30 Vulnerability Analysis Jobs

Essential Responsibilities Support the Application Operations (Security) team in all security related activities, forums and discussions. Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys. Assist in setting up Jenkins pipeline integration to CI/CD lifecycle. Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues. Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements. Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization. Assist in Policy development, contributing to the development and implementation of vulnerability management policies and procedures. Manage the production of reporting and metrics to both internal and external stakeholders. You will report to the Head of Application Operations. Required Skills and Abilities: Security First mindset. Understanding of vulnerability analysis, scanning and remediation processes. Understanding of CVEs, CVSS. Understanding of security industry compliancy benchmarks and standards i.e. CIS. Understanding of security best practices/standards i.e. OWASP, NIST. Preferable experience with at least 2 coding languages i.e. Java, .NET, C++, Python etc. Desired Skills and Abilities: Outstanding analytical, critical thinking and organizational skills, ability to multitask and work to deadlines. Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting. Excellent communication, interpersonal and relationship building skills (verbal and written).

A security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation, and guidance service within the TAS Application Operations team. The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery. What will your essential responsibilities include Support the Application Operations (Security) team in all security-related activities, forums, and discussions. Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender, and Qualys. Assist in setting up Jenkins pipeline integration to CI/CD lifecycle. Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues. Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements. Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization. Assist in Policy development, contributing to the development and implementation of vulnerability management policies and procedures. Manage the production of reporting and metrics to both internal and external stakeholders. You will report to the Head of Application Operations. Required Skills and Abilities: Security First mindset. Understanding of vulnerability analysis, scanning, and remediation processes. Understanding of CVEs, CVSS. Understanding of security industry compliancy benchmarks and standards i.e., CIS. Understanding of security best practices/standards i.e., OWASP, NIST. Preferable experience with at least 2 coding languages i.e., Java, .NET, C++, Python etc. Desired Skills and Abilities: Outstanding analytical, critical thinking, and organizational skills, ability to multitask and work to deadlines. Proficiency in Power BI, MS Work, and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support the provision of critical data and use Excel to support our data capture, analysis, and reporting. Excellent communication, interpersonal, and relationship-building skills (verbal and written).

Role Overview: You will be responsible for ensuring IT security governance, risk, and control frameworks are effectively implemented within the organization. Your role will involve identifying, assessing, and remediating security gaps, vulnerabilities, and risks. Additionally, you will manage remediation plans, monitor issues, and ensure timely closure of identified gaps. Your technical skills will be utilized for vulnerability management, risk remediation, security assessments, and security testing activities such as penetration testing, threat modeling, and audits. Key Responsibilities: - Strong understanding and implementation of IT security governance, risk, and control frameworks. - Identify, assess, and remediate security gaps, vulnerabilities, and risks. - Manage remediation plans, monitor issues, and ensure timely closure of identified gaps. - Hands-on experience with vulnerability management, risk remediation, and security assessments. - Familiarity with security testing activities such as penetration testing, threat modeling, and audits. - Assess threats, vulnerabilities, and controls effectively. - Prepare, track, and present operational and governance reports. - Utilize tools such as Power BI, ServiceNow, Cyberport, Microsoft 365 for data analysis and reporting. - Handle large datasets and create dashboards for reporting. - Excellent stakeholder management and communication skills with both technical and business stakeholders. - Collaborate with cross-functional teams including Cybersecurity, IT, Risk, Audit, and Business. - Utilize problem-solving and conflict resolution abilities effectively. - Take ownership, work independently, and handle escalations efficiently. Qualifications Required: - Bachelor's degree in IT, Computer Science, Cybersecurity, or related field. - Proven experience in IT Security Governance, Risk & Compliance management, or Vulnerability Management in a global enterprise environment. - Availability to join within 15-30 days. - Preferably on a 30-day notice period. - Flexibility to work in UK hours. Additional Company Details (if available): The company values industry-recognized cybersecurity certifications such as CISA, CRISC, CISM, CISSP, CGEIT. Experience in the financial services sector or global corporate environment is advantageous. Knowledge of audit, compliance reporting, regulatory standards, process improvement in cybersecurity, risk remediation, escalation management, and governance forums is beneficial. (Note: The "Good To Have" section is omitted as it includes optional qualifications and experiences),

Vulnerability Management - L3 Location : Bangalore Mode : Hybrid On the portal where vulnerabilities are listed, each vulnerability must be analyzed; Within each record of each vulnerability, analyze the required fixes and the vendor involved Contact the vendor to discuss the vulnerability fix (usually the vendor applies the fix in a test environment) If there is any impact or downtime required, it will be necessary to align with Miguel Maral on the intervention window; Contact T-Systems to schedule the intervention; T-Systems will have to ensure a virtual machine snapshot is performed to enable rollback protection; Support the vendor during the application of the fixes in the production environment Security Operations Lead Roles and Responsibilities ( Grade IS3 / IS4) Vulnerability Analysis & Tracking Review and analyze vulnerabilities listed on the security portal & Servicenow Assess each vulnerability record to identify required fixes and determine the responsible vendor. Maintain a centralized tracking system for all open vulnerabilities and remediation status. Vendor Coordination Contact vendors to discuss and plan the application of fixes, typically in a test environment first. Support vendors during the fix deployment in production environments. Ensure rollback protection by coordinating virtual machine snapshots before any intervention. Intervention Planning Coordinate with T-Systems to schedule interventions and confirm snapshot creation for rollback capability. Remediation Execution Facilitate and monitor the application of fixes in production environments. Ensure all remediation activities are completed within agreed timelines and with minimal disruption. Documentation & Reporting to CSO Document all remediation steps, communications, and outcomes. Provide regular updates and reports to management on vulnerability status and resolution progress to CSO. Participate in the weekly and monthly review with CSO. Show more Show less

