256 Tenable Jobs - Page 7

Key Deliverables: Analyze and prioritize vulnerabilities using CVSS, KEV, EPSS, and asset criticality Coordinate with IT and DevOps for risk-based remediation Maintain dashboards, metrics, and reports for security posture Support cloud vulnerability assessments and compliance audits Role Responsibilities: Use tools like Tenable, Qualys, Rapid7 to monitor and manage vulnerabilities Align threat intelligence with remediation efforts Document policies and support process improvements Collaborate with security, infrastructure, and business teams for timely risk mitigation

Bangalore,Karnataka,India Job ID 768426 Join our Team About the Role: We are hiring a Vulnerability Engineer to join our Managed Security Services team. You will be responsible for identifying, analyzing, and tracking security vulnerabilities across enterprise environments. The role involves working with scanning tools, coordinating with stakeholders, and ensuring timely remediation to minimize security risk. Key Responsibilities: Perform vulnerability scans using tools like Tenable Nessus, Qualys, IBM AppScan , etc. Analyze scan results, identify false positives, and prioritize risks Track and support remediation efforts with technical teams Register and manage assets in scanning platforms and maintain scan schedules Prepare reports and metrics for leadership and stakeholders Coordinate with customers on scan schedules and mitigation plans Contribute to automation and process optimization Required Skills: Strong knowledge of vulnerability management processes and tools like Tenable Nessus, Qualys, IBM AppScan etc Solid understanding of network, system, and application-level security Experience in report writing and communicating technical findings Familiarity with enterprise IT environments and TCP/IP networking Excellent problem-solving, collaboration, and communication skills Willingness to participate in on-call support rotation Preferred: Experience with scripting/automation for scanning and reporting Security certifications (e.g., CEH, CompTIA Security+, OSCP) Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

Project description Security is a global organization within Group Technology Infrastructure and Security Engineering. Our services focus on preventing and detecting cyber threats and securing our IT systems. We provide consolidated and reliable security services that implement secure design principles and create best-fit solutions. You will be working in the Cyber Technology service team, providing security products and services for the Cyber Hygiene space - specifically for Infrastructure Scanning and vulnerability assessment. We provide consolidated and reliable security hygiene controls to our clients using the latest technology. As a Cyber Security Engineer, you will play a vital role in creating Infrastructure Scanning and Security Remediation capabilities, determining required IT business solutions, and assisting in implementing them. We offer flexibility in the workplace and equal opportunities to all our team members. Responsibilities Perform vulnerability scanning to discover and analyze vulnerabilities and characterize risks to networks, OS, application, databases etc. (to meet scan coverage targets) Stakeholder engagement to recommend appropriate remedial actions to mitigate risks and validate remedial actions and ensure compliance with regulatory requirements. Perform vulnerability management system administration functions, as required Maintain proficiency in vulnerability management best practices Onboarding new attack surface to vulnerability scanning process Documentation management and continuous service improvement Skills Must have - 5-10 years relevant experience Degree in related discipline or qualified by experience Well-developed oral and written English communication skills Team player with ability to work collaboratively with others and aptitude for self-development Experience using commercial vulnerability scanning solutions such as Rapid7, Qualys, Tenable etc. Expertise with administration of networks, windows and or Linux operating systems An understanding of IT Security Risk, attack vector Nice to have N/A Other Languages EnglishC1 Advanced Seniority Regular

SystemsPlus is hiring for System Engineer, Exp : 5yr + Immiedate joiners only. Location : Pune, Hybrid. SUMMARY OF ESSENTIAL JOB FUNCTIONS: Deliver patch management services to clients as part of a broader managed service offering. Maintain and enhance automation tools for assessing and deploying security patches to Windows, Linux, Mac, and third-party applications. Monitor patch deployment dashboards, identify issues, and ensure successful remediation. Develop and maintain patch schedules in line with customer service level agreements and maintenance windows. Perform patch impact analysis, testing, and change control procedures in pre-production environments. Generate and analyze compliance and vulnerability reports and provide actionable insights. Collaborate with security, compliance, and service desk teams to ensure coordinated response to vulnerabilities. Create and maintain up-to-date documentation, runbooks, and client communication templates. Respond to patch-related incidents and requests in a timely manner. Continuously improve patching processes through scripting and tool integration. REQUIRED SKILLS AND EXPERIENCE: 5+ years of experience in IT infrastructure, systems administration, or managed services. Strong understanding of patch management processes and tools (e.g., Microsoft MECM, WSUS, Intune, Datto (RMM), Patch my PC, Automox, Ansible, Jamf Pro). Familiarity with enterprise OS environments: Windows Server/Desktop, Linux (RHEL, Ubuntu), and MacOS. Experience with scripting languages such as PowerShell, Bash, or Python. Strong troubleshooting skills and familiarity with vulnerability management and compliance frameworks. Excellent communication and documentation skills. Experience in a managed services provider (MSP) or service delivery role. Knowledge of ITIL and service management practices. Exposure to vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7). Experience with automation. Interested candidates drop CV on khyati.sagar@systems-plus.com Show more Show less

Job Description Qualifications Required . Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent professional experience is acceptable. Minimum 5+ years of experience in Azure cloud operations, with a demonstrated focus on security and vulnerability management. Proven track record of managing and securing large-scale Azure environments in production. Hands-on experience with vulnerability scanning, remediation, and compliance in enterprise cloud environments. Extensive experience in responding to and managing security incidents and threat mitigation in Azure. Technical Skills Azure Expertise : In-depth knowledge of Azure services, including but not limited to: Azure Security Center Azure Defender Azure Key Vault Azure Policy Azure Sentinel (SIEM) Azure Active Directory (Azure AD) Security and Vulnerability Tools : Proficiency with vulnerability scanning and management tools like Qualys, Tenable Nessus, or Rapid7. Experience with Azure-native security tools for threat detection and remediation. Infrastructure Hardening : Strong knowledge of security best practices for securing virtual machines, storage accounts, AKS, and network components. Familiarity with zero-trust architecture principles and implementation in Azure. Automation & Scripting : Advanced skills in scripting languages such as PowerShell , Azure CLI , Python , or other automation tools to remediate vulnerabilities and improve operational efficiency. Experience in integrating security checks into CI/CD pipelines. Certifications (Preferred or Mandatory) Azure Cloud Certifications: Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) Security Certifications: Certified Information Systems Security Professional ( CISSP ) Certified Ethical Hacker ( CEH ) CompTIA Security+ GIAC certifications (e.g., GCIH, GSEC, or GCED) Other Requirements Familiarity with regulatory and compliance standards, such as ISO 27001 , SOC 2 , GDPR , or HIPAA . Experience in performing and supporting audits related to cloud security. Proven ability to stay current with evolving cloud and cybersecurity trends. Show more Show less

