827 Vulnerability Assessment Jobs - Page 24

Comcast brings together the best in media and technology We drive innovation to create the world's best entertainment and online experiences As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast, Job Summary Responsible for working with the Network and Systems Engineers to create, maintain and enforce security policies effecting the network Responsible for securing all information and information systems assets of the Company network infrastructure Design/install/operations of VPN, SoHo, WAF, IDS, DDoS, Partner Access Solutions, Network Security Stack powering Zero-Trust, Firewalls and microsegmentation protecting CCS operations infrastructure (SIEM, DataLake, WAF, IDS, SOC dashboards) Has in-depth experience, knowledge and skills in own discipline Usually determines own work priorities Acts as a resource for colleagues with less experience, Job Description Core Responsibilities Ensures implementation of security safeguards to the Company's IP network Security safeguards should be in accordance with industry standards, generally accepted business practices and Company security policies, Ensures Network and Systems Engineers follow security best practices when deploying/configuring hardware and software, Collaborates with the Network Operations team to ensure disaster recovery plans are viable and current, Works with the Network Operating Center to maintain up-to-date troubleshooting guides that pertain to security, Recommends policy for responding to security incidents along with a training program for those that might be involved, Researches new and/or updated technologies as they come available that pertain to our environment, Performs regular penetration tests and vulnerability assessments, Takes lead on security audits, both internal and external, Helps ensure that customer SLAs are met at all times Responds quickly to downtime situations, Communicates regularly with development and supports teams regarding system status and implementation schedules, Consistent exercise of independent judgment and discretion in matters of significance, Regular, consistent and punctual attendance Must be able to work nights and weekends, variable schedule(s) as necessary, Other Duties And Responsibilities As Assigned, Employees at all levels are expected to: Understand our Operating Principles; make them the guidelines for how you do your job, Own the customer experience think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services, Know your stuff be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences, Win as a team make big things happen by working together and being open to new ideas, Be an active part of the Net Promoter System a way of working that brings more employee and customer feedback into the company by joining huddles, making call backs and helping us elevate opportunities to do better for our customers, Drive results and growth, Respect and promote inclusion & diversity, Do what's right for each other, our customers, investors and our communities, Disclaimer This information has been designed to indicate the general nature and level of work performed by employees in this role It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications, Comcast is proud to be an equal opportunity workplace We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law, Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus Additionally, Comcast provides best-in-class Benefits to eligible employees We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most Thats why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality to help support you physically, financially and emotionally through the big milestones and in your everyday life Please visit the compensation and benefits summary on our careers site for more details, Education Bachelor's Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience, Relevant Work Experience 5-7 Years

The role supports full end to end software development cycle, from initial client engagement, through assessments and road-mapping, to longer term engagement in an advisory capacity. As an Application Security Consultants, the person should leverage the technical expertise of the security competencies, varied product and delivery capabilities Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Manage SaaS application configuration settings, integrations Build compliance requirements and SaaS Application security baselines. Perform continuous monitoring of applications identifying security vulnerabilities and address through remediation efforts Preferred technical and professional experience Validate and maintain incident response plans and processes to address potential threats Determine risks and remediation options with implemented SaaS applications Evaluate new applications to ensure implementation can meet security baselines

