827 Vulnerability Assessment Jobs - Page 33

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data Services Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Architect – Solution Design, Compliance, and Security EngineeringWe are hiring GCP Security Architects with 7+ years of experience in designing secure GCP environments and integrating automated security across deployments. This role emphasizes applied engineering, platform security control implementation, and ensuring audit-ready, secure-by-default environments. Roles & Responsibilities: Design and implement secure, scalable GCP architectures. Configure and maintain IAM (roles, policies, IDP integrations, MFA, SSO). Establish secure configurations for VPCs, VPNs, Data Encryption (KMS), and Cloud Armor. Manage Cloud Security Command Center for visibility, governance, and incident response. Implement Cloud Operations Suite for logging, alerting, and security analytics. Conduct threat modeling, vulnerability assessments, and define remediation paths. Automate security checks and controls using Terraform, Cloud Shell, and CI/CD integrations. Collaborate with platform, DevOps, and risk teams to embed security into development lifecycles. Support audit preparation, policy compliance, and security documentation efforts. Review solution designs and assist with enforcing GCP security guardrails. Professional & Technical Skills: Analytical and detail-oriented with a strong problem-solving mindset. Strong communicator with cross-functional collaboration experience. Continuously stays updated with evolving cloud threat landscapes. Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. Strong working knowledge of IAM, VPC SC, Cloud Armor, encryption practices, and security policy enforcement. Experience with Terraform, automated auditing, and log analysis tools. Additional Information:Bachelor's degree in engineering or computer science, Information Security, or a related field.Certifications such as Google Cloud Certified – Professional Cloud Security Engineer is a must; CCSP preferred. 7+ years in security roles, with 3+ years in hands-on GCP security delivery. This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : One Identity Manager Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities: Expected to be an SME. Collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Facilitate training sessions to enhance team knowledge and skills. Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: Must To Have Skills: Proficiency in One Identity Manager. Strong understanding of cloud security principles and practices. Experience with identity and access management solutions. Familiarity with compliance frameworks such as ISO 27001 or NIST. Ability to analyze security incidents and develop mitigation strategies. Additional Information: The candidate should have minimum 5 years of experience in One Identity Manager. This position is based at our Jaipur office. A 15 years full time education is required. Qualification 15 years full time education

Hiring expert Product Security Engineers to be part of a young and leading Enterprise SaaS Product Company that s redefining the Loyalty domain! At Loyalty Juggernaut, we re on a mission to revolutionize customer loyalty through AI-driven SaaS solutions. We are THE JUGGERNAUTS, driving innovation and impact in the loyalty ecosystem with GRAVTY , our SaaS Product that empowers multinational enterprises to build deeper customer connections. Designed for scalability and personalization, GRAVTY delivers cutting-edge loyalty solutions that transform customer engagement across diverse industries including Airlines, Airport, Retail, Hospitality, Banking, F&B, Telecom, Insurance and Ecosystem. Visit www.lji.io to know more about us. As a Product Security Engineer, youll to ensure the security of GRAVTY throughout the development lifecycle. In this role, you will work closely with Engineering, DevOps, and Product teams to design and implement security controls, identify vulnerabilities, and drive secure coding practices. Your responsibilities will include and not limited to Lead and conduct Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, API, and infrastructure. Think like an attacker and simulate advanced threat scenarios to proactively identify security gaps. Utilize leading security tools such as Burp Suite, Acunetix, OWASP ZAP, Snyk, Wiz, and others. Leverage offensive security platforms and toolkits like Wireshark, Metasploit, Kali Linux, and more. Perform API and mobile platform security testing, including vulnerability discovery and exploit validation. Execute and document Open-Source Intelligence (OSINT) investigations. Collaborate closely with DevOps/Engineering to integrate security tools into CI/CD pipelines and promote DevSecOps best practices. Contribute to secure coding reviews and vulnerability triage, and assist in patch, compliance, and access control management. Monitor and respond to production security alerts and assist with security incident handling. To be successful in this role, you should have A Bachelor s degree in Engineering , preferably CS/IT. 1-3 years of proven experience in penetration testing and vulnerability management. Strong coding/scripting proficiency in Python, Java, Ruby, or similar. Familiarity with AWS cloud, Linux systems, Docker containers, and infrastructure security practices. Exposure to DevSecOps, including implementing security tools in CI/CD, and production environment protection. Experience in Secure Development Lifecycles, access controls, and patch & compliance frameworks. Industry-recognized certifications like CEH, eWPT, eWPTX, or equivalent are a plus. Excellent analytical, communication, and collaboration skills. A curious mind, a passion for security, and a knack for staying one step ahead of adversaries.