Job Title: L3 SOC Lead Location: Kolkata Job Description We are urgently looking for an experienced L3 SOC Lead to join the Security Operations Center (SOC) team at UCO Bank. The ideal candidate will have extensive experience in SOC operations and security management tools, and will be responsible for leading the SOC team to monitor, detect, analyze, and respond to cybersecurity threats and incidents effectively. Key Responsibilities Lead and manage the SOC team for continuous monitoring, detection, and response of security incidents. Oversee SOC operations to ensure timely and effective incident management. Perform advanced analysis and investigation of security events and incidents. Develop and implement SOC processes, procedures, and escalation mechanisms. Collaborate with cross-functional teams for threat intelligence sharing and incident remediation. Manage and optimize security tools including SIEM, DLP, WAF, DAM, and others. Conduct periodic security assessments and audits to ensure compliance. Provide technical guidance and mentorship to SOC analysts. Prepare reports and communicate SOC metrics, incident trends, and risk posture to management. Required Skills and Expertise Strong hands-on experience with the following Security Tools: ArcSight (SIEM) Data Loss Prevention (DLP) Web Application Firewall (WAF) Database Activity Monitoring (DAM) Network Behavior Analysis (NBA) Privileged Identity Management (PIM) AlgoSec (Security Policy Management) Anti-Malware Solutions Cisco HyperFlex Infrastructure (HCI) Tenable (Vulnerability Management) Expertise in analyzing and responding to cybersecurity threats and incidents. In-depth knowledge of security frameworks, threat intelligence, and incident response. Proven experience in leading SOC operations and teams. Strong understanding of networking, system security, and endpoint protection. Education & Certifications Bachelor’s or Master’s degree in Computer Science or related field (BE/B.Tech/MCA/BCA/MSc/BSc). Relevant professional certifications (mandatory): CISA / CISSP / CISM or Any OEM certification in IT Security (e.g., Certified Ethical Hacker, GIAC, etc.) Experience 5-7 years of relevant experience in SOC operations. Prior experience leading a SOC or security team will be preferred. Show more Show less

Job Title: Technical Support Specialist Experience Level: 5+ Years Location: Remote Department: Infrastructure & Technical Services Job Summary: We are seeking a skilled and proactive specialist in who can provide Network Support, Windows Desktop Support, Microsoft 365 Infrastructure Support, and Server Administration Support to join our Infrastructure & Technical Services team. The ideal candidate will have over five years of hands-on experience in said mentioned support areas. This role is critical in maintaining the stability, security, and performance of our customers infrastructure. The candidate must also be bilingual in Spanish and English , with the ability to translate technical terms between the two languages. Key Responsibilities: Monitor, troubleshoot, and support enterprise network infrastructure including LAN/WAN, firewalls, and switches. Support and maintain Palo Alto firewalls, including security policies, NAT, and VPNs. Administer and support Cisco switches, VLANs, and spanning tree protocols. Collaborate with cross-functional teams to support infrastructure projects and deployments. Maintain network documentation, diagrams, and standard operating procedures. Provide support for Windows desktop environments, including installation, configuration, and maintenance. Troubleshoot and resolve hardware, software, and network issues for end users. Manage and support mobile devices (iOS and Android) using Mobile Device Management (MDM) solutions. Administer and maintain IT service management tools such as ManageEngine. Support and configure Windows, Apple iOS and Android devices in a corporate environment. Provide support for Microsoft 365 services including Exchange Online, Teams, SharePoint, OneDrive, and Intune. Manage user identity and access through Azure Active Directory, including conditional access policies and MFA. Monitor M365 service health, investigate incidents, and resolve issues using Microsoft 365 Admin Center and PowerShell. Support hybrid environments integrating on-premises Active Directory with Azure AD. Collaborate with security teams to enforce compliance, data loss prevention (DLP), and threat protection policies. Assist in tenant-level configuration, license management, and service adoption strategies. Administer, monitor, and troubleshoot Windows Server (2012–2022) and Linux environments. Knowledge virtualization infrastructure using VMware vSphere/ESXi. Knowledge in Deploy, configure, and maintain cloud services in Microsoft Azure . Understanding security tools such as Tenable Nessus, Cortex XDR, and ManageEngine solutions. Knowledge in Automate system administration tasks using Ansible and scripting (PowerShell, Bash). Working with teams on regular system updates, patch management, and vulnerability remediation. Ensure compliance with company security policies and industry best practices. Participate in on-call rotation and provide after-hours support as needed. A MUST / Translate technical documents and communications from Spanish to English and vice versa. A MUST / Communicate effectively with Spanish-speaking and English-speaking stakeholders. Required Qualifications: Minimum 5 years of experience in network support or administration. Knowledge with Palo Alto firewalls and Cisco switches Proficiency in Cisco switching technologies and basic routing protocols. Good understanding of TCP/IP, DNS, DHCP, VPN, and network segmentation along with identity federation (e.g., ADFS, SSO). Experience with network monitoring and diagnostic tools (e.g., Wireshark, SolarWinds). Proficiency in Windows OS (Windows 10/11) and Microsoft Office Suite. Experience with ManageEngine or similar ITSM tools. Experience with MDM platforms (e.g., Intune, ManageEngine MDM, MobileIron, AirWatch). Knowledge of iPhone and Android device configuration and support. Familiarity with Apple iOS and macOS environments. Proficiency in PowerShell scripting for automation and administration tasks. Experience with Microsoft Endpoint Manager (Intune), Exchange Online Protection (EOP), and Defender for Office 365. Excellent problem-solving and communication skills. A MUST / Fluent in both Spanish and English, with the ability to translate technical terms between the two languages. Preferred Qualifications: - Experience with cloud networking (AWS, Azure) is a plus. - Familiarity with ITIL practices and ticketing systems. Show more Show less

Now Hiring: Senior Cyber Security Engineers Location: Bangalore (Preferred) | Open to Remote Candidates Across India Engagement Type: 8–12 Months Contract OR Full-Time (Direct Hire) Salary: Open – Based on Experience (DoE) Are you a seasoned Cyber Security Engineer with a strong track record in cloud security, vulnerability management, DLP, and IAM ? We are hiring for immediate openings to support a key project for a top-tier enterprise client. This is a high-impact role for professionals who bring both strategic insight and hands-on expertise to secure cloud environments, protect critical data, and manage access controls. Key Responsibilities: Implement and manage end-to-end cloud security across AWS, Azure, or GCP environments Conduct vulnerability assessments , analyze threat reports, and drive mitigation strategies Design and enforce Data Loss Prevention (DLP) policies and tools Manage Identity and Access Management (IAM) systems including provisioning, de-provisioning, RBAC, and SSO integrations Collaborate with IT, DevOps, Infrastructure, and Compliance teams to ensure robust security posture Support audits, risk assessments , and compliance initiatives (ISO, SOC2, etc.) Document and update security architectures, standards, and operational procedures Required Skills & Experience: 8–10 years of experience in Cyber Security Engineering or Information Security roles Hands-on expertise with: Cloud security tools (AWS Security Hub, Azure Security Center, etc.) Vulnerability management (Qualys, Nessus, Tenable, etc.) DLP platforms (Symantec, Forcepoint, McAfee, etc.) IAM platforms (Okta, Azure AD, Ping Identity, SailPoint, etc.) Strong knowledge of security frameworks (NIST, CIS Controls, etc.) Excellent communication , problem-solving , and stakeholder management skills Certifications like CISSP, CISM, CEH, AWS/Azure Security are a plus Show more Show less

