199 Threat Modeling Jobs - Page 4

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education:Product Security Testing Specialist - IoT, Embedded Devices, Hardware, Medical Instruments and automotive connected cars securityWe are seeking a highly skilled and motivated Product Security Testing Engineer with 6-8 years of proven expertise in IoT, embedded devices, hardware medical instruments and automotive/connected car security. The ideal candidate will have a strong background in security testing methodologies, risk assessment, and a deep understanding of the unique challenges posed by IoT, medical devices and software defined vehicle. This role requires a practical approach to identifying, assessing, and mitigate security flaws in our products as well as expertise in leading and mentoring a group of product security experts.Key responsibilities:Conduct and lead thorough security assessments of IoT devices, embedded systems, hardware components, and medical instruments.Conduct security assessments of connected car systems, including in-vehicle networks, infotainment systems, telematics, and communication interfaces.Identify vulnerabilities and weaknesses in the design, implementation, and configurations of automotive software and hardware components.Assess the security of in-vehicle communication networks, including CAN bus, Ethernet, and wireless protocols.Perform penetration testing, vulnerability assessments, and code reviews to identify security weaknesses.Evaluate the security of IoT ecosystems, including communication protocols, cloud interfaces, and firmware.Assess the security of embedded systems and identify potential vulnerabilities in both software and hardware.Perform hardware penetration testing to identify vulnerabilities in electronic systems.Assess the security of medical devices, ensuring compliance with industry regulations and standards.Identify and address security risks associated with healthcare information systems and connected medical instruments.Evaluate and prioritize security risks based on potential impact and likelihood.Provide recommendations and collaborate with cross-functional teams to implement effective security controls.Stay current with emerging security threats, vulnerabilities, and testing methodologies.Implement best practices for security testing and collaborate with development teams to integrate security into the development lifecycle.Document security testing processes, findings, and remediation recommendations.Generate comprehensive reports for stakeholders, including technical details and actionable insights.Technical experience:Hands on experience with penetration testing tools and methodologies.Proven experience in security testing with a focus on IoT, embedded systems, hardware, and medical instruments.Knowledge of secure coding practices and the ability to review code for security vulnerabilities.Familiarity with industry standards and regulations related to product security, such as ISO 27001, ISO/SAE 21434, UNECE WP.29, IEC 62443, UNR-155 and FDA cybersecurity guidelines.Experience with threat modeling and risk assessment frameworks.Familiarity with secure development practices for embedded systems.Understanding of regulatory requirements for medical device security.Strong understanding of networking protocols, encryption, and authentication mechanisms.Professional attributes:Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Demonstrated proficiency in autonomously managing client relationships with a high level of independence and accountability.Experience of effectively leading teams of various sizes, ranging from small to large, and actively contributing to their skill development and upskilling.Ability to manage multiple tasks and deadlines. Qualifications:Bachelors or masters degree in engineering or computer science, Information Security, or a related field.Certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Certified Information Systems Security Professional (CISSP). Qualification 15 years full time education

Rao Information Technology is looking for Product Testing & Security Analyst to join our dynamic team and embark on a rewarding career journey Defining, planning, implementing, maintaining, and upgrading security measures, policies, and controls Assisting with the creation of updates and training programs to secure the network and train the employees Keeping the security systems up to date Monitoring security access and maintaining the relevant data Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans Ensure our IT solutions are secure and reliable

Your role Were hiring a Cybersecurity Architect to safeguard critical infrastructure! If you have expertise in Application Security,Cloud security , SAST,SCA, Cybersecurity compliance and threat modelling, apply now for Pan India locations . Join us in securing industrial environments Work within the Cyber security domain, focusing on the Automated security testing part of our services and improving overall security posture of products and systems for assigned business domain. You will be part of an agile team, constantly improving and automating the security posture of the cloud infrastructure. You will support the engineering community to build secure infrastructure at scale. You will perform threat modeling and security risk assessments. Understanding of security compliance requirements such as GDPR, NIS2, ISO27000. You will build and operate reliable tooling to increase the visibility of cloud environments and remediate security misconfigurations. You will be a valued member of the team, providing sound perspectives on infrastructure security as well as secure software development. You will be part of the Cyber Security organization, with a lot of room to grow and develop your skills, knowledge, and experience. Your profile Experience in cloud native environments and preferably Google Cloud Platform or Azure& Cyber security complaince Experience utilizing CI/CD practices to Automate security testing tools like SAST (Static Application Security Testing), SCA (Software Composition Analysis), IaC scanning or Container scanning tools in GitHub, Azure DevOps etc. Experience in working with REST APIs and API security. You have experience with threat modeling, security design reviews, and security architecture. Experience with CI/CD pipelines (preferably Github actions), Kubernetes and infrastructure-as-code is a plus.

Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering high-value security assessments to our global client base. The ideal candidate will combine technical expertise in web application security with leadership skills and client engagement experience to drive our security consulting practice forward. As a Principal Application Security Engineer, you will serve as a technical leader within our offensive security practice, specializing in web application penetration testing methodologies. You will lead complex security engagements, provide subject matter expertise to clients and internal teams, mentor junior security consultants, and contribute to the development of our service offerings. This position requires a deep understanding of application security principles, extensive hands-on testing experience, and exceptional communication skills to translate technical findings into actionable business insights. Responsibilities: Lead complex web application penetration testing engagements for enterprise clients, ensuring delivery of high-quality assessments that meet or exceed client expectations Serve as the principal security advisor to clients, translating technical findings into business context and providing strategic remediation guidance Develop and enhance the organization's application security testing methodologies, incorporating industry best practices like OWASP and MITRE ATT&CK frameworks Perform advanced manual testing to identify sophisticated vulnerabilities beyond the capabilities of automated tools, including business logic flaws, authentication bypasses, and authorization weaknesses Conduct comprehensive threat modeling sessions with development teams to identify security risks early in the software development lifecycle Lead code reviews to identify security vulnerabilities in client applications and provide remediation guidance Create detailed technical reports and executive summaries that clearly articulate security findings, business impact, and prioritized remediation recommendations Mentor junior security consultants, providing technical guidance and contributing to their professional development Collaborate with sales teams to scope complex engagements, participate in pre-sales activities, and support business development efforts Contribute to research initiatives that enhance the company's security testing capabilities and industry reputation Evaluate emerging tools and technologies to improve the efficiency and effectiveness of security testing processes Qualifications: Required Qualifications: o 5-8+ years of professional experience in application security, with a strong focus on web application penetration testing o Demonstrated expertise in identifying, exploiting, and documenting complex web application vulnerabilities following OWASP methodologies o Proficiency with industry-standard penetration testing tools including Burp Suite Professional, DAST scanners, and other exploitation frameworks o Experience leading security assessments across diverse technologies and environments including web applications, APIs, cloud services (AWS, Azure, GCP), and modern web frameworks o Strong understanding of secure coding practices, common vulnerability patterns, and remediation strategies across multiple programming languages and frameworks o Exceptional technical writing skills, with the ability to produce clear, concise, and compelling security assessment reports for both technical and executive audiences o Proven ability to build trusted relationships with clients and effectively communicate complex security concepts to technical and non-technical stakeholders o Experience mentoring junior security professionals and leading technical teams Preferred Qualifications: o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions o Experience developing custom tools or scripts to automate aspects of penetration testing using Python, Go, or similar languages o Prior software development experience that informs a deep understanding of modern application architectures and development practices o Contributions to the security community through published research, CVE discoveries, open-source tool development, or conference presentations o Experience with mobile application security testing (iOS and Android) and API security assessment methodologies o Knowledge of cloud security architecture and specialized cloud service penetration testing techniques o Experience with AI/ML system security evaluation and testing methodologies Education: o Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudent s specific approach and methodology o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions

Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering high-value security assessments to our global client base. The ideal candidate will combine technical expertise in web application security with leadership skills and client engagement experience to drive our security consulting practice forward. As a Principal Application Security Engineer, you will serve as a technical leader within our offensive security practice, specializing in web application penetration testing methodologies. You will lead complex security engagements, provide subject matter expertise to clients and internal teams, mentor junior security consultants, and contribute to the development of our service offerings. This position requires a deep understanding of application security principles, extensive hands-on testing experience, and exceptional communication skills to translate technical findings into actionable business insights. Responsibilities: Lead complex web application penetration testing engagements for enterprise clients, ensuring delivery of high-quality assessments that meet or exceed client expectations Serve as the principal security advisor to clients, translating technical findings into business context and providing strategic remediation guidance Develop and enhance the organization's application security testing methodologies, incorporating industry best practices like OWASP and MITRE ATT&CK frameworks Perform advanced manual testing to identify sophisticated vulnerabilities beyond the capabilities of automated tools, including business logic flaws, authentication bypasses, and authorization weaknesses Conduct comprehensive threat modeling sessions with development teams to identify security risks early in the software development lifecycle Lead code reviews to identify security vulnerabilities in client applications and provide remediation guidance Create detailed technical reports and executive summaries that clearly articulate security findings, business impact, and prioritized remediation recommendations Mentor junior security consultants, providing technical guidance and contributing to their professional development Collaborate with sales teams to scope complex engagements, participate in pre-sales activities, and support business development efforts Contribute to research initiatives that enhance the company's security testing capabilities and industry reputation Evaluate emerging tools and technologies to improve the efficiency and effectiveness of security testing processes Qualifications: Required Qualifications: o 5-8+ years of professional experience in application security, with a strong focus on web application penetration testing o Demonstrated expertise in identifying, exploiting, and documenting complex web application vulnerabilities following OWASP methodologies o Proficiency with industry-standard penetration testing tools including Burp Suite Professional, DAST scanners, and other exploitation frameworks o Experience leading security assessments across diverse technologies and environments including web applications, APIs, cloud services (AWS, Azure, GCP), and modern web frameworks o Strong understanding of secure coding practices, common vulnerability patterns, and remediation strategies across multiple programming languages and frameworks o Exceptional technical writing skills, with the ability to produce clear, concise, and compelling security assessment reports for both technical and executive audiences o Proven ability to build trusted relationships with clients and effectively communicate complex security concepts to technical and non-technical stakeholders o Experience mentoring junior security professionals and leading technical teams Preferred Qualifications: o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions o Experience developing custom tools or scripts to automate aspects of penetration testing using Python, Go, or similar languages o Prior software development experience that informs a deep understanding of modern application architectures and development practices o Contributions to the security community through published research, CVE discoveries, open-source tool development, or conference presentations o Experience with mobile application security testing (iOS and Android) and API security assessment methodologies o Knowledge of cloud security architecture and specialized cloud service penetration testing techniques o Experience with AI/ML system security evaluation and testing methodologies Education: o Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudents specific approach and methodology o Bachelor's degree in computer science, cybersecurity, or related technical field o Advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions

Security Architect -The selected Security Architect would be responsible for a specific project or several projects within an organization, focusing on the security aspects of software applications. They would be responsible for translating client security requirements into application features, ensuring the timely delivery of secure software applications, and protecting against potential threats. They would be responsible for understanding client security needs, designing secure prototypes, developing security protocols, performing security testing, and maintaining technical documentation related to security architecture. Location Bengaluru Educational Qualifications -BE/B Tech/ M.E/M Tech/MS/MCA/MSc Requirements . Work Experience 10+ Years Requirements Skills: Minimum 5 years of experience in IT security Knowledge on HSM architecture including application integration. Sound Knowledge of IT security and processes and best practices (eg.ITIL, ISO 27001). Excellent understanding of cryptographic algorithms with hands-on implementation experience. Good skills in any of the following Language : C,C++,JAVA,GO,RUST Job Profile/Duties a) Security Design and Architecture- Develop and implement enterprise-level security architecture. Design secure network solutions to protect systems and data. Create architectural frameworks that align with compliance and risk management requirements. b) Risk Assessment and Threat Modeling Identify potential threats, vulnerabilities, and risks to the IT infrastructure. Conduct regular risk assessments and develop mitigation plans. Lead threat modeling activities for critical systems and applications. c) Security Policies and Standards Define and enforce security policies, procedures, and best practices. Ensure compliance with regulatory standards (e.g., ISO 27001, NIST, GDPR). d) Collaboration and Advisory Work closely with IT, DevOps, and business teams to integrate security into systems and workflows. Provide technical guidance to security engineers and analysts. e) Security Awareness and Training Promote security awareness and training across the organization. Stay updated with the latest cybersecurity trends, threats, and technologies. f) Monitoring and Reporting Monitor the performance of security systems. Report on security incidents, metrics, and compliance status to senior management.

Who are we looking for? Focused on the customer, Managed Services' mission is to ensure that clients get the most out of Checkmarx Products and Solutions. We are looking to grow our team with a talented Application Security Architect to support Checkmarx services and our customers. We are looking for a resilient and self-motivated individual who wants to be part of an expanding team in a fast-growing industry. Responsibilities : Review customers software architectures with a focus on potential security threats Provide dev teams with explanation and mitigation advice for security vulnerabilities found in the Checkmarx scans; Design and coordinate the implementation and maintenance of tailored solutions that will meet customer requests, needs and requirements; Collaborate with Product Management, R&D and Support teams in handling customer issues or internal Checkmarx initiatives; Occasionally assist in pre-sale activities, like providing product demonstrations; Assistance in the implementation of Application Security Programs and processes; Providing training for developers and management Travel to customer sites for meetings and technical activities; Requirements Degree in Software Engineering or equivalent At least 4+ years of combined experience in development, in any programming language,and Application Security (minimum 2 years in AppSec). Previous experience in one or more Application Security practices, such as pen-testing, security code review, AST products, research Knowledge on how to conduct a Threat Modeling exercise. Knowledge of AppSec industry standards, frameworks and guidelines, such as OWASP Top 10 (Web, Api or Mobile) and Secure SDLC. Client handling skills for Security Engagements; Good written and verbal communication skills in English; Ability to travel (up to 20%); Pro-active and sense of ownership; Get an advantage if you have Security Certifications (CISSP, CSSLP, CEH, OSCP, etc.).

FICO (NYSEFICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential! The Opportunity As a part of FICOs highly modern and innovative analytics and decision platform, the Cyber-Security Engineer will help shape the next generation security for FICOs Platform. You will address cutting edge security challenges in a highly automated, complex, cloud & microservices driven environments inclusive of design challenges and continuous delivery of security functionality and features to the FICO platform as well as the AI/ML capabilities used on top of the FICO platform." VP of Engineering. What Youll Contribute Secure the design of next next-generation FICO Platform, its capabilities, and services. Support full-stack security architecture design from cloud infrastructure to application features for FICO customers. Work closely with product managers, architects, and developers on implementing the security controls within products. Develop and maintain Kyverno policies for enforcing security controls in Kubernetes environments. Collaborate with platform, DevOps, and application teams to define and implement policy-as-code best practices. Contribute to automation efforts for policy deployment, validation, and reporting. Stay current with emerging threats, Kubernetes security features, and cloud-native security tools. Implement required controls and capabilities for the protection of FICO products and environments. Build & validate declarative threat models in a continuous and automated manner. Prepare the product for compliance attestations and ensure adherence to best security practices. Provide expertise as a subject matter expert regarding edge services for public/private cloud information system controls related infrastructure, policy, and decision-making processes. Provide timely resolutions for security configuration or solutions in support of service availability. Work on problems of diverse scope where analysis of situation requires evaluation and troubleshooting including network packet analysis, Linux or Windows DNS, certificates lifecycle, logfile analysis, and related. What Were Seeking Strong knowledge and hands-on experience with Kyverno and OPA/Gatekeeper (optional but a plus). Experience in threat modeling, code reviews, security testing, vulnerability detection, attacker exploit techniques, and methods for their remediation. Hands-on experience with programming languages, such asJava, Python, etc. Experience of deploying services and securing cloud environments, preferably AWS Experience of deploying and securing containers, container orchestration and mesh technologies (such as EKS, K8S, ISTIO). Experience with Crossplane to manage cloud infrastructure declaratively via Kubernetes. Certifications in Kubernetes or cloud security (e.g., CKA, CKAD, CISSP) are desirable Ability to articulate complex architectural challenges with the business leadership and product management teams. Independently drive transformational security projects across teams and organizations. Experience with securing event streaming platforms like Kafka or Pulsar. Experience with ML/AI model security and adversarial techniques within the analytics domains. Hands-on experience with IaC (Such as Terraform, Cloudformation, Helm) and with CI/CD pipelines (such as Github, Jenkins, JFrog). Resourceful problem-solver skilled at navigating ambiguity and change. Customer-focused individual with strong analytical problem-solving skills and solid communication abilities. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Global trends toward digital transformation have created tremendous demand for FICOs solutions, placing us among the worlds top 100 software companies by revenue. We help many of the worlds largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people just like you who thrive on the collaboration and innovation thats nurtured by a diverse and inclusive environment. Well provide the support you need, while ensuring you have the freedom to develop your skills and grow your career. Join FICO and help change the way business thinks! Learn more about how you can fulfil your potential at www.fico.com/Careers FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and were proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they dont meet all stated qualifications. While our qualifications are clearly related to role success, each candidates profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply. Information submitted with your application is subject to theFICO Privacy policy at https://www.fico.com/en/privacy-policy

