199 Threat Modeling Jobs - Page 3

Apenetration testing (PenTest) and disaster recovery (DR) test job description typically requires candidates to have expertise in both cybersecurity and business continuity. The role involves conducting authorized simulated attacks to identify vulnerabilities in systems and infrastructure, developing and testing DR plans, and providing recommendations for improvement. Penetration Testing (PenTest) Responsibilities : Vulnerability Assessment: Identify weaknesses in computer systems, networks, and applications. Simulated Attacks: Perform ethical hacking exercises to mimic real-world attacks. Reporting and Recommendations: Document findings and provide actionable recommendations for remediation. Staying Updated: Keep abreast of the latest cybersecurity threats and trends. Disaster Recovery (DR) Testing Responsibilities: DR Plan Development: Contribute to the development and maintenance of DR plans. Testing and Validation: Conduct DR tests to validate the effectiveness of the plan and identify gaps. Communication: Communicate with stakeholders regarding DR testing procedures and results. Improvement: Suggest improvements to the DR plan based on testing findings. Key Skills and Requirements : Technical Expertise: Strong understanding of operating systems, networking, and programming languages. Security Knowledge: Familiarity with cybersecurity best practices, threat models, and security tools. Communication Skills: Ability to communicate findings and recommendations to both technical and non-technical audiences. Analytical Skills: Ability to analyze root, identify trends, and develop solutions. Problem-solving Skills: Ability to troubleshoot issues and implement fixes. Additional Information: Certifications: Relevant certifications like CompTIA PenTest+, CEH, or CISSP can be beneficial. Experience : Experience in cybersecurity,penetration testing, and/or disaster recovery is usually required

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Network Security Operations Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Monitor and evaluate the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Network Security Operations.- Strong understanding of cloud security principles and frameworks.- Experience with security compliance standards and regulations.- Ability to design and implement security architectures for cloud environments.- Familiarity with threat modeling and risk assessment methodologies. Additional Information:- The candidate should have minimum 12 years of experience in Network Security Operations.- This position is based at our Coimbatore office.- A 15 years full time education is required. Qualification 15 years full time education

Overview The Information Security Assessment Lead is responsible for safeguarding PepsiCo's digital assets by assessing the cyber risk and compliance of new and changing systems against information security requirements and managing risks associated with IT and Information Security systems throughout the project lifecycle. The ISA Lead will collaborate with various security teams and businesses to facilitate compliance with Information Security standards, provide technical guidance for key strategic initiatives, and drive the secure delivery of technology solutions within PepsiCo. The role heavily focuses on security risk-based assessments, and data-driven decision-making and automation. Responsibilities Security Design ExpertiseProven track record in assessing security designs, including data flow diagrams, architectural blueprints, low-level designs, networking diagrams, authentication mechanisms, and authorization schemes. Must demonstrate experience in aligning these designs with industry standards such as NIST 800-53, ISO 27002, CIS, and OWASP to ensure robust security postures. Skilled at identifying potential security gaps and implementing best practices to fortify system architectures against emerging threats. Familiarity with the latest security tools and technologies, as well as experience in integrating security measures into complex IT environments, is essential. Compliance AssessmentAssess new and changing application designs and requirements to ensure compliance with PepsiCo information security standards. Risk CommunicationIdentify, quantify, and communicate technology risks impacting the business, recommending resolutions and identifying root causes. Explain scan results (infrastructure, applications, databases) and pen testing results to stakeholders. Threat ModelingUtilize expert knowledge in threat modeling techniques and methodologies to proactively identify, assess, and prioritize security risks, enabling the organization to implement targeted mitigation strategies and maintain a robust information security posture. Project Lifecycle ReviewsReview IT and Information Security systems throughout the project lifecycle, identifying risks and security requirements, and recommending paths to eliminate identified risks and implement compensating controls. Automated Risk AssessmentsConduct risk-based assessments using automated tools and techniques to prioritize and address security risks. Collaboration and EducationCollaborate with various IT and Business teams to ensure they are knowledgeable about Information Security processes and requirements, influencing them to eliminate or reduce risks. ServiceNow UtilizationExperience using ServiceNow to gather necessary information and data, automating security assessment processes to enhance efficiency and effectiveness. Metrics Management and ReportingManage operational metrics related to the ISA and GRC processes, utilizing Power BI for advanced reporting, tracking project progress, and developing corrective action plans. Process Improvement and Proactive SecurityGovern Information Security services from the ISA, tracking process metrics, identifying issues, and driving process improvement initiatives. Stay updated with threat intelligence, leverage Azure and cloud security knowledge, and implement Agile and DevSecOps methodologies to integrate security into the development process. Qualifications A minimum of 8 years of experience in Information Security, IT Risk Management, or a similar role. Mandatory Technical Skills: In-depth technical experience and knowledge of infrastructure technologies, networks, web, computing, cloud services, manufacturing equipment, mobile devices, and information (cyber) security. Strong understanding of information security frameworks, regulations, and standards such as NIST 800-53, CIS, and ISO 27002. Proficient in ServiceNow, with the ability to leverage its modules for information gathering, data analysis, and automation of the ISA service. Experience in threat modeling and applying threat modeling methodologies in previous roles. Proficient in Power BI for developing reports and dashboards to support data-driven decision-making. Strong skills in developing ad hoc reports and managing metrics. Knowledge of Azure and general cloud security principles. Ability to read and explain scan (infrastructure, applications, databases) and pen testing results to technical and non-technical stakeholders, guiding them on risk and vulnerability remediation. Mandatory Non-Technical Skills: Proficient in influencing and educating stakeholders on security best practices and policies, ensuring understanding and adherence to security standards. Established a reputation as a trusted adviser, providing expert guidance on information security matters. Strong presence to represent PepsiCo Information Security in complex situations with business and IT partners. Ability to collaborate with various stakeholders, including business units and product managers.

