1507 Vulnerability Assessment Jobs

The Application Security Lead is responsible for identifying and addressing security vulnerabilities in the organization's software applications. You will be conducting security code reviews, implementing security testing methodologies, and collaborating with development teams to integrate security measures into the software development lifecycle (SDLC). Your key responsibilities will include conducting application security assessments, code reviews, and penetration tests to identify vulnerabilities. You will also be integrating security tools like SonarQube and Synk into the CI/CD pipeline, as well as collaborating with development teams to address security issues and promote secure coding practices. Additionally, you will be developing and maintaining security documentation, providing security training, and staying updated on emerging security threats. To qualify for this role, you should have a Bachelor's degree in Computer Science, Information Security, or a related technical field, along with 4+ years of experience in application security or related areas. You should be familiar with common security vulnerabilities, have experience with security tools, and possess knowledge of secure coding practices and encryption technologies. Strong communication skills and the ability to effectively communicate security risks to both technical and non-technical stakeholders are essential. Preferred skills include relevant security certifications such as GWEB, GWAPT, CEH, or OSCP.,

As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients" systems and networks. This position offers an exciting opportunity to work on challenging projects, collaborate with talented professionals, and contribute to the advancement of cybersecurity practices. You will perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) for clients" IT infrastructure, applications, and networks. Conduct thorough security assessments using industry-standard tools and methodologies, including but not limited to, Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Identify and exploit security vulnerabilities to assess the potential impact on clients" systems and data. Prepare detailed assessment reports outlining findings, risk levels, and recommended remediation measures. Collaborate with clients" IT teams to prioritize and address identified security issues in a timely manner. Develop and implement custom scripts or tools to enhance testing capabilities and automate repetitive tasks. Stay abreast of emerging security threats, vulnerabilities, and industry best practices to continually improve testing methodologies. Provide guidance and mentorship to junior security engineers, fostering a culture of knowledge sharing and skill development within the team. Requirements: - Bachelor's degree in Computer Science, Information Technology, or related field. - 2+ years of experience in cybersecurity, with a focus on Vulnerability Assessment and Penetration Testing. - Proficiency in using tools such as Nmap, Nessus, Metasploit, Burp Suite, and OWASP. - Hands-on experience with various operating systems, including Windows, Linux, and Unix. - Strong understanding of network protocols, web application architecture, and common security vulnerabilities. - Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar certifications preferred. - Excellent analytical skills and attention to detail, with the ability to prioritize and manage multiple tasks effectively. - Effective communication skills, both verbal and written, with the ability to convey technical concepts to non-technical stakeholders. - Proven track record of delivering high-quality security assessments and actionable recommendations.,

We are looking for a certified ethical hacker to assist in enhancing the security of our network against potential threats. Your main responsibility will involve evaluating our company's network, servers, and overall infrastructure to discover any vulnerabilities that may exist. As a certified ethical hacker, you must possess the knowledge and expertise in utilizing various network and security tools, along with a high-level comprehension of computer and network security principles. This includes a deep understanding of encryption and cryptography. Responsibilities Your duties as a certified professional ethical hacker will encompass the following: - Conducting ethical hacking and penetration testing - Performing vulnerability assessments - Analyzing malware - Collaborating with other penetration testers and information security analysts - Ensuring web application security - Executing social engineering tactics - Enhancing database security - Implementing reverse engineering techniques - Safeguarding network security - Conducting threat modeling and risk assessment Job Qualifications and Skill Sets The qualifications necessary for a certified ethical hacker are as follows: - A Bachelor's degree in computer science, information technology security, or a related field - Security certifications such as Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH) - Demonstrated proficiency in penetration tests, vulnerability assessment, and security monitoring - Knowledge of the OSI model, TCP/IP, HTTP, SSL, and wireless networking - Experience with common network infrastructure and security tools - Familiarity with web applications, including HTTP and SQL injection attacks - Understanding of security testing methodologies as per the EC-Council standards - Ability to thrive in a fast-paced work environment,

As an Internal Audit Manager, your primary responsibility will be to oversee and lead various audit programs focused on IT and IT Security. You will be tasked with developing and enhancing audit methodologies and checklists to align with industry best practices. Your role will involve spearheading audits related to Information Technology General Controls, Change Management, Application Development, Incident Management, Network Management, Vulnerability Assessment, and Cybersecurity. It will be essential to ensure that audits are conducted within the defined scope and completed on time. You will play a crucial role in overseeing and conducting a diverse range of audits, including operational, financial, IT, and compliance audits. Your strategic oversight and mentorship to audit teams will be vital in upholding and surpassing quality standards. Collaborating with process owners to design and implement effective controls to mitigate identified risks will be a key aspect of your role. Furthermore, meticulous documentation and continuous compliance with re-performance standards will be necessary by reviewing and updating work papers in the central repository. Tracking and reporting on the implementation of audit recommendations, engaging with stakeholders, and conducting thorough evaluations of processes, policies, SOPs, and applications to identify potential risks will be part of your responsibilities. You will be required to independently draft comprehensive audit reports, facilitate discussions with stakeholders, and build and maintain strong relationships with key stakeholders. Your role will encompass providing strategic support to the Chief Internal Auditor in various areas such as reporting, budgeting, project management, recruitment, and global reporting initiatives. Actively participating in key organizational initiatives, facilitating learning and development opportunities, driving risk awareness and control mindset, and supporting internal transformations for the IA function will also be essential aspects of your job. To excel in this position, you will need to possess essential qualifications such as CA, CIA, MBA, B.Tech, or B.E. from a recognized institution, along with professional credentials demonstrating expertise in IT audits. Additionally, technical proficiency, team management skills, analytical capabilities, independence, exceptional communication skills, strong leadership qualities, business acumen, and motivation are desired skills for this role. Experience or familiarity with AI, machine learning, cybersecurity principles, and practices will be advantageous. Your ability to leverage emerging technologies to enhance audit processes and risk assessments will be beneficial in driving the tech transformation within the Internal Audit function.,

