, exposure management tools, and threat intelligence integrations. Define KPIs, KRIs, and reporting for ASM effectiveness and risk posture across business units. Ensure alignment with security frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and regulatory compliance. Lead red/purple team exercises to validate security posture and feed improvements into the ASM program. Drive coordination with vulnerability management, SOC, architecture, DevSecOps, and compliance teams. Continuously evaluate ASM capabilities through tabletop exercises and exposure simulations. The Skills You Bring: Bachelor’s or master’s degree in computer science, Information Security, or related field. 10+ years in cybersecurity with at least 4 years in a leadership role managing attack surface or vulnerability management programs. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Proven experience in managing hybrid IT environments including cloud (AWS, Azure, GCP), SaaS, and on-premises assets. Expertise in tools such as ASM platforms (e.g., CyCognito, Randori, Microsoft Defender ASM), VM platforms (Tenable, Crowdstrike, Qualys, Rapid7), and API security tools. Deep understanding of cloud security controls, CI/CD pipelines, external threat modeling, and exposure management. Familiarity with MITRE ATT&CK, NIST 800-53/CSF, OWASP Top 10, CIS Benchmarks. Strong leadership, stakeholder management, and team development skills. Ability to communicate technical risks and attack surface exposures in business language to executives and board members. Excellent leadership and people management skills, with the ability to inspire and guide a team of security professionals. Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Gurgaon Req ID: 768823

Job Description: Job Summary: We are seeking a talented Security Engineer to join our growing security team. In this role, you will play a critical part in designing, implementing, and managing security controls across key areas, including but not limited to Cloud Security, Endpoint Detection & Response (EDR), Vulnerability Management, SASE/Firewall, Data Leakage Prevention . Key Responsibilities: Design, implement, and maintain security solutions to safeguard cloud environments, endpoints, networks, and applications. Lead or support vulnerability assessments, coordinate remediation activities with IT and development teams, and track mitigation progress. Configure, maintain, and optimize firewall rules and network security policies, ensuring secure and compliant connectivity. Collaborate with cloud engineers and DevOps teams to embed security best practices in cloud infrastructure and deployments. Develop and maintain documentation, including security standards, procedures, and runbooks. Stay current with emerging threats, vulnerabilities, and regulatory requirements, and proactively recommend improvements. Participate in security audits and compliance efforts as needed. Qualifications Required: Bachelor’s degree in Computer Science, Information Security, or related field; or equivalent practical experience. 3–5 years of experience working in information security area. Hands-on experience with at least one of the following areas: Cloud Security (AWS, Azure, security configurations and tools) EDR (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint) Vulnerability Management (e.g., Qualys, Tenable, Rapid7) Firewall Management (e.g., Palo Alto Networks, Fortinet, Cisco ASA) Network Security / SASE / SSE (e.g. Cato, Zscaler, Netscope) Solid understanding of security principles, networking fundamentals, and common threat vectors. Strong problem-solving skills and attention to detail. Excellent communication and collaboration skills. Preferred: Relevant industry certifications (e.g., Security+, CEH, CISSP, Azure Security Engineer, AWS Security Specialty). Scripting or automation skills (e.g., Python, PowerShell) are a plus. Familiarity with compliance frameworks (e.g., ISO 27001, SOC 2, GDPR) is desirable. AML RightSource is committed to fostering a diverse work environment and is proud to be an equal opportunity employer. We provide equal employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

Bengaluru, Karnataka Hyderabad, Telangana Job ID 30184594 Job Category Digital Technology Position Title: Manager Exposure Management Location: Bangalore Full time/ Part time : Full time Job Description: Job Summary The Manager, Exposure Management plays a key role in identifying, analyzing, and driving mitigation of cybersecurity exposures across enterprise systems. This position focuses on vulnerability management, attack surface monitoring, and web application scanning to ensure timely detection and response to risks affecting the organization’s digital footprint. The role requires strong technical expertise, attention to detail, and the ability to work across teams to influence remediation activities and improve security posture. Key Responsibilities Operate enterprise vulnerability scanning platforms, validate findings, and track remediation efforts. Continuously assess the organization’s internal and external attack surface for untracked assets, misconfigurations, and exposed services. Identify and maintain asset ownership across business units; ensure ownership data is accurate and consistently reflected in the configuration management database (CMDB). Collaborate with infrastructure, application, and business stakeholders to ensure timely and complete updates to asset and ownership records. Configure, execute, and analyze web application security scans; work with development teams to address identified issues. Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tooling. Prepare detailed reports and dashboards for various audiences, from technical teams to executive leadership. Partner with IT, infrastructure, and cybersecurity stakeholders to support risk-informed remediation activities. Contribute to ongoing process improvements and tool optimization across the exposure management lifecycle. Basic Qualifications Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 10 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Master’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 8 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Preferred Qualifications Hands-on experience with tools such as Tenable, Qualys, Rapid7, or similar platforms. Familiarity with web application scanning tools and techniques. Experience managing or supporting a CMDB and asset lifecycle processes in a large organization. Understanding of frameworks such as CVSS, MITRE ATT&CK, and NIST CSF. Strong communication and analytical skills, with the ability to explain technical risks to business stakeholders. Experience supporting compliance and regulatory programs in a global business context. Benefits We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary. Have peace of mind and body with our health insurance Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference. Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

