489 Threat Modeling Jobs - Page 3

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars securityWe are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts.Roles & Responsibilities:Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.Perform hardware penetration testing to identify vulnerabilities in electronic systems.Assess the security of medical devices, ensuring compliance with industry regulations and standards.Identify and address security risks associated with healthcare information systems and connected medical instruments.Evaluate and prioritize security risks based on potential impact and likelihood.Provide recommendations and collaborate with cross-functional teams to implement effective security controls.Stay current with emerging security threats, vulnerabilities, and testing methodologies.Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.Document security testing processes, findings, and remediation recommendations.Generate comprehensive reports for stakeholders, including technical details and actionable insights.Professional & Technical Skills: Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.Ability to manage multiple tasks and deadlines.Hands on experience with penetration testing tools and methodologies.Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.Knowledge of secure coding practices and the ability to review code for security vulnerabilities.Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines.Experience with threat modeling and risk assessment frameworks.Familiarity with secure development practices for embedded systems.Understanding of regulatory requirements for medical device security.Strong understanding of networking protocols, encryption, and authentication mechanisms. Additional Information:-Bachelors or masters degree in engineering or computer science, Information Security, or a related field.-Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP).- 5 or more years experience require in cyber security field including penetration testing, thread modeling, hardware security.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Mobile Security Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with various teams to ensure that security measures are effectively integrated into projects, conducting assessments to identify potential vulnerabilities, and providing guidance on best practices to enhance overall security posture. You will also engage in discussions to refine security strategies and contribute to the continuous improvement of security processes within the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security practices.- Monitor and evaluate the effectiveness of security measures implemented across projects. Professional & Technical Skills: - Must To Have Skills: Proficiency in Mobile Security.- Strong understanding of threat modeling and risk assessment methodologies.- Experience with mobile application security testing tools and techniques.- Knowledge of secure coding practices for mobile platforms.- Familiarity with compliance standards related to mobile security. Additional Information:- The candidate should have minimum 5 years of experience in Mobile Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Mobile Security Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with cross-functional teams to ensure that security measures are effectively integrated into the development process, conducting assessments to identify potential vulnerabilities, and providing recommendations for enhancements. You will also engage in discussions to align security strategies with organizational goals, ensuring that all security components meet compliance standards and best practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct thorough assessments of security components to identify vulnerabilities and recommend improvements.- Collaborate with development teams to ensure security is integrated into the software development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in Mobile Security.- Good To Have Skills: Experience with application security testing tools.- Strong understanding of secure coding practices and methodologies.- Familiarity with threat modeling and risk assessment techniques.- Knowledge of compliance standards related to security, such as ISO 27001 or NIST. Additional Information:- The candidate should have minimum 3 years of experience in Mobile Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :AI Red Teaming Expert Adversarial ML, Threat Simulation, and AI Security StrategyWe are seeking a highly experienced and visionary AI Red Teaming Expert 12+ years of experience across cybersecurity and machine learning. This role is ideal for professionals who thrive in dynamic environments and possess a passion for securing cutting-edge AI/ML systems. You will lead red teaming operations, simulate adversarial threats, and guide the organizations AI security posture at strategic and technical levels. The ideal candidate demonstrates deep technical expertise, exceptional leadership, and a keen understanding of adversarial machine learning and risk mitigation frameworks.Roles & Responsibilities:Define and execute the AI red teaming strategy across the organization.Simulate realistic and advanced adversarial attacks against AI/ML systems aligned with business contexts.Review AI/ML system architecture to identify security gaps and advocate for secure design patterns.Establish internal standards and workflows for AI threat modeling, risk assessment, and adversarial testing.Stay ahead of evolving adversarial ML threats and guide the development of defensive strategies.Contribute to secure development practices for model deployment pipelines and lifecycle management.Lead and mentor a specialized team of AI security analysts and red teamers.Represent AI security strategy in executive forums and drive cross-functional alignment.Collaborate with engineering, data science, compliance, and legal stakeholders to integrate security into AI innovation cycles.Drive internal policy-making efforts around responsible and secure AI development practices.Own and lead remediation initiatives, translating findings into actionable improvements across teams.Professional & Technical Skills: Exceptional communication and leadership skills with the ability to convey technical issues to non-technical stakeholders.Proven experience managing high-impact security initiatives and leading diverse teams.Strategic thinker capable of aligning AI security objectives with business goals.Passionate about AI safety, responsible innovation, and emerging threat landscapes.Strong analytical and problem-solving skills in high-pressure environments.Hands-on expertise in red teaming AI/ML systems at scale.Strong understanding of adversarial ML techniques, threat simulation tools, and AI model manipulation tactics.Experience implementing and aligning with frameworks such as OWASP Top 10 for LLMs, ISO 42001, NIST AI RMF.Proficiency in AI/ML pipeline security, model risk evaluation, and secure MLOps practices.Familiarity with deep learning frameworks (e.g., TensorFlow, PyTorch) and their associated vulnerabilities.Demonstrated ability to design, execute, and scale red teaming programs in AI-native environments.