You will be joining Kodo, a company dedicated to simplifying the CFO stack for fast-growing businesses through a single platform that streamlines all purchase operations. Trusted by renowned companies like Cars24, Mensa Brands, and Zetwerk, Kodo empowers teams with flexible corporate processes and real-time insights integrated with ERPs. With $14M raised from investors like Y Combinator and Brex, Kodo is on a mission to provide exceptional products, a nurturing environment for its team, and profitable growth. As a Dev Ops Engineer at Kodo, your primary responsibility will be to contribute to building and maintaining a secure and scalable fintech platform. You will collaborate with the engineering team to implement security best practices throughout the software development lifecycle. This role requires hands-on experience with various tools and technologies such as Git, Linux, CI/CD tools (Jenkins, Github Actions), infra as code tools (Terraform, Cloudformation), scripting/programming languages (bash, Python, Node.js, Golang), Docker, Kubernetes, microservices paradigms, L4 and L7 load balancers, SQL/NoSQL databases, Azure cloud, and architecting 3-tier applications. Your key responsibilities will include implementing and enhancing logging, monitoring, and alerting systems, building and maintaining highly available production systems, optimizing applications for speed and scalability, collaborating with team members and stakeholders, and demonstrating a passion for innovation and product excellence. Experience with fintech security, CI/CD pipelines, cloud security tools like CloudTrail and CloudGuard, and security automation tools such as SOAR will be considered a bonus. To apply for this full-time position, please send your resume and cover letter to jobs@kodo.in. Besides a competitive salary and benefits package, we are looking for a proactive, security-conscious, problem-solving Dev Ops Engineer who can communicate complex technical concepts effectively, work efficiently under pressure, and demonstrate expertise in threat modeling, risk management, and vulnerability assessment and remediation.,

As the functional specialist for Cyber Security Risk Management (CSRM) and Data privacy assessments (DPIAs), your responsibilities will include proactively reviewing ADL information security and related risks in terms of threats, vulnerabilities, and legal and regulatory compliance. You will be translating technical, legal, and regulatory obligations into a cohesive set of Security Controls, and communicating these requirements and implementation methodologies to relevant stakeholders. Additionally, you will be facilitating Risk Assessments on Applications, Network & Systems, and Regulatory matters, as well as coordinating Vulnerability Assessment and Penetration Tests (VAPT) and providing recommendations for risk remediation. Collaboration with Project Managers, Business Analysts, Architecture, and Support Teams will be crucial to ensure adherence to ADL's CSRM standards. You will also be responsible for integrating security into the Software Development Life Cycle, supporting staff education and awareness on Information security issues, influencing IT and Business staff behaviors to mitigate risks, reviewing and enhancing Information Security Controls within the organization, actively engaging in Assurance and Architecture discussions, and conducting Security awareness sessions. To excel in this role, you should have a strong understanding and experience in Information Risk Management, internal and external Audit, and Business (IT) Controls. Advanced knowledge of internal and external IT security standards, PCI standards, GDPR, various Privacy Laws, and compliances like ISO and BS is essential. You must also possess a robust understanding and practical experience in how CSRM impacts application development, operations, and IT Infrastructure. Effective communication and collaboration skills are critical for interfacing with various internal and external groups, including Third parties, Business, and IT, and networking globally across Group businesses. Technical expertise in security domains/technologies such as Infrastructure/Network security, Identity and Access Management, Business Impact Assessment, and knowledge of Data Security Standards like PCI DSS, GDPR, and Privacy Principles are required. You should be able to drive Platform/Application security and compliance initiatives as part of Project Engagements, and have the ability to anticipate and identify mitigation strategies for Risks. Education Qualification: - B.Tech in Computer Science and Engineering Certification required: - CISA, CRISC, or CISM,

