827 Vulnerability Assessment Jobs - Page 6

Position : Sr Risk Assessment Engineer Grade: F3/F4 Shift : US and ANZ Timezone Location : Chennai/Bangalore Position Summary: The Information Security Risk and Compliance lead is responsible for proposing, assessing and implementing various cybersecurity services in terms of risk management, ISO 27001, HIPAA, HITRUST. Need to have a strong understanding of security requirement in industry such healthcare, Pharma, patient services and life sciences. Job Description: Lead in assessing cybersecurity posture and maturity for client based on requirements and pain areas. Recommending cybersecurity strategy and architecture based on client's pain areas and risk assessments. Lead in performing information security risk assessment, tracking and monitoring the risk remediation. Collaborate with internal department of client in addressing and remediating various identified information security risk. Present complex cybersecurity solutions to clients in a clear, concise, and engaging manner, translating technical jargon into understandable benefits. Design and propose customized security solutions that address the client's unique challenge. Define and document security metrics and dashboard to measure and monitor cybersecurity KRI and KPIs. Develop, Implement, and maintain control requirement basis standards such as ISO 27001, HIPAA, HITRUST. Review and update current information security policies and procedures. Create and oversee the implementation of new security and compliance policies and procedures. Profile Description: Strong expertise in cybersecurity principles and best practices Thorough understanding of various security standards, framework, and certifications/attestations e.g., ISO 27001, HIPAA, HITRUST. Thorough understanding of various IT and Information security risk assessment framework/standards In-depth knowledge of various security tools and technologies In-depth understanding of various firewall and vulnerability assessment solutions Top-notch communication skills, both written and verbal, to deliver presentations and consult with diverse client. Excellent analytical and problem-solving skills. Ability to develop security standards and guidelines based on best practices and industry standards for existing and new technologies. Security certifications (e.g., CISSP, CISA) would be added advantage. Stay up to date on the latest cyber threats and vulnerabilities. Familiarity with common tech stacks Understanding of various virtualization tools like PowerBI, Tableau and tool like PowerShell, Python would be added advantage. Engineering in Computer Science, or relevant field We are Mindsprint! A leading-edge technology and business services firm that provides impact driven solutions to businesses, enabling them to outpace speed of change. For over three decades we have been accelerating technology transformation for the Olam Group and their large base of global clients. Working with leading technologies and empowered with the freedom to create new solutions and better existing ones, we have been inspiring businesses with pioneering initiatives. Awards bagged in the recent years: Best Shared Services in India Award by Shared Services Forum 2019 Asias No.1 Shared Services in Process Improvement and Value Creation by Shared Services and Outsourcing Network Forum 2019 International Innovation Award for Best Services and Solutions 2019 Kincentric Best Employer India 2020 Creative Talent Management Impact Award SSON Impact Awards 2021 The Economic Times Best Workplaces for Women 2021 & 2022 #SSFExcellenceAward for Delivering Business Impact through Innovative People Practices 2022 For more info: https://www.mindsprint.org/ Follow us in LinkedIn: Mindsprint Required abilities Physical: Other: Work Environment Details: Specific requirements Travel: Vehicle: Work Permit: Other details Pay Rate: Contract Types: Time Constraints: Compliance Related: Union Affiliation:

This role involves utilizing the Qualys tool for report shared by Group team, analysis and reporting to ensure the security and compliance of our systems. KEY RESPONSIBILITIES: Conduct regular vulnerability assessments based on the Qualys tool report received by Product team to identify security weaknesses in systems and applications. Relevant request to be raised thorough silva. Highlighting issues with the Scanned report to Product team and resolve it immediately. If issue not getting resolved, then escalate it to right stakeholder. Analyze scan results and generate comprehensive reports detailing vulnerabilities, potential impacts, and remediation recommendations/Action plan with dates. Collaborate with IT, Partner, Business and Security teams to prioritize and address identified vulnerabilities based on risk assessments and business impact. Monitor and track remediation efforts on weekly / monthly basis to ensure vulnerabilities are resolved within defined timelines. Maintain and update documentation related to vulnerability management processes, policies, and procedures. Stay current with industry trends, threats, and vulnerabilities to provide informed recommendations and enhancements to the vulnerability management program. QUALIFICATIONS: Bachelors degree in information technology, Cybersecurity, or a related field. 4-7 years of experience in vulnerability management or security operations. Familiarity with vulnerability scanning tools, particularly Qualys. Understanding of security frameworks and standards (e.g., NIST, ISO 27001). Strong analytical and problem-solving skills with attention to detail. Relevant certifications (e.g., Vulnerability Management, Certified Ethical Hacker (CEH), or similar) are a plus. To succeed in this role, you should have the following skills and experience Soft Skills Exceptional communication and interpersonal skills, with the ability to collaborate effectively with stakeholders at all levels. Cross-cultural etiquette, customer centric and collaborative mindset. Good command of stakeholder management, judgement, conflict resolution, risk & mitigations. Excellent team player skills.