Job Track Description Requires formal education and relevant expertise in a professional, sales, or technical area. Performs technical-based activities. Contributes to and manages projects. Uses deductive reasoning to solve problems and make recommendations. Interfaces with and influences key stakeholders. Leverages previous knowledge and expertise to achieve results. Ability to complete work self-guided. College or university degree required. General Profile Requires knowledge and experience in field. Uses best practices and knowledge of business to improve products or services. Solves complex problems and takes a new perspective on existing procedures. Self-starter, requiring minimal guidance. Acts as a resource for colleagues with less experience. Functional Knowledge Requires conceptual expertise of theories, practices, and procedures. Business Expertise Has knowledge of best practices and team integration. Aware of the competition and what differentiates them. Impact Impacts a range of customer, operational, project or service activities. Works within broad guidelines and policies. Leadership Acts as a resource for colleagues with less experience. May guide small projects with manageable risks and resource requirements. Problem Solving Solves complex problems. Takes a new perspective on existing solutions. Exercises judgment based on the review of multiple information sources. reviewing many sources of information. Skills Clearly articulates difficult or sensitive information. Works to build consensus within a team. Responsibility Statements Supports the development of strategies for new client offerings. Ensures the effective use and application of resources. Assesses customer requirements and assists with the development of solutions. Reviews service and operating procedures to ensure compliance with industry standards and regulations. Works closely with the solutions team and sales, practice, and delivery leaders to develop the solution strategy and approach. Developing proficiency in market trends, best practices, and innovation. Performs other duties as assigned. Complies with all policies and standards. Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded:click here to access or download the form. Complete the form and then email it as an attachment toFTADAAA@conduent.com.You may alsoclick here to access Conduent's ADAAA Accommodation Policy. At Conduent we value the health and safety of our associates, their families and our community. For US applicants while we DO NOT require vaccination for most of our jobs, we DO require that you provide us with your vaccination status, where legally permissible. Providing this information is a requirement of your employment at Conduent.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Has advanced, specialized expertise within a range of analytical or operational processes. Completes assignments and facilitates the work of others. May coordinate assignments beyond work area. Proposes improvements to processes and methods. Acts as a lead, coordinating the work of others, but is not a supervisor. Works autonomously within established procedures. Functional Knowledge Has developed skills in a range of processes, procedures, and systems. Acts as a technical expert in some areas. Business Expertise Understanding of how best teams integrate and work together to achieve company goals. Impact Impacts a team, by example, through the quality service and information provided. Suggests enhancements to work procedures and practices to improve efficiency. Leadership Serves as a team lead. May allocate work to team members. Provides subject matter guidance to junior team members. Problem Solving Provides solutions to atypical problems with little or no precedent. Interpersonal Skills Exchanges information and ideas effectively. Uses tact and diplomacy when dealing with others. Responsibility Statements Supports emergency procurement processes as needed by the client. Monitors open requisitions, expedite, and closeout before turnaround. Works with stakeholders to ensure proper recommendation and documentation is received for the procurement process. Assists Team Leaders in extracting data for dashboard on process and reconciliation metrics. Provides supporting records and documentation to assist with audits. Ensures that adequate and updated process documentation and desktop procedures exist and are utilized. Contributes towards quality efforts and guides the quality verifiers team. Participates in first-level tasks and quality check tasks. Performs other duties as assigned. Complies with all policies and standards. Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded:click here to access or download the form. Complete the form and then email it as an attachment toFTADAAA@conduent.com.You may alsoclick here to access Conduent's ADAAA Accommodation Policy. At Conduent we value the health and safety of our associates, their families and our community. For US applicants while we DO NOT require vaccination for most of our jobs, we DO require that you provide us with your vaccination status, where legally permissible. Providing this information is a requirement of your employment at Conduent.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data ServicesMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Architect Solution Design, Compliance, and Security EngineeringWe are hiring GCP Security Architects with 7+ years of experience in designing secure GCP environments and integrating automated security across deployments. This role emphasizes applied engineering, platform security control implementation, and ensuring audit-ready, secure-by-default environments. Roles & Responsibilities:Design and implement secure, scalable GCP architectures.Configure and maintain IAM (roles, policies, IDP integrations, MFA, SSO).Establish secure configurations for VPCs, VPNs, Data Encryption (KMS), and Cloud Armor.Manage Cloud Security Command Center for visibility, governance, and incident response.Implement Cloud Operations Suite for logging, alerting, and security analytics.Conduct threat modeling, vulnerability assessments, and define remediation paths.Automate security checks and controls using Terraform, Cloud Shell, and CI/CD integrations.Collaborate with platform, DevOps, and risk teams to embed security into development lifecycles.Support audit preparation, policy compliance, and security documentation efforts.Review solution designs and assist with enforcing GCP security guardrails. Professional & Technical Skills: Analytical and detail-oriented with a strong problem-solving mindset.Strong communicator with cross-functional collaboration experience.Continuously stays updated with evolving cloud threat landscapes.Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders.Strong working knowledge of IAM, VPC SC, Cloud Armor, encryption practices, and security policy enforcement.Experience with Terraform, automated auditing, and log analysis tools.- Additional Information:Bachelors degree in engineering or computer science, Information Security, or a related field.Certifications such as Google Cloud Certified Professional Cloud Security Engineer is a must; CCSP preferred.- 7+ years in security roles, with 3+ years in hands-on GCP security delivery.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:- Expected to be an SME, collaborate, and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Develop and implement security policies and procedures.- Conduct security assessments and audits.- Monitor security incidents and respond to breaches promptly.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of security frameworks and compliance standards.- Experience in conducting risk assessments and vulnerability scans.- Knowledge of security tools and technologies.- Good To Have Skills: Experience with Security Incident Response.- Hands-on experience in implementing security controls and measures. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full-time education is required. Qualification 15 years full time education