Overview The Information Security Assessment Lead is responsible for safeguarding PepsiCo's digital assets by assessing the cyber risk and compliance of new and changing systems against information security requirements and managing risks associated with IT and Information Security systems throughout the project lifecycle. The ISA Lead will collaborate with various security teams and businesses to facilitate compliance with Information Security standards, provide technical guidance for key strategic initiatives, and drive the secure delivery of technology solutions within PepsiCo. The role heavily focuses on security risk-based assessments, and data-driven decision-making and automation. Responsibilities Security Design ExpertiseProven track record in assessing security designs, including data flow diagrams, architectural blueprints, low-level designs, networking diagrams, authentication mechanisms, and authorization schemes. Must demonstrate experience in aligning these designs with industry standards such as NIST 800-53, ISO 27002, CIS, and OWASP to ensure robust security postures. Skilled at identifying potential security gaps and implementing best practices to fortify system architectures against emerging threats. Familiarity with the latest security tools and technologies, as well as experience in integrating security measures into complex IT environments, is essential. Compliance AssessmentAssess new and changing application designs and requirements to ensure compliance with PepsiCo information security standards. Risk CommunicationIdentify, quantify, and communicate technology risks impacting the business, recommending resolutions and identifying root causes. Explain scan results (infrastructure, applications, databases) and pen testing results to stakeholders. Threat ModelingUtilize expert knowledge in threat modeling techniques and methodologies to proactively identify, assess, and prioritize security risks, enabling the organization to implement targeted mitigation strategies and maintain a robust information security posture. Project Lifecycle ReviewsReview IT and Information Security systems throughout the project lifecycle, identifying risks and security requirements, and recommending paths to eliminate identified risks and implement compensating controls. Automated Risk AssessmentsConduct risk-based assessments using automated tools and techniques to prioritize and address security risks. Collaboration and EducationCollaborate with various IT and Business teams to ensure they are knowledgeable about Information Security processes and requirements, influencing them to eliminate or reduce risks. ServiceNow UtilizationExperience using ServiceNow to gather necessary information and data, automating security assessment processes to enhance efficiency and effectiveness. Metrics Management and ReportingManage operational metrics related to the ISA and GRC processes, utilizing Power BI for advanced reporting, tracking project progress, and developing corrective action plans. Process Improvement and Proactive SecurityGovern Information Security services from the ISA, tracking process metrics, identifying issues, and driving process improvement initiatives. Stay updated with threat intelligence, leverage Azure and cloud security knowledge, and implement Agile and DevSecOps methodologies to integrate security into the development process. Qualifications A minimum of 8 years of experience in Information Security, IT Risk Management, or a similar role. Mandatory Technical Skills: In-depth technical experience and knowledge of infrastructure technologies, networks, web, computing, cloud services, manufacturing equipment, mobile devices, and information (cyber) security. Strong understanding of information security frameworks, regulations, and standards such as NIST 800-53, CIS, and ISO 27002. Proficient in ServiceNow, with the ability to leverage its modules for information gathering, data analysis, and automation of the ISA service. Experience in threat modeling and applying threat modeling methodologies in previous roles. Proficient in Power BI for developing reports and dashboards to support data-driven decision-making. Strong skills in developing ad hoc reports and managing metrics. Knowledge of Azure and general cloud security principles. Ability to read and explain scan (infrastructure, applications, databases) and pen testing results to technical and non-technical stakeholders, guiding them on risk and vulnerability remediation. Mandatory Non-Technical Skills: Proficient in influencing and educating stakeholders on security best practices and policies, ensuring understanding and adherence to security standards. Established a reputation as a trusted adviser, providing expert guidance on information security matters. Strong presence to represent PepsiCo Information Security in complex situations with business and IT partners. Ability to collaborate with various stakeholders, including business units and product managers.