The Opportunity As a part of FICOs highly modern and innovative analytics and decision platform, the Cyber-Security Engineer will help shape the next generation security for FICOs Platform. You will address cutting edge security challenges in a highly automated, complex, cloud & microservices driven environments inclusive of design challenges and continuous delivery of security functionality and features to the FICO platform as well as the AI/ML capabilities used on top of the FICO platform." VP, Software Engineering . What Youll Contribute Secure the design of next generation FICO Platform, its capabilities and services. Support full-stack security architecture design from cloud infrastructure to application features for FICO customers. Work closely with product managers, architects and developers on the implementation of the security controls within products. Develop and maintain Kyverno policies for enforcing security controls in Kubernetes environments. Collaborate with platform, DevOps, and application teams to define and implement policy-as-code best practices. Contribute to automation efforts for policy deployment, validation, and reporting. Stay current with emerging threats, Kubernetes security features, and cloud-native security tools. Proof the security implementations within infrastructure & application deployment manifests and the CI/CD pipelines. Implement required controls and capabilities for the protection of FICO products and environments. Build & validate declarative threat models in continuous and automated manner. Prepare the product for compliance attestations and ensure adherence to best security practices. What Were Seeking 5+ years of experience in architecture, security reviews and requirement definition for complex product environments. Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc. Strong knowledge and hands-on experience with Kyverno and OPA/Gatekeeper (optional but a plus). Experience in threat modeling, code reviews, security testing, vulnerability detection, attacker exploit techniques, and methods for their remediation. Hands-on experience with programming languages, such asJava, Python, etc. Experience of deploying services and securing cloud environments, preferably AWS Experience of deploying and securing containers, container orchestration and mesh technologies (such as EKS, K8S, ISTIO). Ability to articulate complex architectural challenges with the business leadership and product management teams. Independently drive transformational security projects across teams and organizations. Experience with securing event streaming platforms like Kafka or Pulsar. Experience with ML/AI model security and adversarial techniques within the analytics domains. Hands-on experience with IaC (Such as Terraform, Cloudformation, Helm) and with CI/CD pipelines (such as Github, Jenkins, JFrog). Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Learn more about how you can fulfil your potential at

Proficient in Python Experienced with OWASP ZAP, Burp Suite, SonarQube Strong knowledge of cryptography, TLS/HTTPS Skilled in threat modeling, secure code review (C/C++/Node/Golang), pen testing Familiar with OWASP Top10, CWE Top25, and mitigations.

As a Cyber Security Architect, you will contribute to telecom network security. You will be responsible for providing expert security guidance, designing secure network solutions, and implementing best practices for our complex and dynamic telecom network infrastructure. You Have: Bachelor's degree in Computer Science, Information Security, or Electrical Engineering, with a minimum of 10-15 years of experience in security risk assessment, vulnerability management, or a related field within the telecom industry. Experience in security principles, methodologies, and best practices specifically relevant to telecom networks. Experience with security frameworks such as ISO 27001, NIST Cybersecurity Framework, or similar, with a focus on their application to telecom networks. Experience on conducting threat modeling, vulnerability analysis, and impact assessments for telecom network infrastructure. Experience with network security technologies such as firewalls, intrusion detection systems, VPNs, and network segmentation. Familiarity with telecom protocols and standards (e.g., SS7, Diameter, SIP) and their security implications. It would be nice if you also had: Certifications - ISO 270001 LA/LI, CISA , ITIL V3/4. Exposure to complex problem-solving and managing multiple projects simultaneously. You will be in part of developing and implementing secure network architectures, including firewall configurations, intrusion detection systems, VPNs, and network segmentation, tailored to the specific needs of telecom clients. You need to identify vulnerabilities and security weaknesses in existing telecom networks and recommend remediation strategies. You need to advise clients on best practices for securing their telecom networks, including threat modeling, vulnerability analysis, and risk mitigation strategies. You need to work with clients to establish comprehensive security policies and procedures that align with industry best practices and regulatory requirements. You will focus on threats and vulnerabilities specific to the telecom industry and recommend appropriate countermeasures for the network. You need to provide technical expertise and guidance related to security incidents affecting the telecom network. You will be designing training programs for the specific needs of personnel involved in managing and operating the telecom network. You will be focusing on the security strategy for the telecom network and its integration with the broader organizational security strategy.