Responsibilities: Deliver engaging cybersecurity training (offline) Simplify core topics for beginners Guide learners in exam prep and concept clarity Address student queries and provide mentorship Support learners toward certification success

Role & responsibilities Security Integration Across SDLC: Collaborate closely with development teams throughout the SDLC to embed security best practices from design through deployment. Application Penetration Testing: Perform hands-on penetration testing of web, mobile, and API-based applications. Partner with developers to ensure effective and timely remediation of vulnerabilities. Senior Security Analyst Security Scanning & Analysis: Conduct Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) using industry-standard tools. Analyze and interpret results to support developers in remediation efforts. Code Reviews & Secure Coding: Participate in code reviews to identify insecure coding patterns and provide actionable feedback aligned with secure coding standards. Threat Modeling & Design Reviews: Facilitate security design reviews and threat modeling exercises to identify potential risks early in the development pro Preferred candidate profile We are seeking a highly skilled and proactive Senior Security Analyst to join our Application Security team. This role is critical in embedding security across the Software Development Life Cycle (SDLC) and ensuring the security of our applications through expert-level testing, review, and collaboration with development teams. The ideal candidate will possess a strong technical background in application security, excellent communication skills, and hands-on experience in penetration testing and secure coding practices.

Cybersecurity Specialist Summary Apply Now vijayawada Full-Time 5+ Years Industry IT/Security Responsibilities Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. About The Role Develop and manage security measures for networks, systems, and applications. The role includes conducting regular security audits and responding to security incidents. Qualifications Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. Skills Expertise in network security, firewalls, and intrusion detection systems. Proficiency in SIEM tools like Splunk or QRadar. Strong knowledge of compliance standards (ISO, NIST). Experience with vulnerability assessment and penetration testing.

Position Details- Position: VAPT Lead Experience: 8-12 years Job Location: Powai, Mumbai - WORK FROM OFFICE Number of Position 1 Description: We are looking for VAPT LEAD who will be responsible for running automated and manual security scans which include but not limited to SAST, DAST, IAST, Mobile, Web, API and ad-hoc pen-testing. The candidate will play a key role of integrating Security element in DevSecOps The role entails taking responsibility of analysing security vulnerabilities and capability to provide mitigation solutions to fix issues, providing guidance to application teams, and coordinating with cross functional teams across the platform. Responsibilities: Hands-on experience creating and implementing DevSecOps pipeline using CICD automation tools like Jenkins, Automated scanning tools, BurpSuite, and open source tools. Implement Application Cyber Security Controls/Policies developed by IT Security Team. Ability to demo security vulnerability to application teams. Drive application security issues to a resolution. Provide a clear guidance to application teams during vulnerability mitigation effort Conduct application security assessment on periodic intervals and for every release Collect and report status on application security assessments including milestones, deliverables, timing, tasks, risk areas, and status to Head of IT Security Categorize and recommend assessment strategies for existing and new application development Coach development and vendor teams on application security Develop user training material on secure coding and conduct training sessions Coordinate and execute IT security projects Integrate the Application and DevOps processes and CI/CD pipelines from early stages of the development lifecycle. Evaluating and on-boarding security tools such as SAST, vulnerability and open source scanning into the Security DevOps life cycle for multiple tech stacks. Contributing features to internally developed Cyber security tools, and integrate those tools into the Security DevOps pipelines. Driving continuous improvement for Security DevOps pipelines and processes, and to the Cyber security tools, services, and processes. Engage in security research in keeping abreast of the latest security issues for Cloud enabled enterprises Research best practices for a variety of technologies and document / advice on solutions for security for multiple teams Develop, improve and monitor system compliance with the IT framework for controls and levels of access Collaborate with internal teams to manage and mitigate security vulnerabilities and risks Collaborate with software engineering and digital team to deliver integrated security solutions, and improve developer security practices Collaborate on Red Team penetration testing of IT systems Essential Qualification: Tenable/Qualys tool experience is mandatory. Experience with Dockers, Kubernetes, Terraform Good to have Appsec, API Testing, Infra Cloud Security testing experience. Must have experience with a modern version control system such as: Git, Github, GitLab. CISSP, OSCP or other security certifications desired. Experience with infrastructure as code and technologies behind it (Terraform preferred) Must have 4+ years of progressive experience in computing and information security. Capable of analysing data from various data sources and generating reports, charts and graphs. • Proven experience with at least one of the following technologies: MySQL, Postgres, FireBase, Google Cloud Storage and willing to learn and fill in any gaps. Working knowledge of agile methodology, techniques, and frameworks, such as Scrum or Kanban Excellent people and project management skills. Strong communication and presentation skills. Strong analytical and problem-solving skills.