Job Title Security Analyst Role and Responsibilities The security Analyst is a member of the CISO Regulatory & Compliance Team and will assist in ensuring the associated business units / accounts comply with applicable Conduent and NIS 2 security standards, regulations, and policies.The Security analyst will be professional, independent, impartial, and fair in all interactions. The security resource is accountable for procedures and processes that ensure the integrity, confidentiality, and availability of assigned Business units\u2019 information, applications, and infrastructure. Resource will perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document, and remediate organization risk, control gaps and vulnerabilities. This position will be responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units. Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to IPS/IDS alerts; change detection (FIM) alerts application firewall alerts; malware alerts rogue wireless network alerts security system health alerts; exploit attempt alerts Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to audits of system security to ensure compliance with Corporate security framework NIS 2, NIST 800-53, ISO 27001/2, PCI-DSS emerging country, state, and Federal privacy laws Primary POC in a vulnerability management program of the account that includes external and internal vulnerability scans of applications and systems external and internal penetration tests of applications and systems documentation and remediation of identified vulnerabilities and exploits routinely monitoring various communication avenues for security vulnerabilities and security patches taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environments making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement Acts as the initial point of contact to facilitate the handling of security audits and client requests Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units Qualifications and Education CIPP, CRISC, CISA, CISSP, CISM, ISO or any security/IT audit certification is a plus. Minimum of Five (3 to 5) Years of experience in IT Security compliance, or Security Auditing is required. Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc. Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls. Knowledge of security technologies, devices, and countermeasures, as well as the threats they are designed to counter. Experience with developing security reports, recommendations, policies, and procedures that are meaningful, defensible, and actionable for a variety of audiences. Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). Experience in PowerPoint, Word, Excel; experience with Visio and MS Project. Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations. Familiarity with security, workflow, and collaboration tools such Nessus Tenable, Splunk, SharePoint and ServiceNow (Snow) is a plus Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally Preferred Skills Creating and Maintaining NIST 800-53-rev5 based SSP and POAM Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks).

Cybersecurity - Project Management Officer (PMO) Dombivli, Mumbai Note: Looking only for candidates who can join within 30 days . Outstation candidates must be willing to relocate. Candidate for this role will be working on client project at the client’s office in Dombivli, Mumbai. 5 days WFO, Saturday WFH . Job Overview: The PMO will be responsible for overseeing & streamlining delivery of security testing engagements— specifically for Payment Gateway (PG) clients. Ensuring timely delivery, resource optimization, effective coordination with stakeholders and adherence to compliance & quality standards. This role bridges the gap between the technical testing team & business stakeholders to ensure smooth execution of projects. Qualifications: MBA or BBA with 2-4 years ’ experience working in project management for IT/ software industry. Hands on experience with project management tools such as Zoho helpdesk or Zoho Projects, is a must. Candidate should have project management certifications such as PMI-ACP or CAPM or PMP or similar (mandatory). Background in cybersecurity would be preferred. Job description: Project Planning & Tracking Maintain and update project trackers for multiple PG security testing engagements. Monitor project milestones, deadlines, and deliverables. Track actual vs. planned timelines and raise alerts on delays or deviations. Ensure daily/weekly status reporting from security consultants is accurate and up to date. Track daily utilization, workload distribution, and resource conflicts. Maintain visibility into pipeline projects to plan for resource ramp-up/down. Serve as a point of contact for internal and external stakeholders for project-related queries and escalations. Set up governance calls, circulate agendas, track MOMs, and follow up on action items. Communicate progress, risks, and dependencies to clients in a structured and timely manner. Ensure projects follow standardized security testing workflows (web, API, mobile, infra). Track closure of client queries, validations, and retesting requests. Own the preparation and maintenance of client-facing dashboards (project status, vulnerability metrics, SLA adherence). Track daily task sheet updates from consultants and prepare weekly/monthly performance summaries. Highlight red flags and recommend corrective actions proactively. Analyze project data to identify trends, insights, and areas for improvement Establish and maintain effective communication channels with stakeholders to ensure alignment and transparency. Facilitate stakeholder meetings, and presentations to gather requirements and provide project updates. Manage stakeholder expectations and address stakeholder concerns in a timely manner. Technical Skills: Project Tools: Jira, MS Project, Smartsheet, ServiceNow (GRC module) Security Tools (basic familiarity): Qualys, Nessus, Rapid7, Tenable Documentation & Reporting: MS Excel (pivot, charts), PowerPoint, Power BI or similar. Requirements and skills Proven work experience as a Project Management Officer or similar role Strong leadership skills and stakeholder management skills Strong analytical and problem-solving skills Good written and verbal communication skills Strong attention to details and technicalities Excellent organizational and technical abilities Good interpersonal and multi-tasking skills Relevant training and/or certification Show more Show less

Relevant Experience: 5-7 Years on SOC Operation Education: BE/BTECH/MCA/BCA/MSC/BSC in Computer Science Certification: CISA/CISSP/CISM/Any OEM Certification in the field of IT Security Skills – Security Tools : Ø ArcSight (SIEM) Ø DLP Ø WAF Ø DAM Ø NBA Ø PIM Ø AlgoSec Ø Anti Malware Ø Cisco HCI Ø Tenable Job Type: Full-time Pay: ₹800,000.00 - ₹1,400,000.00 per year Schedule: Rotational shift Ability to commute/relocate: Kolkata, West Bengal: Reliably commute or planning to relocate before starting work (Required) Application Question(s): What is your current CTC? What is your expected CTC? What is your notice period? What is your current location? In which of the following tools do you have hands-on experience? (ArcSight, DLP, WAF, DAM, NBA, PIM, AlgoSec, Anti Malware, Cisco HCI, Tenable) Which level are you supporting? Experience: total work: 5 years (Required) SOC Operation: 5 years (Required) Work Location: In person

The world's top banks use Zafin's integrated platform to drive transformative customer value. Powered by an innovative AI-powered architecture, Zafin's platform seamlessly unifies data from across the enterprise to accelerate product and pricing innovation, automate deal management and billing, and create personalized customer offerings that drive expansion and loyalty. Zafin empowers banks to drive sustainable growth, strengthen their market position, and define the future of banking centered around customer value. Qualifications Required . Bachelor's or Master's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent professional experience is acceptable. Minimum 5+ years of experience in Azure cloud operations, with a demonstrated focus on security and vulnerability management. Proven track record of managing and securing large-scale Azure environments in production. Hands-on experience with vulnerability scanning, remediation, and compliance in enterprise cloud environments. Extensive experience in responding to and managing security incidents and threat mitigation in Azure. Technical Skills Azure Expertise : In-depth knowledge of Azure services, including but not limited to: Azure Security Center Azure Defender Azure Key Vault Azure Policy Azure Sentinel (SIEM) Azure Active Directory (Azure AD) Security and Vulnerability Tools : Proficiency with vulnerability scanning and management tools like Qualys, Tenable Nessus, or Rapid7. Experience with Azure-native security tools for threat detection and remediation. Infrastructure Hardening : Strong knowledge of security best practices for securing virtual machines, storage accounts, AKS, and network components. Familiarity with zero-trust architecture principles and implementation in Azure. Automation & Scripting : Advanced skills in scripting languages such as PowerShell, Azure CLI, Python, or other automation tools to remediate vulnerabilities and improve operational efficiency. Experience in integrating security checks into CI/CD pipelines. Certifications (Preferred or Mandatory) Azure Cloud Certifications: Microsoft Certified: Azure Administrator Associate (AZ-104) Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Cybersecurity Architect Expert (SC-100) Security Certifications: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) CompTIA Security+ GIAC certifications (e.g., GCIH, GSEC, or GCED) Other Requirements Familiarity with regulatory and compliance standards, such as ISO 27001, SOC 2, GDPR, or HIPAA. Experience in performing and supporting audits related to cloud security. Proven ability to stay current with evolving cloud and cybersecurity trends. What's in it for you Joining our team means being part of a culture that values diversity, teamwork, and high-quality work. We offer competitive salaries, annual bonus potential, generous paid time off, paid volunteering days, wellness benefits, and robust opportunities for professional growth and career advancement. Want to learn more about what you can look forward to during your career with us? Visit our careers site and our openings: zafin.com/careers Zafin welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. Zafin is committed to protecting the privacy and security of the personal information collected from all applicants throughout the recruitment process. The methods by which Zafin contains uses, stores, handles, retains, or discloses applicant information can be accessed by reviewing Zafin's privacy policy at https://zafin.com/privacy-notice/. By submitting a job application, you confirm that you agree to the processing of your personal data by Zafin described in the candidate privacy notice. Show more Show less