As an Information Security Analyst at our organization, you will play a critical role in enhancing the overall security posture. Your responsibilities will include evaluating, testing, and documenting security solutions and controls while collaborating closely with other team members to mitigate risks and foster innovation within the business. In this dynamic role, you will need to stay proactive in anticipating and countering cyber threats by staying updated on the latest infiltration techniques employed by attackers. Continuous learning and growth mindset are essential in this position, reflecting your commitment to ensuring the security of our business operations. Your role will involve collaboration with both internal and external stakeholders, technology management, and business units to address security challenges effectively. Key duties include configuring technical systems for monitoring suspicious activities, establishing security standards, supporting change management processes, and participating in various projects that require information security oversight. To excel in this position, you should have a solid background with at least 6-8 years of experience in incident response, system monitoring, and analysis. Familiarity with compliance requirements such as GLBA, PCI, HIPAA, and SOX is preferred, along with the ability to communicate business risks related to information security effectively. Moreover, your expertise in conducting risk assessments, knowledge of various computing platforms, cloud services, threat intelligence, and vulnerability analysis will be invaluable. Experience in working with Managed Security Service Providers (MSSPs) for monitoring and response purposes will be an added advantage. In addition to technical skills, possessing effective communication, problem-solving, and decision-making abilities are crucial for success in this role. You will be expected to demonstrate integrity, adaptability, organization, and efficiency while working under pressure and tight deadlines. Continuous learning about the evolving threat landscape is essential to stay ahead in this field. A Bachelor's degree in computer science, information assurance, or related fields is required for this role. However, relevant experience can be considered in lieu of a degree. Certification in Cybersecurity Analysis, Incident Response, or Risk Management is desired to further strengthen your credentials. At our company, we are committed to fostering a diverse, inclusive, and equitable workplace where every individual is valued and empowered to contribute to their fullest potential. We encourage candidates from all backgrounds, including traditionally underrepresented groups, to apply for our open roles. Our dedication to diversity and inclusion is integral to our success, and we strive to provide fair opportunities for all employees. If you require any accommodations during the application process due to a disability, please contact us at taglobal@prismhr.com. We are dedicated to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans. Join us at PrismHR and be part of a team that values diversity, inclusion, and employee well-being, creating a workplace where everyone feels a sense of belonging and can thrive. Your unique skills and experiences could be the perfect fit for our team, so don't hesitate to apply and explore the exciting opportunities we have to offer.,

Do you have experience in performing penetration testing Do you enjoy testing complex applications and discovering ways around security controls Can you effectively report vulnerabilities and provide guidance to software teams for remediation We are seeking penetration testers to: - Perform manual penetration testing on web, thick-client, and mobile applications - Participate in process improvements and automation - Identify and report vulnerabilities using common methodologies - Communicate with application teams on remediating vulnerabilities - Conduct technical QAs, including false-positive analysis and risk rating reviews - Identify and report vulnerabilities within critical applications, including key public banking platforms You will collaborate closely with application teams to define the scope of work and carry out tests responsibly. You will be a part of the Application Security Testing team, which operates globally and supports the Application Security Framework, playing an essential role in our Technology Services, particularly in the realm of Application Security Testing. Requirements: - Minimum 8+ years of overall experience and at least 2 years of hands-on vulnerability analysis and reporting - Knowledge of application security frameworks such as OWASP and Burp Professional - Understanding of web application vulnerabilities, exploitation mechanics, impacts, and remediations - General knowledge of commonly used web application technologies like GraphQL, REST/SOAP API, and WAF - Certifications such as OSCP, CompTIA, Burp Suite Certified Practitioner are advantageous UBS is the world's largest and the only truly global wealth manager, operating through four business divisions: Global Wealth Management, Personal & Corporate Banking, Asset Management, and the Investment Bank. With a presence in over 50 countries and all major financial centers, our global reach and expertise set us apart from competitors. UBS values diversity and inclusivity, being an Equal Opportunity Employer that values and empowers each individual's unique backgrounds, skills, experiences, and perspectives within the workforce. We encourage flexible ways of working, offer various working arrangements, and promote a purpose-led culture that fosters collaboration and agile ways of working to meet business needs. If you are ready to be part of #teamUBS and make an impact by contributing your skills and experience, join us in our mission to connect, collaborate, and work together towards ongoing success.,

You are being sought after for the role of Network Security Consultant in Bangalore, India. As part of this full-time position, you are required to have a minimum of 8 years of relevant experience in cybersecurity consulting/advisory. Your primary responsibility will be to design, evaluate, and enhance the network security posture of enterprise clients. To excel in this role, you must possess hands-on expertise in various areas such as firewall optimization, Zero Trust, SASE, cloud security, microsegmentation, and network orchestration tools. A crucial aspect of this position is the need for a consulting mindset, coupled with a profound comprehension of both the technical and governance facets of network security. Your key responsibilities will involve conducting network penetration testing, vulnerability analysis, and security assessments. You will also be responsible for designing and implementing Zero Trust Network Access (ZTNA) and microsegmentation solutions. Furthermore, you will be expected to architect and deploy Secure Access Service Edge (SASE) solutions utilizing tools like Zscaler or Cato. Additionally, you will play a pivotal role in proposing, assessing, and implementing network security products such as firewalls, WAF, proxies, DDoS, and NAC. Your duties will also include performing firewall audits and policy optimization using tools like AlgoSec, Tufin, and Skybox. Moreover, you will be required to develop network automation scripts using Python, Ansible, or Chef and conduct cloud network security assessments for AWS, Azure, and GCP. Integrating Breach & Attack Simulation (BAS) and XDR solutions into client environments, creating and maintaining technical documentation, security assessment reports, and architecture playbooks, advising clients on security best practices, and developing remediation roadmaps are also part of your responsibilities. To thrive in this role, you must have a minimum of 5 years of experience in Cyber Security Consulting/Advisory. You should possess hands-on experience with various multi-vendor network security tools such as Palo Alto, Fortinet, Checkpoint, Cisco (Firewall & Load Balancers), AlgoSec, Tufin, Skybox (policy optimization & orchestration), Zscaler, Cato Networks (SASE platforms), and Aruba ClearPass (NAC). It is essential to have a strong understanding of cloud network security across AWS, Azure, and GCP, as well as a solid grasp of Zero Trust architecture and network segmentation strategies. Proficiency in Python, Ansible, or Chef for network automation, along with strong communication, technical documentation, and client management skills, are also imperative for success in this role. Preferred certifications for this position include CISSP, CISA, or vendor-specific certifications (Palo Alto, Fortinet, Checkpoint, AlgoSec, Tufin). If you meet these requirements and are ready to take on this challenging yet rewarding role, we look forward to receiving your application.,

