13 Vulnerability Analysis Jobs

Your tasks Operation, maintenance, improvement and troubleshooting of the global vulnerability management platform like scanner appliances or systems for the management of vulnerabilities Analysis of vulnerabilities Continuous improvement of our vulnerability management process as well as development and implementation of improvements Close cooperation with interface teams within the organization, e.g. with the Cyber Defense and Response Center, the network or the client / server teams Handling of service problems in line with our internal SLAs Production or expansion of documentation for our global vulnerability management infrastructure Participation in security initiatives to increase security in the company Possibility of working in a shift model in the future Your qualifications Engineering degree in Computer Science, Information Security from reputed college/ University Minimum of 3-6 years of professional experience in the cybersecurity in a multinational company Experience with vulnerability scanner products and technologies like Qualys, Tenable, Servicenow (Vulnerability Response) Good knowledge of techniques and tools for vulnerability analysis Good knowledge of network and system technologies such as the ISO/OSI model, operating systems, applications and databases Administration of RedHat Enterprise Linux operating systems Proficient working knowledge of Python is must Capabilities to analyze complex processes Good communication skills and collaboration with different internal stakeholders Experience with IT Service Management and ITIL framework are preferred Certifications such as OCSP, ITIL, ISMS professional, CISSP or similar are added advantage Experience with malware defense tools and technologies such as anti-virus software, endpoint security, sandboxing and DLP are beneficial Excellent communication skills with fluency in speaking & writing English; German is added advantage

Organization: At CommBank, we never lose sight of the role we play in other peoples financial wellbeing. Our focus is to help people and businesses move forward to progress. To make the right financial decisions and achieve their dreams, targets, and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas, and energy all contribute to the impact that we can make with our work. Together we can achieve great things. Job Title: : Staff Security Engineer Location: Bangalore Business & Team: We&aposre building tomorrows bank today, which means we need creative and diverse engineers to help us redefine what customers expect from a bank. Envisioning new technologies that are still waiting to be invented and reimagining products that support our customers and help build Australias future economy. CommBank is recognised as leading the industry in IT and operations with its world-class platforms and processes, agile IT infrastructure, and innovation in everything from payments to internet banking and mobile apps. Cyber Security protects the bank and our customers from theft, losses and risk events, through effective and proactive management of cyber security, privacy and operational risk. The CBA technology unit delivers the best digital banking services to Commonwealth Bank customers and to do so is responsible for digital delivery, group data and analytics, technology and technology infrastructure, cyber, fraud, physical security and business resilience for all divisions across CBA. It is also dedicated to delivering the best workplace technology experience for our over 53.000 people across CBA and focused on providing the latest tools, technology, and resources to enhance the way we work together and empower our people to achieve more for our customers. The Security Engineering team protects the group and our customers from theft, loss and risk events, through effective and proactive management of cyber security, privacy and operational risk. Impact & Contribution: Designing and implementing secure solutions that align with group security policies, standards, and reference architecture. Work on threat modelling and can interpret and understand key cyber controls across the Group. Identify security requirements, qualify threats to design the IT systems and build countermeasures to minimise cyber risks. Collaborating with cross-functional teams to drive security outcomes throughout the design, build, and run phases of product development Supporting the adoption of modern scalable and high-velocity security practices, including Secure By Design, DevSecOps, and Automation Contributing to the continuous innovation and re-engineering of existing security engineering practices, including the development of practice strategies, patterns, and processes Staying up-to-date with the evolving technology landscape and providing expert guidance on security engineering best practices Supporting the response to high-profile security incidents, technology strategy and selection, and automation of security services Roles & Responsibilities: Provide deep technical hands-on Experience in security engineering, with a focus on design, strategy and implementation of secure solutions. Have strong understanding of security policies, standards, and reference architecture, and expertise in threat modelling, threat detection, control mapping, vulnerability analysis and control engineering risk identification. Are experienced in designing and building reusable security patterns and or solutions. Essential Skills: 8-12 years of experience in security engineering. Have experience with secure by design, DevSecOps, and Security automation (SAST, DAST, IAST) practices. Are experienced in designing and implementing enterprise Security Guidelines and Practices should have hands on experience in developing code , doing secure code Review , Threat modelling. Should have hands on experience securing Docker , Container and kubernitess. Experience with penetration testing and vulnerability assessment , and tool like OWASP ZAP or Burp Suite Familiarity with compliance frameworks, such as PCI-DSS or HIPAA Experience with AI/ML frameworks, libraries, and tools, such as TensorFlow, PyTorch, or Keras . Familiarity with Australian financial industry regulations and standards, such as the Australian Prudential Regulation Authority (APRA) and the Australian Securities and Investments Commission (ASIC) Education Qualification: Bachelors degree or masters degree in engineering in Computer Science/Information Technology If you&aposre already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you&aposll need to apply through Sidekick to submit a valid application. Were keen to support you with the next step in your career. We&aposre aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696. Advertising End Date: 30/08/2025 Show more Show less