About our opportunity We are part of the global CIO function tasked to deliver world-class built-in security in Ericsson. Our 100+ employees’ organization is global with the main hubs located in Sweden (HQ), India, USA, and the Philippines. We are inviting the application for Head of IT Sec AS Attack Surface Management. In this role, you will have the chance to be part of a passionate global team dedicated to fulfilling Ericsson’s emerging journey building a strong, resilient, purposed and sustainable IT Security capability. Mandated to protect our company assets from emerging threats and risks, you will together with your colleagues lead the way to develop the future IT Security concepts and technology roadmaps in Ericsson You will Define and execute the enterprise-wide strategy for attack surface management aligned with the broader cybersecurity roadmap. Build and lead a high-performing ASM team covering asset discovery, vulnerability management, cloud security, penetration testing, and red teaming. Partner with business, IT, DevOps, and architecture teams to embed ASM principles in solution design and lifecycle. Oversee continuous asset discovery and inventory (including shadow IT, rogue systems, and exposed services). Manage vulnerability identification, classification, prioritization, and remediation across infrastructure, applications, and cloud environments. Lead API and third-party attack surface monitoring and ensure proactive risk reduction. Drive adoption of ASM platforms, exposure management tools, and threat intelligence integrations. Define KPIs, KRIs, and reporting for ASM effectiveness and risk posture across business units. Ensure alignment with security frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and regulatory compliance. Lead red/purple team exercises to validate security posture and feed improvements into the ASM program. Drive coordination with vulnerability management, SOC, architecture, DevSecOps, and compliance teams. Continuously evaluate ASM capabilities through tabletop exercises and exposure simulations. The Skills You Bring: Bachelor’s or master’s degree in computer science, Information Security, or related field. 10+ years in cybersecurity with at least 4 years in a leadership role managing attack surface or vulnerability management programs. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Proven experience in managing hybrid IT environments including cloud (AWS, Azure, GCP), SaaS, and on-premises assets. Expertise in tools such as ASM platforms (e.g., CyCognito, Randori, Microsoft Defender ASM), VM platforms (Tenable, Crowdstrike, Qualys, Rapid7), and API security tools. Deep understanding of cloud security controls, CI/CD pipelines, external threat modeling, and exposure management. Familiarity with MITRE ATT&CK, NIST 800-53/CSF, OWASP Top 10, CIS Benchmarks. Strong leadership, stakeholder management, and team development skills. Ability to communicate technical risks and attack surface exposures in business language to executives and board members. Excellent leadership and people management skills, with the ability to inspire and guide a team of security professionals. Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Gurgaon Req ID: 768823