As a Manager, Customer Success, Services, you will be responsible for driving consistency and alignment across Customer Success (CS) in Services by establishing new Regional Customer Success teams. These teams will play a crucial role in ensuring that customers achieve their desired outcomes and maximize the value of products and services. Your advocacy for the customer experience will be key in identifying and solving customer issues related to products in the fraud and card operations areas. Collaborating with cross-functional partners, you will address customer needs, develop tailored strategies to enhance customer satisfaction and retention, and build customer advocacy. The outcomes of your team's work will include generating qualified leads for value expansion and providing feedback for product and process improvements. By focusing on proactive engagement and personalized service, the Services Customer Success team aims to foster long-term relationships and contribute to the growth and safety of the Mastercard ecosystem. Your primary responsibilities will encompass three key areas: customer engagement, business growth, and technical and program readiness. In terms of customer engagement, you will identify optimization opportunities to drive customer value and strategic goals through products. You will articulate key performance indicators related to cost, performance, and optimization, along with the insights associated with them. For business growth, you will leverage Mastercard Services offerings to achieve customer goals and realize the value propositions of Mastercard products. Additionally, you will identify opportunities for introducing additional Mastercard products to enhance customer value potential and the impact of Network Product offerings. Your ability to evaluate business models, partnerships, and agreements will ensure that product business cases are financially viable and supported by solid data. Regarding technical and program readiness, you will develop training materials, thought leadership, and customer-facing playbooks that can be scaled internally and externally to support customer priorities and the Customer Success value proposition. You will translate complex technical capabilities into effective solutions that address customer needs in a clear and customer-centric manner, as well as gather and report customer feedback on product gaps and pain points to refine value propositions and improve products. To excel in this role, you should be skilled at leveraging insights from market analysis and customer engagements to inform strategic decisions, drive innovation, and sustain competitive advantage. Experience in using tools and technology for data analytics and business intelligence on cyber threats, fraud, risk, and vulnerability will be beneficial. You should have a proven ability to translate complex technical capabilities into effective solutions that address customer needs clearly and customer-centrically. Proficiency in analyzing customer metrics and leveraging data to drive customer success initiatives that contribute to mutual profitability and growth is essential. A successful track record of identifying opportunities for customers to enhance partnerships, creative thinking, and developing innovative solutions to complex customer challenges is required. You should be an enthusiastic individual who collaborates effectively with a diverse, high-performing team, fosters a winning and inclusive culture, and focuses on individual and team development. Advanced experience working with both large and emerging Technology, Financial Services, Acquirers/Processors, Service Providers, and digital platform partners will be advantageous.,

As a Cybersecurity Penetration Tester at our organization in Hyderabad, you will play a key role in supporting our security initiatives on an On-Demand or Hourly Basis. Your primary responsibility will be to conduct penetration testing on web applications, networks, and infrastructure to identify security vulnerabilities. Utilizing tools like Metasploit, Burp Suite, and other industry-standard tools, you will assess and improve our systems" security posture. Your findings will be documented, and security risks will be reported with clear remediation strategies to ensure effective resolution. Collaboration with internal teams is essential to address identified vulnerabilities efficiently. You will also be required to perform security audits and provide actionable insights to enhance security controls across the organization. Proficiency in utilizing Wiz, a Vulnerability Management Tool, for identifying and managing security risks will be preferred. To excel in this role, you should have proven experience as a Penetration Tester or Security Analyst with a strong background in vulnerability assessment. Proficiency in penetration testing tools such as Metasploit, Burp Suite, and knowledge of Wiz or similar vulnerability management tools will be beneficial. A solid understanding of network security, application security, and system hardening is required. Excellent analytical, problem-solving, and communication skills are essential for effective collaboration with internal teams. Your ability to work independently and deliver high-quality results within deadlines will be crucial for success in this role.,

At Medtronic, you can embark on a life-long career focused on exploration and innovation, all while advocating for healthcare access and equity for everyone. You will play a vital role in fostering a more connected and compassionate world through purpose-driven leadership. As a key member and technical leader in the field of medical device cybersecurity, you will be at the forefront of creating, deploying, and monitoring cybersecurity and information security solutions for Medtronic's medical devices and supporting IT infrastructure. Your responsibilities will include collaborating with external and internal cybersecurity researchers to identify and address vulnerabilities in Medtronic products and systems. Additionally, you will work closely with R&D teams to ensure comprehensive security risk assessments are conducted and appropriate solutions are implemented. You will also be responsible for developing project security management deliverables to comply with regulatory standards and effectively communicate cybersecurity technology to various stakeholders. Your duties may involve, but are not limited to: - Leading and executing cybersecurity-related activities related to products and devices, such as incident response, vulnerability assessments, and mitigation implementation. - Conducting product-level intrusion detection activities. - Performing product risk assessments in coordination with R&D teams and recommending specific security controls. - Participating in the development and testing of product security-related requirements and processes. - Managing security-related deliverables for regulatory bodies to ensure compliance with standards. - Evaluating and testing security risks throughout the development lifecycle. - Supporting emerging cybersecurity certification initiatives. - Maintaining and updating security documentation. - Creating and managing threat models using STRIDE. Requirements: - Bachelor's or graduate degree in computer science, computer engineering, electrical engineering, or a related field. - CISSP or similar certification, or equivalent demonstrated experience. - Experience in embedded devices vulnerability assessment, threat modeling, and risk scoring. - Formal education in cybersecurity and information assurance. - Minimum of 12 years of experience with at least 4 years in technical, cybersecurity-related roles. - Proficiency in security posture analysis, vulnerability assessment, penetration testing, and static code analysis. - Software product development experience and programming skills in languages such as C, C++, Python, Java, .NET, Go, Ruby, or Scala. - Understanding of national and international laws, regulations, and policies related to regulated medical device cybersecurity. - Familiarity with information security practices, risk management processes, cybersecurity principles, and incident response methodologies. In addition to a competitive salary, Medtronic offers a flexible benefits package that supports employees at every stage of their career and life. The company is committed to recognizing and rewarding employee contributions while providing a wide range of resources and compensation plans. Medtronic is a global leader in healthcare technology dedicated to addressing the most pressing health challenges worldwide. The company's mission of alleviating pain, restoring health, and extending life unites a diverse team of over 90,000 passionate individuals. Medtronic's commitment to diversity and innovation drives the team to engineer real solutions for real people, from the R&D lab to the factory floor and beyond.,