Sr. Engineer - Vulnerabity Management/Patching Linux Exp : 7+ Yrs Level L3 Role. Location: Madhapur - Hyderabad. Overview: IT Engineer who can do analysis, mitigation and remediation of all the identified vulnerabilities and security gaps to strengthen the security posture of SHI environment. The assigned team will speed up remediation to secure SHI environment from external and internal cyber threats. All the identified vulnerabilities and security gaps need to be fixed to mitigate the potential impact as per the criticality of the risk. Proposed two senior resource to perform vulnerability management and patching. The role will require the following including but not limited to: Review and understanding of the entire environment Having complete visibility of the inventory of environment Review Vulnerabilities identified by tool Analyze the Vulnerability Assessment report Isolate false positives Prioritize the risk remediation plan Identify the dependencies and conduct impact analysis of the Patches & Fixes Work along with the Application team for dependencies and impact Work along with Offshore and Onsite Ops team for remediation planning Work along with SOC and Infosec team for remediation and fixes Develop a plan to rectify the issues Build Security Playbooks for remediation process as per organization environment Implement required patches and fixes in Test environment and conduct the impact analysis After the successful testing implement fixes on production servers Guiding and helping in Automation and customization of remediation as much as possible Follow and adhere to ITIL Process Review the status of imports for patch implementations and follow up with IT Operations. Track the progress of regulatory compliance obligations and ensure their completion. Review deferred item status and revise or implement fixes. Monitor Vulnerability Management dashboards and reports. Please share CV : [email protected] .

WHAT YOU LL DO We are seeking a skilled and experienced Attack Surface Reduction Analyst with a strong background in penetration testing to join our cybersecurity team. The successful candidate will be responsible for identifying potential security risks and vulnerabilities in our organizations systems, applications, and networks, performing penetration testing, and facilitating and managing third-party penetration testing engagements. WHO YOU LL WORK WITH Attack Surface Reduction team helps and contribute to improve the security posture of H&M by operating within an Agile model. We play a crucial role in proactively identifying and help in mitigating potential security risks and vulnerabilities across H&Ms systems, applications, and networks, with the aim of preventing unauthorized access, data breaches, and other security incidents. Key Responsibilities: Conduct comprehensive vulnerability assessments (VA) and penetration tests (PT) on H&Ms systems, networks, and applications. Utilize industry-standard tools and methodologies to identify potential vulnerabilities and weaknesses in our attack surface. Collaborate with cross-functional teams to prioritize and remediate identified vulnerabilities in a timely manner. Experience in designing, implementing, and managing vulnerability management processes and workflows. Facilitate and manage penetration testing engagements with third-party vendors. Collaborate with other members of the cybersecurity team to develop and implement strategies to reduce our attack surface. Develop and maintain security policies and procedures for our organizations systems, applications, and networks. Monitor our organizations systems, applications, and networks for unauthorized access, suspicious activity, and other security threats. Stay up to date with the latest trends and developments in the field of cybersecurity, specifically related to attack surface reduction techniques. WHO YOU ARE We are looking for people with Bachelors degree in computer science, information security, or a related field. 6-10 years of experience in vulnerability scanning, vulnerability management, and penetration testing. Solid knowledge of common vulnerabilities and exposures (CVEs), common attack vectors, and security best practices. Strong knowledge of security assessment tools, vulnerability scanning, and penetration testing. Proficient in using industry-standard vulnerability assessment and penetration testing tools (e.g., Kali Distro, Qualys, Burp Suite, etc.). Familiarity with industry frameworks and standards, such as NIST, OWASP, and CIS. Effective communication skills, with the ability to clearly convey technical concepts to both technical and non-technical stakeholders. Excellent analytical, problem-solving, and communication skills. Relevant certifications , such as SANS, OSCP, OSEP, CompTIA Security+ or CREST are a plus. WHY YOU LL LOVE WORKING HERE At H&M, we are proud to be a vibrant and welcoming company. We offer our employees attractive benefits with extensive development opportunities around the globe. We offer all our employees at H&M attractive benefits with extensive development opportunities around the globe. All our employees receive a staff discount card, usable on all our H&M brands in stores and online. Brands covered by the discount are H&M (Beauty and Move included), COS, Weekday, Monki, H&M HOME, & Other Stories, ARKET, Afound. In addition to our staff discount, all our employees are included in our H&M Incentive Program - HIP. You can read more about our H&M Incentive Program here . In addition to our global benefits, all our local markets offer different competitive perks and benefits. Please note that they may differ between employment types and countries. JOIN US Our uniqueness comes from a combination of many things - our inclusive and collaborative culture, our strong values, and opportunities for growth. But most of all, it s our people who make us who we are. Take the next step in your career together with us. The journey starts here. *We are committed to a recruitment process that is fair, equitable, and based on competency. We therefore kindly ask you to not attach a cover letter in your application. ADDITIONAL INFORMATION This is a full-time position, starting in June 2025 . Apply by sending in your CV in English as soon as possible, but no later than the 30th of May 2025 . Due to data policies, we only accept applications through the SmartRecruiters or career page