Proficiency in Cyber Security solutions, IT consulting, and infrastructure security Experience in lead generation, sales pipeline management, and client relationship management Strong negotiation, presentation, and closing skills Provident fund

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications"

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-5 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. * Responsible for security researcher to provide insight and understanding of new and existing information security threats * Responsible to participate in recommending improvements to SOC security process, procedures, policies, security incident management and vulnerability management processes * You will be involved in evaluating, recommending, implementing, and solving problems related to security solutions and evaluating IT security of the new IT Infrastructure systems * Keep yourself up-to-date with emerging security threats including applicable regulatory security requirements * Work in a 24x7 Security Operation Centre (SOC) environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * Minimum 2+ years’ experience in SIEM. * Proven expertise in handling the daily monitoring of Information Security events on the QRadar / ArcSight / Splunk console platform * Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists * Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

Threat Intelligence Analyst 5 years of relevant industry experience in cyber security. Good knowledge of Splunk Search Processing Language (SPL) for rule and content development for alerting, metrics, and/or reporting. Good knowledge of Microsoft Defender for rule and content development for alerting, metrics, and/or reporting. Understanding of Data Lake platform, ability to write detection rules by using SQL Good understanding of security threats across multiple platforms/environments (e.g., Windows/*nix/Cloud/Mainframe). Good knowledge of Cloud and Container security and in developing security content to detect threats across these (various cloud and container) platforms and/or technologies. Good Scripting Knowledge (bash / Python / SQL DBs / API’s). Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response and forensics; Development of security tools, automation or frameworks. Good to Have Developer or DevOps experience in AWS and/or Azure. Previous experience in Linux/Windows administration & automation. Previous experience as DevOps or DevSecOps is highly beneficial. Previous experience in Splunk App development is highly beneficial

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Email Security Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure that the architecture aligns with organizational objectives, while also addressing any emerging security challenges that may arise throughout the process. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of the cloud security architecture to identify areas for improvement.- Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of cloud operations. Professional & Technical Skills: - Must To Have Skills: Proficiency in Email Security.- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with identity and access management solutions.- Knowledge of threat modeling and risk assessment methodologies. Additional Information:- The candidate should have minimum 3 years of experience in Email Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Agoda is an online travel booking platform that connects travelers with a global network of 4.7M hotels and holiday properties, flights, activities, and more. As part of Booking Holdings and based in Asia, our diverse team of 7,100+ employees from 95+ nationalities across 27 markets fosters a work environment rich in creativity and collaboration. We are committed to innovating through a culture of experimentation and ownership, enhancing our customers" ability to experience the world. Our purpose is to bridge the world through travel, allowing people to enjoy, learn, and experience more of the amazing world we live in. The Security Department at Agoda oversees security, compliance, GRC, and security operations to keep the company and its employees safe and protected. We are vigilant in ensuring there are no breaches or vulnerabilities threatening Agoda's security. Working with the best technology in a dynamic and advanced environment, this role offers a great challenge for those who are passionate about security. As a member of the Security team at Agoda, you will be working in a fast-paced DevSecOps environment where code changes occur rapidly. It is essential to integrate security testing into a continuous deployment/integration flow. In this role, you will play a lead role in developing and designing application-level security controls and standards, perform application security design reviews, track and prioritize security issues, build internal security tools, conduct code reviews, and enable automated security testing at scale across various platforms. To succeed in this role, you should have a strong foundation in software engineering, a minimum of 7 years of technical experience in threat modeling, secure coding, identity management, software development, cryptography, system administration, and network security. Additionally, you should have experience with the Software Development Life Cycle, public/private cloud environments, OWASP MASVS and ASVS, application vulnerabilities, automated dynamic scanners, fuzzers, and proxy tools. Strong analytical skills, effective communication, and the ability to convey technical concepts to diverse audiences are essential. If you are looking to relocate, Agoda provides a relocation package to Bangkok, Thailand. Our benefits include a hybrid working model, WFH set up allowance, remote working opportunities, accommodation discounts globally, a diverse global team, CSR/volunteer time off, employee assistance programs, parental leave, and various subscriptions. Agoda is an Equal Opportunity Employer and keeps all applications on file for future vacancies. For more details, please refer to our privacy policy. Please note that we do not accept third party resumes and are not responsible for any fees related to unsolicited resumes.,