We are currently looking for a Lead TPM, Vulnerability Remediation & Patch Management for our team based in HDC, Hyderabad. As a Lead TPM, you will be responsible for overseeing and managing the end-to-end vulnerability management lifecycle to ensure our organization maintains a strong security posture through timely identification, prioritization, and remediation of vulnerabilities. The ideal candidate should have a minimum of 8-10 years of experience in technical program management, with a focus on vulnerability and patch management. Key Responsibilities: - Lead the Vulnerability and Patch Management Program, ensuring timely identification, assessment, and remediation of vulnerabilities across all systems. - Collaborate with various teams to ensure patches are applied promptly and effectively. - Utilize tools such as QUALYS, SEEMPLICITY, RAPID7 or similar tools for vulnerability detection and remediation operations management, reporting. - Have a working knowledge of Jira, ServiceNow, and advanced Excel for tracking and reporting purposes. - Regularly communicate progress to key stakeholders and leadership, sharing key reports including Vulnerability Exposure Reports, Patch Compliance Reports, Remediation Progress Reports, and Risk Posture Reports. - Define and continuously optimize vulnerability and patch management processes that align with industry best practices. - Collaborate with stakeholders across engineering, IT, security, and product teams to ensure seamless process execution. - Present vulnerability management and patching status to leadership in a regular cadence. - Identify potential risks and communicate them effectively to senior leadership, along with recommendations for mitigation. Key Qualifications: - 5+ years of experience in technical program management, focusing on vulnerability and patch management. - Hands-on experience with vulnerability management tools such as Tenable/Nessus, Qualys, Rapid7, Microsoft SCCM, WSUS. - Strong organizational, communication, and program management skills. - Proficiency in using Jira, ServiceNow, and Excel for tracking and reporting. - Ability to manage multiple stakeholders and drive alignment across various teams. - Proven experience in defining and optimizing processes to enhance security posture. If you meet the above criteria and are ready to work from the office in a hybrid model, attend in-person interviews, and take US calls while being a general shift employee, kindly share your profile with us. Please ensure to include the tech stack on top of your resume for consideration. Thank you.,

As an intern at CertCube, you will have the opportunity to engage in various cybersecurity activities to enhance your skills and contribute to the team's success. Your day-to-day responsibilities will include the following: - Conducting security assessments of web apps, mobile apps, and APIs to identify potential vulnerabilities and risks. - Keeping up with the latest cybersecurity trends through dedicated research efforts. - Writing informative and engaging blog posts on diverse cybersecurity topics for our CertCube Labs blogging platform. - Collaborating with the team to create cybersecurity user awareness sessions on social media platforms. - Assisting senior cybersecurity professionals in Vulnerability Assessment and Penetration Testing (VAPT) projects, including vulnerability management and reporting tasks. - Developing and maintaining detailed documentation of security assessments, findings, and remediation actions. - Staying abreast of the newest cybersecurity threats, vulnerabilities, and best practices to enhance the team's knowledge and preparedness. - Researching critical Common Vulnerabilities and Exposures (CVEs) and crafting Proofs of Concept (POCs) for assessment teams" use. CertCube, an ISO 9001:2015 certified company, is a leading IT security firm that offers immersive training programs aimed at equipping students with the practical skills needed to defend organizational systems, networks, web, mobile, and servers against active threats. Our mission includes spreading cybersecurity awareness globally through comprehensive IT security training. We pride ourselves on our focused approach, cutting-edge online learning environment, flexible training options, competitive pricing, and innovative delivery methods. In addition to training services, CertCube provides professional IT security solutions to safeguard organizations" people, processes, and technologies. With a rich history as a trusted penetration testing company, we have a solid track record of delivering high-quality projects for clients worldwide. Join us at CertCube and be part of a team dedicated to enhancing cybersecurity practices and protecting organizations from evolving threats.,

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute to achieving the teams goal. Responsibilities Direct Responsibilities Strong expertise in application security concepts and activities like Source Code Review (SAST) & Dynamic application vulnerability scanning (DAST). Good understanding of Information Security concepts and strategies. Knowledge of Secure Development methodologies and frameworks. Hands-on experience in penetration testing and tools like Apisan, WebInspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity Well-versed in conducting Security Review, Assessments and providing recommendations. Knowledge of OWASP, SANS standards. Executing IT risk assessment reviews, identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans. Experience in Process Improvement, Controls Enhancement and Reporting. Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate. Providing independent expert advice to the IT areas on application & data risk issues. Engaging with organization wide risk and control groups, including internal audit and territory control teams. Working with Technology stakeholders (including Production Support and Development teams) to identify the IT risks affecting the organization and formulate appropriate remediation strategies based on a full understanding of business exposure and compensating controls. Contributing Responsibilities Monitoring and oversight of existing IT risks, working collaboratively with stakeholders in ensuring plans are managed within timescales and escalating where appropriate. Managing relationships with Business and IT teams, chairing periodic meetings and being a point of contact for escalating to wider team members. Assistance with drafting of risk acceptance statements and coordinating sign-off from business and IT stakeholders. SPOC for security architecture meetings. Technical & Behavioral Competencies Excellent Interpersonal and presentation skills Strong in verbal and written communication Ability to liaise with cross-functional stakeholders globally Clear understanding of application and data security Must be flexible, independent, self-motivated Good analytical skills. Specific Qualifications (if required) CEH, SSCP, OSCP certified. Technical Graduate (Computer Science) Preferable.