Key Responsibilities : - Design and implement security features for embedded systems. - Conduct security assessments and vulnerability testing on firmware and hardware. - Develop secure coding practices for embedded software development. - Collaborate with cross-functional teams to integrate security into the product lifecycle. - Conduct threat modeling to anticipate potential security risks. - Research and analyze emerging security threats and vulnerabilities. - Implement security best practices and ensure compliance with industry regulations. - Create and maintain documentation related to security processes and protocols. - Participate in incident response activities to mitigate security breaches. - Review and enhance existing embedded security frameworks. Required Qualifications : - Bachelor's degree in Computer Science, Electrical Engineering, or a related field. - Minimum of 3 years experience in embedded systems or related field. - Proficient in programming languages such as C, C++, or Python. - Strong understanding of security protocols and standards. - Experience with operating systems such as RTOS or Linux. - Hands-on experience with hardware debugging tools and techniques. - Knowledge of cryptographic algorithms and implementation. - Experience in threat modeling and risk assessment methodologies. - Familiarity with secure software development life cycle (SDLC). - Ability to work in a team-oriented, collaborative environment. - Strong problem-solving and analytical skills. - Excellent written and verbal communication skills. Location: Others- Bengaluru,Hyderabad,Delhi / NCR,Chennai,Pune,Kolkata,Ahmedabad,Mumbai

C, QNX, Linux, Kernel, Device Drivers, MACSec, BSP, SoC Cybersecurity, Secure Boot, Cryptography, OPTEE, Penetration testing. Required Skills Technical Security concept and Software Security concept. Vulnerability analysis (System and Software). Threat analysis and risk assessment, Threat modelling. Security Testing like Fuzz and Penetration testing. Expertise in MACSec concepts. Good understanding of HSM, Secure boot, Secure updates, cryptographic libraries, True Random number generator, Signing (ECDSA, RSA). Good understanding on OPTEE OS, ARM Trusted Firmware, E-fusing. Aware of Crypto terminologies like encryption (AES, ECC), signing (ECDSA, RSA), Hash (SHA-256). Understanding on RFS protection like dm-verity. Ability to work in a fast-paced environment building hardware and software products. Good knowledge on Yocto framework is added advantage. Preferred Skills Experience in Automotive domain. Experience in Linux build systems: Yocto. Real-time systems programming experience considered an asset. Experience with developing safety ISO26262 certified BSP and product considered an asset. Experience in design tools such as EA and Rhapsody. Contributions to Linux kernel and other open-source projects.

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

EMERSON INNOVATION CENTER is looking for Product Security Engineer to join our dynamic team and embark on a rewarding career journey Analyzing customer needs to determine appropriate solutions for complex technical issues Creating technical diagrams, flowcharts, formulas, and other written documentation to support projects Providing guidance to junior engineers on projects within their areas of expertise Conducting research on new technologies and products in order to recommend improvements to current processes Developing designs for new products or systems based on customer specifications Researching existing technologies to determine how they could be applied in new ways to solve problems Reviewing existing products or concepts to ensure compliance with industry standards, regulations, and company policies Preparing proposals for new projects, identifying potential problems, and proposing solutions Estimating costs and scheduling requirements for projects and evaluating results

Primary Responsibilities: Create, implement, and maintain an enterprise cybersecurity strategy and IT risk management program by implementing technology, policy, and process-based solutions. Implement and manage Security Operations Center (SOC), while driving the effective implementation of various security technology solutions in multi-tenant environment and conglomerate setup. Drive or perform periodic threat modeling, identify risks/ threat vectors, and implement effective solutions for threat monitoring, risk mitigation and management. Design and develop required operating procedures, building teams and responsible for services deliveries for global customers, while ensuring service stability and service continuity. Design, create, implement, and maintain information security and other relevant policies, procedures, and documentation to ensure applicable compliances (including international standards, applicable laws/regulations, and industry best practices). Understand and interact with related committees to ensure the consistent application of security policies and standards across all security technology projects, solutions, and services. Effectively managing security events/incidents, service-changes, service-requests and providing solutions for identified service problems while collaborating with other service and operational teams. Service and customer-oriented communication with our customers end-users. Ensure compliance to SLA, process adherence and process improvements to achieve operational objectives. Ensure on-time daily, weekly, monthly and quarterly meetings reviews with teams including vendors and management stakeholders, as may be necessary for managing security operations. Creation of reports and dashboards for security operations and presentation to senior management and customers. Act as a mentor for team to provide technical assistance and periodically plan for teams trainings as a part of teams technical skill enhancement program. Management, administration & maintenance of security devices and applications under the purview of SOC and related security services. Support activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties. Ensure effective project management for the security projects, as per organizational management systems and best practices. Research on newer technologies to identify relevant tools, techniques, methods for service improvements, and present to stakeholders and management for approval and drive implementations. Ensure active contribution and financial management of security budgets, manpower, costing, billings, etc. Co-ordination with internal and external stakeholders like team members, internal functions or service teams, external vendors including OEMs, management, and customers, etc. to build and maintain positive working relationships with them. Project coordination experience using Wrike or similar tools (Asana, Monday.com, etc.). Strong analytical mindset with attention to detail and ability to interpret complex datasets. Excellent communication and collaboration skills.