- Additional Information:Bachelors or Masters degree in Computer Science, Information Security, Machine Learning, or related field.Recognized certifications such as CEH, OSCP, CISSP, or credentials specific to AI security (e.g., MITRE ATLAS experience) are a plus.- 12+ years of experience spanning cybersecurity, AI/ML, and adversarial testing- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards.Roles & Responsibilities:Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations.Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis.Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues.Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations.Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance.Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes.Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms.Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262.Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices.Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation.Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness.Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services.Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434.Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers.Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals.Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering.Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms.Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information:3+ years experience implementing and performing Automotive CybersecurityKnowledge of tools like CANoe, Wireshark, or Ghidra.Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules.This position is based at our Bengaluru officeA 15-year full-time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem.Roles & Responsibilities:Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements.Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity.Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces.Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle.Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular).Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules.Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification.Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning.Lead red team exercises and security reviews in coordination with product security and development teams.Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262.Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements.Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis.Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces.Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular.In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications.Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments.Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434.Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards.Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering.Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment.Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams.Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information:7+ years experience implementing and performing Automotive CybersecurityThis position is based at our Bengaluru officeA 15-year full time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Engineer, you will implement and validate security controls across in-vehicle systems, ensuring protection of ECUs, telematics units, and connected vehicle infrastructure. You will contribute to threat modeling and diagnostics hardening efforts, support penetration testing activities, and document the integration of cybersecurity measures in alignment with regulatory and technical requirements.Roles & Responsibilities:Support the development and implementation of cybersecurity controls across ECUs, telematics systems, and in-vehicle networks in alignment with ISO/SAE 21434 and company CSMS.Participate in security architecture and design reviews, contributing to the definition and validation of security requirements for embedded vehicle systems.Conduct and document threat modeling and risk assessments using methodologies such as HEAVENS, STRIDE, and custom attack graphs.Perform penetration testing and intrusion validation on in-vehicle protocols including CAN, DoIP, and Ethernet, as well as wireless interfaces such as Bluetooth and Wi-Fi.Assist in the execution of fuzz testing and vulnerability analysis using tools like CANoe, Wireshark, Scapy, and Python-based custom scripts.Contribute to the validation of secure boot mechanisms and assist in reverse engineering activities to verify firmware security compliance.Work with software and hardware teams to analyze security issues, identify root causes, and define corrective actions and mitigations.Maintain operational documentation, including test procedures, vulnerability logs, and mitigation tracking in compliance with regulatory requirements.Collaborate with cross-functional teams to integrate secure diagnostics, access control strategies, and key management protocols.Participate in internal assessments and support audit readiness for cybersecurity compliance frameworks such as UNECE WP.29 and ISO 26262.Professional & Technical Skills: Experience supporting in-vehicle cybersecurity programs with 8+ years in embedded or automotive systems development, including 34 years focused on penetration testing, diagnostics security, or secure ECU