The Product Security Principal Architect at Stryker plays a crucial role in collaborating with product development teams to implement effective security controls during the digital systems development processes. Responsible for shaping the security of Stryker products before market release, this professional guides teams to prioritize Security by Default, ensuring product resilience in the marketplace. Key responsibilities of this role include generating threat models with risk scoring, identifying and implementing security controls at various stages of product development, providing oversight during verification and validation, and supporting security investigations and responses post-market launch. **What You Will Do:** **Technical Responsibilities:** - Assess security risks and influence design decisions for new and evolving products to ensure they are secure by design. - Lead the development of threat models to address product risk related to security. - Define security requirements for new or evolving products. - Collaborate with product teams to address security issues and vulnerabilities identified through security tooling. - Assist product security incident response teams in effectively responding to and documenting security incidents. - Summarize security concepts used in product requirements, design, and build phases for internal and external communications. - Provide guidance on product security to internal taskforce teams. **Knowledge and Capabilities:** - Stay informed on security standards and guidelines from regulatory bodies such as FDA, NIST, ISO, and IEC. - Apply security control frameworks, threat modeling, and vulnerability severity scoring to secure products effectively. - Experience in designing secure products within the IoT ecosystem that includes embedded devices, clouds, and mobile devices. - Stay updated on vulnerabilities and exploits that may impact Stryker's ecosystem across various computing areas. **What You Will Need:** **Basic Qualifications:** - Bachelor's Degree in product security, computer science, mathematics, statistics, or related field. - Minimum of 8 years of relevant (product) security work experience. **Preferred Qualifications:** - Master's degree in a security-related discipline. - Knowledge of quality management systems in healthcare, medical device, or cyber-physical industries. - Experience implementing secure technologies in embedded devices, clouds, and mobile devices, including transport and communication protocols. - Possession of one or more active, industry-recognized cybersecurity certifications. Stryker, a global leader in medical technologies, is committed to enhancing healthcare outcomes through innovative products and services in MedSurg, Neurotechnology, Orthopaedics, and Spine. With a focus on making healthcare better, Stryker positively impacts over 150 million patients worldwide annually.,