As an API and Application Security Specialist at Cywarden, you will play a vital role in ensuring the security and integrity of our clients" systems and data. You will collaborate with developers, architects, and security teams to implement advanced security measures across API ecosystems and software applications. Your responsibilities will include developing and implementing security strategies, conducting security assessments, performing threat modeling and risk assessments, managing authentication and authorization mechanisms, enforcing secure coding practices, responding to security incidents, ensuring compliance with industry standards, and maintaining detailed documentation of security policies. You will also provide training to development teams, implement security monitoring solutions, manage security tools for analysis, and develop security policies and procedures. To qualify for this role, you should have a Bachelor's degree in Computer Science or a related field, along with a minimum of 3-5 years of experience in API and application security. You should be proficient in security frameworks and protocols, experienced with API gateways, familiar with RESTful and GraphQL APIs, and have a strong understanding of encryption and authentication mechanisms. Knowledge of security testing tools, secure coding practices, programming languages, DevSecOps practices, and relevant certifications are preferred. Additionally, you should possess excellent problem-solving skills, strong communication skills, and the ability to work collaboratively in a team environment. This is a full-time, permanent position at Cywarden, offering benefits such as paid sick time, paid time off, performance bonuses, and yearly bonuses. The work schedule includes Monday to Friday night shifts on a rotational basis. The work location is in Mohali, Punjab, and reliable commuting or planning to relocate is required. If you meet the qualifications and are passionate about API and application security, we encourage you to apply for this rewarding opportunity at Cywarden.,

Transport is at the core of modern society. Imagine using your expertise to shape sustainable transport and infrastructure solutions for the future If you seek to make a difference on a global scale, working with next-gen technologies and the sharpest collaborative teams, then we could be a perfect match. As a Product Cybersecurity Officer (PCS officer), you will be responsible for contributing towards the overall security and compliance of our organization's automotive systems and connected vehicles in collaboration with various internal & external stakeholders. This role plays a critical supporting part in safeguarding our vehicles from cyber threats, managing risks, and ensuring compliance with industry regulations and standards. A PCS Officer is a role filled by resources in the Product Cybersecurity Management System (PCSMS) in GTT cybersecurity and functional safety central team. A PCS Officer could take on various responsibilities during the deployment of PCSMS, including Product Regulation Compliance Owner (PRCO), Product Cybersecurity Leader, Vehicle Cybersecurity Coordinator, and Vehicle Cybersecurity Engineer. Primary Responsibilities: - Develop and maintain PCSMS in accordance with applicable product cybersecurity standards and procedures for the organization's automotive systems. - Establish a governance framework to oversee cybersecurity initiatives and ensure alignment with business objectives. - Collaborate with senior management to promote a culture of cybersecurity awareness and compliance throughout the organization. - Support in evaluating new global cybersecurity regulations and setting up/improving processes, instructions, and templates in coordination with the internal GTT team. - Create guidelines for Product Development teams to maintain clear traceability of Cybersecurity changes on product levels to facilitate vehicle type approval certifications. - Stay up to date with evolving regulations and coordinate necessary adjustments to policies and procedures. - Support Vehicle & Technology Streams in identifying, assessing, and managing cybersecurity risks related to vehicle systems and connected technologies. - Provide consolidated reports of product cybersecurity risks to relevant stakeholders. When acting as R155 Product Regulation Compliance Owner (R155 PRCO), responsibilities include: - Responsible for certifications such as R155 Regulation and GB/T 40863 Chinese CS Regulation. - Ensure compliance of Volvo Group Trucks with regional Vehicle Cybersecurity regulations. - Generate and own needed cybersecurity agreements and guidelines related to PCS. - Prepare necessary documents for R155 new and extension vehicle type approval and PCSMS Audit Events. - Summarize product-related cybersecurity changes and create vehicle-level documentation for regulatory audits. - Lead efforts to secure compliance with external regulatory authorities and work with regulatory specialists and certification engineers. - Ensure all technical solutions comply with relevant regulations. Secondary Skills: - Develop and deliver cybersecurity training programs for employees and partners. - Promote a culture of cybersecurity awareness by organizing workshops and awareness campaigns. - Maintain and drive CoP and Supporting Forums related to various PCSMS processes. - Act as an expert advisor to product development teams for screening and planning their CS activities. - Provide necessary guidance and infrastructure to enable the consolidation of individual assurance cases. Further details and qualifications can be found in the job description.,