architecture.Hands-on experience conducting security testing and vulnerability assessments on vehicle communication interfaces such as CAN, DoIP, and Ethernet, as well as wireless protocols including Bluetooth, Wi-Fi, and cellular.Strong working knowledge of UDS diagnostics (ISO 14229), secure diagnostics access control, and protocol fuzzing techniques to uncover vulnerabilities in ECUs and vehicle gateways.Proficiency with security testing tools and platforms such as CANoe, Wireshark, Scapy, Python, and Ghidra for traffic analysis, custom scripting, and reverse engineering.Familiarity with cryptographic principles and practical usage of cryptographic libraries (e.g., OpenSSL, mbedTLS) and hardware security modules (HSM) for secure key storage, boot processes, and firmware authentication.Experience supporting OTA (Over-the-Air) update platforms and ensuring their secure integration using encryption, authentication, and rollback protection mechanisms.Exposure to cybersecurity development in Agile-based or V-model automotive environments, working collaboratively with software, systems, and validation teams.Knowledge of regulatory and compliance standards relevant to automotive cybersecurity, including ISO/SAE 21434, UNECE WP.29 (R155/R156), and functional safety (ISO 26262).Ability to document test cases, generate detailed security analysis reports, and provide engineering teams with clear recommendations and follow-up actions for mitigation.Demonstrated problem-solving skills and the ability to troubleshoot complex issues related to embedded systems security, communication integrity, and control system protection. Additional Information:5+ years experience implementing and performing Automotive CybersecurityExperience with AUTOSAR (Classic/Adaptive), ECU firmware security, or secure telematics units.This position is based at our Bengaluru officeA 15-year full-time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Identity Access Management (IAM) Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will also engage in proactive monitoring of systems to identify vulnerabilities and respond to potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Assist in the development and implementation of security policies and procedures.- Conduct regular security audits and assessments to identify vulnerabilities and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Microsoft Azure Active Directory.- Strong understanding of identity and access management principles.- Experience with security frameworks and compliance standards.- Knowledge of threat modeling and risk assessment methodologies.- Familiarity with incident response and security monitoring tools. Additional Information:- The candidate should have minimum 3 years of experience in Microsoft Azure Active Directory.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Conduct regular security assessments and audits to ensure compliance with established security policies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Penetration Testing.- Strong understanding of cloud security principles and best practices.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security frameworks such as NIST, ISO 27001, and CIS.- Ability to analyze and respond to security incidents effectively. Additional Information:- The candidate should have minimum 5 years of experience in Security Penetration Testing.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively implemented and maintained. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Evaluate and recommend security tools and technologies to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Penetration Testing.- Strong understanding of cloud security principles and best practices.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security compliance frameworks such as ISO 27001, NIST, or CIS.- Ability to analyze and respond to security incidents effectively. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Penetration Testing.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in security practices.- Conduct regular security assessments and audits to ensure compliance with established security policies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Penetration Testing.- Strong understanding of cloud security principles and best practices.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security frameworks such as NIST, ISO 27001, and CIS.- Ability to analyze and respond to security incidents effectively. Additional Information:- The candidate should have minimum 5 years of experience in Security Penetration Testing.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Red Teaming Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments to identify vulnerabilities and recommend improvements.- Facilitate training sessions to enhance the security awareness of team members. Professional & Technical Skills: - Must To Have Skills: Proficiency in Red Teaming.- Strong understanding of cloud security principles and frameworks.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security tools and technologies used in penetration testing.- Ability to analyze and interpret security logs and alerts. Additional Information:- The candidate should have minimum 7.5 years of experience in Red Teaming.- This position is based in Kolkata.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : DevOps Good to have skills : Kubernetes Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Expected to provide solutions to problems that apply across multiple teams- Develop and implement security policies and procedures- Conduct security assessments and audits- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in DevOps- Good To Have Skills: Experience with Kubernetes- Strong understanding of cloud security principles- Knowledge of security frameworks and standards- Experience in designing and implementing security solutions- Ability to conduct risk assessments and threat modeling Additional Information:- The candidate should have a minimum of 12 years of experience in DevOps- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