You will be joining BMC, where trust is not just a word but a way of life. As an award-winning, equal opportunity, and culturally diverse organization, we are dedicated to making a positive impact on the community every day. At BMC, we prioritize work-life balance, allowing you to excel in your role while maintaining your personal priorities. Your achievements will be celebrated, and you will be supported by a team that inspires, motivates, and uplifts you. The IZOT product line at BMC focuses on Intelligent Z Optimization & Transformation products, assisting major companies in monitoring and managing their mainframe systems. We are committed to modernizing mainframe systems by enhancing developer experience, mainframe integration, application development speed, code quality, and application security. Through continuous innovation and growth, we strive to provide cutting-edge solutions to our clients. We are currently seeking a skilled Manager - Product Security to lead a team of penetration testers supporting BMC's IZOT product line. In this role, you will oversee offensive security assessments for mainframe-based solutions and modern application ecosystems. Your responsibilities will include managing security testing, red teaming, vulnerability analysis, and secure architecture reviews. You will play a crucial role in setting strategic goals, driving security initiatives, and promoting secure-by-design practices throughout product development. To excel in this position, you should possess the following qualifications and experience: - Bachelor's or master's degree in computer science, Information Security, or a related field. - 8+ years of experience in cybersecurity roles, with at least 3 years in a technical leadership or management capacity. - Proven track record in leading or conducting penetration testing on mainframe and modern platforms. - Hands-on experience in performing red team-style assessments or advanced threat emulation on mainframe and modern systems. - Proficiency in tools such as REXX, ISPF, JCL, Nmap, Burp Suite, Wireshark, and scripting languages like Python, REXX, Bash. - Ability to deliver technical and executive-level security reports and communicate effectively with cross-functional teams. - Familiarity with hybrid environments, modern enterprise integration methods, and board-level reporting. At BMC, we value our employees and foster a culture where each individual is recognized for their unique contributions. If you are passionate about joining our team and feel aligned with our values, we encourage you to apply, even if you have taken a career break. We believe in diversity and inclusion, and we welcome talented individuals from all backgrounds. Please note that the salary provided is just one aspect of BMC's comprehensive compensation package, which may include additional benefits based on your location and performance. We are committed to fair and transparent compensation practices to ensure our employees are valued and rewarded appropriately.,

The Security Operations Centre (SOC) department is seeking a candidate with strong oral and written communication skills. Experience in managing global customers, particularly in the US and Canada, is an advantage. The ideal candidate should be proficient in Incident Management and Response, with in-depth knowledge of security concepts such as cyber-attacks, threat vectors, risk management, and incident management. Strong familiarity with EDR and XDR is preferred. A strong understanding of various security solutions including EDR, XDR, NDR, EPP, Web Security, Firewalls, Email Security, O365, SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, Service Now Ticketing Toolset Web Security, AV, UBEA, and Advanced SOC is required. The role involves working in a 24x7 Security Operation Centre (SOC) environment and includes creating, performing, reviewing, and delivering Incident Response playbooks and procedures. The responsibilities also include providing analysis and trending of security log data, threat and vulnerability analysis, security advisory services, and experience with Security Information Event Management (SIEM) tools. Hands-on experience in creating advanced correlation rules and conducting Vulnerability Assessments is a must. The candidate should have experience in threat hunting and forensic investigations. Other tasks and responsibilities may be assigned, including creating and fine-tuning rules, playbooks, etc. Strong knowledge of various operating systems such as Windows, Linux, and Unix, as well as TCP/IP Protocols, network analysis, and common Internet protocols and applications, is essential. Effective communication skills are required for contributing to the development and delivery of various written and visual documents for diverse audiences. Location: Ahmedabad Experience: 3-6 yrs Essential Skills/Certifications: GCFA, GCFE, CISP, CISSP, CCNP, CCIE Security, CEH; CSA If you meet the requirements and possess the essential skills/certifications, please send your CV to careers@eventussecurity.com.,

As a Platform and Network Security Expert at ANDREW in Bangalore, Karnataka, you will play a crucial role in enhancing security measures for DAS and RAN products. Your responsibilities will include designing and defining security policies, architecting secure environments, and ensuring compliance with telecom security standards and customer requirements. You will collaborate with internal and external stakeholders, engage in security testing, and develop tools to automate security monitoring and vulnerability management. To be successful in this role, you should have a Bachelor's or Master's degree in Telecommunications, Computer Science, Cybersecurity/Information security, along with 10+ years of experience in the Telecommunications and Cellular industry. Expertise in mobile network security principles, knowledge of O-RAN architecture, cloud security, and security frameworks is essential. Proficiency in security testing tools, Linux security, and scripting is also required. Strong communication and collaboration skills are key for interfacing with centralized security teams and development stakeholders. Certifications such as CISSP, CEH, GICSP, or vendor-specific security certifications are a plus. Experience with AI/ML-based threat detection, 3GPP standards, and telco cloud environments will excite us. Join ANDREW, part of the Amphenol family, and be a part of our legacy of over 85 years in wireless innovation. We offer exciting career opportunities, a supportive work environment, and the chance to make a positive impact within a global organization. Visit our website at https://www.andrew.com to learn more about us.,