Seeking a skilled Vendor Assessment and Penetration Tester to join our Cyber Security team. The individual in this role will be responsible for evaluating the overall security posture of third-party vendors, conducting penetration tests on external systems, applications, and services, and ensuring compliance with security standards KEY RESPONSIBILITIES 1. Representative from Security across the organization for performing Risk Assessments for any new projects from IT/Infrastructure/Security point of view. 2. Work with the AppSec team for the Vulnerability Assessment and Penetration Testing on Web Applications, APIs, Mobile Apps and Cloud Environment. Also ensure Application Source Code is scanned as per Security Best Practices. 3. Work along with the Server & Application team for Vulnerability & Configuration Assessment, Firewall Rule Review and Baseline Standards review. 4. Work Along with endpoint and server team for Freeware and License Softwares/applications assessment and installation. 5. Collaborate with the Development Team, IT and Business Stakeholders for tracking, remediation of the open issues and bring to closure. 6. Ensure adherence to Compliance Standards such as ISO 27001, NIST, OWASP, etc. 7. Provide technical guidance and mentor ship to VAPT team. 8. Review the Security Assessment Reports, escalate and follow up with stakeholders for mitigation. 9. Understand the organizations infrastructure and perform deep dive analysis of the processes, tools & technologies and identify the associated risks. 10. Document the risks and associated controls in place (risk register). 11. Knowledge on Attack Surface Management, Breach Attack Simulation & Bitsight Monitoring. 12. Knowledge of WAF with OWASP Top 10 vulnerabilities and Virtual Patching for reducing the Risk Exposure. 13. Hands on experience on Security Tools such as Tenable Security SC, Nessus, Qualys VMDR etc. 14. Assist in other BAU activities based on the feasibility. 15. Manage Vendor Relationship and security assessments for third party applications. 16. Stay updated with emergency cybersecurity threats, exploits and security trends to enhance the security posture. MANDATORY SKILLS REQUIRED 1. Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience). 2. Proven experience in performing penetration tests and security assessments, with a strong understanding of common attack vectors. 3. Strong knowledge of web application security, network security, and common vulnerabilities (e.g., OWASP Top 10). 4. Hands-on experience with penetration testing tools (e.g., Burp Suite, Kali Linux, Metasploit, Nmap, etc.). 5. Familiarity with risk management frameworks (e.g., NIST, ISO 27001, CIS). 6. Familiar with Web Application Firewall, Incident troubleshooting and Virtual Patching. 7. Knowledge of vendor risk management processes and frameworks. 8. Understanding of cloud security, network infrastructure, and security compliance regulations. 9. Ability to analyze complex security issues and clearly communicate them to non-technical stakeholders. 10. Certifications such as OSCP, CEH, CISSP, or similar are a plus.