Primary Skill Roles and responsibilities Work within the Cyber security domain, focusing on the Automated security testing part of our services and improving overall security posture of products and systems for assigned business domain. You will be part of an agile team, constantly improving and automating the security posture of the cloud infrastructure at IKEA. You will partner with and support the IKEA engineering community to build secure infrastructure at scale. You will perform threat modeling and security risk assessments. Understanding of security compliance requirements such as GDPR, NIS2, ISO27000. You will build and operate reliable tooling to increase the visibility of cloud environments and remediate security misconfigurations. You will be a valued member of the team, providing sound perspectives on infrastructure security as well as secure software development. You will be part of the IKEA Cyber Security organization, with a lot of room to grow and develop your skills, knowledge, and experience. Experience utilizing CI/CD practices to Automate security testing tools like SAST (Static Application Security Testing), SCA (Software Composition Analysis), IaC scanning or Container scanning tools in GitHub, Azure DevOps etc. Secondary Skill Experience in cloud native environments and preferably Google Cloud Platform or Azure. Experience in working with REST APIs and API security. You have good infrastructure security experience and are passionate about reducing security risks in the cloud. You have experience with threat modeling, security design reviews, and security architecture. Experience with CI/CD pipelines (preferably Github actions), Kubernetes and infrastructure Works in the area of Software Engineering, which encompasses the development, maintenance and optimization of software solutions/applications.1. Applies scientific methods to analyse and solve software engineering problems.2. He/she is responsible for the development and application of software engineering practice and knowledge, in research, design, development and maintenance.3. His/her work requires the exercise of original thought and judgement and the ability to supervise the technical and administrative work of other software engineers.4. The software engineer builds skills and expertise of his/her software engineering discipline to reach standard software engineer skills expectations for the applicable role, as defined in Professional Communities.5. The software engineer collaborates and acts as team player with other software engineers and stakeholders.

Role Summary: We are looking for a skilled Software Developer to join our Cybersecurity team, focusing on developing security features and capabilities for Windows environments as part of MRI Scanner Software. The role involves designing and implementing security modules for systems operating across edge devices, cloud platforms, and AI/ML pipelines, ensuring compliance with medical device regulations and robust cybersecurity standards. Key Responsibilities: Design, implement, and maintain security features for MRI scanner software running on Windows and Linux platforms. Develop C#/.NET components (primarily for Windows) and contribute to security modules, ensuring secure design and performance. Collaborate with cybersecurity architects to integrate secure coding principles across Windows components. Implement features for authentication, encryption, secure communication, and system hardening on both platforms. Participate in threat modelling, design reviews, and code reviews with a security focus. Ensure implementations are compliant with regulatory standards (FDA, IEC 62304, ISO 27001, GDPR/HIPAA). Debug and resolve complex software issues related to security on Windows and Linux environments. Work with edge, cloud, and AI/ML teams to integrate security within distributed system architectures. Required Skills & Experience: Bachelor’s or Master’s degree in Computer Science, Information Security, Electronics, or related engineering fields. 3-7 years of software development experience, including: Strong C#/.NET development for Windows. Solid understanding of Windows Security Essentials, including: Authentication & Authorization (Active Directory, Windows Credentials) Windows hardening and privilege management Good Understanding of security concepts such as: User and permission management Secure communication, certificates, and encryption libraries SSH, secure configuration, and OS hardening Knowledge of secure coding practices, OWASP, threat modelling, and vulnerability remediation. Desirable Skills: Exposure to containerization security (Docker, Kubernetes) on Windows/Linux. Familiarity and Desire to work with edge computing, cloud integrations (Azure/AWS), and AI/ML security considerations. Added Advantage Certifications such as Microsoft CertifiedSecurity, Compliance, and Identity Fundamentals, CompTIA Security+, RHCSA/RHCE, or similar. Linux development experience (e.g., using shell scripting, C/C++, or Python for system modules). Soft Skills: Strong problem-solving and analytical abilities. Effective collaboration and communication skills within cross-functional global teams. High attention to detail with a security-first and quality mindset. Why Join Us Contribute to innovative MRI technologies improving patient care worldwide. Be part of a team driving cybersecurity excellence in medical device software. Opportunities to grow across Windows, Linux, edge computing, cloud, and AI/ML security domains.