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with cross-functional teams to ensure security measures are integrated into the development process, conducting assessments to identify vulnerabilities, and providing recommendations for improvements. You will also engage in discussions to enhance security protocols and contribute to the overall security strategy of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Collaborate with development teams to integrate security best practices into the software development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and principles.- Experience with security testing tools and methodologies.- Familiarity with threat modeling and risk assessment techniques.- Knowledge of compliance standards and regulations related to application security. Additional Information:- The candidate should have minimum 2 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Spring Boot Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Security Architect, you will engage in a dynamic environment where your primary focus will be on reviewing and integrating all application requirements, particularly those related to security. Your typical day will involve collaborating with various teams to ensure that security considerations are embedded in the application architecture, providing insights that influence key decisions, and ensuring that the technical architecture aligns with security best practices. You will play a crucial role in shaping the security posture of applications, ensuring that they meet both functional and security requirements effectively. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and maintain security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Spring Boot.- Good To Have Skills: Experience with application security frameworks and tools.- Strong understanding of secure coding practices and application security principles.- Experience with threat modeling and risk assessment methodologies.- Familiarity with regulatory requirements related to application security. Additional Information:- The candidate should have minimum 7.5 years of experience in Spring Boot.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Solution Architecture Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Security Architect, you will engage in a dynamic environment where you will review and integrate all application requirements, focusing on security aspects. Your typical day will involve collaborating with various teams to ensure that security requirements are seamlessly integrated into the application architecture, providing critical input into final decisions regarding application security, and ensuring that the technical architecture aligns with security protocols and standards. You will play a vital role in safeguarding applications by ensuring that security is a fundamental component of the development process. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on application security best practices.- Conduct regular assessments of application security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Solution Architecture.- Strong understanding of application security frameworks and methodologies.- Experience with threat modeling and risk assessment techniques.- Familiarity with secure coding practices and application security testing tools.- Ability to communicate complex security concepts to non-technical stakeholders. Additional Information:- The candidate should have minimum 7.5 years of experience in Solution Architecture.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Architecture Design Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As Security Architect ability to provide Enterprise Security Strategy, Enterprise security design, performing threat modeling for building a Secure Application and Infrastructure for enterprise (Cloud, On-prem, hybrid model). Thorough understanding of IT and its security architecture principles, methodologies and designs patterns. Good working knowledge of current IT risks and experience in implementing security solutions. Experience in designing and reviewing security controls for IT infrastructure (Cloud and on-prem applications). Ability to assess and evaluate different security products as per the security design requirements. Work as Trusted Security Advisor for various clients. Roles & Responsibilities:Minimum of 8 years of professional experience, preferably with a minimum of 3 years of hands-on involvement in security architecture and threat modeling.Demonstrate a profound comprehension of security architecture, capable of creating, assessing, and revising secure solutions that promote scalability, adaptability, and reusability.Act as the subject matter expert (SME) responsible for guiding and making security architecture decisions across all aspects of Accenture client presales, proposal design, and integration within client ecosystems.Develop and uphold reusable security architecture and design patterns for utilization.Create, devise, and troubleshoot intricate security implementations, overseeing the development of High-Level Design (HLD) and Low-Level Design (LLD) documents.Conduct design and implementation assessments and engage in threat modeling as necessary, adhering to established standards and best practices (e.g., STRIDE, PCI DSS, CSA CCM).Possess experience in cloud architectures and security controls, encompassing network security, Identity and Access Management (IAM), data protection, application security, and logging, among others.Proven track record in security frameworks and processes, including CIS, NIST, PCI/DSS, CCM SOCI/II, ISO/IEC 27001, NIST 800-53, OWASP, ISM, etc.Support Sales Leads by serving as a consultant during pre-sales activities, which involve assessing client requirements, defining project scopes, and preparing proposals and project plans.Demonstrate a robust understanding of potential attack vectors and the ability to design and articulate agile security controls to safeguard against them.Thorough comprehension of security principles and tools, including certificates, Data Loss Prevention (DLP), Web Application Firewalls (WAF), Security Information and Event Management (SIEM), firewalls, Distributed Denial of Service (DDoS) prevention, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), privileged access management, encryption, SSL, VPN, IPSec, TCP/IP, DNS, and web security architecture, among others. Professional & Technical Skills: Strong Network & Cyber Security Architecture Experience in architecting and developing security solutions on one or more cloud platform (AWS, GCP or Azure) and applying the cloud native security services.Cloud Security certifications (CCSP, AWS, Azure, Google Cloud etc.)Good to have Industry / academic accreditations / certifications in Security, Architecture, Network Security, Cloud or Technology disciplines preferred (e.g., CISSP, TOGAF, SABSA, CISM, CCIE etc.) Bonus if you have experience in DevSecOps, DevOps Additional Information:- The candidate should have minimum 7.5 years of experience in Security Architecture Design.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Architecture Design Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud and Enterprise security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of cloud and enterprise security controls and transitioning to security-managed operations. You will play a crucial role in safeguarding the organization's data and infrastructure and perform threat modeling using threat modeling tools like Microsoft threat modeler/ IRIUS Risk /OWASP Threat dragon Roles & Responsibilities:- Expected to be an SME in Security Architecture Design and threat modeling.-Lead and conduct threat modeling exercises (STRIDE, PASTA, Kill Chain, MITRE ATT&CK) on new and existing systems, applications, and architectures -Build and maintain detailed Data Flow Diagrams (DFDs) , prioritize threats/Risk , developing countermeasures- Collaborate and manage the team to perform effectively.- Responsible for team decisions and ensuring adherence to security best practices.- Engage with multiple teams and contribute to key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Ensure the implementation of robust security controls.- Conduct risk assessments and vulnerability testing.- Develop and maintain security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Architecture Design, Threat modelling.- Strong understanding of threats, vulnerabilities, Risk prioritization ,security design principles and best practices.- Experience in designing and implementing security controls for cloud environments.- In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST).- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with cloud platforms such as AWS or Azure. Additional Information:- The candidate should have minimum 12 years of experience in Security Architecture Design.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Architecture Design Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As Security Architect ability to provide Enterprise Security Strategy, Enterprise security design, performing threat modeling for building a Secure Application and Infrastructure for enterprise (Cloud, On-prem, hybrid model). Thorough understanding of IT and its security architecture principles, methodologies and designs patterns. Good working knowledge of current IT risks and experience in implementing security solutions. Experience in designing and reviewing security controls for IT infrastructure (Cloud and on-prem applications). Ability to assess and evaluate different security products as per the security design requirements. Work as Trusted Security Advisor for various clients. Roles & Responsibilities:-Minimum of 8 years of professional experience, preferably with a minimum of 3 years of hands-on involvement in security architecture and threat modeling.Demonstrate a profound comprehension of security architecture, capable of creating, assessing, and revising secure solutions that promote scalability, adaptability, and reusability.Act as the subject matter expert (SME) responsible for guiding and making security architecture decisions across all aspects of Accenture client presales, proposal design, and integration within client ecosystems.Develop and uphold reusable security architecture and design patterns for utilization.Create, devise, and troubleshoot intricate security implementations, overseeing the development of High-Level Design (HLD) and Low-Level Design (LLD) documents.Conduct design and implementation assessments and engage