Job Requirements Should have at least 5 years of professional experience in application security or a related field. Proven expertise in web and mobile security architecture, frameworks, and testing methodologies (e.g., OWASP Top 10). Extensive hands-on experience with implementing and scaling DevSecOps practices across CI/CD pipelines. Proficient in at least one programming and one scripting language, with the ability to review and guide secure coding practices. Experience working with bug bounty programs or vulnerability disclosure platforms is a strong plus. Ability to lead security reviews, influence engineering teams, and mentor junior security professionals is highly valued.

Role & responsibilities - Perform Application Security Testing - Perform Network Penetration Testing - Perform Vulnerability Assessment of Servers - Verify Scan results through manual testing - Co-ordinate with the clients for Project related queries - Undertake meeting with the client teams for discussing security issues and recommendations - Create detailed security reports - Keep track of project progress & send regular updates - Research on security tools - Create Security Knowledge base for the team - Participate in quality initiatives. Location: Pune-On Site Required Knowledge Areas: Web Application Security OWASP Top 10 Mobile Application Security – Mobile OWASP Top 10 NMAP/Port Scanning Vulnerability Scanning & Verification Web Traffic Interception (For Web/Mobile apps) SSL Security Tools Experience: Working knowledge of following tools is needed: Web Proxy Editors Network Sniffers Nessus Scanner Reverse Engineering Tools Mobile Application security tools – Either Android/IOS Any one Web Application Security Scanner. Certification Requirement: The candidate must possess any one of the following certifications: CEH/ ECSA/ OSCP Other Skills: The candidate should be good in: Documentation Communication Skills. Interested candidate can share their resume on hr@synradar.com or can connect on 8655620119 Immediate joiners are preferred

Position Overview: We are seeking a proactive IT GRC professional to strengthen our governance, risk, and compliance framework. This role involves ensuring regulatory compliance, conducting IT risk assessments, managing audits, and driving policy implementation across technology functions. Ideal candidates will have a strong understanding of SEBI, RBI, and other regulatory guidelines relevant to the broking industry, along with hands-on experience in IT controls, cyber risk, and compliance reporting. Role & responsibilities: Implement, and maintain IT GRC frameworks, policies, procedures, and controls. Tracking compliance / regulatory requirements and ensure on timely reporting and closure. Maintain and Update Technology activity tracker. Drafting of documentations likes policy, procedure and SOPs, reports. Co-ordinating with various teams for receipt of timely data/ information to various regulatory authorities. Managing IT/ Technology audit like System Audit, IT General Controls audit, and other technology compliances etc. Facilitates audits, coordinate with various internal and external stakeholders for audit related data. Liaising with auditors for any follow-up actions etc. Managing ISO 27001:2022, ISO 22301: 2019 internal and external audits, along with preparedness and review of relevant documentation. Knowledge of Application Security, Vulnerability Assessment and Penetration Testing. Co-ordinate with various technology teams for closure of observations. Evaluating the best industry practice followed and identify the various process improvements and implementations. Preferred candidate profile: 1) 6 to 10 years of experiences in Information Technology infrastructure, IT audits. 2) Experience in managing information technology management, GRC, System, ISO 27001:2022, ISO 22301: 2019, ITGC audit. 3) Candidate should have Good knowledge of SEBI, RBI, CERT- IN, and other regulatory guidelines and framework. 4) Good interpersonal, communication, documentation, presentation skills and problem solving skills.

Security Specialist Location: Hyderabad Position: 1 Experience: 4 to 8 years pre sales discussions and design security architecture based on customer requirement. Implement firewalls, anti-virus software, log management, authentication systems, content filtering, Professional IT certifications will be added advantage

Subject Matter Expert Location: Noida Position: 1 Experience: 2-4 years Act as a solution expert. Maintain Relationship with OEMs / distributors. Taking the valid lead from 20% to 60% (i.e., Deal Registration, Solutioning, PoC, BoM). Coordinating with the sales and technical teams to progress on opportunities created. Will carry bottom line targets. Post successful BoM finalization transfer the case to the respective sales team. Products : Veritas, Forescout, Forcepoint, Tenable, Ixia, Gemalto / Thales, etc..