About The Role Project Role : Tech Delivery&Op Excellence Practitioner Project Role Description : Understand how to deliver value to clients, and use that commercial competency to apply methods or certifications appropriately. Attention to detail and deep expertise allow them to see inherent risks or improvement opportunities that others may not. Work directly with client teams to ensure a high standard of delivery and operational excellence are met. Must have skills : Governance Risk Compliance (GRC) Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Tech Delivery & Op Excellence Practitioner, you will understand how to deliver value to clients and apply methods or certifications appropriately. Attention to detail and deep expertise allow you to see inherent risks or improvement opportunities that others may not. Work directly with client teams to ensure a high standard of delivery and operational excellence are met. Key responsibility:- Risk and Compliance senior Analyst works with the Application service delivery organization and other compliance related functions to help:- Perform audits/reviews to assess risks in Application development and maintenance service environment- Manage risk in Application development and maintenance service to an acceptable level - Increase the level of awareness of and compliance with policy and process related matters - Support successful completion of various external compliance certification programs and internal compliance assessments- Introduce continual improvement including lessons learned from matters requiring intervention- This successful candidate for this role will be a member of a dedicated team operating a Controls and Compliance function, which will perform audit style reviews of Application Development & Maintenance Services outsourcing engagements covering compliance matters and operational service management and service delivery good practice.Must-Have Skills/ Qualifications:- Minimum of 1-year experience in Auditing principles and practices (sample qualifications*:CISA, ISO 27001 Lead Auditor)- Minimum of 1-year experience in Application security/audit roles in Application development & maintenance service industry(sample qualifications*:EC-Councils CASE (Certified Application Security Engineer), CEH(Certified Ethical Hacker), - Agile Methodology( Certified Scrum Master), DevOps Certification, CMMI for Development- Knowledge of secure SDLC models, secure coding standards, OWASP Top 10, threat modeling, SAST(Static Application security testing), DAST (Dynamic Application security testing), single sign on, Encryption - Minimum of 1-year experience in Operational compliance requirements)- Contract Management / Service Reporting(including Service Level Agreements and Operational Level Agreements)- Risk management or assessment (sample qualification*:CRISC)- Knowledge of cloud environment and services (sample qualification*:Microsoft Azure/AWS/Google Certifications)- Team and stakeholder managementNice-to-Have Skills/ Qualifications:- Data privacy and protection (sample qualifications*:CIPM, CIPT, CIPP)- CISSP*, CISM*, CISA*, CCSK*, CCSP*- SOC1 and SOC2 (SSAE16 / ISAE3402) awareness- Business Continuity and Disaster Recovery awareness (ISO 22301) Professional Attributes:1:Good communication2:Teamwork3:Problem Solving Capabilities4:Work Planning and Management 5:Quick Learner6:Eager to take on responsible task7:Dedicated and Focused Educational Qualification:1:MBA-Information Security/ IT2:BE/B-Tech with CS/IT/related domain3:BSc- IT Additional Information:(i.e., travel, overtime %)1:Occasional within country travel 2:Flexibility in working hours Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security best practices.- Evaluate and recommend new security technologies to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of risk assessment methodologies and threat modeling.- Experience in implementing security controls in cloud environments.- Familiarity with security tools and technologies for monitoring and incident response. Additional Information:- The candidate should have minimum 7.5 years of experience in Security Architecture Design.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Design and deliver enterprise-scale application solutions Lead architecture, coding, code reviews, testing, and deployment activities Collaborate with cross-functional teams including Product, QA, and DevOps Drive adoption of best practices in performance, security, and observability Mentor junior engineers and support technical leadership initiatives Immediate to 30 days (preferred)

Design and deliver enterprise-scale application solutions Lead architecture, coding, code reviews, testing, and deployment activities Collaborate with cross-functional teams including Product, QA, and DevOps Drive adoption of best practices in performance, security, and observability Mentor junior engineers and support technical leadership initiatives Immediate to 30 days (preferred)

As a member of the Cyber Security organization at Blackbaud, the Application Security Engineer is a specialized position that plays a key role in securing software built and/or used by Blackbaud.You can expect to work closely with software development teams as well as third-party organizations to ensure that security, privacy, and compliance requirements are planned for, designed, and built into software applications at Blackbaud. In addition to securing software, you will be expected to stay up to date on whats happening in the Cyber Security industry to optimize and align our application security processes and systems throughout the Software Development Life Cycle (SDLC) at Blackbaud. The Application Security Engineering team focuses on building automation for security self-service and vulnerability management to reduce unnecessary toil. What you will be doing: Identifying solutions for difficult security problems while participating in a broader agile Application Security team. Building comprehensive solutions to conduct consolidation, aggregation, andnotification of security findings to respective stakeholders. Conducting threat modeling, secure design reviews, and providing direct guidance to development teams. Promoting, designing, and evaluating application security in all phases of theSDLC and constantly looking for innovative ways to improve processes. Influencing, building, and assisting with information security challenges within applications. What we'll want you to have: You are either a security-minded software engineer who has been building modern services using a microservice architecture in an agile development environment or a development-interested security practitioner who understands security best practices but wants to get closer to development and engineering. 