You will be responsible for performing in-depth penetration testing, vulnerability assessments, and security reviews of applications, infrastructure, and networks. Your role will involve identifying, exploiting, and documenting security vulnerabilities across systems and providing remediation recommendations. Additionally, you will simulate sophisticated attacks to test the strength of security controls and identify potential areas of compromise. Collaboration with development, infrastructure, and DevOps teams will be crucial as you work to integrate security into the development lifecycle and Infrastructure-as-Code (IaC) security. You will play a key role in developing comprehensive security test plans, methodologies, and tools to ensure effective assessment of systems. Your responsibilities will also include creating detailed reports outlining vulnerabilities, risks, and recommended mitigations. You will be expected to perform threat modeling and risk assessments to prioritize testing efforts and monitor network traffic for threats, responding to security incidents as needed. Ensuring security best practices in Cloud environments, security controls for cloud workloads, IAM policies, and network security will be part of your daily tasks. This may also involve monitoring and responding to cloud security incidents using SIEM and cloud-native security tools. An important aspect of your role will be to integrate and automate security testing and compliance checks into CI/CD pipelines using tools like SAST, DAST, and IAST. Your contribution in this area will be essential in maintaining a secure and robust security posture for the organization.,

About The Role Project Role : Tech Delivery&Op Excellence Practitioner Project Role Description : Understand how to deliver value to clients, and use that commercial competency to apply methods or certifications appropriately. Attention to detail and deep expertise allow them to see inherent risks or improvement opportunities that others may not. Work directly with client teams to ensure a high standard of delivery and operational excellence are met. Must have skills : Governance Risk Compliance (GRC) Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Tech Delivery & Op Excellence Practitioner, you will understand how to deliver value to clients and apply methods or certifications appropriately. Attention to detail and deep expertise allow you to see inherent risks or improvement opportunities that others may not. Work directly with client teams to ensure a high standard of delivery and operational excellence are met. Key responsibility:- Risk and Compliance senior Analyst works with the Application service delivery organization and other compliance related functions to help:- Perform audits/reviews to assess risks in Application development and maintenance service environment- Manage risk in Application development and maintenance service to an acceptable level - Increase the level of awareness of and compliance with policy and process related matters - Support successful completion of various external compliance certification programs and internal compliance assessments- Introduce continual improvement including lessons learned from matters requiring intervention- This successful candidate for this role will be a member of a dedicated team operating a Controls and Compliance function, which will perform audit style reviews of Application Development & Maintenance Services outsourcing engagements covering compliance matters and operational service management and service delivery good practice.Must-Have Skills/ Qualifications:- Minimum of 1-year experience in Auditing principles and practices (sample qualifications*:CISA, ISO 27001 Lead Auditor)- Minimum of 1-year experience in Application security/audit roles in Application development & maintenance service industry(sample qualifications*:EC-Councils CASE (Certified Application Security Engineer), CEH(Certified Ethical Hacker), - Agile Methodology( Certified Scrum Master), DevOps Certification, CMMI for Development- Knowledge of secure SDLC models, secure coding standards, OWASP Top 10, threat modeling, SAST(Static Application security testing), DAST (Dynamic Application security testing), single sign on, Encryption - Minimum of 1-year experience in Operational compliance requirements)- Contract Management / Service Reporting(including Service Level Agreements and Operational Level Agreements)- Risk management or assessment (sample qualification*:CRISC)- Knowledge of cloud environment and services (sample qualification*:Microsoft Azure/AWS/Google Certifications)- Team and stakeholder managementNice-to-Have Skills/ Qualifications:- Data privacy and protection (sample qualifications*:CIPM, CIPT, CIPP)- CISSP*, CISM*, CISA*, CCSK*, CCSP*- SOC1 and SOC2 (SSAE16 / ISAE3402) awareness- Business Continuity and Disaster Recovery awareness (ISO 22301) Professional Attributes:1:Good communication2:Teamwork3:Problem Solving Capabilities4:Work Planning and Management 5:Quick Learner6:Eager to take on responsible task7:Dedicated and Focused Educational Qualification:1:MBA-Information Security/ IT2:BE/B-Tech with CS/IT/related domain3:BSc- IT Additional Information:(i.e., travel, overtime %)1:Occasional within country travel 2:Flexibility in working hours Qualification 15 years full time education

What the Role Offers: Design, develop new product features using Microservices, Golang, File System and could. Work on cloud storage like AWS, Azure, and Google Cloud Analyze technical requirements, design applications, identify new technologies, and integrate solutions into existing product. Responsible for successful completion of code deliverables within the project Develop prototypes and do live code demos. Work with agile team to ensure required information for testing is provided. Conduct peer code-reviews to ensure adherence to patterns and standards. Promote a practice of learning by being available to mentor other developers. Participate in the user story grooming and estimation sessions, t-shirt sizing to refine product backlog. Development of software in an agile development environment Involved in the various phases of the SDLC, secure coding and reviews. What you need to succeed: Bachelors or masters degree in computer science, Information Systems, or equivalent. Experience in full stack development with Golang and JavaScript frameworks, and knowledge web technologies. Experience in Docker, Microservices, Web Development, and deployment. Experience in working with Cloud storage, AWS, Azure, Google Cloud. Knowledge of databases, LDAP and security. Knowledge of Operating System Linux or Windows. Experience with security tools, Static Analysis tools. Knowledge of threat modelling Excellent problem solving and analytical thinking skills. Good interpersonal, written, and verbal communication skills A strong desire to develop your career through self-learning and scheduled personal development time. ONE LAST THING: You are persistent and inquisitive. You have to understand why things are happening the way they are. You are determined to understand cyber attack techniques at a very detailed level. You are a self-starter who is able to work with minimal management, however have strong collaboration and interpersonal skills to work together with several other professionals from other information security fields. Youre a creative thinker who wants to answer the question, Why? Your workstation is a pyramid of monitors that you can't take your eyes off of at the risk of missing something. You have a desire to learn new technologies. Your sense of humor, passion and enthusiasm shines through in everything you do.