Minimum qualifications: Bachelor's degree in Engineering or equivalent practical experience, Certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), 8 years of experience in delivering cybersecurity consulting services, 7 years of experience with executive, business development, market growth, and client relationship management, Preferred qualifications: Experience with articulating security and risk concepts to all audiences, including executives, Experience in driving consulting business generation with local business leadership and external contacts, Experience in performing engagement enablement, including scoping, structuring customized engagements, proposal writing, and drafting statements of work, Ability to manage expectations and build rapport with clients, at executive and C-levels, Excellent leadership skills with the ability to prioritize and execute methodically, engaging with the teams to deliver quality client experiences, Excellent communication skills, About The Job As a Security Consultant, you will be responsible for helping clients effectively prepare for, proactively mitigate, and detect and respond to cyber security threats Security Consultants have an understanding of computer science, operating system functionality and networking, cloud services, corporate network environments and how to apply this knowledge to cyber security threats, As a Security Consultant, you could work on engagements including assisting clients in navigating technically complex and high-profile incidents, performing forensic analysis, threat hunting, and malware triage You may also test client networks, applications and devices by emulating the latest techniques to help them defend against threats, and will be the technical advocate for information security requirements and provide an in-depth understanding of the information security domain You will also articulate and present complex concepts to business stakeholders, executive leadership, and technical contributors and successfully lead complex engagements alongside cross functional teams, In this role, you will collaborate with regional business and global consulting teams to enhance our brand and business, while also providing security engagement experiences You will report to the regional consulting leader for India, Japan, and Korea, Part of Google Cloud, Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services Mandiant's cybersecurity expertise has earned the trust of security professionals and company executives around the world Our unique combination of renowned frontline experience responding to some of the most complex breaches, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone, Responsibilities Build and manage a sustainable pipeline of opportunities for the Mandiant consulting business through local business leadership, business specialists and representatives, and channel partners ecosystem, Understand and qualify client needs, concerns, and identify opportunities to assist them with consulting services, Engage with C-level, business, technology and security leadership to assess their confidence in their cyber security Share Mandiants front-line experience and thought leadership to influence and shape perceptions, Understand Mandiant consulting services and pitch narratives on Mandiants differentiation, value add, expertise, and experience Share mission-moments and success stories with clients on real-life engagements to build trust and transparency, Own client relationships, engagement delivery, outcomes for all consulting engagements Provide support to clients, Project Manager/Engagement Lead (EL), Technical Lead (TL), and other consultants in addressing engagement risks and issues, Google is proud to be an equal opportunity workplace and is an affirmative action employer We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status We also consider qualified applicants regardless of criminal histories, consistent with legal requirements See also Google's EEO Policy and EEO is the Law If you have a disability or special need that requires accommodation, please let us know by completing our Accommodations for Applicants form , Show

Exclusive Walkin Drive for Security Engineer (AI) at Bangalore on 12th August 25 Greeting from Infosys BPM Ltd., You are kindly invited for the Infosys BPM:: Walk-In Drive on 12th August 25 at Bangalore(JP Nagar). Note: Please carry copy of this email to the venue and make sure you register your application before attending the walk-in. Please mention Candidate ID on top of the Resume https://career.infosys.com/jobdesc?jobReferenceCode=PROGEN-HRODIRECT-206442 Interview Information: Interview Date: 12 August 2025 Interview Time: 9 AM till 12 PM Interview Venue - Bangalore:: Infosys BPM Limited, #785,Ground Floor Axis Sai Jyoti, 15th Cross 100 Feet Road,Sarakki,1st Phase JP Nagar, Bengaluru, Karnataka560078 Landmark: Near Sindhoor Convention Centre Note: No Candidate parking facility available at JP Nagar recruitment center location. Documents to Carry: Please carry 2 set of updated CV (Hard Copy). Please carry Face Mask**. Mandatory to carry PAN or Passport for Identity proof. Job Description Job Title: Security Engineer AI CoE (Vulnerability Management & Penetration Testing) Experience: 2-3 yrs Location: Bengaluru Department: DTS - AI Center of Excellence (CoE) Employment Type: Full-time About the Role: We are seeking a proactive and detail-oriented Security Engineer to join our AI Center of Excellence (CoE) . In this role, you will work closely with AI product teams to identify, assess, and remediate security vulnerabilities across cloud-native and AI-driven platforms. You will play a key role in ensuring the security posture of our AI solutions through vulnerability scans, penetration testing, and secure DevOps practices. Key Responsibilities: Conduct regular vulnerability assessments using tools like Qualys , Nessus , or OpenVAS . Collaborate with product and DevOps teams to triage, prioritize, and remediate vulnerabilities in application and infrastructure layers. Assist in penetration testing activities and support red/blue team exercises. Implement security controls and best practices across Azure , AWS , or GCP environments. Contribute to secure CI/CD pipelines by integrating security checks and automating compliance. Maintain documentation of findings, remediation plans, and risk mitigation strategies. Stay updated on emerging threats, CVEs, and cloud security trends. Required Skills & Qualifications: 24 months of experience in cybersecurity , DevSecOps , or cloud security roles. Familiarity with vulnerability scanning tools and penetration testing methodologies . Basic understanding of cloud security principles (Azure/AWS/GCP). Exposure to OWASP Top 10 , CIS Benchmarks , and secure coding practices . Strong analytical and problem-solving skills. Good communication skills to collaborate with cross-functional teams. Preferred Qualifications: Certifications such as CEH , Security+ , AZ-500 , or AWS Security Specialty . Experience with SIEM tools (e.g., Splunk,Sentinel) and threat modeling . Knowledge of scripting for automation (Python, Bash, PowerShell). Exposure to AI/ML security or model risk management is a plus. What Youll Gain: Hands-on experience securing AI platforms and cloud-native applications. Opportunity to work with cutting-edge technologies in a fast-paced innovation hub. Mentorship from senior security architects and cloud experts. A collaborative environment focused on continuous learning and impact. Regards, Infosys BPM Recruitment team