Softwarez Technocrew is looking for Programmer (C# ASP. Net) to join our dynamic team and embark on a rewarding career journey. Develop software applications based on business requirements and technical specifications. Write clean, efficient, and maintainable code. Test and debug software applications to ensure they meet quality standards. Collaborate with cross-functional teams to design, develop, and deploy new features. Troubleshoot and resolve software defects and issues. Optimize software performance and ensure scalability. Conduct code reviews and provide constructive feedback to team members. Stay up-to-date with industry trends and emerging technologies. Document software designs, code, and technical specifications. Participate in agile development processes and contribute to continuous improvement.

ventureit global solutions is looking for Cybersecurity Specialist to join our dynamic team and embark on a rewarding career journey. A Cybersecurity Specialist is responsible for protecting an organization's information systems and networks from cyber threats such as hacking, data breaches, and viruses. The job duties may include: 1. Implementing and maintaining security measures such as firewalls, encryption, and intrusion detection systems. 2. Conducting risk assessments and security audits to identify vulnerabilities in the network. 3. Responding to security incidents and conducting investigations to determine the cause and impact. 4. Keeping up-to-date with the latest cybersecurity trends and technologies to ensure the organization stays protected. 5. Developing and implementing security policies and procedures to ensure the organization's compliance with industry standards and regulations. 6. Providing training and awareness to employees on cybersecurity best practices. 7. Collaborating with other IT and security teams to resolve security issues and integrate security into the overall IT strategy. The ideal candidate should have a strong technical background in cybersecurity, experience with security tools and technologies, and excellent problem-solving and communication skills.

Job Description Work with External Auditors as required, including facilitating interactions and documentation requests. Assist with compliance framework assessments including, but not limited to NYDFS, PCI DSS, SOC, SOX, GLBA, CIS, MTL and HIPAA. Coordinate external penetration test(s). Coordinate remediation of observations noted from Audit(s) or Gap Analyses. Conduct Internal Audits each quarter. Conduct New Product Audits. Review and edit policies as necessary, but no less than annually. Develop technical security training programs for application users, site security personnel, IT and HR staff globally. Coordinates audit activities with customers workload and schedule. Maintains the Internal Audit manual and leads updates to audit templates. Conducting investigations on irregularities and errors seen during the Audit. Conduct Table Top exercises including, but not limited to Business Continuity/Disaster Recovery and Incident Response. Update Risk Assessment(s) no less than annually. Complete internal vulnerability scans. Complete new hire training, including but not limited to KnowBe4 and BAI. Work with vendors, banks, partners as required to meet their compliance needs, including but not limited to, Questionnaires, RFPs, and Report Requests. Provide consultation and advisement to the business and project leads around compliance initiatives. Performance of other duties and responsibilities as assigned Comply with and enforce company policies and procedures Provide regular and predictable attendance considering any rights to leaves provided by law or company policy Perform all essential job functions without posing a direct threat of harm to yourself or others Effective written and verbal communication with subordinates, peers and supervisor Preferred candidate profile Demonstrate an ability to work under pressure to meet deliverables accurately and on time Excellent communication, interpersonal, organizational, time management and leadership skills Collaborate effectively with other teams within the Security and Compliance department, IT and the Organization Must be able to resolve problems on a daily basis, handle conflict and make effective decisions under pressure. Determination, Dependability, Integrity, Professionalism

Job Description: As a member of the Corporate technology Support - Workstation Vulnerability Remediation team, the Associate Systems Engineer will be responsible for day-to-day operational support with timely rollout of security patches, ensuring 100% compliance, drive and implement automation efforts in the Windows environment . This role will extensively support the U.S during business hours. This is a critical role that will work with cross functional teams on improving process, finding automation opportunities, working on exceptions with cybersecurity and other project-based requirements, in addition to the operational body of work. Essential Functions: Create software packages utilizing Bigfix, JAMF and SCCM Understands, follows and implements best practice methodologies for monthly OS patching and vulnerability remediations of 3rd party software s in the environment. Design and implement automated solution that take advantage of technology advances, allow cost reduction, standardization and commoditization. Drive innovation and collaboration with Operations partners globally to reduce redundant work and improve efficiency. Improve processes and support methodologies by assessing need and requirements. Manage, triage and drive resolution of Operations escalations. Be predictive, and drive reduction of those same escalations. Act as the point person for Exception Management/requests Willing to cover and support U.S. business timings extensively, sometimes over weekends for emergencies. Basic Qualifications Bachelors degree, OR 3-5 years of relevant work experience Preferred Qualifications Associate: 2-4 years of work experience Relevant work experience or a Bachelors