Job Description: Threat Hunting analyst performs a wide variety of security duties with a primary focus on threat actor-based tactics, techniques, and procedures. The ability to manage multiple simultaneous threat hunts spanning several platforms with various TTPs is a key function of this role. Knowledge sharing and mentoring of team members is a critical and necessary skill. Must have the ability to operate under pressure and influence the team dynamic when responding to incidents. Should be able to work to enhance and improve the team and processes over time in a well-established manner. Roles and responsibilities : Perform hypothesis-based threat hunts using popular MITRE attack framework Perform intel-based threat hunting Conduct threat simulation exercises to test current security control Create diamond models to model threat activity Work directly with leadership to develop and improve existing internal processes Develop new processes that will add value to threat hunting team Provide proactive assistance to junior analysts to help them develop their skillset Develop advanced correlation rules for threat detection using CQL (CrowdStrike Query Language) Create and utilize threat intel report to conduct manual hunts across available data sources Perform static and dynamic analysis of malicious files Work proactively on critical security incidents Perform vulnerability review and risk assessment Core experience with Crowdstrike or SPLUNK L3 level experience into investigation, recommendation and take decisions related to Security Incident Investigation, Worked with Leadership Manage End-2-End Security Incident Investigation Experience in creating MITRE Attack Framework Knows basics of Vulnerability Analysis & Risk Assessment Manual Hunt Actively search for threats that may not have been detected by automated security tools. Detect hidden or undisclosed threats using advanced techniques and tools. Develops hypotheses about potential threats based on threat intelligence and industry trends. Performs an in-depth analysis of the network and system to uncover IOCs and APTs. Works closely with other cybersecurity teams to improve detection capabilities and share findings. Have a high level of knowledge in scripting (e.g. Python, PowerShell) to automate threat hunting tasks. Deeply analyze the tactics, techniques, and procedures (TTPs) of the attacker. Advanced Threat Detection Scripting and Programming Knowledge Advanced PowerShell, Bash, and Cmd Analysis Threat Intelligence, Malware Analysis, Vulnerability Analysis, Cloud Security, Data Analysis Required skills : Ability to perform threat hunting using MITRE attack framework Ability to identify/detect/explain malicious activity that occurs within environments with high accuracy/confidence level Ability to develop advanced correlation rules for threat detection. Must be expertise in creating queries using SPL (Search processing language used by Splunk) or CQL (CrowdStrike Query language) Ability to create threat intelligence reports based on available threat intel Ability to perform static and dynamic analysis of possible malicious files Ability to perform Vulnerability analysis and risk assessment Should have strong log analytical skills Should be able to demonstrate good incident response skills in case of critical security incidents Moderate understanding of Windows and Linux operating systems, as well as command line tools Strong verbal as well as written communication skills Basic understanding of malware analysis Year of Experience : 5+ years (Security Operations + Threat Hunting - [Minimum 2 years should be in threat hunting]) Tools - CrowdStrike, Splunk, Logscale Humio Certification : GIAC / Offensive Security certifications preferred CTHP (CTHP (Certified Threat Hunting Professional): An advanced certification for threat hunters.) , C|TIA (Certified Threat Intelligence Analyst), GIAC Certified Threat Intelligence (GCTI), Certified Threat Hunting Professional (CTHP). One of this is a must have. Programing language - Python (Good to have) Qualification : Bachelor of Engineering in any stream

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred technical and professional experience Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques.Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications"

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Educational Bachelor of Engineering Service Line Quality Responsibilities In this role, you will help architect, deploy security solutions, tools for Application, DevSecOps & SSDLC, and Public Cloud Security. You need to learn about Infosys business initiatives, products and business needs to drive clients' security projects. Develop technical solutions and advisesecurity controls to mitigate security vulnerabilities. Partner with Security Engineers, Architects, and clients to drive security initiatives in technology and policy governance. Technical and Professional : Azure, AWS, GCP, Sentinel, GRC, Threat Analyst, NIST, MITRE ATT&CK, SOC2, ISO27001, ISO27002, Identity, Access management, Security Engineering, Security Automation, Resiliency, DevSecOps, SSDLC, SDLC, Threat Modelling, Risk Assessor, Security Audit, zero trust, ZTNA, conditional access Preferred Skills: Foundational-Cybersecurity Competency Management-Cyber Competency Strategy Planning