Join Natus Sensory to start a new adventure in the medical device industry today and make a difference in someone's life. As a Product Security Analyst (Remote) at Natus, you will collaborate closely with global cross-functional teams to safeguard the confidentiality, integrity, and availability of Natus medical devices and services from information security threats and vulnerabilities. Your responsibilities will include supporting customer product security and privacy inquiries, conducting security and privacy product assessments, and contributing to the Natus secure development lifecycle by implementing new strategies, policies, procedures, and best practices. As the Subject Matter Expert (SME) on industry threat intelligence and best practices, you will be required to conduct research, stay updated on emerging security trends, threats, and technologies, and work with cross-functional teams to deploy solutions within Natus products. You will also be responsible for conducting Product Security Risk Assessments, creating Product Security Requirements based on risk assessment results and industry best practices, collaborating with Engineering teams on cybersecurity posture assessments, and working with Marketing, Sales, and Service to address customer inquiries, questionnaires, and risk assessments. Qualifications for the Product Security Analyst role include a Bachelor's degree from a four-year college or university, at least five years of related experience in Cybersecurity in a heavily regulated environment, demonstrated expertise in system security, security compliance, and securing developmental lifecycles, and knowledge of information security risk assessment methodologies and standards. You should possess strong communication skills to engage with technical and non-technical stakeholders, the ability to manage multiple work activities efficiently in a fast-paced environment, and proficiency in statistical analysis and reporting. It is preferred that you have developing knowledge of information security best practices, standards, guidelines, and frameworks such as NIST 800-53, NIST RMF, NIST CSF, FDA Pre-market, and Post-market Guidance for Cybersecurity in Medical Devices, HIPAA Security Rule, HSCC Joint Security Plan, AAMI TIR57, and ISO/IEC 27000 family. This is a work-from-home remote position with minimal travel requirements (less than 5%), offering a collaborative and international environment with different cultures. English is the company language at Natus Sensory.,

Would you like to work with the latest technologies in security and be part of a collaborative team dedicated to solving critical issues Join our Security Team at Baker Hughes, where we are at the forefront of the digital transformation, responsible for cybersecurity architecture and data protection globally. As an OT Security Architect, you will play a crucial role in leading efforts to establish security standards and conduct cybersecurity assessments for our manufacturing environments. Your responsibilities will include architectural leadership by designing secure and resilient OT solutions aligned with business objectives, serving as a technical expert in OT security, collaborating with cross-functional teams to implement robust security solutions, conducting risk assessments and vulnerability analyses, creating detailed architectural documentation, integrating security requirements into the OT ecosystem, and staying updated on industry trends and emerging technologies to drive innovation. You will also work on incident response plans for OT systems, ensure compliance with relevant regulatory standards, and coach, mentor, and lead a diverse group of OT architecture and engineering team members. To be successful in this role, you should have a Bachelor's Degree in a relevant field, proven experience as an OT solutions architect focusing on security, strong knowledge of industrial control systems, cybersecurity principles related to OT environments, exceptional leadership and communication skills, and the ability to collaborate effectively across teams. Desired qualifications include a Master's degree or relevant industry certifications, extensive experience in architecting and securing complex OT environments, familiarity with industry-specific standards and regulations, previous experience in the oil and gas or manufacturing sector, and expertise in advanced security technologies. We offer flexible working patterns, including remote work and flexible hours, recognizing that everyone has different preferences for how they work best. At Baker Hughes, we prioritize the development and well-being of our workforce, invest in talent, and create a supportive environment where all employees can bring their authentic selves to work. Join us to be part of an energy technology company that is driving innovation and progress in the industry. Our technologies and services are shaping the future of energy, making it safer, cleaner, and more efficient for people and the planet. If you are looking for a challenging opportunity to make a real difference and contribute to a team that values innovation, join us at Baker Hughes and be part of a dynamic environment that will inspire and support you in taking energy forward.,

Join our team and help shape the future of connectivity indoors and outdoors. Together, let's push the boundaries of technology and advance sustainable networks worldwide. We are seeking a skilled and experienced Platform and Network Security Expert to lead and enhance security measures across the infrastructure of our DAS and RAN products, while also operationalizing and upholding security measures and policies defined by Andrew's security team. This role focuses on securing 4G/5G components and their management systems, ensuring compliance with telecom security standards, as well as the security requirements from operators and customers. It also involves detecting vulnerabilities and working closely with operators, vendors, and internal SW and HW development teams. As a Principal System Security Engineer, you will be responsible for the security aspects of the RAN and DAS products as part of the ICN business unit of Andrew. This role is hybrid based in Nashua, NH or Richardson, TX. You will make an impact by designing and defining security policies and requirements for RAN and DAS systems, architecting secure environments across Linux/Windows systems, Kubernetes, and container platforms, implementing least privilege access, strong authentication, and patch management. You will also be responsible for performing risk assessments, threat modeling, and vulnerability analysis on RAN elements and AWS cloud hosting. Additionally, you will prepare responses to customer security requirements and questionnaires, collaborate with engineering teams to ensure security is embedded in network design and deployment, monitor for and respond to security incidents involving RAN equipment and interfaces, and validate the security of vendor software/hardware while ensuring adherence to 3GPP, NIST, and GSMA standards. Other responsibilities include defining and enforcing security configurations, engaging in penetration and other security testing, working on compliance audits and regulatory requirements, developing tools/scripts for automation, staying up-to-date with emerging threats, and more. Required qualifications for consideration include a Bachelor's or Master's degree in Telecommunications, Computer Science, Cybersecurity/Information security or related field, 10+ years of experience in the Telecommunications and Cellular industry with at least 5 years of experience in telecom network security, expertise in mobile network security principles, experience with base station software and vendor-specific RAN solutions, knowledge of cloud infrastructure, familiarity with security frameworks, proficiency in security testing tools, knowledge of Linux security, and strong communication and collaboration skills. You will excite us if you have certifications such as CISSP, CEH, GICSP, experience with AI/ML-based threat detection in telecom networks, knowledge of 3GPP standards, especially for 4G/5G RAN architecture, and hands-on experience with telco cloud environments. Why ANDREW Explore exciting career opportunities at ANDREW, part of the Amphenol family. With a legacy of over 85 years in wireless innovation, we empower mobile operators and enterprises with cutting-edge solutions. ANDREW, an Amphenol company, is proud of our reputation as an excellent employer. Our focus is to provide the highest level of support and responsiveness to both our employees and our customers, the world's largest technology companies. ANDREW offers the opportunity for career growth within a global organization. We believe that our company is unique in that every employee, regardless of his or her position, has the ability to positively impact the business. For additional company information, please visit our website at https://www.andrew.com.,