Req ID: 319245 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a Security Analysis Senior Specialist to join our team in Noida, Uttar Pradesh (IN-UP), India (IN). Day to Day job Duties(what this person will do on a daily/weekly basis) Work as individual contributor in a team of Security Systems staff and help customers using ITIL methodology, process and ITSM tools following Standard Operating Procedures. In some situations, acts as a Lead for the account where he/she needs to directly work with ISM/CDE of the account along with the Manager. Timely reporting of issues to management and proactive approach for problem solving Responsible for Quality issues and find ways to mitigate gaps in process to avoid quality issues. Ensure all Service Management procedures are being followed by him/her and the entire team Builds deeper understanding of processes, procedures, customers and organization. Assists program or process development and implementation. Develops solutions to a variety of problems of moderate complexity. Applies research, information gathering and analytical and interpretation skills to problems of diverse scope. Works on assignments where considerable judgment and initiative are required in resolving problems and making choices, recommendations, or decisions. Involved with local or business specific engagement initiatives in support of broader programs Assumes responsibility to improve service, efficiency and quality of work. Contributes to area by ensuring quality of output. Basic Qualifications(what are the skills required to this job with minimum years of experience on each) User Access Provisioning, Good communication Skills & Customer Handling, Ticket Hygiene, Should have around 3 year of experiences on AD, Knpwledge Base Drafting, About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies.Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us atus.nttdata.com NTT DATA endeavors to make https://us.nttdata.comaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here. Job Segment Consulting, Technology

Role & responsibilities Minimum 3 years of overall experience 1+ years in Incident Management, Vulnerability Management, Bug Bounty & Cyber security analysis Assess and support severity assignment on reported vulnerabilities in line with the Common Vulnerability Scoring System (CVSS) Effectively communicating vulnerability findings to stakeholders, including technical and non-technical audiences Developing strategies to address identified vulnerabilities, including mitigation plans and timelines Coordinate the remediation of findings from the organizations Bug Bounty & Vulnerability Disclosure Programs working directly with whitehat researchers. Analyze findings to understand if our vulnerability scanners failed to identify them and work with the relevant to address any visibility gaps Identify missing security controls that could have mitigated the Bug Bounty finding and ensure correction is tracked to completion Mature the program through the onboarding of new assets Works closely with Risk Management teams to document identified risks and issues highlighted through Bug Bounty Program Maintains a working knowledge of key data security frameworks and regulations such as PCI (Payment Card Industry)/Logical Security guidelines and models, HIPPA (Health Insurance Portability and Accountability Act), (GDPR) General Data Protection Regulation, PII (Personally Identifiable Information), NIST CSF (Cyber Security Framework). Collaborates with Legal and Privacy Offices when critical data is at risk as a result of a Bug Bounty finding Maintain and follow runbooks for day-to-day activities

Job Description Design, develop, troubleshoot and debuSaaS Security Testing Services team is looking for Security Testing and Tools Engineers with various degree of experience in AppSec/Product Security field in Oracle India Development Center under the Oracle SaaS Cloud Security (SCS) organization. Oracle SaaS a.k.a. Oracle Cloud applications, built on machine learning, offer the most complete application suite with the best technology, enabling fast innovation with a modern UX and customer-first approach and one of the top strategic cloud services for Oracle. The SCS organization is responsible for securing enterprise-grade software services on behalf of our 25,000 customers, processing over 60 billion transactions per day. You will get the opportunity to join our efforts to reshape not only future of security testing and automation for Fusion App SaaS Services at Oracle but influence the security testing landscape across all the SaaS offerings. We are seeking hands-on, senior security analyst with the depth and breadth to evaluate complex web applications and technology stacks for security and build/code to address the security threats. You will have the opportunity to work in a cloud-scale environment using the latest security technologies/tools and collaborate with the best minds in the industry, to collectively stay ahead and respond to growing threats to cloud services. SaaS STS team will optimally engage in conducting white box/grey box application security testing - complementing what the development teams do in a more integrated and more coordinated setting through the security automation and tooling. SaaS STS team responsibilities will include implementation of Static Code Analysis, Dynamic App Security Testing/Fuzz Testing, Interactive / manual App security testing, facilitate automation of security verifications in CI/CD pipeline and evidence capturing for compliance audits. This position requires technical security knowledge and Cloud/DevSecOps or product development experience. Career Level - IC4 Responsibilities Job Requirements: MS or equivalent degree in computer science, or equivalent 6+ years of software engineering and technical leadership with proven results in software development, appsec and pen-testing Detailed exposure to web application pen test, forensics and intrusion handling The ideal candidate will have the following skills: Experience in product development or Security QA or penetration testing of Enterprise software, SaaS, IaaS or PaaS cloud services preferred Web application pen test, intrusion detection, vulnerability assessment Proficiency with Java, RESTful API, micro-services, Python. Experience in file system and operating system security analysis and attack vector detection Experience in database encryption methods and implementation, DB fuzzing and DB pen test Hands-on expertise on pen-testing of cloud applications and related infrastructure Understanding exploit mechanisms using CVEs for web services and microservices Should have worked on industry standard tools for security BURP, Web Inspect, Qualys, Nessus, REST API fuzzer, SAST tools etc. Ability to work in an agile and continuous software integration model. Security certifications like OSCP, LPT, ECSA, CISSP would be an added advantage Key Responsibilities You will work with Oracle Fusion Apps and other SaaS Services development teams to identify gaps in security testing and implement scalable solutions to improve security testing You will perform appsec and pen-testing of Oracle SaaS applications and infrastructure. You will implement automated security processes and security tooling in CI/CD pipeline. You will work with development teams and provide remediation mentorship to address any security findings You will evaluate and deploy new security tools and technologies to handle constantly evolving security threats landscape and support hyper-scale SaaS growth.