Job Summary : We're looking for a skilled .NET Developer with a strong background in Security Testing (DAST) to design, develop, and test secure web applications. The ideal candidate will have expertise in identifying and mitigating security vulnerabilities using DAST tools and techniques. Responsibilities : - Design, develop, and test secure web applications using .NET framework - Conduct Dynamic Application Security Testing (DAST) to identify security vulnerabilities - Analyze and mitigate security risks using DAST tools and techniques - Collaborate with cross-functional teams to ensure secure coding practices - Develop and maintain security testing frameworks and tools - Stay up-to-date with emerging security threats and trends - Participate in code reviews and ensure adherence to security best practices - Develop and deliver training programs on security testing and secure coding practices Requirements : - 5+ years of experience in .NET development with a focus on security testing (DAST) - Strong expertise in .NET framework, C#, (link unavailable), and related technologies - In-depth knowledge of DAST tools and techniques, such as OWASP ZAP, Burp Suite, and SQLMap - Experience with security testing frameworks and tools, such as NMap, Nessus, and OpenVAS - Strong understanding of web application security risks and vulnerabilities, such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF) - Excellent problem-solving skills and attention to detail - Strong communication and collaboration skills - Experience with Agile development methodologies and version control systems, such as Git Nice to Have : - Experience with cloud-based security testing tools and platforms, such as AWS Security Hub and Google Cloud Security Command Center - Knowledge of containerization and orchestration technologies, such as Docker and Kubernetes - Experience with DevOps practices and tools, such as Jenkins, Puppet, and Ansible - Certification in security testing or related field, such as OSCP, CEH, or CISSP What We Offer : - Competitive salary and benefits package - Opportunity to work with a talented team of professionals - Collaborative and dynamic work environment - Professional development and growth opportunities - Flexible working hours and remote work options

Cyber Security Trainer Location: Mumbai Days : Mon to Sat - 6 Days/Week Job Purpose The candidate will be responsible for delivering Cybersecurity trainings. Trainer also have the advantage of working on various consulting projects as well. Duties and Responsibilities Candidate will be part of the NII our Training Division and will report into the Training Lead / Director / Academics Head. He / She will deliver various trainings such as below but not limited to: Application Security Testing Vulnerability Assessment and Penetration Testing Secure Coding Practices - .NET, Java, PHP etc Digital Forensics Cybersecurity Threat Modeling SIEM ISO 27001 PCI DSS Candidate will be also responsible for developing new course material. Demonstrated ability to learn and adapt to new concepts in the following areas will be a significant advantage: Devops IoT Blockchain Academic / University Qualifications Graduate / Post Graduate in Computer Science Experience 1-4 Years Professional Certifications Candidates with any of the certifications will be preferred. OSCP / OSCE CEH CCNA CCNP CISSP CISA CISM ISO 27001 LA Knowledge on Tools Candidates should know any / or all the below tools. This will be an added advantage. Kali Linux Burp Suite Fiddler Netsparker Wireshark Nikto, Acunetix WAFW00f Backtrack Metasploit

Job Summary : We're looking for a skilled .NET Developer with a strong background in Security Testing (DAST) to design, develop, and test secure web applications. The ideal candidate will have expertise in identifying and mitigating security vulnerabilities using DAST tools and techniques. Responsibilities : - Design, develop, and test secure web applications using .NET framework - Conduct Dynamic Application Security Testing (DAST) to identify security vulnerabilities - Analyze and mitigate security risks using DAST tools and techniques - Collaborate with cross-functional teams to ensure secure coding practices - Develop and maintain security testing frameworks and tools - Stay up-to-date with emerging security threats and trends - Participate in code reviews and ensure adherence to security best practices - Develop and deliver training programs on security testing and secure coding practices Requirements : - 5+ years of experience in .NET development with a focus on security testing (DAST) - Strong expertise in .NET framework, C#, (link unavailable), and related technologies - In-depth knowledge of DAST tools and techniques, such as OWASP ZAP, Burp Suite, and SQLMap - Experience with security testing frameworks and tools, such as NMap, Nessus, and OpenVAS - Strong understanding of web application security risks and vulnerabilities, such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF) - Excellent problem-solving skills and attention to detail - Strong communication and collaboration skills - Experience with Agile development methodologies and version control systems, such as Git Nice to Have : - Experience with cloud-based security testing tools and platforms, such as AWS Security Hub and Google Cloud Security Command Center - Knowledge of containerization and orchestration technologies, such as Docker and Kubernetes - Experience with DevOps practices and tools, such as Jenkins, Puppet, and Ansible - Certification in security testing or related field, such as OSCP, CEH, or CISSP What We Offer : - Competitive salary and benefits package - Opportunity to work with a talented team of professionals - Collaborative and dynamic work environment - Professional development and growth opportunities - Flexible working hours and remote work options