About our opportunity We are part of the global CIO function tasked to deliver world-class built-in security in Ericsson. Our 100+ employees’ organization is global with the main hubs located in Sweden (HQ), India, USA, and the Philippines. We are inviting the application for Head of IT Sec AS Attack Surface Management. In this role, you will have the chance to be part of a passionate global team dedicated to fulfilling Ericsson’s emerging journey building a strong, resilient, purposed and sustainable IT Security capability. Mandated to protect our company assets from emerging threats and risks, you will together with your colleagues lead the way to develop the future IT Security concepts and technology roadmaps in Ericsson You will Define and execute the enterprise-wide strategy for attack surface management aligned with the broader cybersecurity roadmap. Build and lead a high-performing ASM team covering asset discovery, vulnerability management, cloud security, penetration testing, and red teaming. Partner with business, IT, DevOps, and architecture teams to embed ASM principles in solution design and lifecycle. Oversee continuous asset discovery and inventory (including shadow IT, rogue systems, and exposed services). Manage vulnerability identification, classification, prioritization, and remediation across infrastructure, applications, and cloud environments. Lead API and third-party attack surface monitoring and ensure proactive risk reduction. Drive adoption of ASM platforms, exposure management tools, and threat intelligence integrations. Define KPIs, KRIs, and reporting for ASM effectiveness and risk posture across business units. Ensure alignment with security frameworks (e.g., NIST CSF, ISO 27001, MITRE ATT&CK) and regulatory compliance. Lead red/purple team exercises to validate security posture and feed improvements into the ASM program. Drive coordination with vulnerability management, SOC, architecture, DevSecOps, and compliance teams. Continuously evaluate ASM capabilities through tabletop exercises and exposure simulations. The Skills You Bring: Bachelor’s or master’s degree in computer science, Information Security, or related field. 10+ years in cybersecurity with at least 4 years in a leadership role managing attack surface or vulnerability management programs. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent. Proven experience in managing hybrid IT environments including cloud (AWS, Azure, GCP), SaaS, and on-premises assets. Expertise in tools such as ASM platforms (e.g., CyCognito, Randori, Microsoft Defender ASM), VM platforms (Tenable, Crowdstrike, Qualys, Rapid7), and API security tools. Deep understanding of cloud security controls, CI/CD pipelines, external threat modeling, and exposure management. Familiarity with MITRE ATT&CK, NIST 800-53/CSF, OWASP Top 10, CIS Benchmarks. Strong leadership, stakeholder management, and team development skills. Ability to communicate technical risks and attack surface exposures in business language to executives and board members. Excellent leadership and people management skills, with the ability to inspire and guide a team of security professionals. Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like. Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: India (IN) || Gurgaon Req ID: 768823

"We're Hirng For Senior Security Engineer role at Noida/Bhubaneswar Location" Position: Senior Security Engineer Experience: 5 to 8 Years Location: Noida / Bhubaneswar Must-Have Skills: Cloud Security: AWS / GCP / Azure Security Services: IAM, VPC, Security Groups, KMS Security Tools: AWS Security Hub, Azure Defender, Prisma Cloud, CrowdStrike, Burp Suite, Nessus Container Security: Docker, Kubernetes Scripting: Python, Bash IaC Tools: Terraform, CloudFormation Core Concepts: Encryption, Authentication, Authorization, Secure Communication Client-facing experience in delivering actionable security solutions More information +91 73597 10155 | rushit@tekpillar.com

VARITE is looking for a Vulnerability Analyst with one of its clients located in Bangalore. If you are interested in this opportunity, kindly respond ASAP with your updated resume or apply here. We will be glad to represent you to our client and help in your job search. About the client: Client is an American data infrastructure company that provides unified data storage, integrated data services, and cloud operations (CloudOps) solutions to enterprise customers. WHAT DO WE DO? VARITE is a global IT company providing software and engineering consulting and team augmentation services to Fortune 1000 companies in USA, CANADA, and INDIA. VARITE is currently a primary and direct vendor to the leading corporations in the areas of Cloud, Data Sciences, Infrastructure Application Software, Mobility, Robotics, Banking & Financial Systems. Job Responsibilities: About The Job: We are seeking a highly skilled and motivated Vulnerability Management Specialist with at least 5 years of hands-on experience in identifying, assessing, and mitigating security vulnerabilities across enterprise environments. The ideal candidate will have a strong understanding of cybersecurity principles, vulnerability scanning tools, and risk management frameworks, with the ability to communicate technical issues to non-technical stakeholders. Essential Job Functions: Manage the end-to-end vulnerability management lifecycle: discovery, classification, prioritization, remediation tracking, and reporting. Conduct regular vulnerability assessments using tools such as Qualys, Tenable, Nessus, or Rapid7. Collaborate with system owners, infrastructure teams, and developers to address and remediate vulnerabilities. Monitor threat intelligence feeds to identify and assess emerging vulnerabilities. Develop and maintain metrics and reports on vulnerability status, trends, and remediation progress. Ensure compliance with internal security policies and external regulatory standards (e.g., PCI-DSS, ISO 27001, HIPAA). Coordinate periodic penetration testing and work with external vendors as needed. Assist in maintaining and improving the organization's vulnerability management processes and tools. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). Minimum of 2-3 years of professional experience in vulnerability management, information security, or a related domain. Strong knowledge of operating systems (Windows, Linux, Unix), network protocols, and application architectures. Hands-on experience with vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7, Tenable.io). Familiarity with patch management practices and tools. Understanding of CVSS scoring, OWASP Top 10, and MITRE Telecommunication&CK framework. Experience interpreting and responding to vulnerability alerts (e.g., CVEs, vendor advisories). Preferred: Security certifications such as CEH, OSCP, CompTIA Security+, or GIAC. Experience with scripting languages (Python, PowerShell, Bash) for automation of vulnerability tasks. Exposure to cloud environments (AWS, Azure, GCP) and related security controls. Familiarity with SIEM and ticketing systems (e.g., Splunk, ServiceNow). Soft Skills Strong analytical and problem-solving skills. Excellent written and verbal communication. Ability to manage multiple priorities and work effectively in a fast-paced environment. Collaborative mindset with a strong sense of accountability. Location: Bangalore Please feel free to send your resume to himanshu@varite.com ** If you are not comfortable or interested in this job opening, please feel free to forward this to others.