The Forensic Analyst role will entail working closely with the investment research team across different sectors and geographies. Key Responsibilities: Deep dive into annual reports Assessment of corporate disclosures including exchange filings and MCA filings Report drafting and presentation of corporate governance findings to the team Aid the groups ESG and stewardship efforts Qualification & Skills: Chartered Accountant Excellent working knowledge of accounting & corporate governance best practices High degree of curiosity Strong analytical skills The above role is only for Chartered Accountants who have cleared in the last 12 months

about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Information Security Project Specialist ZSs India Capability & Expertise Center (CEC) houses more than 60% of ZS people across three offices in New Delhi, Pune and Bengaluru. Our teams work with colleagues across North America, Europe and East Asia to create and deliver real world solutions to the clients who drive our business. The CEC maintains standards of analytical, operational and technological excellence across our capability groups. Together, our collective knowledge enables each ZS team to deliver superior results to our clients. What Youll Do: Executes the end-to-end management of security projects: including resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What Youll Bring: Bachelors Degree required. 7 - 10 years of relevant work experience, including Information Security, project management (5+ years), and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. (CISM- Certified Information Security Manager, CompTIA Security+, Etc ) Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (Vulnerability Management, Identity and access management, Cloud Strategy & Governance, Data Security, Enterprise Risk Management, Asset Management, Security awareness & training) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk.

INFORMATION SECURITY PROJECT SPECIALIST The Information Security Project Specialist will be responsible for supporting the InfoSec project portfolio and the delivery of security projects for the IT department, primarily with a focus on Cloud Security. The role includes acquiring resources and coordinating the efforts of team members and enterprise stakeholders to deliver projects according to plan. What You'll Do: Executes the end-to-end management of security projects: including resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You'll Bring: Bachelors Degree required. 7 - 10 years of relevant work experience, including Information Security, project management, and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. Management of projects in AWS or other public cloud infrastructure desired. Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (ie. Cloud Security enhancements, Firewall implementation, Anti-Virus migration, MDM implementation, OS/Network hardening, etc.) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk.

SUMMARY Job Title: NET IQ - IAM & PAM Location: Mumbai Experience: 3-8Years Notice Period: Immediate to 60 Days Job Description: We are seeking a skilled Linux Security Engineer with hands-on experience in troubleshooting, vulnerability management, IAM/PAM systems, and automation scripting using PowerShell. The ideal candidate should have a strong understanding of SSL/TLS, risk mitigation, and penetration threat detection on Linux-based environments. Key Responsibilities: Perform Linux server troubleshooting including performance issues, system logs, and hardware/software faults. Conduct vulnerability assessments, manage security patches, and mitigate potential risks across enterprise infrastructure. Manage and configure SSL certificates and ensure secure communication channels. Utilize PowerShell scripting for automation, system configuration, and reporting. Implement and manage IAM/PAM solutions (NetIQ or equivalent) ensuring proper access control and compliance. Monitor and analyze security threats, penetration attempts, and work with SOC/IR teams to mitigate them. Maintain and update security documentation, procedures, and technical diagrams. Collaborate with cross-functional teams including DevOps, IT, and Security to enhance overall system security posture. Required Skills & Experience: Strong hands-on experience with Linux systems administration. Proven ability to troubleshoot Linux-based systems and resolve complex issues. Working knowledge of PowerShell scripting (including variants like "Power shell", "Power.shell", etc.). Familiarity with IAM/PAM tools like NetIQ, CyberArk, or equivalent. Deep understanding of security principles, risk assessment, SSL/TLS, patching, and penetration testing methodologies. Experience in handling security vulnerabilities and threat management. Good understanding of IT security compliance and best practices.

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role As a Lead Information Security Resiliency and Vulnerability Assessment & Penetration Testing Manager, you will be responsible for defining the scope for annual Vulnerability Assessment & Penetration Testing (VAPT) activity and handling end-to-end third party VAPT assessment activity. The selected applicant, would be accountable for managing organizations cyber resiliency and for implementing cyber resilience goals. Key Responsibilities Business Understanding: Understanding/Knowledge of information security domains, risks, mitigation and overall management. Experience and knowledge of servers, networks, security devices etc. Collaborate: Interaction with various stakeholders/teams on daily basis. Ability to communicate effectively with Heads of various teams. Proactively coordinating with different teams for tracking and closure of open observations and escalating when necessary. Vendor Management: Facilitating the vendor with requirements for carrying out the VAPT assessment. Vendor selection, evaluation and finalization for the annual Vulnerability Assessment & Penetration Testing (VAPT) activity. Candidate should review the draft reports shared by vendors and suggest if any changes required, Validation of final reports. Timely communication of final reports to relevant stakeholders. Qualifications & Skills Educational Qualification: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications: ISO27001, CISSP, CISM Compliance: Candidate should validate the security controls deployed across DC, DR, NDR and COLO environment and prepare the quarterly resiliency report to share with senior management. Synergize with Team: Ability to work collaboratively with different teams for closure of activities. Strong analytical and problem-solving skills. Experience in the banking domain will add an advantage. Strong understanding and hands-on experience of VAPT activity and Information Security resiliency. Communication skills: Excellent communication and interpersonal skills. About the Business Group ICICI Banks Technology Risk Management Group believes in providing services to its customers in the safest and secure manner keeping in mind that data protection and secure Technology for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is at the heart of building a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. The Bank also undertakes campaigns to create awareness among customers on security aspects while banking through digital channels.