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Enterprise Architecture Strategy Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :The Datacenter Services Enterprise Architect is responsible for designing, managing, and optimizing on-premises datacenter infrastructure. This role ensures the datacenter's reliability, scalability, and security while aligning technology strategies with business goals. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Ensure the security of applications and make recommendations to enhance security measures.- Collaborate with stakeholders to understand application security requirements.- Design and implement application security solutions.- Conduct security assessments and vulnerability testing.- Develop and maintain application security policies and procedures. Professional & Technical Skills: Performing infrastructure design, strategy, and services and participating in the implementation of computer system, network, storage, and security infrastructure Suggesting ideas to reduce IT costs in current environment.The DCS architect must demonstrate the capacity to develop a robust server and storage architecture.Identify the technical gaps in the IT environment & suggest the industry best practice.Collaborate with key stakeholders to understand business needs and translate them into technical solutions.Maintaining a functional relationship with multi-disciplinary teams to support overall resource efficiency Ensure high availability, disaster recovery, and business continuity.Leading and supporting data center virtualization ( VMware & Windows), service delivery, automation, and implementation.Manage vendor relationships and evaluate modern technologies for potential integration.Provide technical guidance to internal teams and stakeholders.Communicating effectively with technical and non-technical people to ensure that everyone understands the benefits and limitations of technology and data solutions.Exhibit strong problem-solving and leadership skills Additional Information:18+ years of experience in Enterprise datacenter operations & Architecture.Require a comprehensive understanding of technology and business strategy and prior work experience involving project management and leadership.Expertise in server infrastructure like Dell, HP, IBM, UCS etc. Operational experience in windows, VMware, SQL Database, storage. Good knowledge of networking technologies.Understanding of Cloud concepts.Working experience of Software and hardware lifecycle management.Proficiency in any of the virtualization platforms such as VMware, Hyper-V, or KVM etc.Good understanding of operating systems like Windows, Linux, and knowledge of the database technologies like SQL, Oracle etc.Good Understanding of automation tools like Ansible, Puppet , PowerShell etc. Good understanding of system monitoring solutions like Nagios, SolarWinds etc.Knowledge of datacenter power, cooling, and environmental considerations Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : One Identity Manager Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in One Identity Manager.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR.- Ability to analyze security incidents and develop effective response strategies. Additional Information:- The candidate should have minimum 3 years of experience in One Identity Manager.- This position is based at our Jaipur office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Python (Programming Language) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will be responsible for designing, building, and configuring applications to meet business process and application requirements. Your typical day will involve collaborating with teams to develop innovative solutions and ensure seamless application functionality. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead the application development process- Conduct code reviews and ensure coding standards are met- Implement best practices for application security Professional & Technical Skills: - Must To Have Skills: Proficiency in Python (Programming Language)- Strong understanding of software development lifecycle- Experience with database management systems- Knowledge of cloud computing platforms- Hands-on experience with application testing methodologies Additional Information:- The candidate should have a minimum of 5 years of experience in Python (Programming Language)- This position is based at our Hyderabad office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Prisma Access Secure Access Service Edge (SASE) Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills.- Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- Strong understanding of cloud security principles and frameworks.- Experience with security architecture design and implementation.- Knowledge of compliance standards such as ISO 27001, NIST, or GDPR.- Familiarity with risk assessment methodologies and tools. Additional Information:- The candidate should have minimum 12 years of experience in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- This position is based at our Chennai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNowMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Additionally, you will assess and refine security protocols to adapt to evolving threats and compliance requirements, contributing to a secure and resilient cloud infrastructure. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security practices.- Conduct regular assessments of cloud security measures to identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Good To Have Skills: Experience with SailPoint IdentityNow.- Strong understanding of cloud security frameworks and best practices.- Experience in risk assessment and management related to cloud environments.- Familiarity with compliance standards and regulations relevant to cloud security. Additional Information:- The candidate should have minimum 12 years of experience in SailPoint IdentityIQ.- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Tech Support Practitioner Project Role Description : Act as the ongoing interface between the client and the system or application. Dedicated to quality, using exceptional communication skills to keep our world class systems running. Can accurately define a client issue and can interpret and design a resolution based on deep product knowledge. Must have skills : Endpoint Protection Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Tech Support Practitioner, you will act as the ongoing interface between the client and the system or application. Dedicated to quality, using exceptional communication skills to keep our world-class systems running. You can accurately define a client issue and interpret and design a resolution based on deep product knowledge. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work-related problems.- Provide timely and effective technical support to clients.- Troubleshoot and resolve endpoint protection software issues.- Collaborate with internal teams to enhance system performance.- Document and maintain technical support procedures.- Stay updated on industry trends and best practices. Professional & Technical Skills: - Must To Have Skills: Proficiency in Endpoint Protection.- Strong understanding of cybersecurity principles.- Experience in analyzing and resolving software issues.- Knowledge of network security protocols.- Familiarity with endpoint security solutions. Additional Information:- The candidate should have a minimum of 2 years of experience in Endpoint Protection.- This position is based at our Gurugram office.- A 15 years full-time education is required. Qualification 15 years full time education

Job Summary : We're looking for a skilled .NET Developer with a strong background in Security Testing (DAST) to design, develop, and test secure web applications. The ideal candidate will have expertise in identifying and mitigating security vulnerabilities using DAST tools and techniques. Responsibilities : - Design, develop, and test secure web applications using .NET framework - Conduct Dynamic Application Security Testing (DAST) to identify security vulnerabilities - Analyze and mitigate security risks using DAST tools and techniques - Collaborate with cross-functional teams to ensure secure coding practices - Develop and maintain security testing frameworks and tools - Stay up-to-date with emerging security threats and trends - Participate in code reviews and ensure adherence to security best practices - Develop and deliver training programs on security testing and secure coding practices Requirements : - 5+ years of experience in .NET development with a focus on security testing (DAST) - Strong expertise in .NET framework, C#, (link unavailable), and related technologies - In-depth knowledge of DAST tools and techniques, such as OWASP ZAP, Burp Suite, and SQLMap - Experience with security testing frameworks and tools, such as NMap, Nessus, and OpenVAS - Strong understanding of web application security risks and vulnerabilities, such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF) - Excellent problem-solving skills and attention to detail - Strong communication and collaboration skills - Experience with Agile development methodologies and version control systems, such as Git Nice to Have : - Experience with cloud-based security testing tools and platforms, such as AWS Security Hub and Google Cloud Security Command Center - Knowledge of containerization and orchestration technologies, such as Docker and Kubernetes - Experience with DevOps practices and tools, such as Jenkins, Puppet, and Ansible - Certification in security testing or related field, such as OSCP, CEH, or CISSP

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : BE or MCA or MSc with Good Computer Science Background with good academic record. Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work-related problems.- Develop and implement security architecture solutions.- Conduct security assessments and define security requirements.- Collaborate with cross-functional teams to ensure security measures are integrated.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of identity and access management concepts.- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with cloud security certifications. Additional Information:- The candidate should have a minimum of 3 years of experience in SailPoint IdentityNow.- This position is based at our Chennai office.- A BE or MCA or MSc with Good Computer Science Background with good academic record is required. Qualification BE or MCA or MSc with Good Computer Science Background with good academic record.