Title The Information Security team defends the company’s digital infrastructure by designing, implementing, and improving the company’s cybersecurity architecture. This is a critical role responsible for protecting infrastructure, cloud, edge devices, and data against unauthorized use, modification, exfiltration, or damage. This role identifies threats, manages projects and engineers solutions that impact the entire company. An ideal candidate for this role is technical, dedicated to learning new things, security-minded, strong initiative, and able to manage projects autonomously. Overview Medpace is a full-service clinical research organization (CRO). We provide Phase I-IV clinical development services to the biotechnology, pharmaceutical and medical device industries. Our mission is to accelerate the global development of safe and effective medical therapeutics through its scientific and disciplined approach. We leverage local regulatory and therapeutic expertise across all major areas including oncology, cardiology, metabolic disease, endocrinology, central nervous system, anti-viral and anti-infective. Headquartered in Cincinnati, Ohio, employing more than 5,000 people across 40+ countries. Responsibilities Engineer security solutions without oversight and collaborate with multiple departments; Analyze security systems and seek improvements on a continuous basis; Research vulnerabilities, perform vulnerability scanning, and mitigate threats; Develop security best practices and policies for the organization; Document new processes, cross-train coworkers, and assist employees on security-related matters; Provide security awareness training and testing for employees to verify proper security protocols are being followed; Staying current with cybersecurity knowledge by participating in educational opportunities, reading professional publications, and participating in professional organizations; Performing cyber security incident response, and remediation activities; and Facilitate access reviews of company data and revoke inappropriate/overprovisioned access in order to drive least privilege access. Qualifications Require at least a bachelor’s degree preferably in Information Technology; Require a minimum of at least 2 years of experience in implementing Information Security solutions; Understanding of security best practices and how to implement them at a business-wide level; Experience with managing, configuring, and deploying enterprise-grade security solutions in some of the following: SIEM Privileged Access Management/Identity Access Management/Multifactor Authentication Endpoint Detection & Response Network Access Control Cloud based architecture such as Azure/AWS Active Directory Soft skills including excellent communication skills, critical thinking skills with the ability to solve problems as they arise, and ability to prioritize projects; and Basic scripting skills, such as PowerShell/Python scripting. Nice to have: Experience with vulnerability assessment tools such as Nessus and Tenable; Experience with enterprise web proxy solutions, web filters, and VPN; Experience with email security solutions; Experience with firewall and network architecture; Experience with administrating Windows environment including GPO and servers; Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPAA, GDPR, SOC Type 2, etc; and Auditing and policy-writing experience. People. Purpose. Passion. Make a Difference Tomorrow. Join Us Today. The work we’ve done over the past 30+ years has positively impacted the lives of countless patients and families who face hundreds of diseases across all key therapeutic areas. The work we do today will improve the lives of people living with illness and disease in the future. Medpace Perks Flexible work environment Competitive compensation and benefits package Competitive PTO packages Structured career paths with opportunities for professional growth Company-sponsored employee appreciation events Employee health and wellness initiatives Awards Recognized by Forbes as one of America's Most Successful Midsize Companies in 2021, 2022, 2023 and 2024 Continually recognized with CRO Leadership Awards from Life Science Leader magazine based on expertise, quality, capabilities, reliability, and compatibility What to Expect Next A Medpace team member will review your qualifications and, if interested, you will be contacted with details for next steps.

Job Title: Sr. SecOps Engineer Experience: 4 - 9 Years Location: Remote Contract Duration: Long Term Work Time: 1 PM - 10 PM or 2 PM - 11 PM IST Job Summary We seek innovative professionals who adapt to change and thrive in fast-paced environments. You will join an engineering team that builds scalable systems, secures infrastructure, and applies advanced technologies to protect and transform financial services. If you are passionate about cybersecurity, infrastructure design, and proactive defense, we encourage you to apply. Responsibilities Gain deep understanding of the company’s tech stack to assess vulnerabilities and propose security solutions Monitor IT control environments to identify key risks, control gaps, and report findings Support third-party vulnerability testing processes and document results Collaborate with internal stakeholders to address systemic security concerns Perform monitoring using security tools and oversee remediation efforts Identify and analyze threats and vulnerabilities, ensuring timely resolution Implement and maintain consistent, cost-effective security controls and procedures Track and document security-related incidents for efficient resolution Support audits and risk assessments with documentation and evidence Assist management in corrective action planning based on audit findings Lead or participate in implementation of new security initiatives Stay updated on technology and security trends to recommend improvements Help develop company-wide IT and information security best practices Primary Skills 4–6 years of experience in design, testing, development, migration, and integration within mid to large organizations Experience in conducting vulnerability scans across various environments Hands-on with vulnerability scanning, incident response, endpoint detection, monitoring, and logging Strong understanding of current security threats, tools, and network technologies Practical knowledge of AWS core services such as VPC, EC2, S3, RDS, ELB, ALB, WAF, Lambda Proficiency in programming languages such as Python, Java, or Go Experience with both Windows and Linux operating systems Proficient in using scanning tools like Qualys, Rapid7 Nexpose, or Tenable Nessus Familiarity with EDR tools such as Tanium, Crowdstrike, Cisco AMP, or McAfee Skilled in monitoring tools like Splunk, Loggly, or Kibana Experience with automation and configuration tools like Jenkins, Puppet, Chef, CloudFormation, Terraform, or Ansible Knowledge of version control and CI/CD tools: Git, Nexus, Gradle, Groovy, YML Understanding of AWS security capabilities: WAF, GuardDuty, Security Groups, IAM Familiar with baseline configuration standards (CIS Benchmarks or DISA STIGs) Strong communication and presentation skills Security certifications such as CISSP, GSEC, CEH are a plus Show more Show less

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the implemented solutions align with organizational objectives, all while maintaining a focus on continuous improvement and risk management. Roles & Responsibilities: -Remediation of vulnerabilities -Exp in Tenable,Wiz.IO, Checkmarx and Burpsuite -Defining Scan schedule -Reporting and Dashboard -Metrics driven dashboards Professional & Technical Skills: -Establish and operationalize an enterprise vulnerability management program, including: - Scanner deployment and configuration - VM operating procedures - Remediation working group - Attack surface management procedures - Vulnerability intelligence integration - Exception handling procures - vulnerability risk standard -To integrate VM program operations with existing Cloud security, GRC and IT capabilities/processes. -Scanning of Scout's entire IP space (internal and external) using Tenable. Scanning technology will be provided by Scout. -End-to-end centralized operations of the vulnerability management program encompassing all identified vulnerabilities resulting from penetrating testing, infrastructure scanning, DAST, and OT security assessments, and including risk analysis, remediation support, exception handling, mitigation, and reporting. Additional Information: - The candidate should have minimum 3 years of experience in Infrastructure Security Vulnerability Management Operations. - This position is based at our Gurugram office. - A 15 years full time education is required. Show more Show less