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role Our support application team performs application vulnerability assessments and document vulnerabilities which were found and provides recommendations for remediation according to BFSI guidelines and industry best practices. As an Application Security Manager, you will provide guidance to the application team on application security best practices, support remediation effort and track open issues and follow up to ensure remediation. You will work along with cross functional business teams to get closure of identified gaps and utilize escalation matrix effectively wherever necessary. You will conduct application security assessment results review and mitigation approval. You will keep abreast of new technologies to ensure that the organization remains at the forefront of security. Key Responsibilities Support and Testing: Vulnerability Assessments & Penetration Testing (Automated + Manual) on business critical assets with security tools like BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc. Analysis: Perform in-depth analysis of VAPT results, Review assessment reports to provide risk mitigation & recommendations on that basis. Collaboration: Collaborate with the application team and provide them guidance on application security best practices, support remediation effort and track open issues and follow up to ensure remediation. Qualifications & Skills Educational Qualification: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent with relevant experience Certifications: OSCP Compliance: Knowledge of cyber security trends & hacking techniques, MITRE ATT&CK framework with hacker mindset. Network Security: Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Key Technologies: Familiarity with OWASP, SANS vulnerabilities along with its validations in source code and other security frameworks & Compliance, Knowledge of Networking concepts & Good understanding of latest Network /security technologies such as Cloud security and recent trends. About the Business Group ICICI Banks Information Security Group believes in providing services to its customers in the safest and secured manner, keeping in mind that data protection for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is built on the vision of creating a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. With this core responsibly, ICICI administer and promotes on going campaigns to create awareness among customers on security aspects while banking through digital channels.

Key Responsibilities Incident Response and Management: Lead the incident response process, including identification, containment, eradication, and recovery. Analyze and respond to complex security incidents and breaches. Conduct post-incident analysis and develop reports with recommendations to prevent future incidents. Security Monitoring and Analysis: Oversee the continuous monitoring of security alerts and events. Analyze logs and data from various sources (e.g., SIEM, firewalls, EDR, IDS/IPS) to identify suspicious activity. Perform advanced threat hunting and forensic analysis. Vulnerability Management: Conduct regular vulnerability assessments. Identify, prioritize, and remediate security vulnerabilities in systems and applications. Collaborate with IT and development teams to implement security patches and updates. Security Architecture and Engineering: Design and implement security solutions to protect the organization's networks, systems, and data. Develop and maintain security policies, standards, and procedures. Evaluate and recommend new security technologies and tools. Compliance and Risk Management: Ensure compliance with relevant regulatory requirements and industry standards (e.g., ISO 27001, NIST). Perform risk assessments and develop mitigation strategies. Document and maintain security controls and frameworks.Required Skills and Qualifications Technical Expertise: Advanced knowledge of cybersecurity principles, techniques, and technologies. Proficiency in using security tools such as SIEM, IDS/IPS, firewalls, and endpoint protection solutions. Experience with vulnerability management, penetration testing, and forensic analysis. Experience: Minimum of 7-10 years of experience in cybersecurity, with at least 2-3 years in an L3 or senior role. Proven track record of handling complex security incidents and leading incident response efforts. Experience in designing and implementing security architectures and solutions. Certifications: Relevant certifications such as CISSP, CISM, CEH, GIAC, or equivalent are highly desirable. Analytical and Problem-Solving Skills: Strong analytical skills with the ability to identify and mitigate security threats. Excellent problem-solving skills and the ability to think critically under pressure. Communication and Collaboration: Strong communication skills, both written and verbal. Ability to collaborate effectively with cross-functional teams and stakeholders.Preferred Skills and Qualifications Experience with cloud security (e.g., AWS, Azure, Google Cloud). Knowledge of scripting and automation tools (e.g., Python, PowerShell). Familiarity with regulatory requirements and standards (e.g., GDPR, HIPAA).

We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are seeking an experienced senior security researcher to help grow our team focusing on generating network content and developing new technologies to identify and block network threats. About the role: Develop network signatures that protect our customers against network-based threats and vulnerabilities Collaborate with the engineering and PM teams to develop new detection enhancements Build and improve tools to automate analysis tasks, simulation software and administer the lab environment to replicate attacks. Analyze network protocols to develop and/or update parsers when needed Publish technical blogs to spread awareness and help defenders with the necessary resources to protect their organizations. Mentor junior members of the team and network attacks About you: A minimum of 10 years of relevant experience is required. A Bachelors degree in Computer Science or equivalent field of study Significant experience with network rule creation like Snort Strong understanding of network protocols and security architectures Highly proficient in any scripting languages such as Python Strong understanding of the attacker landscape and knowledge of MITRE ATT&CK methodologies Experience with software validation/testing Excellent research and analytical skills Strong interpersonal skills and a collaborative work style Proficient in verbal and written communication careers.trellix.com Nice to have Vulnerability analysis experience Development experience to help build/maintain automated tools.