Redaptive is seeking an Application and Cloud Security Specialist to join our India team and serve as a key cybersecurity leader. In this role, you will collaborate closely with the global IT team to enhance and uphold our organizational information security posture. We are looking for an individual who excels in dynamic environments, exercises sound judgement, and demonstrates empathy and resilience. Your role will involve creative problem-solving, teamwork, and the execution of initiatives across the team. As the Application and Cloud Security Specialist, you will be tasked with safeguarding our application environments and cloud infrastructure, focusing on identifying vulnerabilities, implementing security measures, and ensuring compliance with industry standards and regulations. While the position is based in Pune, we value a candidate who is eager to collaborate with a dispersed team across India and worldwide. Responsibilities: Application Security: - Conduct security assessments and vulnerability analyses for various applications, including web and mobile applications. - Implement and oversee application security tools such as static and dynamic analysis, SAST, and DAST. - Collaborate with development teams to integrate security practices into the software development lifecycle. - Review and evaluate security design and architecture for both new and existing applications. - Manage and respond to security incidents related to applications. Cloud Security: - Design, implement, and manage security controls for cloud environments like AWS, Azure, and Google Cloud Platform. - Conduct routine security assessments and audits of cloud infrastructure to ensure compliance with best practices and regulatory requirements. - Develop and enforce cloud security policies and procedures. - Monitor and analyze cloud security logs and events to identify potential threats. - Work with cloud service providers to address security issues and implement enhancements. Risk Management: - Identify, assess, and mitigate security risks associated with applications and cloud infrastructure. - Establish and maintain incident response plans for application and cloud security breaches. - Perform regular risk assessments and vulnerability assessments. Compliance and Documentation: - Ensure adherence to relevant regulations and standards such as GDPR, HIPAA, and PCI-DSS for application and cloud security. - Maintain comprehensive documentation of security policies, procedures, and incident responses. - Prepare and deliver security reports and metrics to management and stakeholders. Requirements: - Strong understanding of application security principles, secure coding practices, and threat modeling. - Experience with cloud security tools and platforms like AWS Security Hub, Azure Security Center, and Google Cloud Security. - Proficiency in security assessment tools and methodologies such as static/dynamic analysis and penetration testing. - Knowledge of scripting and programming languages like Python, Java, and JavaScript is advantageous. - Ability to work independently and complete tasks with minimal supervision. - Excellent communication skills and experience translating technical information into understandable concepts for various business units. - Positive attitude and adaptability in a fast-paced environment. Experience and Education: - Bachelor's degree in Computer Science, Information Security, or a related field. Relevant experience can be considered as a substitute. - Minimum of 3-5 years of experience in application security, cloud security, or a related role. - Preferred certifications include CISSP, GWAPT, CEH, or AWS Certified Security Specialty.,

As a Platform and Network Security Expert at our Bangalore location, you will play a crucial role in enhancing security measures for our DAS and RAN products. You will be responsible for securing 4G/5G components, ensuring compliance with industry standards, and collaborating with internal and external teams to detect vulnerabilities and mitigate security risks. Your primary responsibilities will include designing security policies, defining requirements for RAN and DAS systems, and architecting secure environments across various platforms. You will conduct risk assessments, threat modeling, and vulnerability analysis while also responding to customer security requirements and ensuring compliance with regulatory standards. In this role, you will actively engage in penetration testing, security monitoring, and incident response activities. You will work closely with engineering teams to embed security in network design, validate vendor software/hardware, and automate security monitoring processes. Additionally, you will stay updated on emerging threats and mitigation strategies specific to telecom infrastructure. To be considered for this position, you should possess a Bachelor's or Master's degree in Telecommunications, Computer Science, Cybersecurity/Information security or a related field. With 10+ years of experience in the telecommunications industry and expertise in mobile network security principles, you should also have a strong understanding of security frameworks, cloud infrastructure, and security testing tools. Excellent communication and collaboration skills are essential for interfacing with various stakeholders and centralized security teams. If you hold certifications such as CISSP, CEH, GICSP, or have experience with AI/ML-based threat detection in telecom networks, it will be an added advantage. Knowledge of 3GPP standards, telco cloud environments, and hands-on experience with RAN architecture and interfaces will further contribute to your success in this role. Join our dynamic team at ANDREW, an Amphenol company, and be part of a global organization that values innovation and employee growth. Take the opportunity to make a positive impact on our business while enjoying a supportive work environment and exciting career prospects. For more information about our company and the opportunities we offer, please visit our website at https://www.andrew.com.,

As a Cybersecurity Cloud Specialist at Renault Group IT Cybersecurity team, you will play a crucial role in evaluating cybersecurity architectures, technical requirements, and solutions on various cloud platforms like GCP, AWS, and Azure. Your responsibilities will include auditing existing cloud environments, identifying security gaps, proposing enhancements, and ensuring compliance with Renault Group's cybersecurity tools and policies. You will be tasked with utilizing Cloud Security Posture Management tools such as Google Security Command Center and Checkpoint Cloud Guard to monitor compliance alerts, communicate with asset owners for issue resolution, provide technical support, generate reports, and develop Python scripts. Additionally, you will review and enhance cloud security rules, conduct risk assessments, assess vulnerabilities, and implement security improvement plans. In this role, your expertise in micro-segmentation within cloud platforms, network security principles, risk assessment, and vulnerability analysis will be crucial. You will stay updated on the latest cloud technologies, security trends, and regulatory requirements, while participating in security audits and assessments to ensure ongoing compliance and effectiveness. Key qualifications for this position include a Bachelor's degree in computer science, Information Technology, Cybersecurity, or related field, along with 8+ years of experience in firewall management and security policy validation. Proficiency in cloud platforms, especially GCP, AWS, and Azure, is essential, along with relevant certifications in cybersecurity and cloud security. Your ability to work independently, collaborate effectively in a team environment, communicate efficiently, and manage multiple tasks under pressure will be essential in this role. On-call availability for critical security incidents may be required, highlighting the importance of your problem-solving and analytical skills in resolving security issues promptly and effectively.,