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Splunk Good to have skills : Risk ManagementMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. Your day will involve collaborating with teams, contributing to key decisions, and providing solutions to problems across multiple teams. Main Skill1. Splunk or Microsoft Sentinel or Google Chronicle Use Case Management2. Risk Based Alerts and Risk Incidents3. Asset and Identities4. Security Incident Response, Standard Operations Procedure Knowledge Must have Skills: 1. Development, Testing and Fine Tuning of Splunk content like Use Cases, Dashboards, Reports, Lookups, Macros, etc.2. Risk Based Alerts and Risk Incidents3. Asset and Identities Framework in Splunk4. Incident Response, Standard Operations Procedure Knowledge5. MITRE Attack Framework Good to Have Skills: 1. Splunk Architecture Cloud, Microsoft Sentinel, Google Chronicle2. Source Integrations various sources3. Event Parsing, Event Type definition, Data Model, Regex 4. Custom integrations for enrichment, Threat Intelligence Feeds, SOAR5. Azure DevOps Roles & Responsibilities1. Architecture and strategy:Candidate must have ability to understand and implement use cases on security tools (Splunk, Phantom) to improve Accentures overall security posture by identifying gaps in use cases or processes that can be actioned by our engineers. It also includes the ability to develop and communicate a security strategy that addresses the unique risks and challenges of Accentures Security environments.2. Leadership:Candidate must have ability to lead and influence cross-functional teams. It includes the ability to communicate effectively with stakeholders, build consensus, and manage conflict. 3. Technical:The candidate should be able to understand existing security use cases and develop new ones in tools requiring technical development, scripting, or complex rule creations, managing, and implementing broad security concepts.4. Operational:Candidate must have ability to develop and implement security controls, as well as the ability to monitor and analyze security events and incidents. Technical Experience1. Splunk Enterprise Security, Microsoft Sentinel, Google Chronicle2. Azure DevOps3. Custom Tools Development4. Security Incident ManagementProfessional Experience1. At least 5-7 years of experience on IT Security / SOC / Cyber Defense2. Graduation BE3. Proficient use of English, advanced communication skills.4. Security Certifications are a plus - CCSK, GPEN, GCCC, GMOB, GSEC, ESCA, Security +, CEHRole DescriptionSupport SIEM detection content creation for notables with a focus on Risk Based Alerting. Create and maintain documentation on new or existing detections, integrations, and dependencies. Interface with our SOC to pilot new content, process feedback, update incident response guidelines. Engage in fine-tuning of existing detections to increase signal/noise ratio and reduce false positives. Additional Information:- The candidate should have a minimum of 5 years of experience in Splunk- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security policies and procedures- Conduct security assessments and audits- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow- Good To Have Skills: Experience with SailPoint IdentityIQ- Strong understanding of identity and access management- Knowledge of cloud security best practices- Experience in designing and implementing security solutions- Ability to communicate complex security concepts to non-technical stakeholders Additional Information:- The candidate should have a minimum of 5 years of experience in SailPoint IdentityNow- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow- Strong understanding of cloud security principles- Experience with security architecture design- Knowledge of identity and access management- Hands-on experience with security tools and technologies- Ability to communicate complex security concepts to non-technical stakeholders Additional Information:- The candidate should have a minimum of 5 years of experience in SailPoint IdentityNow- This position is based at our Noida office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Advisor Project Role Description : Lead the effort and teams to enable development and implementation of proprietary and innovative security solutions. Assess, manage and ensure compliance to risk reducing behaviors and processes. Must have skills : SailPoint IdentityNow Good to have skills : SailPoint IdentityIQMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Advisor, you will lead the effort and teams to enable development and implementation of proprietary and innovative security solutions. Assess, manage and ensure compliance to risk reducing behaviors and processes. Show creativity in problem-solving and decision-making processes throughout the day. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead the development and implementation of security solutions- Assess and manage risk reducing behaviors and processes- Ensure compliance with security standards Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow- Strong understanding of security solutions implementation- Experience with security risk assessment and management- Hands-on experience with security compliance processes- Knowledge of security best practices Additional Information:- The candidate should have a minimum of 5 years of experience in SailPoint IdentityNow- This position is based at our Jaipur office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Develop and implement security solutions for cloud environments.- Conduct security assessments and audits to identify vulnerabilities.- Provide guidance on security best practices and compliance requirements. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles.- Experience with security architecture design and implementation.- Knowledge of security technologies and tools.- Hands-on experience with security assessments and audits. Additional Information:- The candidate should have a minimum of 12 years of experience in SailPoint IdentityNow.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem. Roles & Responsibilities:Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements.Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity.Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces.Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle.Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular).Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules.Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification.Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning.Lead red team exercises and security reviews in coordination with product security and development teams.Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262.Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements. Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis.Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces.Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular.In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications.Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments.Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434.Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards.Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering.Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment.Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams.Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information:7+ years experience implementing and performing Automotive CybersecurityThis position is based at our Bengaluru officeA 15-year full time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Job Description: We are seeking a highly skilled and experienced Cyber Defense Incident Responder to join our team. The ideal candidate will have over 12 years of extensive experience in the field of cyber security, possessing a strong background in identifying, analyzing, and responding to cyber threats and incidents. Mandatory requirements: Certification Combination: The candidate should hold one of the following certification combinations: OSCP (Offensive Security Certified Professional) and CISSP (Certified Information Systems Security Professional) CEH (Certified Ethical Hacker) and CISSP (Certified Information Systems Security Professional) Vulnerability Assessment and Penetration Testing (VAPT): Proficiency in conducting comprehensive VAPT assessments to identify vulnerabilities and weaknesses within information systems. Application Security: A deep understanding of application security, including the ability to assess, secure, and monitor applications for potential threats and vulnerabilities. Network Architecture: In-depth knowledge of network architecture, protocols, and security measures to effectively safeguard network infrastructure. India Centric Pre-Sales Experience: The candidate should have experience in client interaction, proposal building, and crafting complex security solutions tailored to the Indian market. India Centric Project Delivery Experience: Proven track record in successfully delivering cybersecurity projects for Indian clients. Team Management: Demonstrated expertise in managing large teams involved in incident response and cybersecurity operations. Additional Information: Not Looking for SOC Candidates: This position is not suited for candidates primarily focused on Security Operations Center (SOC) roles. The company is seeking a specialized incident responder. No GCC Candidates: The organization is not considering candidates from the Global Capability Center (GCC) background. If you meet the mandatory requirements and have a passion for proactively defending against cyber threats, we encourage you to apply for this challenging and rewarding role. Apply for this position Full Name * Email * Phone * Cover Letter * Upload CV/Resume * Upload CV/Resume * Allowed Type(s): .pdf, .doc, .docx By using this form you agree with the storage and handling of your data by this website. *

This position is responsible for executing and troubleshooting test cases between lab systems, performing test-affected lookups, maintaining ancillary databases, and analyzing data impacts. This role requires advanced analytical skills and the ability to execute complex test plans. Duties and Responsibilities: Execute Secondary Interface and complex processing system test plans, including creating accessions, entering results, generating processing labels, reviewing results, and performing retesting. Perform test-affected analysis, document findings, and assess the impact of system changes. Conduct quality control reviews of database updates and ensure data integrity. Handle draw fee updates and modifications, including site-specific draw fee changes. Review and update SHLs (sample handling logic) in QTIM database. Manage eDBR cases and oversee database modifications in QTIM database. Perform Y-site updates and database maintenance in ancillary systems. Create interface test plans and oversee their execution. Review and process custom panel request, ensuring accuracy and compliance. Follow established processes and procedures to meet Service Level Agreements (SLAs) and Service Level Objectives (SLOs). Provide troubleshooting support for database-related issues. Ensure compliance with database policies, procedures, conventions, and guidelines. Perform additional database-related tasks as assigned.