Bengaluru, Karnataka Hyderabad, Telangana Job ID 30184594 Job Category Digital Technology Position Title: Manager Exposure Management Location: Bangalore Full time/ Part time : Full time Job Description: Job Summary The Manager, Exposure Management plays a key role in identifying, analyzing, and driving mitigation of cybersecurity exposures across enterprise systems. This position focuses on vulnerability management, attack surface monitoring, and web application scanning to ensure timely detection and response to risks affecting the organization’s digital footprint. The role requires strong technical expertise, attention to detail, and the ability to work across teams to influence remediation activities and improve security posture. Key Responsibilities Operate enterprise vulnerability scanning platforms, validate findings, and track remediation efforts. Continuously assess the organization’s internal and external attack surface for untracked assets, misconfigurations, and exposed services. Identify and maintain asset ownership across business units; ensure ownership data is accurate and consistently reflected in the configuration management database (CMDB). Collaborate with infrastructure, application, and business stakeholders to ensure timely and complete updates to asset and ownership records. Configure, execute, and analyze web application security scans; work with development teams to address identified issues. Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tooling. Prepare detailed reports and dashboards for various audiences, from technical teams to executive leadership. Partner with IT, infrastructure, and cybersecurity stakeholders to support risk-informed remediation activities. Contribute to ongoing process improvements and tool optimization across the exposure management lifecycle. Basic Qualifications Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 10 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Master’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 8 years of experience in cybersecurity, with a focus on vulnerability or exposure management. Preferred Qualifications Hands-on experience with tools such as Tenable, Qualys, Rapid7, or similar platforms. Familiarity with web application scanning tools and techniques. Experience managing or supporting a CMDB and asset lifecycle processes in a large organization. Understanding of frameworks such as CVSS, MITRE ATT&CK, and NIST CSF. Strong communication and analytical skills, with the ability to explain technical risks to business stakeholders. Experience supporting compliance and regulatory programs in a global business context. Benefits We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary. Have peace of mind and body with our health insurance Drive forward your career through professional development opportunities Achieve your personal goals with our Employee Assistance Programme Our commitment to you Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference. Now! Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Join us as a Security Analyst We’ll look to you to assess, triage, and respond proactively and effectively to security related threats, incidents, requests, and events The work you do will be vital in defending our assets, information, and systems from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording, or destruction Collaborating with internal and external stakeholders including third party suppliers, you’ll ensure activities relating to incident response, user access, alert monitoring, root cause analysis, and scenario planning are completed in line with standard operating procedures and to a high standard This role is available at associate vice president level What you’ll do Working with an array of domains, stakeholders, and specialists, you’ll take a proactive role to anticipate and identify security events, incidents, and trends that could adversely impact the bank, our customers, employees, or assets. You’ll contribute to security operations including production support, incident response, and on-call rota, and you’ll carry out and contribute to root cause analysis on security incidents and events, conduct training and scenario planning to prepare for and anticipate future events. As such, you’ll minimise future reoccurrence, and prepare reports and briefings as needed and to a high quality. You’ll also develop and maintain response plans, procedures, and playbooks to increase consistency and effectiveness of response capability. As well as this, you’ll: Proactively identify and effectively manage risks to deliver key security related customer and compliance outcomes, escalating and driving actions as necessary Actively contribute to security operations such as production support, incident response and on-call rota Maintain the end-to-end security response as directed, and ensure that security related services are delivered in line with expectations and that process change is implemented smoothly Act with pace when responding to customer queries and complaints and when responding to security events, make sure that feedback loops are in place to learn how to improve service and response Interrogate and interpret large volumes of data and analyse and assess data to understand trends and causal factors The skills you’ll need We’re looking for someone with a passion for cloud security and automation using Agile and DevOps methodologies, as well as promoting shift-left culture, which integrates security analysis into each CI/CD stage. You’ll have experience with Azure Cloud and security stack including Defender, Azure Sentinel and Azure Security Centre. You’ll also have expertise in automated security assessments and familiarity with third-party security tools integration such as Qualys and Tenable and compliance standards like PCI-DSS. In addition to this, you’ll demonstrate: Experience and knowledge of security controls The ability to communicate technical issues in business terms to range of stakeholders Experience in penetration testing and vulnerability management An understanding of Agile methodologies with experience of working in an Agile team