5+ plus years of experience with application security and relevant testing tools for: DAST: Burp Suite, OWASP Zap, Invicti, AppScan SAST/SCA: Fortify, Checkmarx, Coverity, Semgrep, OWASP Dependency Check, Mend, Blackduck Attack Surface Management: OWASP Amass, Spiderfoot, CyCognito 3+ years of experience with Python, Bash, and/or PowerShell. 3+ years of experience in DevSecOps integrating security solutions into CI-CD pipelines and automated tooling orchestration. Relevant certifications include CompTIA Security+ or CASP+, EC Council CEH, ISC2 CSSLP are a plus. Experience partnering with development and systems engineers on impactful securityinitiatives. Understanding of software development; how applications and systems are designed, built, and break is critical. UnderstandDevSecOpscultural mindsets, and an engineering-focused approach to solvingcomplexsecurity problems. Strong verbal and written communication skills to translate security objectives and requirements to specific engineering outcomes.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars security We are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts. Roles & Responsibilities: Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments. Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces. Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components. Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols. Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses. Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware. Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware. Perform hardware penetration testing to identify vulnerabilities in electronic systems. Assess the security of medical devices, ensuring compliance with industry regulations and standards. Identify and address security risks associated with healthcare information systems and connected medical instruments. Evaluate and prioritize security risks based on potential impact and likelihood. Provide recommendations and collaborate with cross-functional teams to implement effective security controls. Stay current with emerging security threats, vulnerabilities, and testing methodologies. Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle. Document security testing processes, findings, and remediation recommendations. Generate comprehensive reports for stakeholders, including technical details and actionable insights. Professional & Technical Skills: Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability. Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling. Ability to manage multiple tasks and deadlines. Hands on experience with penetration testing tools and methodologies. Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments. Knowledge of secure coding practices and the ability to review code for security vulnerabilities. Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines. Experience with threat modeling and risk assessment frameworks. Familiarity with secure development practices for embedded systems. Understanding of regulatory requirements for medical device security. Strong understanding of networking protocols, encryption, and authentication mechanisms. Additional Information: -Bachelors or masters degree in engineering or computer science, Information Security, or a related field. -Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP). - 5 or more years experience require in cyber security field including penetration testing, thread modeling, hardware security. - This position is based at our Bengaluru office - A 15 years full time education is required. Show more Show less

You will play a crucial role as a certified ethical hacker in ensuring the security of our network and infrastructure. Your primary responsibility will involve conducting tests on our company's network, servers, and infrastructure to detect and address vulnerabilities effectively. To excel in this role, you must possess a deep understanding of network and security tools and demonstrate expertise in computer and network security, including encryption and cryptography concepts. Your responsibilities will encompass a wide range of tasks, including ethical hacking, penetration testing, vulnerability assessment, malware analysis, collaboration with other security professionals, web application security, social engineering, database security, reverse engineering, network security, and threat modeling. As a qualified candidate, you are expected to hold a Bachelor's degree in computer science, information technology security, or a related field. Additionally, you should possess security certifications such as Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH). Your skill set should include proven experience in penetration testing, vulnerability assessment, and security monitoring, along with proficiency in OSI model, TCP/IP, HTTP, SSL, and wireless networking. Familiarity with common network infrastructure and security tools, understanding of web applications and associated vulnerabilities like HTTP and SQL injection attacks, knowledge of security testing methodologies aligned with EC-Council standards, and the ability to thrive in a dynamic work environment are essential qualifications for this position.,