As an OSS Compliance and IP Engineer/ Counsel in the Legal/ IP Department, you will be responsible for ensuring compliance with open-source software licenses and conducting intellectual property-related tasks. You should hold a BE/ B Tech/M Tech in Computer Science/ Electronics & Communication / Electrical Engineering with 2-8 years of experience in the relevant Tech Industry, particularly wireless & telecom, software, semiconductors with patent analysis and OSS Compliance. In-house experience is preferred. With 2-9 years of work experience, you should have expertise in patent search databases like Derwent Innovation, Orbit, etc., various analytics methodologies, patent classification, and infringement analysis. You must be skilled in retrieving legal/prosecution information from different Patent offices websites and have a strong understanding of open-source software license validations, compliance, and vulnerability analysis. Experience in Telecom architectures, wireless charging, audio/video technologies, Electric Vehicle hardware/software, vehicular wireless communication systems, connected cars, Battery system, ADAS, Telematics, Vehicle charging system, etc., is desirable. Your key responsibilities will include educating and motivating engineers on intellectual property creation and protection, conducting ideation workshops, collaborating with R&D engineers on patent ideas, evaluating patentability, and performing relevant patent studies. Additionally, you will be responsible for OSS Compliance. To excel in this role, you should proactively develop an understanding of diverse technology areas, possess strong interpersonal skills, have excellent verbal and written communication skills, and be a self-starter with strong work ethics. Being a team player who thrives in collaborative environments is essential. Having a good understanding of Automobile technology would be an added advantage for this position.,

Collaborate with software development teams to integrate security practices throughout the SDLC. Perform security code reviews and analyze vulnerabilities during different SDLC phases. Ensure security requirements are included in the design, development, testing, and deployment stages of software projects. Develop and implement security protocols, guidelines, and standard processes for software development. Conduct threat modeling and risk assessments to identify potential security issues early in the development process. Provide guidance on secure coding practices and remediation of identified vulnerabilities. Work closely with key partners, including product managers, project managers, and business analysts, to support and promote security activities within products. Communicate security risks, issues, and mitigation strategies effectively to both technical and non-technical partners. Foster a security-aware culture within the development teams and across the organization. Implement and manage security tools such as static and dynamic analysis tools, intrusion detection systems, and vulnerability scanners. Stay updated with the latest security tools, trends, and standard processes to enhance the organization's security posture. Assist in the development and implementation of incident response plans and procedures. Participate in security incident investigations and provide expertise in resolving security breaches. Conduct security training and awareness programs for development teams. Promote continuous improvement and knowledge sharing related to application security. Skills and Requirements: In-depth knowledge of application security, secure coding practices, and common vulnerabilities (e.g., OWASP Top Ten). Experience with security tools and technologies such as static analysis tools (SAST), dynamic analysis tools (DAST), and vulnerability scanners. Proficiency in programming languages such as Java, C#, Python. Understanding of DevSecOps practices and integration of security into CI/CD pipelines. Promote continuous improvement and knowledge sharing related to application security. Ability to explain complex security concepts to non-technical stakeholders. Strong analytical and problem-solving skills. Collaborative mindset and ability to work effectively with cross-functional teams. Preferred Certifications: Certified Secure Software Lifecycle Professional (CSSLP).