We're HiringCTI Analyst! Responsibilities The Identify Service Line is responsible for identifying, assessing and analyzing all of the cyber threats and vulnerabilities that can affect the Group This Service Line is composed of three main activities: Cyber Threat Intelligence (CTI) Vulnerability Assessment Sandboxing You will be hierarchically attached to the IT Manager responsible of the CyberSOC team based in India and will daily refer to the Identify Service Line Team Leader based in India and the Identify Service Line Manager based in France. “ LocationMumbai Suburban, India Work ModeWork From Office ’ RoleCTI Analyst What You'll Do The Cyber Threat Intelligence Analyst will be in charge of delivering below services: Collect, analyze and exploit customized outputs from our Cyber Threat Intelligence partner and open-source intelligence to anticipate emerging cyber threats and get knowledge on threat actors, tactics, techniques and procedures: Performs cyber threat hunting on Indicators of Compromise (IoCs) through our security tools (EDR, SIEM, SOAR, etc.) to detect prior compromise. Ask for blocking IoCs in anticipation in our different security tools (EDR, Antivirus, Proxies, Email Protection solution, etc.). Communicate on vulnerabilities related to the software used in the Saint-Gobains scope. Update on a regular basis our software inventory in the scope of Vulnerability Assessment Service. Analyze on request the maliciousness of packages and files in our sandbox and formalize synthesis. Produce and communicate monthly KPIs on each activity What Were Looking For Bachelors Degree in Computer Engineering, Information Technology or any relevant certifications. Experience in investigating and reporting on cyber-attacks. Ability to demonstrate comprehensive, practical knowledge of research/collection skills and analytic methods. Strong technical skills with an interest in open source intelligence investigations and malware analysis. In-depth knowledge of security tools such as SIEM, IDS/IPS, web proxies, SIEM and firewalls. Team-oriented and skilled in working within a collaborative environment and with other Service Lines. Good sense of priorities and good sense of initiative. Rigorous and autonomous. Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range of stakeholders. Ready to make an impactš" Apply now and lets grow together! Show more Show less

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. We are seeking a skilled and detail-oriented Endpoint Patching Administrator to join our IT team. The successful candidate will be responsible for managing and maintaining the endpoint patching process using Tanium. This role is critical in ensuring that all endpoints within the organization are up-to-date with the latest security patches and software updates to protect against vulnerabilities. Primary Responsibilities Patching ManagementUtilize Tanium to deploy, manage, and monitor patches across all endpoints including desktops, laptops, servers, and other networked devices Assessment & ReportingRegularly assess the patch status of endpoints and generate detailed reports on patch compliance, vulnerabilities, and remediation progress Incident ResponseAct as a primary point of contact for patch-related incidents and vulnerabilities. Investigate issues arising from patch deployments and work towards their resolution promptly Configuration ManagementCreate, maintain, and update endpoint configuration baselines in line with organizational security policies Automation & ScriptingDevelop scripts to automate repetitive tasks related to patch management and endpoint maintenance CollaborationWork closely with IT security teams, system administrators, and other stakeholders to ensure coordinated efforts in maintaining secure systems DocumentationMaintain comprehensive documentation of all patching activities, configurations, procedures, and changes applied to endpoints ComplianceEnsure compliance with industry standards and regulatory requirements regarding system security updates Training & SupportProvide training sessions for team members on Tanium functionalities related to endpoint management. Offer support for troubleshooting issues related to endpoint patches Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so This role may require occasional after-hours work or on-call duties in response to critical vulnerabilities or emergencies. The position can be based either onsite or remote depending on company policies. Required Qualifications Undergraduate degree or equivalent experience 6+ years in Tanium and 2+ years in SCCM Experience with other endpoint management tools besides Tanium like SCCM or BigFix Knowledge of ITIL practices Solid understanding of operating systems (Windows/Linux/Mac) internals including system registry settings, file systems, processes/services management Familiarity with cybersecurity principles and practices including vulnerability management and threat mitigation strategies Proficiency in scripting languages such as PowerShell or Python for automation purposes Proven excellent problem-solving skills with the ability to troubleshoot complex technical issues effectively Proven solid communication skills both written and verbal; capable of explaining technical concepts clearly to non-technical stakeholders Preferred Qualification Experience working with Tanium for endpoint management