As a Software Security Compiler Engineer at NVIDIA, you will play a crucial role in enhancing the security of GCC, LLVM, and NVIDIA proprietary compilers. Your responsibilities will include understanding, modifying, and improving these compilers to strengthen code hardening and security measures. By addressing vulnerabilities, crafting countermeasures, and implementing industry-standard solutions, you will contribute to creating a more secure computing environment. You will collaborate with a diverse team to analyze source and assembly code for vulnerabilities and work on cutting-edge deep-learning compiler technology. To excel in this role, you should have a minimum of 8 years of experience in Computer Science/Engineering or a related field. Proficiency in software security and code hardening techniques is essential, along with strong programming skills in C and C++. Your solid compiler knowledge and experience will be valuable in reviewing, coordinating, and implementing security measures. Effective communication, documentation skills, and self-motivation are also key attributes for success in this position. To distinguish yourself as a standout candidate, proficiency in compiler design and verification techniques, hands-on experience with Intermediate Representations such as LLVM IR/MLIR/Tensor IR, and expertise in threat modeling and vulnerability analysis of system software will be advantageous. Familiarity with security tooling like Static Analyzer Checkers, Compiler Instrumentation, Sanitizers, and Fuzzer Mutators, as well as experience in implementing offensive testing techniques against compiler mitigations, will further enhance your profile. NVIDIA offers competitive salaries and a comprehensive benefits package, making it a highly sought-after employer in the technology industry. If you are a creative and autonomous engineer with a genuine passion for technology, join us on this exceptional journey to shape the future of AI computing and security. Make a lasting impact on the world by becoming part of our team at NVIDIA!,

The role of Infrastructure Vulnerability Remediation Specialist at Standard Chartered Bank involves participating in network-related vulnerability calls, major incidents, and critical migrations. You will engage with regional and global network teams, security teams, wider technology support teams, and management, as well as application/business support, OEMs, and external service providers. Your responsibilities will include contributing to excellence in problem/change management of SCB Global Network & Security Infrastructure, as well as collaborating with peer infrastructure teams to address critical vulnerability remediation. You will ensure end-to-end support and trend reporting, manage network change coordination, and participate in relevant service improvement initiatives. Additionally, you will focus on maximizing customer experience, troubleshoot technical issues, and validate UVT. It is essential to work with switching/routing technologies, security platforms, wireless products, and IP services in a banking environment. The role requires good time management skills, excellent customer focus, and the ability to work collaboratively with internal and external stakeholders. You will be responsible for updating the CISO and CISRO team on reported vulnerabilities, tracking progress, and ensuring accurate information related to network vulnerability reports and SLAs. As an Infrastructure Vulnerability Remediation Specialist, you will contribute to the development of short- and long-term strategic network vulnerability remediation goals. You must have a graduate degree in a technical discipline, around 6 to 10 years of hands-on experience in network WAN/LAN, and relevant certifications such as CCNA and CCNP. Key skills and experience include network switching, routing, firewall management, vulnerability analysis, and TACACS/Radius. Standard Chartered Bank is committed to driving commerce and prosperity through diversity and inclusion. If you are looking for a purpose-driven career in a bank that values difference and innovation, we encourage you to apply and be part of our inclusive and values-driven organization. In summary, as an Infrastructure Vulnerability Remediation Specialist at Standard Chartered Bank, you will play a crucial role in managing network vulnerabilities, collaborating with internal and external teams, and contributing to the bank's strategic goals in network security and infrastructure remediation.,

Job Title: Business Information Security Officer (BISO) The Business Information Security Officer (BISO) serves as a trusted security advisor to lines of business. The BISO understands security risks and technologies and is able to effectively communicate them to business units. The BISO works in tandem with the business across multiple services and platforms to address risk, while advising business leaders to ensure they are making decisions with security in mind. The BISO is an advanced role supporting the cybersecurity program. This individual provides leadership, executive support, and strategic and tactical guidance for a world-class cybersecurity program supporting enterprise security initiatives. As a business enabler, the BISO is an effective communicator with the technical aptitude to drive security fundamentals into aspects of the business. The BISO must be capable of working closely with senior management, third parties, project managers and business subject matter experts (SMEs). Additionally, the BISO must be personable and able to translate cybersecurity issues to business leader initiatives. The BISO must have a technical background and be able to understand technologies, their purpose, and their security requirements and data protection needs, wherever they reside. BISOs should also understand threats, as well as risk mitigations and technical controls recommended by security leaders. Job Responsibilities: Serve as a trusted security advisor with business unit leadership. Act as a liaison to ensure cybersecurity practices are built into business unit initiatives for the entire lifecycle. Act as a trusted point of contact across business units. Work closely with security leadership to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application security and infrastructure. Be actively informed and engaged in security projects across the business. Provide disaster recovery and business continuity planning advice when working with leaders for business and cybersecurity resiliency. Enforce the strong security culture set forth by the CISO, ensuring uniformity across business units and employees. Foster strong relationships with internal business units and excel in cybersecurity communication. Advise business units on enterprise-wide people, process and technology security recommendations. Maintain up-to-date knowledge related to security threats, vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units. Ensure business projects are focused on cybersecurity from the beginning. Identify and document threats and vulnerabilities that may impact the business and address them regularly with business units. In conjunction with security and business leaders, define key performance indicators (KPIs) and metrics aligning with business initiatives and deliver them to non-technical teams in terms that are accessible and comprehensible. Provide motivation to business units to adopt cybersecurity controls. Remove complexity and obstacles that hinder efficient security controls enterprise-wide. Build relationships with business units to deliver security-by-design controls incorporated into projects, architecture, infrastructure and applications. Stay abreast of new laws, regulations and standards, and assess their impact to the business. Verify security content training initiatives and internal/external communication are conducted regularly. Openly support the CISO, management team and executive leadership, even during tumultuous times. Perform other duties as assigned. Job Requirements: 15+ years of relevant Cybersecurity experience with minimum 5 years as Cybersecurity Architect or Lead Engineer. Bachelor's degree in Information Cybersecurity, Cybersecurity Assurance, Computer Science or related fields. Relevant certifications preferred including CISSP, CISM, GSEC, etc. Capable of working with diverse teams and promoting an enterprise-wide positive security mindset/culture. Adept at understanding business focus and processes and ability to inject cybersecurity into the business through teamwork and influence. Experience collaborating with IT teams to implement technology solutions that enable business initiatives and reduce risk. Knowledge of a relevant enterprise architecture methodology. Ability to determine key security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; and identifying integration issues. Ability to translate design into bill of materials and preparing cost estimates. Knowledge of a relevant Cloud architecture standards, methodology, and technology. Experience with risk assessments of new product development efforts as well as externally purchased applications and cloud services. Expert knowledge of security issues, techniques and implications. Advanced knowledge of common system, software and web application vulnerabilities (e.g., OWASP Top 10). General understanding of project management best practices. Ability to translate technical designs into bill of materials for procurement, collaborate with procurement team, draft Request for Quote/Purchase/Information (RFQ/RFP/RFI), and manage vendor relationships. Familiarity of SSDLC (Secure Software Development Life Cycle) or SDL (Secure Development Lifecycle). Experience assisting with third-party risk assessments and security control design validation. Experience performing Root Cause Analysis (RCA) for control failures and advising IT Management with risk treatment plans. Able to deliver quality results in a high-energy/high-pressure environment. Ability to multi-task and manage demands of many projects, issues, and tasks. Ability to perform duties with minimal supervision. Excellent interpersonal and teamwork skills. Excellent communications skills, both verbal and written. Experience performing research and communicating findings to technical and non-technical audience. Ability to credibly speak with clients regarding requests for information, integration, risk management, and compliance. Experience technically leading and influencing teams without depending on management authority. Experience mentoring Cybersecurity and IT team members. Diversity: At FactSet, we celebrate diversity of thought, experience, and perspective. We are committed to disrupting bias and a transparent hiring process. All qualified applicants will be considered for employment regardless of race, color, ancestry, ethnicity, religion, sex, national origin, gender expression, sexual orientation, age, citizenship, marital status, disability, gender identity, family status or veteran status. FactSet participates in E-Verify. Return to Work: Returning from a break We are here to support you! If you have taken time out of the workforce and are looking to return, we encourage you to apply and chat with our recruiters about our available support to help you relaunch your career.