4–6 years of progressive experience in Information & Cyber Security, including Data Security, Identity & Access Management, or Security Operations in global settings. BFSI or banking experience is preferred but not mandatory.

Cyber and 3rd party risk manager About Amgen Amgen harnesses the best of biology and technology to fight the world’s toughest diseases, and make people’s lives easier, fuller and longer. We discover, develop, manufacture and deliver innovative medicines to help millions of patients. Amgen helped establish the biotechnology industry more than 40 years ago and remains on the cutting-edge of innovation, using technology and human genetic data to push beyond what’s known today. What you will do Role Description This is a lead role to support the risk management product team in identifying, analyzing, and mitigating IT-related risks to the organization. This role will involve working closely with various departments to ensure that risk controls are in place, policies are adhered to, and security standards are met. The IT Risk Analyst will assist in developing and maintaining risk management frameworks, performing assessments, and supporting regulatory compliance efforts. Roles & Responsibilities Risk Management Leadership Support the global risk management and third-party organization in leading a team of risk analysts performing tasks related to the global risk assessment processes. Risk Identification and Assessment: Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies. Assist in the identification and evaluation of risks associated with third-party vendors and partners. Maintain the IT risk register, documenting risks, issues, and remediation actions. Risk Mitigation and Monitoring: Recommend risk mitigation strategies and implement risk management controls across IT infrastructure. Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks and vulnerabilities. Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed. Compliance and Regulatory Support: Ensure compliance with relevant industry standards and regulatory requirements (e.g., GDPR, SOX, PCI-DSS, NIST). Assist in the preparation for audits by internal and external parties, providing documentation and evidence of IT risk management practices. Support the development and implementation of IT governance, risk, and compliance frameworks. Vendor Risk Management: Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications and Experience Education: Bachelor’s degree in information technology, Cybersecurity, Risk Management, or a related field. Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable. Experience 4-6 years of experience in IT risk management, IT auditing, or information security. Hands-on experience with risk management tools and frameworks (e.g., ISO 27001, NIST, COBIT). Skills and Competencies: Strong understanding of IT infrastructure, systems, and security best practices. Ability to assess technical and business risk related to information systems. Excellent problem-solving, analytical, and communication skills. Ability to communicate complex risk concepts to non-technical stakeholders. Ability to assess and interpret security-related clauses in third-party contracts, such as Security Requirements Schedules (SRS) Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, SOX, PCI-DSS). Technical Knowledge: Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools. Experience with security controls related to networks, databases, and cloud environments. Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills Collaboration with global teams What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

As an Application Developer, you will lead IBM into the future by translating system requirements into the design and development of customized systems in an agile environment. The success of IBM is in your hands as you transform vital business needs into code and drive innovation. Your work will power IBM and its clients globally, collaborating and integrating code into enterprise systems. You will have access to the latest education, tools and technology, and a limitless career path with the world’s technology leader. Come to IBM and make a global impact! Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Manage SaaS application configuration settings, integrations Build compliance requirements and SaaS Application security baselines. Perform continuous monitoring of applications identifying security vulnerabilities and address through remediation efforts Preferred technical and professional experience Validate and maintain incident response plans and processes to address potential threats Determine risks and remediation options with implemented SaaS applications Evaluate new applications to ensure implementation can meet security baselines

About The Role Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information ? Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails ? Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA’s (90-95%), response time and resolution time TAT ? ? Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Conduct vulnerability assessments using industry-leading tools (e.g., Nessus, Tenable, Qualys). Develop and maintain vulnerability management processes, Analyze assessment results to identify and prioritize risks. Perform penetration testing.

Hi, We are looking to expand our Cyber Security Team. Job Location is Faridabad Role & responsibilities Cyber security and network security testing including operation of test equipment in accordance with Regulatory Standards and requirements. use his/her expertise and experience for testing, planning and report writing. Responsible for contributing to accomplishment of department goals and objectives. Full ownership of timely delivery of project. collaborate with cross-Functional teams. Stay up to date with emerging threats, vulnerabilities, testing tools, guidelines. Recommend best practices. Provide training to other team members as needed. Conduct multiple projects within tight deadlines. Testing report preparation and review. Participate in incident response activities as needed. Preferred candidate profile Graduate in computer Science/Information Technology/ Cyber Security. Must be CEH (EC Council). Highly motivated and certified in Ethical hacking and Network Security/Cyber Security. Expertise in penetration tests, vulnerability assessments and security audits on various computer systems, networks and applications to identify potential security risks and vulnerabilities. Strong knowledge of network protocols, operating systems, and security technologies. Experience with security tools such as Metasploit, Nessus, burp Suite and Wireshark. Also, OWASP top 10. Excellent analytical, problem-solving, and communication skills. Teamwork and management. Willingness to travel if required. Salary and benefits: Salary will be based on competency Other Benefits Medical and Accidental Insurance Transport facility (Nearest Metro station) Food facility 5 days/week Interested candidate please share your updated resume to nikita.singh@nemko.com or apply to this job here on naukri.com