What Success Looks Like In This Role Vulnerability Management: Experience with vulnerability management tools (e.g., Tenable, Qualys), including actions to remediate identified vulnerabilities Experience in working at “responsibility without authority” engagements for vulnerability remediation Threat Analysis: Perform in-depth analysis of security events and provide actionable intelligence to prevent future incidents. Root Cause Analysis: Conduct post-incident analysis to determine the root cause of incidents and assist in developing mitigation strategies to prevent recurrence. Collaboration: Work closely with other internal teams, such as IT, legal, and compliance, to mitigate and remediate security incidents and provide necessary incident reporting. Security Tools Support: Support the installation and management of security tools such as SIEM, IDS/IPS, endpoint detection & response (EDR), and firewall systems. Continuous Improvement: Contribute to the development and refinement of incident response processes, playbooks, and security protocols. Expected Knowledge And Experience Incident Response: experience in security incident response and resolution, including malware outbreaks, network intrusions, and data breaches alerts monitoring and root-cause analysis. Cybersecurity Frameworks: Familiarity with security frameworks such as NIST, MITRE ATT&CK, and SANS. Tools & Technologies: Familiarity with security technologies and platforms (e.g., SIEMs like Splunk, Tenable; EDR tools like CrowdStrike; firewalls, IDS/IPS systems). Network & Systems: Understanding of network protocols, operating systems (Windows, Linux), and web applications, and how they can be exploited in attacks. Threat Intelligence: Familiarity with threat intelligence feeds and using them to inform incident response and proactively detect threats. Incident Response: Support the analysis and documentation of security incidents, including timelines, actions taken, and outcomes. Reporting: Provide clear and concise incident reports and updates to senior management and relevant stakeholders. Cloud Security: Understanding of cloud platforms (AWS, Azure, GCP) and security implications within cloud environments. Regulatory Compliance: Knowledge of relevant regulatory requirements (e.g., GDPR, ISO27001, PCI-DSS) and how they relate to incident management and reporting. Preferred Qualifications Certifications: Relevant cybersecurity and/or privacy certifications are expected. Scripting Skills: Familiarity with scripting or automation (Python, Bash, PowerShell) for incident investigation and response tasks. Forensics: Understanding of digital forensics, including evidence collection, chain of custody, and data analysis techniques. Skills & Competencies Strong analytical and problem-solving skills. Solid knowledge of MS Excel. Excellent verbal and written communication skills. Ability to handle high-pressure situations and make quick decisions. Ability to work both independently and as part of a collaborative team. Detail-oriented with strong organizational and documentation skills. You will be successful in this role if you have: BA/BS degree and 2-4 years’ relevant experience OR equivalent combination of education and experience Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4). US job seekers can find more information about Unisys’ EEO commitment here. Show more Show less

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. Information Security Consultant II This role is part of NCR’s Global Information Security team. This team is responsible for developing and implementing NCR’s corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management. The Information Security Consultant shall be responsible for the day-to-day activities required to respond for both routine and high severity vulnerabilities and security incidents. The Information Security Consultant shall work in a collaborative manner with vulnerability coordinators, incident responders, key incident management team members, management, and other stakeholders to ensure vulnerabilities and security incidents are contained, eradicated, remediated and after-action review is held according to corporate policy. The Information Security Consultant is expected to contribute to weekly status calls and respond to ad-hoc requests as part of this position. The Information Security Consultant will work with stakeholders and team members to assist with improving incident response processes that are aligned with the mission of the office of the CISO. The individual should be highly skilled, motivated and detail-oriented security professional to join our dynamic team. The ideal candidate will be responsible for leading and managing our Vulnerability Management program along with Incident Management, ensuring the protection of our organization's digital assets. Key Responsibilities: Vulnerability Management: Lead the design, implementation, and continuous improvement of the enterprise-wide vulnerability management program. External attack surface management and technical remediation Run Vulnerability red team exercises and simulation for risk prioritization Oversee vulnerability assessments, scanning, and remediation efforts across all systems, networks, and applications. Collaborate with IT, GTM and product SRE teams to prioritize and remediate vulnerabilities based on risk and business impact. Develop and maintain metrics and dashboards to track vulnerability trends and remediation progress. Ensure compliance with internal policies, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, CIS). Incident Management: Assist in the development and execution of the incident response plan and playbooks. Act as a key responder and advisor during cybersecurity incidents, ensuring timely containment, investigation, and recovery. Conduct post-incident reviews and root cause analyses to improve future response efforts. Provide guidance and training to internal teams on incident response best practices. Skills and Qualifications Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. 10+ years of experience in cybersecurity, with a strong focus on vulnerability and incident management. Proven experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and SIEM/SOAR platforms. Deep understanding of threat landscapes, attack vectors, and mitigation strategies. Strong knowledge of security frameworks and standards (e.g., NIST, MITRE ATT&CK, OWASP). Excellent analytical, communication, and leadership skills. Preferred Certifications: CISSP, CISM, OSCP, CEH, or equivalent. GIAC certifications (e.g., GCIH, GCIA, GPEN) are a plus. Offers of employment are conditional upon passage of screening criteria applicable to the job EEO Statement Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes “When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.”

About Us: Barry-Wehmiller is a diversified global supplier of engineering consulting and manufacturing technology for the packaging, corrugating, sheeting and paper-converting industries. By blending people-centric leadership with disciplined operational strategies and purpose-driven growth, Barry-Wehmiller has become a $3 billion organization with nearly 12,000 team members united by a common belief: to use the power of business to build a better world. Job Description: About Barry Wehmiller: - Barry Wehmiller Companies is a global supplier of manufacturing technology and services based in St. Louis Missouri. Although it was founded in 1885 as a maker of machinery for the brewing industry, since 1987 Barry-Wehmiller has acquired more than 80 companies that provide equipment and services for a variety of industries: packaging, paper converting, sheeting, corrugating, engineering, and IT consulting. In 2016 it was ranked no. 10 on the St. Louis Business Journal's list of the city's Top 150 Privately Held Companies. We believe our culture differentiates us from other firms. In India, Barry-Wehmiller operates as a hub of innovation and collaboration, housing our Global Competency Center (GCC) and other strategic functions. The GCC, based in Chennai, is an Engineering Center of Excellence that supports all Barry-Wehmiller divisions globally. The center focuses on areas such as design and development in mechanical, electrical, and controls engineering, software development, and additive manufacturing. We believe in: Ownership – You’ll drive features end-to-end, from design to deployment. Flexibility – A friendly, results-oriented culture that respects your time. Empowerment – Your insights are valued, and your work makes a visible difference. Learning & Growth – You’ll work on complex challenges with smart, passionate peers—and have the support to level up continually. If you’re ready to bring your best thinking to the table and grow in a high-impact, future-focused environment, we’d love to hear from you. Job Description: The Enterprise IT Service Desk Workstation Vulnerability Analyst’s role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 3-5 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Travel: Travel could be up to 15% (in the country) as needed for remote support. What is it for you? This role is more than just a job. It’s an opportunity to be part of a global team that values people excellence, innovative solutions, and operational excellence. Barry-Wehmiller provides a unique environment where you can grow your skills, work on impactful projects, and collaborate with some of the brightest minds in the industry. In addition, we are deeply committed to your personal and professional growth, fostering a culture that helps you achieve your full potential. To understand more about our people-first philosophy, you may like to watch this short video by our CEO, Mr. Bob Chapman , on Truly Human Leadership : Watch the video At Barry-Wehmiller we recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying. We know that our differences often can bring about innovation, excellence and meaningful work—therefore, people from all backgrounds are encouraged to apply to our positions. Please let us know if you require reasonable accommodations during the interview process. Company: BW Corporate US