Roles & Responsibilities: Analyze vulnerability scan results from tools like Tenable, Qualys, or Rapid7 to identify security weaknesses across infrastructure and applications. Prioritize vulnerabilities using multiple criteria, including CVSS, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), asset criticality, and business context. Partner with IT and DevOps teams to track remediation progress and provide technical guidance on mitigation strategies. Monitor threat intelligence feeds to correlate vulnerabilities with current exploit activity. Create and maintain vulnerability metrics, dashboards, and reports for leadership and compliance teams. Support vulnerability assessment activities in cloud environments (AWS, Azure, etc. ). Maintain documentation related to the vulnerability management lifecycle. Assist in policy and process development related to vulnerability and patch management. Participate in audits and compliance efforts (e. g. , SOX, ISO, NIST, PCI). What we expect of you We are all different, yet we all use our unique contributions to serve patients. Master s degree and 1 to 3 years of experience in Cybersecurity, vulnerability management or information security operations OR Bachelor s degree and 3 to 5 years of experience in Cybersecurity, vulnerability management or information security operations OR Diploma and 7 to 9 years of experience in Cybersecurity, vulnerability management or information security operations Must-Have Skills: Familiarity with vulnerability management tools (e. g. , Tenable, Qualys, Rapid7). Understanding of CVSS scoring, vulnerability lifecycle, and remediation workflows. Basic knowledge of threat intelligence and how it applies to vulnerability prioritization. Working knowledge of network, operating system, and application-level security. Ability to analyze scan data and correlate it with business context and threat intelligence. Preferred Qualifications: Good-to-Have Skills: Experience with KEV, EPSS, and other threat-based scoring systems. Familiarity with patch management processes and tools. Exposure to cloud security and related scanning tools (e. g. , Prisma Cloud, AWS Inspector). CompTIA Security+ GIAC GSEC / GCIH Qualys Vulnerability Management Specialist (QVMS) Tenable Certified Nessus Auditor (TCNA) Soft Skills: Analytical Thinking - Ability to interpret complex data sets and assess risk effectively Attention to Detail - Precision in identifying and tracking vulnerabilities and remediation status Communication Skills - Ability to communicate technical findings to both technical and non-technical audiences Collaboration & Teamwork - Able to work across IT, DevOps, and security teams to drive resolution Curiosity & Continuous Learning - Willingness to know the latest with evolving threats and technologies Problem-Solving

Your tasks Operation, maintenance, improvement and troubleshooting of the global vulnerability management platform like scanner appliances or systems for the management of vulnerabilities Analysis of vulnerabilities Continuous improvement of our vulnerability management process as well as development and implementation of improvements Close cooperation with interface teams within the organization, e.g. with the Cyber Defense and Response Center, the network or the client / server teams Handling of service problems in line with our internal SLAs Production or expansion of documentation for our global vulnerability management infrastructure Participation in security initiatives to increase security in the company Possibility of working in a shift model in the future Your qualifications Engineering degree in Computer Science, Information Security from reputed college/ University Minimum of 3-6 years of professional experience in the cybersecurity in a multinational company Experience with vulnerability scanner products and technologies like Qualys, Tenable, Servicenow (Vulnerability Response) Good knowledge of techniques and tools for vulnerability analysis Good knowledge of network and system technologies such as the ISO/OSI model, operating systems, applications and databases Administration of RedHat Enterprise Linux operating systems Proficient working knowledge of Python is must Capabilities to analyze complex processes Good communication skills and collaboration with different internal stakeholders Experience with IT Service Management and ITIL framework are preferred Certifications such as OCSP, ITIL, ISMS professional, CISSP or similar are added advantage Experience with malware defense tools and technologies such as anti-virus software, endpoint security, sandboxing and DLP are beneficial Excellent communication skills with fluency in speaking & writing English; German is added advantage