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. As a Senior Information Security Engineering Consultant, your responsibilities include administration, maintenance, architecture, and engineering related to on-premise and cloud security solutions. This includes, direct support, technical ownership, and leading others with regards to the platforms. Additional responsibilities as needed, but may include security posture review and analysis, security vulnerability scanning, monitoring and alerting development and tooling, and security incident response. Primary Responsibilities Work on-call and non-standard hours when necessary Support team leads and Subject Matter Expert (SME) for approaches, procedures, and implementation of Cybersecurity systems, specifically perimeter firewalls Be able to troubleshoot in highly complex, technical situations within an enterprise organization Be able to identify and mitigate risks Capable of formulating and implementing procedures and systems Be able to document and communicate on an expert level Have or be in process of obtaining advanced certifications pertinent to area of expertise Collaborate in the development of training content for issues related to IT Cybersecurity Develops and oversees the development of innovative approaches and solutions to complex problems and issues Supports the monitoring and responses to security incidents, offering expertise to ensure prompt and effective resolution Collaborates with director, managers, project managers, architects and other technical personnel to ensure mitigation of risks to the company Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Graduate degree or equivalent experience 6+ years of experience in IT Security for large enterprise environments 5+ years of experience with next gen/firewall (ex. Palo Alto) 5+ years of experience with WAN/LAN routing, switching, proxy and firewall environments Work experience as a system security engineer or information security engineer Proven solid planning and problem-solving skills Proven ability to troubleshoot in highly complex, technical situations within a matrixed organization Preferred Qualification CompTIA Security +, or related certification, PCNSE, CCNA, Network +

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. This Senior Information Security Engineer is a member of the UHC A&I Tech Infra, Cloud and Data Services team that supports US Health Group and Student Resources,. This engineer will work with 4000+ agents as level 2 support for security incidents and investigation. Their primary function will be to monitor and respond to all vulnerabilities in Tanium, Tenable, and Security Platform. In addition the engineer will have primary responsibility of all updates throughout the infrastructure for the UHC lines of business that ingests over 200,000 MB of logs for Windows and RHEL Servers. This engineer will also work in Service Now to monitor queues and work incidents to resolution. This engineer will be working in both on-premise and azure cloud monitoring security and compliance. This engineer will work throughout the organization to quickly remediate any daily findings of new vulnerabilities that arise and create daily reports to show updated findings and tasks for remediation. Primary Responsibilities Core Tasks: Tanium, Security Platform, TVM remediate all vulnerabilities, patching Maintain cadence of monthly patching schedule for updates to all environments Operate and maintain security systems to protect data and systems and ensure auditability and compliance Respond, analyze, and resolve outages, incidents and/or threats Fulfill service requests Deploy new, update existing, replace or decommission solutions Work in Microsoft Endpoint Configuration Manager (MECM) for patching and Vulnerability remediation Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualification Full time graduate Core Tasks: Tanium, Security Platform, TVM remediate all vulnerabilities, patching Maintain cadence of monthly patching schedule for updates to all environments Operate and maintain security systems to protect data and systems and ensure auditability and compliance Respond, analyze, and resolve outages, incidents and/or threats Fulfill service requests Deploy new, update existing, replace or decommission solutions Work in Microsoft Endpoint Configuration Manager (MECM) for patching and Vulnerability remediation Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so At UnitedHealth Group, our mission is to help people live healthier lives and make the health system work better for everyone. We believe everyone-of every race, gender, sexuality, age, location and income-deserves the opportunity to live their healthiest life. Today, however, there are still far too many barriers to good health which are disproportionately experienced by people of color, historically marginalized groups and those with lower incomes. We are committed to mitigating our impact on the environment and enabling and delivering equitable care that addresses health disparities and improves health outcomes — an enterprise priority reflected in our mission. #Nic #Nic