Qualification & Experience We are looking for candidates with the following skills and experience: ● Graduate/Post Graduate with 5+ years of experience in IT, Cyber or equivalent field. ● Business acumen with ability to step back to get global perspective ● Cyber security vulnerability & compliance Knowledge management ● Hands on experience with scanning tools like Qualys or Tenable or similar ● Risk and threat management basics ● Skill in conducting application vulnerability assessments. ● Organised with a proven ability to prioritise workload, meet deadlines, and utilise time effectively in a challenging environment to drumbeat the activity ● Good interpersonal and communication skills, works effectively as a team player for stakeholder management and customer relationships ● Data driven with influence skills at different levels (top mgt, customers, partners....) for reporting purposes. Knowledge in monitoring technologies (like Splunk current skill or high interest and potential to upskill) ● Agile mindset required, experience in Agile, SAFE & Scrum methodology preferred but not essential ● Good understanding of global security standards and implementation ● On-hands experience with tools like Qualys and Tenable Tasks & Accountabilities As the successful candidate your main tasks & accountabilities are: ● Understand Airbus business and process to exchange with Digital Security Risk & Asset Management department ● Grasp and understand Cyber vulnerabilities(CVE’s) to connect them to risk with recommendations. ● Work in MFT (Multi functional Team) inside and outside IM for an End 2 End perspective ● Plan and commit on analysis and recommendations follow-up activities with stakeholders ● Contribute to cyber risk avoidance ● Establish and maintain strong relationships with key stakeholders, ensuring coordination and cooperation ● Produce/ contribute to operational and executive KPIs Show more Show less

JOB PURPOSE: The Head of mXDR Operations is responsible for leading and managing the operational aspects of cybersecurity at the airport, including oversight of the Managed Security Services Provider (MSSP) delivering SOC operations, Threat Hunting, Detection & Prevention, and Incident Response. The role also encompasses direct accountability for Information Security Operations covering both IT and OT (Operational Technology) domains, ensuring a unified and effective defense posture against cyber threats in a critical infrastructure environment. PRINCIPAL ACCOUNTABILITIES: SOC & mXDR Oversight Lead daily operations and governance of MSSP-managed Security Operations Center (SOC) and mXDR services. Review and validate alerts, use cases, playbooks, and tuning recommendations submitted by MSSP. Define and track service level agreements (SLAs), mean time to detect/respond (MTTD/MTTR), and other performance KPIs. Ensure continuous coverage across IT, cloud, and OT assets within the SOC’s visibility and telemetry scope. Collaborate with MSSP to plan capability upgrades (e.g., EDR, NDR, cloud telemetry integration). Optimize the performance of managed XDR solutions to proactively identify and mitigate risks. Monitor and evaluate partner performance, addressing any issues related to quality, cost, or delivery. Threat Hunting & Detection Engineering Guide the proactive hunting of threats across endpoints, networks, OT environments, and cloud workloads. Review hunting hypotheses and analytics built on threat intelligence, behavior analytics, and anomaly detection. Oversee development and refinement of detection rules, correlation logic, and behavioral models. Drive periodic reviews of MITRE ATT&CK coverage and detection effectiveness. Support threat simulation and emulation exercises (e.g., purple teaming) to enhance detection posture. Incident Response & Management Ensure a well-defined incident response plan is in place and regularly tested through simulations. Continuously improve detection and response capabilities based on threat intelligence and industry trends. Conduct post-incident reviews to identify lessons learned and improve processes. Act as the lead coordinator for high-severity and regulatory-reportable cyber incidents. Ensure MSSP follows incident response procedures and escalates as per predefined thresholds. Maintain and test incident response playbooks, RACI charts, and communication protocols. Coordinate evidence collection, forensic analysis, and root cause investigations. Oversee the implementation and verification of post-incident recovery and lessons learned. OT Cybersecurity Operations Work with the ICS Security SME to oversee deployment and operations of OT-specific security controls (e.g., ICS firewalls, passive monitoring). Support ICS Security SME in working with OT vendors and facilities teams to ensure security of SCADA, BMS, and other critical systems. Track vulnerabilities in OT assets and coordinate with ICS Security SME and stakeholders for safe remediation. Monitor lateral movement risks between IT and OT environments and enforce network segmentation. Ensure OT environments are covered in threat detection, logging, and alerting workflows. Information Security Operations Manage day-to-day internal security operations including DLP, endpoint protection, and access monitoring. Review all Change Requests and provide insight & recommendations ensuring CRs/amendments are fit for purpose, negotiated and executed by working with all stakeholders. Ensure critical patches, vulnerabilities, and security misconfigurations are tracked and remediated. Maintain visibility of high-value assets and enforce control compliance (e.g., logging, backup, access). Investigate user behavior anomalies and enforce insider threat detection measures. Coordinate identity and access management reviews for privileged and third-party access. Governance, Reporting & Compliance Generate monthly and quarterly dashboards covering alerts, incidents, SLAs, and threat trends. Report on MSSP adherence to contract deliverables, including risk exposure and gap analysis. Manage escalations as per contracted frameworks. Ensure unresolved escalations are tabled in governance forums and taken up for resolution. Drive the resolution of such escalations by working with all concerned stakeholders Coordinate with compliance teams for audits and regulatory inspections related to cybersecurity. Contribute to cyber risk assessments for critical airport systems and digital services. Ensure alignment with international frameworks (e.g., NIST CSF, ISO 27001, NIS2) and aviation-specific mandates. Strategic Leadership Provide strategic direction and leadership to the MSSP, fostering a culture of excellence and continuous improvement. Drive innovation in information security solutions and practices, ensuring the organization remains competitive and forward-looking. Act as a key advisor on Information Security matters, contributing to strategic decision-making. DIMENSIONS: Financial Optimize operational expenses while delivering high-value outcomes through effective vendor negotiations. Support financial risk mitigation by safeguarding against data breaches, penalties, and other cyber-related losses. Non-Financial Manage the MSSP (both remote and no-premises resources) with day-to-day tasks, review, and guidance on in-scope activities. Assess the skills, capabilities & expectations of the MSSP from time to time and work with MSSP management for right sourcing in BIAL account. Provide inputs on team capacity planning & hiring plans if any Lead and mentor MSSP team, fostering a high-performing team culture. Enhance the organization's ability to respond to and recover from cyber incidents effectively. Competency - Proficiency Level - Description: Cybersecurity Operations - Expert - Deep knowledge in SOC, SIEM, XDR, endpoint, network, and cloud security Threat Detection & Threat Hunting - Advanced - Experience in proactively identifying advanced threats and anomalies Incident Response & Forensics - Advanced - Skilled in leading structured incident response and root cause analysis OT Security - Intermediate - Understanding of OT systems and securing industrial environments Vendor & MSSP Management - Advanced - Strong experience in managing MSSP contracts and delivery governance Information Security Frameworks - Advanced - ISO 27001, NIST, MITRE ATT&CK, CIS Controls Communication & Reporting - Advanced - Capable of translating technical issues into business impact for leadership Risk Management & Compliance - Intermediate - Knowledge of regulatory and critical infrastructure compliance requirements Team Leadership & Collaboration - Advanced - Experience in leading internal security teams and cross-functional teams JOB SPECIFICATION: Knowledge and work skills: Comprehensive understanding of cybersecurity frameworks, technologies, and methodologies (e.g., NIST CSF, ISO 27001, MITRE ATT&CK, ITIL v3, PMP, TOGAF, ISO 20k & 27k and COBIT). Expertise in managed XDR operations, incident response, threat intelligence, and identity management. Familiarity with security architecture principles, ICS/OT security frameworks, and industrial protocols. Adequate knowledge of regulatory standards applicable to the industry. Proficient in process improvement and development practices Strong knowledge of SLA & service management, and operations management. Knowledge with InfoSec tools like: AV/EDR, Data Leakage Prevention, Metasploit, TripWire, Rapid7, Tenable, Snort, Nessus, Burp Suite, Appscan, Nmap, Wireshark, Firewalls, SIEM, SOAR, , SSE, CASB, PIM/PAM, WAF, O365 suite (Intune, Conditional access, Data classification and protection). Skills Minimum 10–12 years of experience in cybersecurity operations, with at least 5 years in a leadership or MSSP governance role. Experience in driving initiatives centered on continuous improvement, innovation, execution excellence, customer centricity and automation Analytical and problem-solving skills for assessing threats, vulnerabilities, and risks in complex environments. Exceptional communication and stakeholder management skills to influence decision-making and secure buy-in. Proven ability to lead cross-functional teams. Ability to build and maintain relationships with internal teams, partners, and external vendors. Qualifications Bachelor’s degree in computer science, Information Security, or a related field (Master’s degree preferred). Certifications such as CISSP, CISM, CISA, CEH, or equivalent are highly desirable. **Please note that this position requires 5 days work from Office. Show more Show less