Organization: At CommBank, we never lose sight of the role we play in other peoples financial wellbeing. Our focus is to help people and businesses move forward to progress. To make the right financial decisions and achieve their dreams, targets, and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas, and energy all contribute to the impact that we can make with our work. Together we can achieve great things. Job Title: : Staff Security Engineer Location: Bangalore Business & Team: We&aposre building tomorrows bank today, which means we need creative and diverse engineers to help us redefine what customers expect from a bank. Envisioning new technologies that are still waiting to be invented and reimagining products that support our customers and help build Australias future economy. CommBank is recognised as leading the industry in IT and operations with its world-class platforms and processes, agile IT infrastructure, and innovation in everything from payments to internet banking and mobile apps. Cyber Security protects the bank and our customers from theft, losses and risk events, through effective and proactive management of cyber security, privacy and operational risk. The CBA technology unit delivers the best digital banking services to Commonwealth Bank customers and to do so is responsible for digital delivery, group data and analytics, technology and technology infrastructure, cyber, fraud, physical security and business resilience for all divisions across CBA. It is also dedicated to delivering the best workplace technology experience for our over 53.000 people across CBA and focused on providing the latest tools, technology, and resources to enhance the way we work together and empower our people to achieve more for our customers. The Security Engineering team protects the group and our customers from theft, loss and risk events, through effective and proactive management of cyber security, privacy and operational risk. Impact & Contribution: Designing and implementing secure solutions that align with group security policies, standards, and reference architecture. Work on threat modelling and can interpret and understand key cyber controls across the Group. Identify security requirements, qualify threats to design the IT systems and build countermeasures to minimise cyber risks. Collaborating with cross-functional teams to drive security outcomes throughout the design, build, and run phases of product development Supporting the adoption of modern scalable and high-velocity security practices, including Secure By Design, DevSecOps, and Automation Contributing to the continuous innovation and re-engineering of existing security engineering practices, including the development of practice strategies, patterns, and processes Staying up-to-date with the evolving technology landscape and providing expert guidance on security engineering best practices Supporting the response to high-profile security incidents, technology strategy and selection, and automation of security services Roles & Responsibilities: Provide deep technical hands-on Experience in security engineering, with a focus on design, strategy and implementation of secure solutions. Have strong understanding of security policies, standards, and reference architecture, and expertise in threat modelling, threat detection, control mapping, vulnerability analysis and control engineering risk identification. Are experienced in designing and building reusable security patterns and or solutions. Essential Skills: 8-12 years of experience in security engineering. Have experience with secure by design, DevSecOps, and Security automation (SAST, DAST, IAST) practices. Are experienced in designing and implementing enterprise Security Guidelines and Practices should have hands on experience in developing code , doing secure code Review , Threat modelling. Should have hands on experience securing Docker , Container and kubernitess. Experience with penetration testing and vulnerability assessment , and tool like OWASP ZAP or Burp Suite Familiarity with compliance frameworks, such as PCI-DSS or HIPAA Experience with AI/ML frameworks, libraries, and tools, such as TensorFlow, PyTorch, or Keras . Familiarity with Australian financial industry regulations and standards, such as the Australian Prudential Regulation Authority (APRA) and the Australian Securities and Investments Commission (ASIC) Education Qualification: Bachelors degree or masters degree in engineering in Computer Science/Information Technology If you&aposre already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you&aposll need to apply through Sidekick to submit a valid application. Were keen to support you with the next step in your career. We&aposre aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696. Advertising End Date: 30/08/2025 Show more Show less

The Product Security Principal Architect at Stryker plays a crucial role in collaborating with product development teams to implement effective security controls during the digital systems development processes. Responsible for shaping the security of Stryker products before market release, this professional guides teams to prioritize Security by Default, ensuring product resilience in the marketplace. Key responsibilities of this role include generating threat models with risk scoring, identifying and implementing security controls at various stages of product development, providing oversight during verification and validation, and supporting security investigations and responses post-market launch. **What You Will Do:** **Technical Responsibilities:** - Assess security risks and influence design decisions for new and evolving products to ensure they are secure by design. - Lead the development of threat models to address product risk related to security. - Define security requirements for new or evolving products. - Collaborate with product teams to address security issues and vulnerabilities identified through security tooling. - Assist product security incident response teams in effectively responding to and documenting security incidents. - Summarize security concepts used in product requirements, design, and build phases for internal and external communications. - Provide guidance on product security to internal taskforce teams. **Knowledge and Capabilities:** - Stay informed on security standards and guidelines from regulatory bodies such as FDA, NIST, ISO, and IEC. - Apply security control frameworks, threat modeling, and vulnerability severity scoring to secure products effectively. - Experience in designing secure products within the IoT ecosystem that includes embedded devices, clouds, and mobile devices. - Stay updated on vulnerabilities and exploits that may impact Stryker's ecosystem across various computing areas. **What You Will Need:** **Basic Qualifications:** - Bachelor's Degree in product security, computer science, mathematics, statistics, or related field. - Minimum of 8 years of relevant (product) security work experience. **Preferred Qualifications:** - Master's degree in a security-related discipline. - Knowledge of quality management systems in healthcare, medical device, or cyber-physical industries. - Experience implementing secure technologies in embedded devices, clouds, and mobile devices, including transport and communication protocols. - Possession of one or more active, industry-recognized cybersecurity certifications. Stryker, a global leader in medical technologies, is committed to enhancing healthcare outcomes through innovative products and services in MedSurg, Neurotechnology, Orthopaedics, and Spine. With a focus on making healthcare better, Stryker positively impacts over 150 million patients worldwide annually.,

You will be joining BMC, where trust is not just a word but a way of life. As an award-winning, equal opportunity, and culturally diverse organization, we are dedicated to making a positive impact on the community every day. At BMC, we prioritize work-life balance, allowing you to excel in your role while maintaining your personal priorities. Your achievements will be celebrated, and you will be supported by a team that inspires, motivates, and uplifts you. The IZOT product line at BMC focuses on Intelligent Z Optimization & Transformation products, assisting major companies in monitoring and managing their mainframe systems. We are committed to modernizing mainframe systems by enhancing developer experience, mainframe integration, application development speed, code quality, and application security. Through continuous innovation and growth, we strive to provide cutting-edge solutions to our clients. We are currently seeking a skilled Manager - Product Security to lead a team of penetration testers supporting BMC's IZOT product line. In this role, you will oversee offensive security assessments for mainframe-based solutions and modern application ecosystems. Your responsibilities will include managing security testing, red teaming, vulnerability analysis, and secure architecture reviews. You will play a crucial role in setting strategic goals, driving security initiatives, and promoting secure-by-design practices throughout product development. To excel in this position, you should possess the following qualifications and experience: - Bachelor's or master's degree in computer science, Information Security, or a related field. - 8+ years of experience in cybersecurity roles, with at least 3 years in a technical leadership or management capacity. - Proven track record in leading or conducting penetration testing on mainframe and modern platforms. - Hands-on experience in performing red team-style assessments or advanced threat emulation on mainframe and modern systems. - Proficiency in tools such as REXX, ISPF, JCL, Nmap, Burp Suite, Wireshark, and scripting languages like Python, REXX, Bash. - Ability to deliver technical and executive-level security reports and communicate effectively with cross-functional teams. - Familiarity with hybrid environments, modern enterprise integration methods, and board-level reporting. At BMC, we value our employees and foster a culture where each individual is recognized for their unique contributions. If you are passionate about joining our team and feel aligned with our values, we encourage you to apply, even if you have taken a career break. We believe in diversity and inclusion, and we welcome talented individuals from all backgrounds. Please note that the salary provided is just one aspect of BMC's comprehensive compensation package, which may include additional benefits based on your location and performance. We are committed to fair and transparent compensation practices to ensure our employees are valued and rewarded appropriately.,