in threat modeling as necessary, adhering to established standards and best practices (e.g., STRIDE, PCI DSS, CSA CCM).Possess experience in cloud architectures and security controls, encompassing network security, Identity and Access Management (IAM), data protection, application security, and logging, among others.Proven track record in security frameworks and processes, including CIS, NIST, PCI/DSS, CCM SOCI/II, ISO/IEC 27001, NIST 800-53, OWASP, ISM, etc.Support Sales Leads by serving as a consultant during pre-sales activities, which involve assessing client requirements, defining project scopes, and preparing proposals and project plans.Demonstrate a robust understanding of potential attack vectors and the ability to design and articulate agile security controls to safeguard against them.Thorough comprehension of security principles and tools, including certificates, Data Loss Prevention (DLP), Web Application Firewalls (WAF), Security Information and Event Management (SIEM), firewalls, Distributed Denial of Service (DDoS) prevention, Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS), privileged access management, encryption, SSL, VPN, IPSec, TCP/IP, DNS, and web security architecture, among others. Professional & Technical Skills: - Strong Network & Cyber Security Architecture Experience in architecting and developing security solutions on one or more cloud platform (AWS, GCP or Azure) and applying the cloud native security services.Cloud Security certifications (CCSP, AWS, Azure, Google Cloud etc.)Good to have Industry / academic accreditations / certifications in Security, Architecture, Network Security, Cloud or Technology disciplines preferred (e.g., CISSP, TOGAF, SABSA, CISM, CCIE etc.) Bonus if you have experience in DevSecOps, DevOps, Additional Information:- The candidate should have minimum 7.5 years of experience in Security Architecture Design.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Are you passionate about protecting cutting-edge technologies and ensuring secure product developmentDo you thrive at the intersection of cybersecurity and software developmentWe are seeking a Cybersecurity Expert to lead the security efforts in product design, development, and implementation. In this role, you will be pivotal in shaping and safeguarding innovative solutions, ensuring security is embedded throughout the entire product lifecycle. As a key member of our security team, you will collaborate closely with product managers, development teams, and external partners to define, implement, and test robust security measures. Your role will go beyond traditional cybersecurity practices, extending into the world of software engineering and agile development. Together, we will create a future where security is not just a feature, but the foundation of every product. Key Responsibilities Lead Product Security Initiatives Act as the cybersecurity champion across the entire Secure Development Lifecycle (SDLC), ensuring that security is integrated from concept to deployment. Define Secure Development Principles Develop and enforce secure coding guidelines, architectural best practices, and secure design patterns to protect products from emerging threats. Collaborate with Development Teams Work closely with software engineers and product architects to implement security measures within code, software design, and infrastructure. Perform Vulnerability Assessments & Code Reviews Conduct regular code analysis, vulnerability assessments, and penetration testing to identify and mitigate security risks. Implement Advanced Security Testing Support security testing efforts by verifying requirements and conducting penetration tests, ensuring that implemented security controls are effective. Act as a Security Advisor Consult with internal teams on security best practices, including secure integration of third-party components, and ensure compliance with industry standards. Drive Continuous Improvement Stay ahead of the latest cybersecurity trends and threats, constantly refining security practices, and driving DevSecOps principles across the organization. Required Skills & Experience Cybersecurity Expertise Advanced understanding of cybersecurity principles, secure development lifecycle, and industry best practices. Software Development Knowledge Proficiency in programming/scripting (C#, PowerShell) and experience in guiding secure software implementations. Azure DevOps Expertise Hands-on experience with Azure DevOps, managing security work items, and integrating security practices into DevOps pipelines. Agile Project Management Experience working in agile teams, contributing to project success through secure coding, process documentation, and vulnerability management. Technical Communication Skills: Ability to translate complex security concepts into actionable insights for both technical and non-technical stakeholders. Experience with Security Testing Strong background in penetration testing, threat modeling, and risk assessments. Nice-to-Have Skills: Cloud Security Experience Familiarity with cloud platforms, such as Azure, and securing cloud-based applications. DevSecOps Knowledge Experience implementing DevSecOps practices, embedding security throughout CI/CD pipelines. Linux & Container Security Understanding of securing Linux systems and containerized environments (Docker, Kubernetes). Why Join Us Impactful Work Play a crucial role in securing cutting-edge technologies, contributing to innovative solutions that impact millions. Growth Opportunities Expand your expertise in cybersecurity and product security within a fast-paced, dynamic environment. Collaborative Culture Work alongside diverse, forward-thinking teams where your contributions are valued, and your ideas shape the future. Continuous Learning Stay ahead of the curve with access to training, certifications, and opportunities to grow your technical and leadership skills. If you are a cybersecurity expert with a passion for product security and software development, ready to make a difference in shaping the future of secure technologies, we want to hear from you! Apply today and join us on our mission to build a safer, more secure digital world. Siemens Healthineers is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Job Title : Cybersecurity Expert- Product, Platform & Solution Security Role Summary The Cybersecurity Expert plays a critical role in protecting the integrity, availability, and confidentiality of medical software and systems by embedding security principles throughout the development lifecycle. As part of the Cybersecurity Center of Competence, the expert collaborates cross-functionally with R&D, product teams, architects, regulatory stakeholders, and external security communities to lead threat analysis, ensure secure design, validate vulnerabilities, and shape the security posture of products and platforms. This role is both technical and consultative, requiring deep knowledge of secure engineering practices, standards, and incident response. Key Responsibilities 1. Security Consulting & Risk Mitigation Provide security consultation to product teams to eliminate or mitigate weaknesses in line with industry standards (e.g., IEC 62443, NIST, ISO 27001). Participate in design and architecture discussions to ensure alignment with secure design principles. Guide software architects in integrating cyber security requirements into product and solution design. 2. Vulnerability & Threat Management Perform threat modeling, risk analysis, and attack surface assessments. Analyze vulnerabilities (internal or third-party), validate remediation measures, and guide patching strategies. Perform security incident investigations and provide forensics support when required. Stay updated on new vulnerabilities, threat vectors, and exploits"”apply findings to continuously improve product security. 3. Security Engineering & Tooling Design or extend tools, scripts, or automation frameworks for vulnerability scanning and penetration testing. Perform or oversee activities such as: Fuzz testing Reverse engineering Code analysis (static/dynamic) Secure software supply chain checks Contribute to the integration of automated security tooling into CI/CD pipelines. 4. Secure Development Lifecycle Support Lead or support security activities throughout the Secure Software Development Lifecycle (SDLC). Participate in or lead security gate reviews, release readiness assessments, and milestone reviews. Create and maintain secure coding and design guidelines for developers. Conduct or support internal security audits and regulatory submissions. 5. Community Development & Training Conduct security awareness sessions and technical training for R&D teams. Develop reusable security patterns, checklists, and guidance material. Collaborate with Cybersecurity Officers, Product Owners, and Architects to ensure cohesive security implementation across programs. Contribute to internal and external knowledge sharing, security forums, and standardization groups. Required Qualifications & Skills Education and Experience : Bachelors/Masters degree in Computer Science, Cybersecurity, or a related field. 5"“8 years of experience in IT/software development, with 3+ years focused on cybersecurity. Technical Expertise Strong foundation in: Secure architecture and design Threat modeling / Security risk analysis Static and dynamic code analysis Fuzz testing / Penetration testing Security tooling and automation (e.g., SonarQube, Burp Suite, Fortify, Checkmarx) Operating systems and networking fundamentals DevSecOps pipeline and CI/CD integration basics Working knowledge of: HIPAA, HITECH, FDA Pre/Postmarket Cybersecurity Guidance (for medical devices) Regulatory standardsIEC 62443, ISO 27001, NIST SP 800-53/82/218, CLSI AUTO11-Ax, IEC 80001 Certifications (Preferred) CISSP- Certified Information Systems Security Professional CSSLP- Certified Secure Software Lifecycle Professional OSCP, CEH, or similar ethical hacking certifications Collaboration & Stakeholders Internal Cybersecurity Officers (CYSO), R&D Development & Test teams, Quality/Risk Managers, Project Managers, Product Owners, Architects External Standardization bodies, security tool vendors, customer security teams, and external cybersecurity communities Work Style and Engagemen t Must be able to support multiple concurrent projects. Requires proactive leadership and strong communication with cross-functional teams. Expected to contribute regularly to internal security initiatives, CoPs (Communities of Practice), and lessons learned.