Transport is at the core of modern society. Imagine using your expertise to shape sustainable transport and infrastructure solutions for the future If you seek to make a difference on a global scale, working with next-gen technologies and the sharpest collaborative teams, then we could be a perfect match. As a Product Cybersecurity Officer (PCS officer), you will be responsible for contributing towards the overall security and compliance of our organization's automotive systems and connected vehicles in collaboration with various internal & external stakeholders. This role plays a critical supporting part in safeguarding our vehicles from cyber threats, managing risks, and ensuring compliance with industry regulations and standards. A PCS Officer is a role filled by resources in the Product Cybersecurity Management System (PCSMS) in GTT cybersecurity and functional safety central team. A PCS Officer could take on various responsibilities during the deployment of PCSMS, including Product Regulation Compliance Owner (PRCO), Product Cybersecurity Leader, Vehicle Cybersecurity Coordinator, and Vehicle Cybersecurity Engineer. Primary Responsibilities: - Develop and maintain PCSMS in accordance with applicable product cybersecurity standards and procedures for the organization's automotive systems. - Establish a governance framework to oversee cybersecurity initiatives and ensure alignment with business objectives. - Collaborate with senior management to promote a culture of cybersecurity awareness and compliance throughout the organization. - Support in evaluating new global cybersecurity regulations and setting up/improving processes, instructions, and templates in coordination with the internal GTT team. - Create guidelines for Product Development teams to maintain clear traceability of Cybersecurity changes on product levels to facilitate vehicle type approval certifications. - Stay up to date with evolving regulations and coordinate necessary adjustments to policies and procedures. - Support Vehicle & Technology Streams in identifying, assessing, and managing cybersecurity risks related to vehicle systems and connected technologies. - Provide consolidated reports of product cybersecurity risks to relevant stakeholders. When acting as R155 Product Regulation Compliance Owner (R155 PRCO), responsibilities include: - Responsible for certifications such as R155 Regulation and GB/T 40863 Chinese CS Regulation. - Ensure compliance of Volvo Group Trucks with regional Vehicle Cybersecurity regulations. - Generate and own needed cybersecurity agreements and guidelines related to PCS. - Prepare necessary documents for R155 new and extension vehicle type approval and PCSMS Audit Events. - Summarize product-related cybersecurity changes and create vehicle-level documentation for regulatory audits. - Lead efforts to secure compliance with external regulatory authorities and work with regulatory specialists and certification engineers. - Ensure all technical solutions comply with relevant regulations. Secondary Skills: - Develop and deliver cybersecurity training programs for employees and partners. - Promote a culture of cybersecurity awareness by organizing workshops and awareness campaigns. - Maintain and drive CoP and Supporting Forums related to various PCSMS processes. - Act as an expert advisor to product development teams for screening and planning their CS activities. - Provide necessary guidance and infrastructure to enable the consolidation of individual assurance cases. Further details and qualifications can be found in the job description.,

Position Summary The Network Security Engineer plays a critical role in safeguarding our organization's sensitive data and maintaining the integrity of our network infrastructure. This role focuses on implementing, managing, and monitoring network security solutions to ensure compliance with industry standards such as PCI-DSS, NIST, ISO 27001, HIPAA and some others. Will conduct regular security assessments, including firewall reviews and vulnerability analysis, and provide recommendations for enhancing our security posture, additionally will be required to conducting regular WIFI security reviews. This position requires a strong understanding of network security principles, hands-on experience with technologies such as: FIREMON, Palo Alto firewalls, Cisco switches, and other network security technologies. Job Description Manage and optimize security tools including FIREMON, Palo Alto firewalls, and Cisco infrastructure Identify and respond to security incidents, compromised assets, and potential threats Monitor network traffic patterns and analyze security events using IDS/IPS systems Perform real-time security monitoring and incident response Handle security request related but not limited to troubleshootings, enrollment, reports, investigations, etc. Technical analysis of network activity; monitors and evaluates network flow data and signature-based IDS events. Recommend new IDS signatures and detection strategies. Monitor and report on trends and activity on network sensor platforms. Review daily Firewall logs. Review Firewall rules. Conduct monthly audit on WIFI SSID and users. Conduct quarterly WIFI scan and analysis. Note: The candidate should have exp in Security Audit & Compliance Shift: Rotational (Including Night Shfit)