Job Description At AadiSwan, we are driving digital transformation in the financial services sector by specializing in lending solutions. Our innovative technology platforms empower financial institutions to streamline operations, enhance decision-making, and meet evolving market needs with precision. Our suite of products, including CredPro, CADPro, EWSPro, and ESMSPro, address critical aspects of financial management, from underwriting and risk assessment to regulatory compliance and ESG management. These solutions, built by experts with deep domain knowledge, are not only tech-driven but also rooted in a profound understanding of industry challenges and opportunities. With successful implementations across India and the Middle East, AadiSwan combines advanced automation with deep industry insights to enable clients to boost operational efficiency, reduce costs, and achieve faster time-to-market. The flexibility and scalability of our platforms ensure support for a wide range of business models, making us a trusted partner for institutions aiming to enhance their lending portfolios and expand their digital capabilities. Committed to empowering clients with the tools needed for nation-building, bridging the credit gap, and fostering sustainable growth, we invite you to join us on this journey towards redefining financial excellence and resilience. Role Description This full-time on-site role as a SAS Application Security Architect based in Delhi, India, entails overseeing the security aspects of SAS applications. Responsibilities include ensuring data integrity and confidentiality, implementing security measures against cyber threats, collaborating with cross-functional teams for designing and implementing security solutions, conducting risk assessments, and providing recommendations to enhance the security posture of SAS applications. Qualifications - Proficiency in SAS software and experience in application security - Knowledge of security protocols, encryption techniques, and vulnerability assessment - Strong understanding of cybersecurity best practices and industry standards - Ability to analyze security risks and develop appropriate solutions,

As a Specialist at CyberAssure Services (P) Ltd., your primary responsibility will be to conduct phishing simulations and assess vulnerability to social engineering attacks. You will play a crucial role in implementing security awareness training programs and providing recommendations to enhance the overall security posture of the organization. By analysing simulation results, you will identify trends, vulnerabilities, and areas for improvement, allowing you to develop effective strategies to mitigate risks effectively. It is essential to stay updated on the latest phishing trends and tactics to ensure the highest level of protection for the organization. Key Responsibilities: - Design and execute phishing simulation campaigns to evaluate employee vulnerability effectively. - Analyse simulation results to identify trends, vulnerabilities, and areas for improvement to enhance security measures. - Develop and deliver targeted training programs to improve employee awareness and response to phishing threats. - Create and disseminate awareness emails using the Salesforce email marketing tool to reach employees effectively. - Maintain phishing awareness content on the SharePoint site to keep information updated and easily accessible. - Conduct regular training sessions to raise awareness and share insights gained from phishing tests. - Collaborate with security teams to address false click situations for simulated phishing emails promptly. Requirements: - Minimum 3-5 years of experience in cybersecurity awareness, training, or a related field with at least 1 year of relevant experience in Phishing Simulation. - Proven experience with phishing simulation tools and conducting awareness campaigns. - Excellent communication, training, and presentation skills to effectively convey security information to employees. - Familiarity with Salesforce email marketing tool and SharePoint to create and disseminate awareness materials. - Experience with Proofpoint or Knowbe4 would be advantageous. - Strong analytical and problem-solving skills to identify and address security vulnerabilities effectively.,

As a Security Admin Engineer at Luminar Technologies, you will play a crucial role in designing, building, monitoring, and enforcing the security infrastructure of a rapidly growing US public company. Your responsibilities will revolve around ensuring the security, confidentiality, integrity, and availability of company data and systems. Collaborating with various functions within the organization, you will be at the forefront of designing security solutions to protect information from threats, ensuring business continuity, and regulatory compliance. A key aspect of your role will involve designing and implementing a Unified Security and Observability Platform (USOP) architecture, including forwarders, indexers, and search heads, to cater to the company's security and operational needs. You will configure and manage USOP applications, develop data ingestion strategies, and create dashboards, reports, and alerts to facilitate security monitoring and incident response. Additionally, you will design and implement architectures like UEM, MDM, CNAPP, EDR, and ZTNA to meet security and operational requirements, ensuring the secure monitoring and control of all endpoints. Your expertise will be crucial in analyzing security incidents, identifying vulnerabilities, and recommending strategies to enhance the company's security posture. Furthermore, you will collaborate with cross-functional teams to mitigate security risks, deploy and configure security tools, and maintain security policies, procedures, and standards in compliance with regulations and best practices. Staying abreast of the latest security trends and technologies, you will continuously assess and improve the company's security posture while providing 24x7 support for critical security incidents as part of an on-call rotation. To qualify for this role, you should possess a Bachelor's Degree in computer science, cybersecurity, or a related discipline, along with at least 7 years of relevant work experience. Your technical proficiency in designing and maintaining enterprise-level security infrastructure, knowledge of security concepts and principles, and familiarity with industry standards and regulatory requirements will be essential. Strong problem-solving skills, attention to detail, self-motivation, and excellent communication skills are also key attributes for success in this position. Preferred qualifications include advanced experience in security engineering roles, knowledge of advanced security tools and automation, familiarity with agile methodologies, and experience in Automotive, Finance, or High-Tech industries. Experience with autonomous vehicles or connected cars would be an added advantage, highlighting your potential to excel in this dynamic and innovative environment at Luminar Technologies.,