As a Network Security Specialist at Viraaj HR Solutions, you will play a crucial role in designing and implementing robust network security solutions for cloud environments. Your responsibilities will include utilizing Google Cloud Platform (GCP) and Cloud Armor to enhance security measures, managing Terraform infrastructure as code capabilities, and conducting risk assessments to identify potential threats. You will be tasked with developing and enforcing security policies and procedures to protect sensitive data, monitoring network traffic, and conducting regular audits to ensure compliance. In the event of security incidents, you will respond promptly and work on effective remediation strategies. Collaborating with development teams to integrate security practices into the software development lifecycle will be essential. Additionally, you will provide training and guidance on security best practices to staff, maintain security documentation and incident response plans, and implement and manage firewall and intrusion detection/prevention systems. To excel in this role, you should hold a Bachelor's degree in Computer Science, Information Technology, or a related field, along with at least 3 years of experience in network security roles. Proficiency in Google Cloud Platform (GCP), hands-on experience with Cloud Armor and Terraform, and a solid understanding of security frameworks and compliance regulations are crucial. Your ability to conduct security assessments, incident investigations, and familiarity with network protocols and firewall technologies will be beneficial. Strong problem-solving and analytical skills, excellent written and verbal communication skills, and the capacity to work effectively in a team-oriented environment are essential for success in this position. Holding certifications such as CISSP, CISM, or equivalent would be highly desirable. Additionally, familiarity with scripting languages like Python and Bash, willingness to stay updated with security certifications and education, and strong organizational and multitasking abilities are valued assets. In this role, you will engage in continuous learning to stay updated on the latest security trends and technologies, prepare and present security reports to stakeholders, participate in disaster recovery and business continuity planning, and act as a point of contact for security-related inquiries and issues. Join us at Viraaj HR Solutions and contribute to our mission of providing innovative recruitment solutions in a collaborative and supportive workplace culture.,

Location Hinjewadi, Pune - Maharashtra, India FORVIA HELLA is a listed, international automotive supplier. Coming together with Faurecia in the FORVIA Group, we build the world&aposs seventh largest supplier of automotive technologies. As a global market leader in high-growth areas, FORVIA employs 157,000 people worldwide. FORVIA HELLA therein stands for high-performance lighting technology and automotive electronics. At the same time, we cover a broad service and product portfolio for the spare parts and workshop business as well as for manufacturers of special vehicles with our Business Group Lifecycle Solutions. With around 37,500 employees at over 125 locations, the Company is active worldwide and generated adjusted sales of 8.1 billion on a preliminary basis in the fiscal year 2023. YOUR TASKS We are seeking Certified Information Systems Security Professional (CISSP) candidates to join our team at Pune. Major Tasks Lead and manage product cyber security in high-complexity development projects from acquisition to start of production (SOP) in compliance with ISO/SAE 21434 or UNECE R-155 standards. Ensure the integration of security requirements into the product lifecycle. Planning & Development Develop and implement comprehensive security activities, including threat modeling, security requirements definition, and secure design practices. Evaluate development efforts to ensure adherence to security standards and best practices. Evaluation & Approval Review and approve security concepts, architectures, and strategies throughout the development phases. Conduct security reviews and audits to ensure compliance with security policies and standards. QCT Targets Achieve Quality, Cost, and Time (QCT) targets related to cyber security work products, ensuring efficient and effective security implementations. Tasks / Areas Of Responsibility Planning & Guidance: Independently plan and execute necessary cyber security activities, providing technical guidance and mentorship to colleagues. Develop and maintain security documentation, including security plans, risk assessments, and test reports. Risk Analysis Perform detailed risk analysis of product scope, identifying and mitigating cyber security risks based on known vulnerabilities and threat intelligence. Utilize tools and methodologies such as STRIDE, DREAD, and CVSS for risk assessment. Coordination Define and implement a holistic product cyber security concept, ensuring alignment with overall product strategy. Coordinate with customers, suppliers, and subcontractors to ensure security requirements are met. Report security status to customers and gather necessary information from subcontractors. Support Assist the development team in selecting and integrating security-compliant technologies and cryptographic procedures. Provide technical support for security-related issues and incidents. Verification Methods Define and implement verification methods such as fuzzing, vulnerability scanning, penetration testing, and static/dynamic code analysis. Develop and execute security test plans to validate the effectiveness of security controls. Assessments & Training Prepare and conduct cyber security assessments, including security audits, penetration tests, and compliance checks. Implement training measures to enhance the security awareness and skills of the development team. Communication Facilitate communication within the global HELLA cyber security network to share knowledge, improve processes, and promote best practices. Represent the organization in external security forums and working groups. CISSP certificate is Mandatory Your Qualifications Bachelor&aposs degree BE /B. Tech/ M.E/ M. Tech in Electronics/Electronics & Communication/Industrial Electronics ISO-21434 certification OR working experience Location - Hinjewadi Phase - 1. // Hybrid Working. Even if you do not meet all our requirements, do not hesitate to apply to us, because the further development of our employees is very important to us and opens up a wide range of opportunities for you in our company. FORVIA HELLA stands for the variety of all employees. Inclusion and diversity are firmly anchored in our company culture. We are continuously looking for new team players and welcome applications from all interested parties, regardless of their ethical and social background, age, religion, gender, disability, sexual orientation or identity. HELLA India Automotive Pvt Ltd. Rimsha Shaikh Show more Show less