About the Role We are seeking a skilled and passionate Red Team Security Consultant to join our cybersecurity team. The ideal candidate will specialize in simulating adversarial tactics, techniques, and procedures (TTPs) to identify vulnerabilities and improve the organization's security posture. This role involves performing advanced penetration tests, simulating real-world attacks, and working with teams to implement effective remediation strategies Key Responsibilities Plan, execute, and document Red Team exercises mimicking advanced threat actors for medium to large enterprises. Conduct network penetration testing (VAPT), system vulnerability assessments, and security configuration reviews. Perform manual security assessments for web applications, APIs, and client-server applications. Simulate sophisticated attack chains including lateral movement, privilege escalation, and data exfiltration. Develop and execute custom attack payloads using tools and scripts. Assess physical security controls and implement social engineering assessments when required. Create and maintain custom tools/scripts in languages like Python, Bash, or PowerShell. Utilize and adapt adversary emulation frameworks such as MITRE ATT&CK, Cobalt Strike, and Metasploit. Collaborate with Blue Teams to improve detection and response mechanisms through Purple Team engagements. Basic Qualifications Education: BE/B. Tech/ MCA/ M. Sc. (IT/Computers) Experience: Required: 2 - 5 years. Excellent communication and collaboration skills. Preferred Qualifications Preferred Certifications: OSCP, OSCE, CRTP, eWPTX, Security+, CREST, CRTO. Desired Skill Set: Red Teaming, VAPT, Application Security (Web/Mobile/API). 2-5 years of relevant domain experience in VAPT, Red Teaming, and Application Security domains. Proficient in Application Security concepts, including OWASP Top 10 and OSSTMM. Experience with vulnerability scanning tools such as BurpSuite Pro, Nessus, OWASP ZAP, Kali Linux, Cobalt Strike, Caldera etc. Basic ability to write automation scripts (Bash or Python). Understanding of threat modeling and secure coding practices. Strong understanding of TTPs, threat modeling, and secure coding practices. Hands-on experience in Active Directory exploitation, phishing campaigns, and endpoint bypass techniques.

At Capgemini Engineering, the world leader in engineering services, we bring together a global team of engineers, scientists, and architects to help the worlds mostinnovative companies unleash their potential. From autonomous cars to life-saving robots, our digital and software technology experts think outside the box as theyprovide unique R&D and engineering services across all industries. Join us for a career full of opportunities. Where you can make a difference. Where no two days arethe same. Skill Description: Experience in working with Bluetooth profiles and ability to do analyze air traces to root cause issues Experience in Automotive Infotainment Domain Experience in Modern C++14/17, OOPs, Design patterns . Knowhow with coding guidelines/standards (e.g. MISRA C/C++, CERT C/C++) Experience in Multi-Threading, IPC, RPC: Thrift, DBUS, gRPC , Sockets. Experience in Build tools like Make, CMake and Git workflow. Experience in Linux, GDB, Valgrind, System Debugging skills. Experience with Test-Driven Development, Google-Test, Robot Framework, Python. Shell Understanding Infotainment System Architecture, Design Principles. Know how on Agile Frameworks and tools: Scrum/Kanban, JIRA, Confluence, TMX, R4J Nice to have Experience with Embedded Linux / Yocto/ QNX Knowledge of ASPICE V-Model Processes. Understanding/Experience in containers, hyper visor, virtualization. Experience in Media player, Bluetooth, IAP, Android auto, Device manager , Remote UI. Experience with DevOps-CI/CD. Experience with AppArmour, Threat Modeling, TrustZone, Ability to understand and address Bluetooth security vulnerabilities reported by various research organizations. Works in the area of Software Engineering, which encompasses the development, maintenance and optimization of software solutions/applications.1. Applies scientific methods to analyse and solve software engineering problems.2. He/she is responsible for the development and application of software engineering practice and knowledge, in research, design, development and maintenance.3. His/her work requires the exercise of original thought and judgement and the ability to supervise the technical and administrative work of other software engineers.4. The software engineer builds skills and expertise of his/her software engineering discipline to reach standard software engineer skills expectations for the applicable role, as defined in Professional Communities.5. The software engineer collaborates and acts as team player with other software engineers and stakeholders. Skills (competencies) Verbal Communication