Required Experience: At least 15 years of experience in working in a fast-paced IT team. Work Location/Travel: Bangalore and must be available during weekends or extended hours if required for critical emergencies. Work in the office during the general shift/work from home during other shifts. Job Summary: Infra Ops Management Manage IT Ops Vendors and hardware Vendors for delivering M365 L1 Support, Network (Internet Leased Line, Firewall, Apps gateway, IDS, IPS) and Onsite desktop support. Manage IT Network Ops vendors including L0 and L1 support. Handle escalation L2/L3 support including developing policies and qualifying exceptions etc. for IIC and US teams. Manage escalation of hardware Issues with OEM vendors like Dell and HP, ensuring they deliver as per SLAs. Built and develop L0/L1 support (including availability, monitoring and change management activities) Architect and manage Infra programs, support technology requirements for delivery projects Own security reviews, vendor security questionnaires, and responses to support Presales Security management and administration of M365, Cloudflare, Proofpoint, N-Able, Fortinet alerts Development support queries on Application installation and client connectivity issues Design and implementation of policies on the Apps managed by IT. Monthly reports and exception management Hardware and software procurement and license management including development requirements on a needy basis. Supports ISO 27001 activities and development of new policies, evidence gathering, and addressing gaps. Readiness for New security compliances Fed Ramp etc., and other compliance required by our customers PCI-DSS. Assisting the development teams in adopting these during application deployment. Nable Patch Management Review Bitdefender Review Dashboards and follow up on exceptions. Review Assets registered and ensuring time and again stale assets are removed. Extract and configure customized reports as required. Review Bitdefender automated reports for exceptions Address escalated issues that cannot be resolved by IT Tech Liaise with All covered for resolution. Audit reviews for Users and devices AZURE AD Risky User Investigation Conditional access policies review and troubleshooting MFA configuration and Troubleshooting Secure score recommendations AZURE AD policies troubleshooting and investigations. AZURE AD Access Reviews and Cleanup AZURE AD Admin Audit logs review Self-service password reset flow activity progress. Reset password (self-service) Update Sts Refresh Token Valid from Timestamp Reset user password. Update user Add app role assignment grant to user When an Enterprise Application is assigned to a user. Add delegated permission grant. Change password (self-service) Change user password Security info saved for self-service password reset. User completed security info registration for self-service password reset. User started security info registration for self-service password reset. Add service principal. Add application. Delete application. Remove service principal. Update service principal Update application Certificates and secrets management Update application Add and remove the owner from application. Create an application password for the user. Redmine Access Reviews Backup Reviews Software updates Assist team with queries on Vulnerability Analysis Gather evidence required for ISO 27001 Escalated Issues on Redmine Address Backup Issues Prepare and coordinate DR and BCP Ad hoc requests from Dev teams and PMO FortiGate and Network Design as per compliance requirements say FedRAMP, PCI-DSS Vendor Liaison (basically L1) on exceptions like IDS, IPS, VPN, Firewall Issues Manage change and problem management activities. Review monthly reports and exceptions. Root cause analysis and remediations SLA reports and corrective actions Policy design and address VPN compliance Handle Escalated Issues on the Network - VPN, IDS, IPS, Security Violations and investigations regarding access to customers and/or impersonation etc. M365 Intune Import and register new laptops during onboarding. Support on shore team for Onboarding Issues Review Assets registered in Intune, and generate asset reports, compare these with asset files. Escalated support on Intune Issues and follow up with vendor and Microsoft. Escalated support on Non-Delivery of Apps during deployment Registering BYOD devices Validating policies and resolving issues that users face due to policy failures. Create and troubleshoot policies. Exchange Online Review Quarantined email and release as appropriate reactively as alerted by Users. Escalate issues of non-delivery reports and/or any emails quarantined or not delivered to users. Review and clear blocked messages from EOL Create and troubleshoot policies. Teams Troubleshoot team issues Jitter, call drops, high utilization. Review usage reports and dashboards for exceptions Review and investigate Teams logs for security issues. Change ownership of Team files as required by Managers or new owners. Resolve file-sharing queries and best practices for sharing files. Procurement Vendor Management Review and monitor SLA with HP, Dell, and hardware Partners Address escalations due to delays in service Address clarifications on warranty claims Procure New hardware or upgrade as required - Memory, SSD etc., Co-ordinate with Insurance firms and support Admin teams Hardware Planning as per business needs Review and procure software requirements. Review asset inventory and ensure asset register is updated. Assist onshore with laptop hardware procurement and configurations for 3-year support. Warranty renewal and Maintenance contracts Competency (Knowledge, Skills, and Abilities): At least 15 years of experience in working in a fast-paced IT team. Responsible for delivery of end-to-end IT requirements for internal stake holders Should have experience of managing internal and external resources working to deliver IT services. Should have hands on experience in managing vendors, negotiating deliverables and keeping costs within pre-determined budgets. Position Type: Full Time/Permanent Required Education: Bachelors degree. Ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology. Other Duties: This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required. Duties, responsibilities, and activities may change, or new ones may be assigned at any time, with or without notice.