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. NCR VOYIX is headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe. For nearly 140 years, we have been the global leader in consumer transaction technologies, turning everyday consumer interactions into meaningful moments. Today, NCR VOYIX transforms the stores, restaurants and digital banking experiences with cloud-based, platform-led SaaS and services capabilities. Not only are we the leader in the market segments we serve and the technology we deliver, but we create exceptional consumer experiences in partnership with the world’s leading retailers, restaurants and financial institutions. We leverage our expertise, R&D capabilities and unique platform to help navigate, simplify and run our customers’ technology systems. Our customers are at the center of everything we do. Our mission is to enable stores, restaurants and financial institutions to exceed their goals – from customer satisfaction to revenue growth, to operational excellence, to reduced costs and profit growth. Our solutions empower our customers to succeed in today’s competitive landscape. Our unique perspective brings innovative, industry-leading tech to all the moving parts of business across industries. NCR VOYIX has earned the trust of businesses large and small — from the best-known brands around the world to your local favorite around the corner. Information Security Consultant II This role is part of NCR’s Global Information Security team. This team is responsible for developing and implementing NCR’s corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management. The Information Security Consultant shall be responsible for the day-to-day activities required to respond for both routine and high severity vulnerabilities and security incidents. The Information Security Consultant shall work in a collaborative manner with vulnerability coordinators, incident responders, key incident management team members, management, and other stakeholders to ensure vulnerabilities and security incidents are contained, eradicated, remediated and after-action review is held according to corporate policy. The Information Security Consultant is expected to contribute to weekly status calls and respond to ad-hoc requests as part of this position. The Information Security Consultant will work with stakeholders and team members to assist with improving incident response processes that are aligned with the mission of the office of the CISO. The individual should be highly skilled, motivated and detail-oriented security professional to join our dynamic team. The ideal candidate will be responsible for leading and managing our Vulnerability Management program along with Incident Management, ensuring the protection of our organization's digital assets. Key Responsibilities: Vulnerability Management: Lead the design, implementation, and continuous improvement of the enterprise-wide vulnerability management program. External attack surface management and technical remediation Run Vulnerability red team exercises and simulation for risk prioritization Oversee vulnerability assessments, scanning, and remediation efforts across all systems, networks, and applications. Collaborate with IT, GTM and product SRE teams to prioritize and remediate vulnerabilities based on risk and business impact. Develop and maintain metrics and dashboards to track vulnerability trends and remediation progress. Ensure compliance with internal policies, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, CIS). Incident Management: Assist in the development and execution of the incident response plan and playbooks. Act as a key responder and advisor during cybersecurity incidents, ensuring timely containment, investigation, and recovery. Conduct post-incident reviews and root cause analyses to improve future response efforts. Provide guidance and training to internal teams on incident response best practices. Skills And Qualifications Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. 10+ years of experience in cybersecurity, with a strong focus on vulnerability and incident management. Proven experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7) and SIEM/SOAR platforms. Deep understanding of threat landscapes, attack vectors, and mitigation strategies. Strong knowledge of security frameworks and standards (e.g., NIST, MITRE ATT&CK, OWASP). Excellent analytical, communication, and leadership skills. Preferred Certifications: CISSP, CISM, OSCP, CEH, or equivalent. GIAC certifications (e.g., GCIH, GCIA, GPEN) are a plus. Offers of employment are conditional upon passage of screening criteria applicable to the job EEO Statement Integrated into our shared values is NCR Voyix’s commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR Voyix is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR Voyix has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR Voyix only accepts resumes from agencies on the preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR Voyix employees, or any NCR Voyix facility. NCR Voyix is not responsible for any fees or charges associated with unsolicited resumes “When applying for a job, please make sure to only open emails that you will receive during your application process that come from a @ncrvoyix.com email domain.” Show more Show less

Job Title: ServiceNow SecOps Consultant / Developer Experience: 5+ years in ServiceNow with minimum 2 years in SecOps module Job Description: We are looking for a highly skilled ServiceNow Security Operations (SecOps) Consultant/Developer to join our team. The ideal candidate will have experience in implementing and customizing ServiceNow SecOps modules including Security Incident Response (SIR), Vulnerability Response (VR), Threat Intelligence, and Security Incident Enrichment. Key Responsibilities: Implement, configure, and maintain ServiceNow Security Operations modules. Integrate external security tools (e.g., Qualys, Splunk, Rapid7, Tenable) with ServiceNow SecOps. Design and develop workflows, automation scripts, and business rules to streamline SecOps processes. Configure and maintain playbooks for automated response actions. Manage security incident lifecycle using ServiceNow SIR module. Enable vulnerability identification and remediation using VR module. Collaborate with InfoSec, IT, and third-party security tools teams. Support continuous improvement efforts and provide recommendations for platform optimization. Required Skills: Strong hands-on experience with ServiceNow Security Operations Suite. Knowledge of ServiceNow CMDB, Discovery, and MID server setup. Experience with Security Incident Response, Vulnerability Response, and Threat Intelligence modules. Proficiency in scripting (JavaScript) and ServiceNow development/customization. Experience with integration tools like REST/SOAP APIs. Familiarity with SIEM tools (e.g., Splunk, QRadar), Vulnerability scanners (e.g., Qualys, Tenable). Good to Have: ServiceNow Certified Implementation Specialist – Security Operations. Experience in SOC processes, NIST/ISO frameworks, and risk management. ITIL certification or working knowledge of ITIL processes. Experience with MITRE ATT&CK framework and threat intelligence feeds. Educational Qualification: Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, or related field. Show more Show less

Aqua, Vulnerability Assessment, Vulnerability Mitigation - Applicants should possess 7+ years of demonstrated experience in cybersecurity, network engineering, and/or infrastructure engineering 5 of the years must include hands on experience in one or many of the following areas - threat intelligence, server vulnerability management and container vulnerability management - 3 plus years experience administering cloud container vulnerability solutions like Aqua or Wix is required Candidates without this experience will not be considered - 3+ years working with container technologies and container vulnerabilities is required Candidates without this experience will not be considered - Experience with scanning solutions such as Rapid7, Qualys, or Tenable scanning is desired - Understanding of MITRE ATTCK and OWASP frameworks is desired - Understanding of malware and common attack types is desired