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience. Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModelingAbility to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Security TestingExperience with static and dynamic application security testing (SAST/DAST) tools Security ToolsProficiency in using security tools like Burp Suite, Nessus, or Fortify

About the Role: Grade Level (for internal use): 10 Key Responsibilities: Participate in planning, execution, and reporting phases of technical cyber based audits in line with industry standards and best practices. Ensure the timely and effective execution of all planned cyber and tech risk audits. Majorly drive the execution of audits fieldwork to ensure thorough and effective assessments of IT and cybersecurity controls by utilizing appropriate audit methodologies and tools (e.g., risk-based auditing, data analytics). Follow up on Management Action Plans (MAPs) / audit findings to ensure timely and effective remediation of identified issues. Assist the leadership in Risk Assessment activities and collaborate with stakeholders to help identify and prioritize key IT and cyber risks. Use of Data Analytics to analyse artifacts and derive the audit findings. Stay updated on emerging IT risks and controls, including cloud computing, cybersecurity threats, and data privacy regulations. Help document audit findings, audit reports, and participate in stakeholder meetings. Required Technical Skills: Proficiency in Networking, DLP, Endpoint and Cloud technologies (AWS, Azure, Google Cloud). Knowledge of cybersecurity principles and practices as well as sound understanding of Artificial Intelligence and its applications. Proficiency in Vulnerability Assessment and Penetration Testing (VAPT) and Red-teaming exercises. Extensive experience with IT Infrastructure technologies as well as sound understanding of Disaster Recovery and Resiliency. Proficiency in using audit tools and techniques (e.g., data analytics, risk assessment software). Soft Skills: Excellent interpersonal and communication skills. Strong report writing and documentation abilities. Ability to multi-task and work collaboratively with cross-functional teams. Strong project management and organizational skills. Qualifications: Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related field. Relevant certifications such as CISA, CISSP, or equivalent are preferred. Minimum of 6 years of experience in a similar role. Experience in technology audits, added advantage with a background in Big4 audit firms. Proven track record of leading technology audit projects and teams. What we offer: High visibility to leadership and the opportunity to make a significant impact. A collaborative and innovative environment. The chance to work on state-of-the-art technologies and solutions. A role that combines strategic thinking with hands-on execution. Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwideso we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Our benefits include: Health & WellnessHealth care coverage designed for the mind and body. Flexible DowntimeGenerous time off helps keep you energized for your time on. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), FINANC202.1 - Middle Professional Tier I (EEO Job Group)

We Have opening on both L2/L3 SOC Analyst Experienced SOC L3 Analyst is needed to expand our group. You will oversee managing and resolving complicated cybersecurity events that have been escalated from L1 and L2 Analysts as an L3 Analyst. To find the underlying cause of security events and offer suggestions for correction, you will be expected to conduct extensive investigations and forensic analyses. Key Responsibilities for this job: Represent the highest level of escalation for cybersecurity issues. To identify the underlying causes of occurrences, carry out comprehensive investigations and forensic analysis. Provide remediation advice and collaborate with L1 and L2 analysts to implement it into practice. Create and maintain playbooks and incident response plans. Conduct penetration tests and vulnerability assessments. Analyze and evaluate the organization's cybersecurity threats. Take part in security audits and assessments. Create and uphold security standards, rules, and procedures. Instruct and guide young analysts in incident response best practices. Knowledge and experience required: Bachelor's degree in computer science, Cybersecurity, or a related field. 5+ years of experience in a SOC environment, with a focus on incident response and forensic analysis. Strong knowledge of cybersecurity frameworks, such as NIST and ISO. Experience working with security tools such as SIEM, IDS/IPS, endpoint detection and response, and firewalls. Excellent analytical and problem-solving skills. Strong communication and collaboration skills. Relevant certifications, such as CISSP, GCIA, GCIH, and/or CISA are highly preferred. Preferred Tool: Rapid7, LogRhythm, Sentinel, Fortinet SOAR, etc Shift flexibility, including weekends and holidays (24*7) Jumping on the call with Vendors and other teams to discuss issues with partners/ to get their requirements and deliver the same in the form of projects Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility. Providing weekly/monthly reports to the Upper Management.