Job description Job Title: Senior Staff Security Researcher About Role : Develop cutting-edge IPS signatures that shield against emerging threats and Review signatures for other junior team members. Have sense of urgency for critical vulnerabilities and release it to customers. Analyze and reverse engineer cyber-attacks and new vulnerabilities (CVEs) and effectively implement preventive measures to stay ahead of evolving threats. Align with Engineering stakeholders and identify Research topics for IPS roadmap, build POCs for them and mentor junior team members for various research topics. Identify areas of process improvement, prioritize them with senior leaders, look at new Attack Frameworks, like Empire, MSF. Drive Competitive Analysis strategy along with senior leaders to stay ahead of the competition. Publish technical blogs to spread awareness and help defenders with the necessary resources to protect their organizations. Research various MITRE attack TTPs, replicate them in lab, build signatures and be represent IPS research team in MITRE evaluation process. Vulnerability RCA, reverse engineering and POC verification and signature development for MAPP program Capable of working with no supervision, represent IPS research team in various forums and come-up with new Research ideas. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement

About Barry Wehmiller: - Barry Wehmiller Companies is a global supplier of manufacturing technology and services based in St. Louis Missouri. Although it was founded in 1885 as a maker of machinery for the brewing industry, since 1987 Barry-Wehmiller has acquired more than 80 companies that provide equipment and services for a variety of industries: packaging, paper converting, sheeting, corrugating, engineering, and IT consulting. In 2016 it was ranked no. 10 on the St. Louis Business Journal's list of the city's Top 150 Privately Held Companies. We believe our culture differentiates us from other firms. In India, Barry-Wehmiller operates as a hub of innovation and collaboration, housing our Global Competency Center (GCC) and other strategic functions. The GCC, based in Chennai, is an Engineering Center of Excellence that supports all Barry-Wehmiller divisions globally. The center focuses on areas such as design and development in mechanical, electrical, and controls engineering, software development, and additive manufacturing. We believe in: Ownership Youll drive features end-to-end, from design to deployment. Flexibility A friendly, results-oriented culture that respects your time. Empowerment Your insights are valued, and your work makes a visible difference. Learning & Growth Youll work on complex challenges with smart, passionate peersand have the support to level up continually. If youre ready to bring your best thinking to the table and grow in a high-impact, future-focused environment, wed love to hear from you. Job Description: The Enterprise IT Service Desk Workstation Vulnerability Analysts role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 3-5 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Travel: Travel could be up to 15% (in the country) as needed for remote support. What is it for you? This role is more than just a job. It’s an opportunity to be part of a global team that values people excellence, innovative solutions, and operational excellence. Barry-Wehmiller provides a unique environment where you can grow your skills, work on impactful projects, and collaborate with some of the brightest minds in the industry. In addition, we are deeply committed to your personal and professional growth, fostering a culture that helps you achieve your full potential. You can also apply to this job using the below Workday link https://bit.ly/4kPFsa7 (if the link doesn't work, simply copy paste the link in your browser) To understand more about our people-first philosophy, you may like to watch this short video by our CEO, Mr. Bob Chapman, on Truly Human Leadership : Watch the video https://bit.ly/4kSLZkE (if the link doesn't work, simply copy paste the link in your browser)