About Marvell Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities. At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead. Your Team, Your Impact At Marvell, we are looking for a manager for Vulnerability Management, you will be responsible for developing and implementing strategies to enhance and mature the enterprise vulnerability management program. The role ensures the identification, assessment, and remediation of security vulnerabilities across the enterprise. What You Can Expect Vulnerability Management Program Development – design and implement a comprehensive vulnerability management program. Oversee vulnerability scanning tools to identify security vulnerabilities in enterprise systems, networks, and applications. Own and develop policies, procedures, and best practices for vulnerability scanning, assessment, and remediation. Perform risk-based prioritization of identified vulnerabilities. Collaborate with security analysts to conduct detailed assessments of critical vulnerabilities and develop POAM Work with cross-functional teams to develop remediation plans and timelines. Ensure timely patching or mitigation of vulnerabilities. Partner with IT and business teams to establish patching cadence, work with the change manager, and bring an automated patching process Develop and implement prioritized vulnerability remediation plans and work collaboratively with business. Track and report on remediation progress to stakeholders and leadership. Provide support for incident response and new systems onboarding processes in the application/system/infrastructure vulnerability security domain. Stay updated on emerging threats and vulnerabilities (emerging threats, zero days, latest attacks related to exploitation of vuln) through threat intelligence sources. Integrate threat intelligence into the vulnerability management process to address high-risk areas proactively. Build executive and business information security officer dashboards for the organization Define metrics and reporting to track program effectiveness and improvement. Develop and track key performance indicators (KPIs) for the vulnerability management program. Lead and manage vulnerability management projects, such as implementing new tools or processes. Lead a team of security engineers, providing mentorship and performance management in improving and automating processes wherever possible. Ensure compliance with security frameworks (e.g., ISO 27001, NIST CSF, TISAX, NIST 800-171, and SOX). Prepare for and support internal and external audits related to vulnerability management. What We're Looking For 10+ years of experience in Cybersecurity, vulnerability management, and security operations Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, or a related field Demonstrated background in deploying, owning, and configuring enterprise-level security tools/technology Experience scaling an enterprise vulnerability program across multiple environments, driving owner accountability and prioritization Hands-on experience and knowledge of vulnerability management tools such as Qualys, Rapid7, Tenable, and orchestration via SOAR or other platforms to automate vulnerability management program. In-depth knowledge across core domains – Vulnerability Management, External Attack Surface Management, Container Scanning, and Security Configuration Management Well-versed in penetration testing, vulnerability scanning, and red teaming methodologies and frameworks such as OWASP Top 10 and CWE 25. Demonstrated knowledge of networking and systems, and current vulnerability and threat trends. Strong understanding of network protocols, operating systems, and security technologies. Experience improving vulnerability prioritization models Excellent communication, collaboration, and interpersonal skills Cyber certifications (e.g., CISM, CISSP) or equivalent Additional Compensation And Benefit Elements With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. We’re dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what it’s like to work at Marvell, visit our Careers page. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Show more Show less

Let’s be #BrilliantTogether ISS STOXX is looking for a Cloud Security Engineer to join our team in Mumbai, India. Overview We are looking for a talent to bring technical expertise to the development and deployment of our cutting-edge financial intelligence platform. In this role, you will leverage your technical expertise and innovative mindset to lead the design, implementation, operation and optimization of our platform infrastructure, ensuring its ability to deliver efficient and reliable data services to our global client base. As a senior member of technical team, you will collaborate with cross-functional peers and stakeholders to drive continuous improvement initiatives and ensure our platform remains at the forefront of investment management technology. Responsibilities Contribute to the security and operation of Stoxx's GCP platform infrastructure. Ensure the platform's security, reliability, and efficiency meet regulatory, business and client requirements. Work with the Principal Cloud Security Engineer to implement and enforce a cloud security posture. Work with the extended Information Security Office (ISO) to ensure cloud security standards are aligned with ISO standards. Collaborate with cross-functional teams to implement the cloud security roadmap. Drive continuous improvement initiatives to enhance pipeline performance and customer satisfaction. Keep abreast of emerging trends and technologies in cloud security and operations, and promote them across engineering and business functions. Conduct audits and system reviews to ensure compliance with latest regulatory and security standards. Perform investigations during security incidents, identifying the root cause and taking action to prevent it from happening again. Requirements 3+ years' experience in Cloud Security on any of the major cloud providers. Experience with the development and deployment of large-scale, complex security platforms. Good knowledge of GCP products across database, serverless, containerization and API. Experience working in a global or multinational team setting. Strong communication and collaboration skills. Proven ability to drive innovation and continuous improvement initiatives. Focus on simplicity, automation and observability. Bachelor's or Master's degree in Computer Science or related field. Some or all of Wiz, SonarQube, Tenable, PaloAlto, Terraform, Python, GitHub Actions, Apigee, Airflow and any SIEM tool. Ability to create scripts/tools as they relate to security. Ability to troubleshoot, trace and diagnose API endpoint and network security issues. Knowledge of security protocols and mechanisms. #MIDSENIOR #STOXX What You Can Expect From Us At ISS STOXX, our people are our driving force. We are committed to building a culture that values diverse skills, perspectives, and experiences. We hire the best talent in our industry and empower them with the resources, support, and opportunities to grow—professionally and personally. Together, we foster an environment that fuels creativity, drives innovation, and shapes our future success. Let’s empower, collaborate, and inspire. Let’s be #BrilliantTogether. About ISS STOXX ISS STOXX GmbH is a leading provider of research and technology solutions for the financial market. Established in 1985, we offer top-notch benchmark and custom indices globally, helping clients identify investment opportunities and manage portfolio risks. Our services cover corporate governance, sustainability, cyber risk, and fund intelligence. Majority-owned by Deutsche Börse Group, ISS STOXX has over 3,400 professionals in 33 locations worldwide, serving around 6,400 clients, including institutional investors and companies focused on ESG, cyber, and governance risk. Clients trust our expertise to make informed decisions for their stakeholders' benefit. STOXX® and DAX® indices comprise a global and comprehensive family of more than 17,000 strictly rules-based and transparent indices. Best known for the leading European equity indices EURO STOXX 50®, STOXX® Europe 600 and DAX®, the portfolio of index solutions consists of total market, benchmark, blue-chip, sustainability, thematic and factor-based indices covering a complete set of world, regional and country markets. STOXX and DAX indices are licensed to more than 550 companies around the world for benchmarking purposes and as underlyings for ETFs, futures and options, structured products, and passively managed investment funds. STOXX Ltd., part of the ISS STOXX group of companies, is the administrator of the STOXX and DAX indices under the European Benchmark Regulation. Visit our website: https://www.issgovernance.com View additional open roles: https://www.issgovernance.com/join-the-iss-team/ Institutional Shareholder Services (“ISS”) is committed to fostering, cultivating, and preserving a culture of diversity and inclusion. It is our policy to prohibit discrimination or harassment against any applicant or employee on the basis of race, color, ethnicity, creed, religion, sex, age, height, weight, citizenship status, national origin, social origin, sexual orientation, gender identity or gender expression, pregnancy status, marital status, familial status, mental or physical disability, veteran status, military service or status, genetic information, or any other characteristic protected by law (referred to as “protected status”). All activities including, but not limited to, recruiting and hiring, recruitment advertising, promotions, performance appraisals, training, job assignments, compensation, demotions, transfers, terminations (including layoffs), benefits, and other terms, conditions, and privileges of employment, are and will be administered on a non-discriminatory basis, consistent with all applicable federal, state, and local requirements. Show more Show less