Join our team at JPMorgan Chase, a leading company in the financial industry, as a Lead Cybersecurity Architect within the Cybersecurity & Tech Controls Team. In this role, you will play a crucial part in developing top-notch cybersecurity solutions for modern software applications on cloud-based technologies. Your responsibilities include identifying and communicating risks, mitigation options, and solutions across various technical areas to support project objectives effectively. As a Lead Cybersecurity Architect, you will foster a security-focused culture within product, technology, and business teams to prioritize sustainable controls and reduce risks significantly. By integrating threat modeling, secure architecture, and code review into agile development practices, you will ensure secure product delivery. It is essential to gain a deep understanding of the product, its strategy, roadmap, and key investments, while also staying updated on emerging technologies and business concepts to enhance the product's cyber risk posture. You will act as a security thought leader by sharing best practices with product and cybersecurity teams and serve as the primary expert on IT Risk and Cyber domains within your product. Monitoring Key Risk Indicators, swiftly managing emerging issues, and collaborating with various stakeholders across the supply chain are integral parts of your role. Additionally, you will work closely with Third-Party Oversight teams to address technology risks, particularly focusing on cloud computing and emerging technologies. To excel in this position, you should possess formal training or certification in Cybersecurity concepts along with at least 5 years of practical experience. Advanced knowledge of cybersecurity architecture, technical processes, and expertise in areas like public cloud, AI, machine learning, or mobile is required. As a solutions-driven self-starter, you should be adept at managing multiple projects under pressure and tight deadlines. Strong analytical skills, the ability to evaluate and recommend technologies for future architecture, and a deep understanding of agile methodologies are essential for success in this role. Preferred qualifications include certifications in Cybersecurity, Cloud, Infrastructure, or Product, familiarity with risk management frameworks and financial industry regulatory requirements, as well as expertise in data security, risk assessment, control evaluation, design, and governance. The ideal candidate will also have a solid understanding of the financial services industry and its IT systems, coupled with a proven track record of implementing effective risk mitigation strategies.,

Job Description Summary As a key member of a global and matrixed design team, Sr Product Security Analyst is responsible for -Cyber security analysis of controllers, Control systems. -Lead the software and hardware penetration testing activates -Work in Collaboration with development teams to improve SDLC process, OSS/SAST/DAST scans. -Streamline SBOM generation. -Lead the cyber security testing for GE Vernova Power Conversion products and analyze the reports and suggest remediation strategy. -Identify Product vulnerabilities, rate and report to development team. Job Description Essential Responsibilities: Lead reviews, suggest architectural changes, conduct tests to ensure systems, controllers, meet Cyber security requirements. Collaborates with a team of controls and system engineers developing operational software for various subsystems. The position requires a clear understanding of OT System, and conversant with all Cyber security requirements. This role requires strong cooperation with system and subsystem teams necessary for command and control of the systems involved. The Security Analyst should be comfortable making design decisions in a sometimes-uncertain context, crafting innovative solutions, and demonstrating rigorous and decisive leadership. Work with multiple teams in dierent location to deliver Cyber secure software to meet customer requirements. Roles and Responsibilities You are a skilled Security Analyst who enjoys security work and is an expert in systems security, product / OT security and application security. In this role, you will be working with product managers, independent researchers, and in-house researchers to identify, rate, report and manage product vulnerabilities and incidents. In this role, you will: Be responsible for providing technical leadership and defining, developing security within software in a fast-paced and agile development environment using the latest secure software development technologies and infrastructure. Work with Cyber Security Leaders and SMEs to understand product requirements. Hands on experience with penetration testing for software applications, Systems, Web Application, mobile application, controllers. Work on Cybersecurity tools like Wireshark, NESSUS and Burp Suite Experienced in different phases of Software Development Life cycle (SDLC) including Design, Implementation and Testing during the development of software applications. Assist security champions in completing Threat Modelling and Architecture Risk Analysis on product features. Perform Security Code Reviews, Vulnerability Analysis and research on application code. Coach and mentor developers to implement cryptography solutions securely (PKI, Code Signing, Stored Secrets, et cetera) Provide guidance and advice on writing secure code that meets standards and delivers desired functionality, using the technology selected for the project. Research new application security technologies and implement them to improve application security. Maintaining a backlog of security-related tools that will improve the maintainability and security of our code and the pace of development. Promote best practices based on OWASP Top 10, SANS Top 25, and the GE Vernova SDLC. Education/Qualification Bachelor /master's degree in IT/computer science or relevant engineering or equivalent knowledge / experience with 8-10 Years of Experience Strong understanding of fundamentals in networking, ethical hacking, cryptography, penetration testing, vulnerability analysis, risk assessment, threat modelling, cybersecurity standards like ISO 27000 and ISA/IEC 62443. Database RDBMS, MySQL NoSQL databases Software component: MS Visual Studio, MS Office, MS Visio, GitHub Linux and Windows OS Hands on experience with Enterprise Application and Web Application servers like Tomcat, and WLP. Certifications like CEH, OSCP, PNPT will be an added advantage.