The Security Operations Centre (SOC) department is seeking a candidate with strong oral and written communication skills. Experience in managing global customers, particularly in the US and Canada, is an advantage. The ideal candidate should be proficient in Incident Management and Response, with in-depth knowledge of security concepts such as cyber-attacks, threat vectors, risk management, and incident management. Strong familiarity with EDR and XDR is preferred. A strong understanding of various security solutions including EDR, XDR, NDR, EPP, Web Security, Firewalls, Email Security, O365, SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset Web Security, AV, UBEA, and Advanced SOC is required. The role involves working in a 24x7 Security Operation Centre (SOC) environment and includes creating, performing, reviewing, and delivering Incident Response playbooks and procedures. The responsibilities also include providing analysis and trending of security log data, threat and vulnerability analysis, security advisory services, and experience with Security Information Event Management (SIEM) tools. Hands-on experience in creating advanced correlation rules and conducting Vulnerability Assessments is a must. The candidate should have experience in threat hunting and forensic investigations. Other tasks and responsibilities may be assigned, including creating and fine-tuning rules, playbooks, etc. Strong knowledge of various operating systems such as Windows, Linux, and Unix, as well as TCP/IP Protocols, network analysis, and common Internet protocols and applications, is essential. Effective communication skills are required for contributing to the development and delivery of various written and visual documents for diverse audiences. Location: Ahmedabad Experience: 3-6 yrs Essential Skills/Certifications: GCFA, GCFE, CISP, CISSP, CCNP, CCIE Security, CEH; CSA If you meet the requirements and possess the essential skills/certifications, please send your CV to careers@eventussecurity.com.,

As a Platform and Network Security Expert at ANDREW in Bangalore, Karnataka, you will play a crucial role in enhancing security measures for DAS and RAN products. Your responsibilities will include designing and defining security policies, architecting secure environments, and ensuring compliance with telecom security standards and customer requirements. You will collaborate with internal and external stakeholders, engage in security testing, and develop tools to automate security monitoring and vulnerability management. To be successful in this role, you should have a Bachelor's or Master's degree in Telecommunications, Computer Science, Cybersecurity/Information security, along with 10+ years of experience in the Telecommunications and Cellular industry. Expertise in mobile network security principles, knowledge of O-RAN architecture, cloud security, and security frameworks is essential. Proficiency in security testing tools, Linux security, and scripting is also required. Strong communication and collaboration skills are key for interfacing with centralized security teams and development stakeholders. Certifications such as CISSP, CEH, GICSP, or vendor-specific security certifications are a plus. Experience with AI/ML-based threat detection, 3GPP standards, and telco cloud environments will excite us. Join ANDREW, part of the Amphenol family, and be a part of our legacy of over 85 years in wireless innovation. We offer exciting career opportunities, a supportive work environment, and the chance to make a positive impact within a global organization. Visit our website at https://www.andrew.com to learn more about us.,

As an OSS Compliance and IP Engineer/ Counsel in the Legal/ IP Department, you will be responsible for ensuring compliance with open-source software licenses and conducting intellectual property-related tasks. You should hold a BE/ B Tech/M Tech in Computer Science/ Electronics & Communication / Electrical Engineering with 2-8 years of experience in the relevant Tech Industry, particularly wireless & telecom, software, semiconductors with patent analysis and OSS Compliance. In-house experience is preferred. With 2-9 years of work experience, you should have expertise in patent search databases like Derwent Innovation, Orbit, etc., various analytics methodologies, patent classification, and infringement analysis. You must be skilled in retrieving legal/prosecution information from different Patent offices websites and have a strong understanding of open-source software license validations, compliance, and vulnerability analysis. Experience in Telecom architectures, wireless charging, audio/video technologies, Electric Vehicle hardware/software, vehicular wireless communication systems, connected cars, Battery system, ADAS, Telematics, Vehicle charging system, etc., is desirable. Your key responsibilities will include educating and motivating engineers on intellectual property creation and protection, conducting ideation workshops, collaborating with R&D engineers on patent ideas, evaluating patentability, and performing relevant patent studies. Additionally, you will be responsible for OSS Compliance. To excel in this role, you should proactively develop an understanding of diverse technology areas, possess strong interpersonal skills, have excellent verbal and written communication skills, and be a self-starter with strong work ethics. Being a team player who thrives in collaborative environments is essential. Having a good understanding of Automobile technology would be an added advantage for this position.,

Collaborate with software development teams to integrate security practices throughout the SDLC. Perform security code reviews and analyze vulnerabilities during different SDLC phases. Ensure security requirements are included in the design, development, testing, and deployment stages of software projects. Develop and implement security protocols, guidelines, and standard processes for software development. Conduct threat modeling and risk assessments to identify potential security issues early in the development process. Provide guidance on secure coding practices and remediation of identified vulnerabilities. Work closely with key partners, including product managers, project managers, and business analysts, to support and promote security activities within products. Communicate security risks, issues, and mitigation strategies effectively to both technical and non-technical partners. Foster a security-aware culture within the development teams and across the organization. Implement and manage security tools such as static and dynamic analysis tools, intrusion detection systems, and vulnerability scanners. Stay updated with the latest security tools, trends, and standard processes to enhance the organization's security posture. Assist in the development and implementation of incident response plans and procedures. Participate in security incident investigations and provide expertise in resolving security breaches. Conduct security training and awareness programs for development teams. Promote continuous improvement and knowledge sharing related to application security. Skills and Requirements: In-depth knowledge of application security, secure coding practices, and common vulnerabilities (e.g., OWASP Top Ten). Experience with security tools and technologies such as static analysis tools (SAST), dynamic analysis tools (DAST), and vulnerability scanners. Proficiency in programming languages such as Java, C#, Python. Understanding of DevSecOps practices and integration of security into CI/CD pipelines. Promote continuous improvement and knowledge sharing related to application security. Ability to explain complex security concepts to non-technical stakeholders. Strong analytical and problem-solving skills. Collaborative mindset and ability to work effectively with cross-functional teams. Preferred Certifications: Certified Secure Software Lifecycle Professional (CSSLP).