Educational Master Of Technology,Master Of Engineering,Bachelor Of Technology,Bachelor of Engineering Service Line Engineering Services Responsibilities A day in the life of an Infoscion As part of the Infosys consulting team, your primary role would be to lead the engagement effort of providing high-quality and value-adding consulting solutions to customers at different stages- from problem definition to diagnosis to solution design, development and deployment. You will review the proposals prepared by consultants, provide guidance, and analyze the solutions defined for the client business problems to identify any potential risks and issues. You will identify change Management requirements and propose a structured approach to client for managing the change using multiple communication mechanisms. You will also coach and create a vision for the team, provide subject matter training for your focus areas, motivate and inspire team members through effective and timely feedback and recognition for high performance. You would be a key contributor in unit-level and organizational initiatives with an objective of providing high-quality, value-adding consulting solutions to customers adhering to the guidelines and processes of the organization. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Technical and Professional : Experience in at least one of the following fieldsembedded security, secure design and hardware security Detailed knowledge of PKI and cryptography Knowledge of automotive vehicle systems, architecture, and automotive communication protocols (CAN, Ethernet etc.) would be considered an asset Work with different teams across the business to ensure development and implementation complies with legislation R155 vehicle cyber security, according to ISO21434 process. Participate in implementing process to comply with R155 for Polestar. Review Software applications for potential security vulnerabilities by conducting application security reviews i.e. Secure Design review, Threat Modelling. Preferred Skills: Domain-Automotive-Engine / Power Train Domain-Automotive-Infotainment System Domain-Automotive-Connected Car Domain-Automotive-Electric Vehicles (EVs)-EV