Overview Exp. - 3-6 Years Location - Hyderabad, Bangalore, Gurgaon, Mumbai Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3-5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

What You'll Do. Join us in building a secure, scalable, and experienced platform to support Avalara's expanding business and global customer base. As a Senior Application Security Engineer, you'll work with world-class engineers and architects to ensure security is embedded in everything we build—both in today's systems and the future of our architecture. This role is perfect for someone passionate about automation, cloud-native security, and AI-driven application defense.. You'll help shape the future of Avalara Security, driving security as code, ensuring automation-first practices, and integrating modern AI tooling into security workflows. You understand the value of developer empathy, moves quickly without sacrificing quality, and excels in an environment that combines startup energy with enterprise scale.. You will report to security leadership at Avalara. This is a remote position.. Job Responsibilities. What Your Responsibilities Will Be. You will build, maintain, and continuously improve an automated security pipeline framework integrated into our CI/CD environments.. You will lead development of Infrastructure-as-Code and Policy-as-Code for application security enforcement and consistency across environments.. You will evaluate and integrate security tools (SAST, DAST, SCA, CSPM, EDR) and AI-based solutions into engineering workflows and CI/CD pipelines.. You will provide applicable guidance and mentorship to development and Avalara Security engineering teams on secure development best practices.. Investigate, prototype, and apply AI/ML-based solutions for application behavior analysis, anomaly detection, and threat hunting.. Promote security by design across the organization, and help foster a security-first culture.. Contribute to the continuous refinement of the SDLC to ensure security is smooth, consistent, and measurable.. What You’ll Need To Be Successful. Required Qualifications. 8+ years of experience in application security, secure software development, or security engineering.. Strong programming proficiency in Python and GoLang (hands-on).. Experience with secure SDLC practices and CI/CD pipeline integration.. Strong hands-on experience with Kubernetes, container security, and cloud infrastructure security—preferably AWS and GCP.. Experience with Infrastructure-as-Code (IaC) tools like Terraform or CloudFormation.. Working knowledge of cryptographic protocols and standards: TLS, OAuth, SAML, JWT, etc.. Familiarity with Git, modern source control practices, and agile development methodologies.. Experience working with a broad range of security tools, including:. Tenable, Wiz (Cloud Security Posture Management). Checkmarx, Mend (SAST, SCA). Acunetix, Burp Suite (DAST). CrowdStrike (EDR/XDR). Bachelor's Degree in Computer Science, Engineering, or a related field.. Proven experience contributing to security automation efforts within a security organization like Avalara Security.. Experience with AI/ML tools and frameworks applied to application security or behavior analytics.. Security certifications such as OSWE, CSSLP, AWS Security Specialty, or Kubernetes Security Specialist.. Passion for enabling developer-friendly security solutions and maximum automation.. How We’ll Take Care Of You. Total Rewards. In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses.. Health & Wellness. Benefits vary by location but generally include private medical, life, and disability insurance.. Inclusive culture and diversity. Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship.. What You Need To Know About Avalara. We’re Avalara. We’re defining the relationship between tax and tech.. We’ve already built an industry-leading cloud compliance platform, processing nearly 40 billion customer API calls and over 5 million tax returns a year, and this year we became a billion-dollar business. Our growth is real, and we’re not slowing down until we’ve achieved our mission to be part of every transaction in the world.. We’re bright, innovative, and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. Ownership and achievement go hand in hand here. We instill passion in our people through the trust we place in them.. We’ve been different from day one. Join us, and your career will be too.. We’re An Equal Opportunity Employer. Supporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.. Show more Show less