Position : Senior Cyber Security Engineer Location : Madurai Experience : 5+ Years Roles and Responsibilities: 1. Security Infrastructure Design: Develop and design security architectures for complex systems. Implement security solutions that effectively protect information systems and data. 2. Implementation of Security Measures: Deploy security technologies, including Firewalls, intrusion detection/prevention systems, antivirus software, and encryption solutions. Configure and manage security tools to detect and respond to security incidents. 3. Network Security: Implement and manage network security measures to protect against unauthorized access, attacks, and vulnerabilities. 4. Vulnerability Management: Conduct vulnerability assessments and penetration testing to identify and remediate security weaknesses. Develop and implement strategies for addressing vulnerabilities in a timely manner. 5. Identity and Access Management: Design and implement access controls to ensure only authorized users have appropriate access. Manage identity and access management solutions to protect against unauthorized access. 6. Security Policy and Compliance: Develop and enforce security policies, standards, and procedures. Ensure compliance with relevant laws, regulations, and industry standards. 7. Incident Response and Forensics: Participate in incident response activities, including investigation, analysis, and resolution of security incidents. Conduct digital forensics to identify the root cause of security incidents. 8. Security Awareness and Training: Provide security awareness training to employees to promote a security-conscious culture. Advise on best practices for maintaining security in daily operations. 9. Security Research and Evaluation: Stay informed about the latest security trends, threats, and technologies. Evaluate new security solutions and technologies for potential adoption. 10. Collaboration and Communication: Collaborate with other IT teams, departments, and stakeholders to implement security measures. Communicate security risks and recommendations to technical and non-technical audiences. 11. Impact study of various alerts and categorization based on priority. 12. Strong experience in managing Cyber Security within IT Application, Cloud, Network, IT Infrastructure, etc. 13. Having an active role in all aspects of the project - from first meeting with clients and identifying the Security issues to final recommendations and implementation of the Security change. 14. Good experience in troubleshooting and resolving issues related to Firewall, Cybersecurity Attack, Threat Management and etc 15. Good understanding of the current IT Security practices, threat analysis, privacy and risk policies especially covering Data Loss Prevention (DLP) and etc. 16. Consistently develop security procedures and standard operating documents related to IT Security Operations covering configuration, patching, troubleshooting guides etc. 17. Ability to handle high pressure situations with Good Analytical skills, Problem solving and Interpersonal skills. 18. Find cost-effective solutions to cyber security problems Required Skills and Qualifications: 1. More than 5 years of experience in the Cybersecurity of IT field 2. Strong understanding of network and systems security principles. 3. Proficiency in configuring and managing security technologies and tools. 4. Knowledge of encryption protocols, firewall configurations, and intrusion detection/prevention systems. 5. Experience with vulnerability assessment tools and methodologies. 6. Familiarity with security compliance frameworks (e.g., NIST, ISO 27001). 7. Understanding of identity and access management concepts. 8. Incident response and digital forensics skills. 9. Excellent problem-solving and analytical skills. 10. Strong communication and collaboration skills. Certifications: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Shift Timings: 8:30 AM to 5:30 PM / Monday to Friday Please share the CV with: careers@golden-hippo.com Website: www.golden-hippo.com

Hands on experience with Dockers, Git, Jenkins, Kubernetes and AWS/Azure/GCP knowledge. Hands on experience AKS, EKS, Openshift, Tanzu and Rancher Enterprise Cluster. Hands on Experience with Terraform and Infrastructure as Code Hands on experience in Linux/Database/scripting (Shell/Perl/Python) Hands on integration experience of ELK/SONARQUBE/Acunetix tools Understanding customer requirements and project KPIs Implementing various development, testing, automation tools, and IT infrastructure Planning the team structure, activities, and involvement in project management activities. Managing stakeholders and external interfaces Setting up tools and required infrastructure Defining and setting development, test, release, update, and support processes for DevOps operation Have the technical skill to review, verify, and validate the software code developed in the project. Troubleshooting techniques and fixing the code bugs Monitoring the processes during the entire lifecycle for its adherence and updating or creating new processes for improvement and minimizing the wastage Encouraging and building automated processes wherever possible Identifying and deploying cybersecurity measures by continuously performing vulnerability assessment and risk management Incidence management and root cause analysis Coordination and communication within the team and with customers Selecting and deploying appropriate CI/CD tools Strive for continuous improvement and build continuous integration, continuous development, and constant deployment pipeline ( CI/CD Pipeline) Mentoring and guiding the team members Monitoring and measuring customer experience and KPIs Managing periodic reporting on the progress to the management and the customer