Job Description Summary We are seeking a seasoned Cyber Security Engineer to lead the development and integration of secure architectures for critical Transmission & Distribution (T&D) systems. As a recognized technical authority, you will define cybersecurity strategy across hardware, embedded systems, and software-defined platforms in modern electric gridsspanning protection, control, and energy management technologies for Grid Automation business unit. You will embed Security by Design and Cyber-Informed Engineering (CIE) principles throughout the product lifecycle, operating at the intersection of operational technology (OT) and information technology (IT). Your work will help drive regulatory compliance, product security, and support both R&D teams and utility customers in securing mission-critical infrastructure. Job Description Key Responsibilities: Act as the cybersecurity design authority for T&D products, defining end-to-end architectures across hardware, firmware, and cloud-connected systems, advising on secure protocols, cryptography, authentication, and network hardening. Translate and implement global regulatory standards (IEC 62443, IEC 61850, IEC 62351, NERC CIP) into product requirements, and lead technical strategy planning, architecture reviews, and security certification efforts. Guide engineering teams through threat modeling, secure coding, SDLC best practices, and CIE adoption to mitigate cyber-physical risks affecting safety, reliability, or operations. Define and support embedded and software-based security features using C/C++, Python, and modern toolchains, while collaborating on penetration testing, fuzz testing, code reviews, and security simulations. Lead cross-functional initiatives with PSL, product management, compliance, field operations, and R&D to align cybersecurity objectives and ensure systems meet resilience and compliance expectations. Monitor cybersecurity trends, ICS/OT threat landscapes, and emerging technologies, recommending tools and methods to enhance product security posture. Partner with PSL, incident response and product security teams to support vulnerability remediation, post-incident analysis, and contribute to the creation of security documentation, including architecture specs, procedures, and training materials. Represent the company in industry forums, standards bodies, and technical panels, and contribute to white papers, patents, and technical publications supporting innovation and thought leadership for Grid Automation. Required Qualifications: Bachelors degree in engineering, Computer Science, Cybersecurity, or a related field. Minimum of 8 years of engineering experience, with 5 years focused on cybersecurity for embedded or software-defined systems. Desired Characteristics: Professional certifications such as CISSP, GIAC (GPEN/GXPN), CEH, or ISA/IEC 62443 preferred. Proven ability to secure OT/ICS environments, preferably within the energy or utilities sector. Deep familiarity with industrial protocols (e.g., IEC 61850, DNP3, Modbus, IEEE 2030.5) and relevant cybersecurity standards. Experience in embedded system development (C/C++, RTOS), as well as Linux/Windows platforms. Strong hands-on background in PKI, identity management, network security appliances, and security monitoring. Proficient in threat modeling, risk/vulnerability assessment, and using forensic/security analysis tools.. Excellent communication and stakeholder engagement skills, able to translate technical content for non-technical audiences. Exposure to quality improvement methodologies (e.g., Lean, Six Sigma) is a plus. Recognized as a thought leader through publications, patents, or industry involvement. Willingness to travel for customer engagements, conferences, and global collaboration.