The primary responsibilities include managing vulnerability assessments using the Qualys tool, creating detailed metrics and reports, and collaborating with relevant teams to ensure timely remediation of identified vulnerabilities. To ensure the organization's IT infrastructure remains secure by proactively identifying, assessing, and mitigating vulnerabilities through effective use of the Qualys tool and coordinated efforts with cross-functional teams. The basic purpose of this position is to safeguard the organization's digital assets by maintaining a robust vulnerability management program that prioritizes risk reduction and compliance with security policies. Perform daily vulnerability assessments, create weekly metrics and reports, and handle ad-hoc requests as they arise. Work on analytical projects to enhance the vulnerability management process and develop strategies to address identified security issues. Prepare and present metrics and reports to senior leadership, showcasing trends in vulnerabilities over the year and how they are being addressed. Produce reports daily, weekly, and as needed on vulnerability assessments and remediation efforts. Responsible for training new hires and occasionally participating in candidate interviews. Technical/Job Specific Knowledge Vulnerability Management: In-depth knowledge of vulnerability assessment, prioritization, and remediation processes. Qualys: Proficiency in using Qualys for scanning, identifying, and managing vulnerabilities across various environments. Security Frameworks: Familiarity with industry standards and frameworks such as OWASP, NIST, and CIS. Network Security: Understanding of network protocols, firewalls, and intrusion detection/prevention systems. Skills Analytical Skills: Strong analytical abilities to identify and assess vulnerabilities and their potential impact. Technical Aptitude: Competence in using security tools and technologies to perform thorough assessments. Problem-Solving: Effective problem-solving skills to develop and implement remediation plans. Communication: Clear and concise communication skills to report findings and collaborate with different teams. Attention to Detail: High level of attention.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Key Responsibilities: Lead and execute vulnerability assessments across enterprise systems using Qualys VMDR and related modules. Manage and optimize Qualys scanning infrastructure including scanner appliances and cloud agents. Develop and maintain scanning strategies and schedules for internal and external assets. Analyze scan results, prioritize vulnerabilities based on risk, and coordinate remediation efforts with stakeholders. Generate detailed reports and dashboards using Qualys reporting tools and best practices. Ensure compliance with internal security policies and external regulatory requirements. Provide technical guidance and mentorship to junior team members. Collaborate with IT, DevOps, and application teams to integrate vulnerability management into CI/CD pipelines. Required Skills and Experience: 5+ years of experience in vulnerability assessment and management. Hands-on experience with Qualys VMDR, Patch Management, and Continuous Monitoring. Strong understanding of vulnerability lifecycle, CVSS scoring, and remediation workflows. Experience with asset discovery, host tracking, and scanning best practices. Familiarity with scripting (Python, PowerShell) for automation and integration. Knowledge of network protocols, operating systems, and web application security. Industry certifications such as CEH, CISSP, or Qualys certifications are a plus. Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Vulnerability Management. Experience3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: SAP Security. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Active Directory. Experience5-8 Years.

Job Summary Assist in implementing, maintaining and testing SOX controls supporting the Application Managers for custom applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Pre-Implementation Quality CheckConduct a thorough review of controls design and implementation before product/functional go-live, based on evidence submitted by engineering and application management teams. SOX ITGC and Automated Controls EvaluationTest and evaluate the effectiveness of SOX IT General Controls (ITGC) and automated controls using audit checklists prepared by the Controls team to: Maintain SOX controls for internal and third-party products Support internal and external audits related to SOX compliance Control Testing DocumentationDocument control testing procedures and findings in a clear and concise manner. Control Deficiency Identification and ReportingIdentify and report any control deficiencies or weaknesses to ensure prompt remediation. SOX Compliance ReportingPrepare comprehensive reports and documentation for SOX compliance activities, including testing results and control evaluations. Cross-Functional CollaborationCollaborate with cross-functional teams to ensure the thoroughness and accuracy of controls implementation and testing. Educational Qualifications: Bachelor's degree in engineering, finance, or a related field CIA, CISA or CISSP certification Experience: 5-7 years of experience in SOX compliance testing, internal controls, or auditing Knowledge: Strong understanding of SOX regulations, internal controls, and accounting principles. Familiarity with auditing Oracle, Workday and/or Salesforce suite of applications. Skills: Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team CertificationCISA preferred Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: GRC Consulting. Experience5-8 Years.