As a member of the Infrastructure Reliability Engineering team - You are responsible to lead a team of system engineers who focused on Kubernetes, microservices architecture, and cloud technologies. As part of this self-driven team, you will support critical container Infrastructure and ensure the stability of services by performing dedicated maintenance activities. You engage in automation activities, perform root cause analysis (RCA), and remediation. Knowledge of production support process including incident/change/problem management, call triaging, and critical issue resolution procedures. Essential Functions Infrastructure life cycle management and Production Support of container, cloud technologies and orchestration platforms Knowledge of alerts and monitoring tools and system management tools for environments and configuration management and Cloud orchestration tools Hardening, securing the Kubernetes cluster with monitoring and auditing dashboards. Strong technical analytical and troubleshooting skills and possess an ability to explain technical concepts and provide guidance to staff. Proficient to expert scripting and automation skills converting manual and maintenance functions into fully orchestrated automation. Must have Strong Knowledge & experience in system monitoring techniques and tools supporting unattended operations. Ability to operate in complex, highly secure, and highly available, operations environments and interact with the technology domain experts required to maintain those environments. Excellent communication & interpersonal skills. Coaching other members of the support team, sharing technical and customer knowledge in a helpful and timely fashion Responsible for partnering with the Platform, Engineering and Delivery Teams to deliver seamless infrastructure support for all Visa business lines. Work closely with geographically distributed teams on technical challenges and process improvements. Security Remediation process (vulnerability assessment and patch management) Contribute to standardize and document operational procedures. Responsible for adherence of established ITIL practice such as Incident, Change, Problem and Release Management Be scheduled On-Call to support the infrastructure and our systems. Work on shift days ( Sunday to Thursday or Tuesday to Saturday from 9:00AM to 6:00PM) Provide strong leadership with a focus on attracting, motivating, and developing best-in-class talent. Mentor and coach teams to develop future leaders in alignment with company objectives. Balance both leading a team and engaging directly with the work needed to accomplish objectives. Assist direct reports with ongoing prioritization and resource allocation to ensure that the crucial business initiatives are delivered. Utilize leadership skills, problem solving and decision-making skills to facilitate and encourage participation of team members to meet objectives in congruence with approved standards and guidelines. Basic Qualifications 8+ years of relevant work experience with a Bachelor s Degree or at least 5 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 2 years of work experience with a PhD, OR 11+ years o

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Configure, manage, and support SailPoint IdentityNow (IDN) for provisioning, de-provisioning, role management, and access governance across the enterprise.Maintain and troubleshoot SailPoint IDN connectors for integration with various on-premise and cloud-based systems, such as Active Directory, SAP, Office 365, and AWS.Identity Lifecycle Management:Manage the entire identity lifecycle process, including user provisioning, role-based access control (RBAC), access reviews, and compliance reporting.Automate identity-related processes using SailPoint's workflows and policies to enhance operational efficiency.Access Request and Approval Workflow:Design, configure, and maintain user access request workflows, approval processes, and access certification campaigns in IdentityNow.Work closely with stakeholders to define and enforce role-based access policies, ensuring compliance with security best practices.Integration and API Management:Integrate SailPoint IdentityNow with enterprise applications and third-party tools using connectors, APIs, and out-of-the-box integrations.Collaborate with IT teams to integrate IAM solutions into the broader enterprise architecture and security ecosystem.Security & Compliance:Implement role mining, entitlement management, and access certification processes to maintain compliance with internal and external regulatory requirements.Generate reports and dashboards to track access violations, security events, and audit findings.Troubleshooting & Support:Provide support for any issues related to SailPoint IdentityNow, including troubleshooting and resolving user access, workflows, and integration problems.Participate in system upgrades, patches, and testing to ensure continuous functionality and security of the identity management system.Collaboration & Documentation:Work closely with stakeholders to gather requirements and design solutions that meet business needs.Document processes, configurations, and best practices related to SailPoint IDN administration and configuration.Training & Awareness:Provide training and knowledge transfer to the internal teams on how to effectively use SailPoint IdentityNow.Educate users on identity governance processes, including access requests, role management, and compliance. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityNow. Strong understanding of cloud security principles. Experience with security tools and technologies. Knowledge of regulatory compliance requirements. Hands-on experience in implementing security controls. Good To Have Skills: CISSP certification. Additional Information: The candidate should have a minimum of 3 years of experience in SailPoint IdentityNow. This position is based at our Bengaluru office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-. Provisioning and DeprovisioningAutomated User Onboarding:When a new user joins an organization, SailPoint can automatically assign the appropriate roles and permissions based on predefined rules.Deprovisioning:Automatically revoking access when a user leaves the organization or changes roles.2. Access ReviewsAutomate periodic access reviews, where managers or users themselves review the permissions they have in various systems to ensure compliance with security policies.3. Role ManagementAutomating the creation and management of roles and ensuring that roles are properly assigned based on business rules, job functions, or regulatory requirements.4. Policy EnforcementAutomating policies that define acceptable access rules and automatically enforcing them, such as ensuring users do not have conflicting access or excessive permissions.5. Lifecycle ManagementAutomatically handling the lifecycle of a user's access based on their status (e.g., employee, contractor, etc.), department, or organizational role.6. Custom Workflows and ApprovalsUsing workflows to automate approval processes, such as multi-step approval for granting access to critical systems.7. Scheduled JobsSailPoint allows you to automate jobs that need to run on a schedule, such as syncing identity data from external systems, updating entitlements, or importing logs.8. Integration with Other SystemsSailPoint can integrate with other enterprise systems (HRMS, CRM, etc.) and automatically sync user data and permissions across systems. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Strong understanding of cloud security principles Experience in implementing security controls in cloud environments Knowledge of industry security standards and best practices Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 7.5 years of experience in SailPoint IdentityIQ This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: . Provisioning and DeprovisioningAutomated User Onboarding:When a new user joins an organization, SailPoint can automatically assign the appropriate roles and permissions based on predefined rules.Deprovisioning:Automatically revoking access when a user leaves the organization or changes roles.2. Access ReviewsAutomate periodic access reviews, where managers or users themselves review the permissions they have in various systems to ensure compliance with security policies.3. Role ManagementAutomating the creation and management of roles and ensuring that roles are properly assigned based on business rules, job functions, or regulatory requirements.4. Policy EnforcementAutomating policies that define acceptable access rules and automatically enforcing them, such as ensuring users do not have conflicting access or excessive permissions.5. Lifecycle ManagementAutomatically handling the lifecycle of a user's access based on their status (e.g., employee, contractor, etc.), department, or organizational role.6. Custom Workflows and ApprovalsUsing workflows to automate approval processes, such as multi-step approval for granting access to critical systems.7. Scheduled JobsSailPoint allows you to automate jobs that need to run on a schedule, such as syncing identity data from external systems, updating entitlements, or importing logs.8. Integration with Other SystemsSailPoint can integrate with other enterprise systems (HRMS, CRM, etc.) and automatically sync user data and permissions across systems. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ. Strong understanding of cloud security principles. Experience with security architecture design. Knowledge of security compliance standards. Hands-on experience with security tools and technologies. Additional Information: The candidate should have a minimum of 3 years of experience in SailPoint IdentityIQ. This position is based at our Bengaluru office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Okta Identity Management Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:-Okta Workforce Identity Cloud (WIC) Administration:User Provisioning & Lifecycle Management:Administer and manage Okta Workforce Identity Cloud (WIC) for user provisioning, de-provisioning, and lifecycle management of internal employees and contractors.Design and implement user authentication flows, multi-factor authentication (MFA), Single Sign-On (SSO), and federated identity integrations to provide secure access to corporate applications.Access Management & Policy Enforcement:Configure and maintain access policies, including role-based access control (RBAC) and dynamic access policies based on user attributes and risk context.Implement Okta's Adaptive Authentication to assess risk levels and apply additional security controls based on user behavior.Integration:Integrate Okta WIC with on-premise and cloud-based enterprise applications (e.g., Office 365, Google Workspace, Salesforce, AWS) to enable seamless authentication and authorization.Ensure Okta integration with Active Directory (AD), LDAP, and other identity repositories to manage workforce access.Monitoring & Reporting:Monitor Okta's WIC platform for performance, security events, and access-related incidents.Generate reports on user activity, authentication logs, and security events to ensure compliance with internal and external regulations.Okta Customer Identity Solutions (CIS) Administration:Customer Identity Management:Administer and optimize Okta Customer Identity Solutions (CIS) for external customers, managing user registration, self-service access, and user authentication across web and mobile applications.Configure and customize customer-facing authentication flows, such as SSO, social logins (Facebook, Google, etc.), and multi-factor authentication (MFA).Customer Experience & Security:Collaborate with product and marketing teams to design a seamless, user-friendly registration and login experience for customers, while ensuring compliance with security and privacy standards.Implement adaptive authentication for customer identities to ensure secure and personalized access across applications and services.API & Developer Tools Integration:Leverage Okta APIs and developer tools to integrate Okta's Customer Identity capabilities with third-party services, such as customer relationship management (CRM) and marketing tools.Support customer-facing applications in scaling Okta-based authentication and user identity flows for optimal performance. Professional & Technical Skills: Must To Have Skills: Proficiency in Okta Identity Management Strong understanding of cloud security principles Experience with security architecture design Knowledge of identity and access management Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 5 years of experience in Okta Identity Management. This position is based at our Bengaluru office. A 15 years full time education is required. Qualification 15 years full time education