30 Vulnerability Assessments Jobs - Page 2

As part of our management consulting team in India, Mumbai, you will play a crucial role in addressing our client's diverse business needs. Whether it's Cybersecurity, Information Technology, or any other area, you will be instrumental in our integrated solution approach aimed at facilitating growth, optimizing resources, and managing costs and risks effectively. At Plante Moran, we take pride in providing consultative services to clients as they navigate challenges and explore new possibilities. Diversity, equity, and inclusion are fundamental values for us, ensuring that every team member has an equal opportunity to thrive in an inclusive environment while embracing their individual identities. Your responsibilities will involve collaborating with the US cybersecurity team to conduct testing and reviews for multiple client projects. This includes tasks such as penetration testing, vulnerability assessments, social engineering assessments, and technical security configuration reviews. You will be required to prepare reports, communicate observations, and coordinate with other team members to ensure smooth project delivery. The ideal candidate for this role should be a fresher or have 0-2 years of experience in Penetration testing, Vulnerability assessments, and Technical Security Assessments, with at least one to two years of background in Cybersecurity or Information Security. A Bachelor's degree in Computer Science, Information Technology, Electronics, or related fields is required. Possessing certifications such as CEH, GPEN, OSCP, GWAPT, or other recognized Security certifications is preferred. Strong communication skills, proficiency in MS Office tools, knowledge of General Computer Controls, and the ability to work in an office environment are essential. Additionally, flexibility to occasionally travel to client locations in India and the United States, work in afternoon shifts, and engage in overnight travel up to 25% of the time is necessary. At Plante Moran, we offer a unique workplace environment characterized by a culture of respect, recognition as one of Fortune Magazine's 100 Best Companies to Work For, and abundant growth opportunities. We are committed to fostering diversity, equity, and inclusion, ensuring that every team member has the chance to excel in a supportive and inclusive setting. If you are looking to make a difference in a dynamic and inclusive work environment, we encourage you to apply now and join our team at Plante Moran.,

As a Security Analyst, your main responsibilities will include conducting security assessments such as vulnerability assessments, penetration testing, and endpoint security assessments. You will be tasked with analyzing security data to pinpoint threats and potential vulnerabilities. Your role will require you to implement and uphold security controls like firewalls, intrusion detection/prevention systems, and endpoint security solutions. Additionally, you will be expected to actively participate in security incident response activities, which involve investigation and remediation processes. Furthermore, you will play a key role in assisting with the development and execution of security policies and procedures within the organization. It will be essential for you to stay informed and updated on the latest cybersecurity threats and vulnerabilities in order to effectively safeguard the company's digital assets. Documenting security findings and providing recommendations based on your analyses will also be a crucial aspect of your responsibilities. In this role, you will be supporting the Team Lead in various cybersecurity initiatives, thereby contributing to the overall security posture of the organization. This position is full-time and requires a minimum of 3 years of relevant work experience. The work location for this role is in-person, which will enable you to collaborate effectively with the team and address security challenges proactively.,

You will be responsible for performing in-depth penetration testing, vulnerability assessments, and security reviews of applications, infrastructure, and networks. Your role will involve identifying, exploiting, and documenting security vulnerabilities across systems and providing remediation recommendations. Additionally, you will simulate sophisticated attacks to test the strength of security controls and identify potential areas of compromise. Collaboration with development, infrastructure, and DevOps teams will be crucial as you work to integrate security into the development lifecycle and Infrastructure-as-Code (IaC) security. You will play a key role in developing comprehensive security test plans, methodologies, and tools to ensure effective assessment of systems. Your responsibilities will also include creating detailed reports outlining vulnerabilities, risks, and recommended mitigations. You will be expected to perform threat modeling and risk assessments to prioritize testing efforts and monitor network traffic for threats, responding to security incidents as needed. Ensuring security best practices in Cloud environments, security controls for cloud workloads, IAM policies, and network security will be part of your daily tasks. This may also involve monitoring and responding to cloud security incidents using SIEM and cloud-native security tools. An important aspect of your role will be to integrate and automate security testing and compliance checks into CI/CD pipelines using tools like SAST, DAST, and IAST. Your contribution in this area will be essential in maintaining a secure and robust security posture for the organization.,

Job Summary Strong understanding of security vulnerabilities and secure coding practices. Extensive work experience in implementing and managing security features such as secure boot, secure software updates, secure authentication, encryption, and other critical security-related topics. Proficiency in programming languages C, C++,Python, Java with experience applying secure coding techniques. Experience with security testing tools and CI/CD security integration. Familiarity with cloud platforms (AWS, Azure) and securing cloud-native applications and services. Experience with Hardware Security Modules (HSM) and ARM TrustZones. Experience with open source libraries such as OpenSSL Expertise in cryptography, including RSA, ECDSA, AES, PKCS Hands-on experience with Linux and Android security. Roles & Responsibilities Key Responsibilities Lead the integration of security best practices throughout the product lifecycle, including secure coding, architecture, and testing. Collaborate with product, engineering, and development teams to embed security into product designs from the beginning of the development process. Implement key security features, such as authentication, encryption, and access controls, to protect the product's data and operations. Conduct threat modeling and vulnerability assessments on new product designs and features to identify potential security risks. Develop and implement risk mitigation strategies, ensuring security controls are integrated into product architectures and design specifications. Implement and manage secure code reviews, security testing tools, and frameworks to automate security testing as part of the CI/CD pipeline. Collaborate with the security architecture team to ensure security guidelines and frameworks are consistently followed throughout the development process Education and Experience Required BE/B.Tech/ M.Tech Competencies Description Application Protocol & Engines - Linux engineer is one: who has done one or more of the following on Embedded Linux design, development/customization, bug fixing/sustenance who has experience in one or more of the following domains Multimedia Telephony Connectivity Sensor Security Platforms- Mandatory to have worked on one or more of the following: Embedded Linux Tools- Mandatory to have worked on one or more of the following; gdb/ddd; linux editors; top; ps; meminfo Languages- Mandatory to have worked on one or more of the following; C; C++ Specialization- MULTIMEDIA, CONNECTIVITY, TELEPHONY, CARRIER GRADE PLATFORM, GENERIC FRAMEWORK

Responsibilities Manage a team of senior Networking and Security personnel. Serves as the subject matter expert (SME) on Cloud networking and security, having previously worked in a senior technical network or security role. Help deliver and manage projects that apply the companys security policies and standards for use in cloud environments. Communicate security concepts to different audiences ranging from business leaders to engineers, as well as customers. Serve as a key subject matter expect in security and networking topics and support delivery of core services from a network security perspective. Mentor and influence team members in implementing and delivering projects and performing ongoing security and network monitoring. Help design security frameworks and effective solutions for vulnerability remediation. Develops standards, policies, and procedures as well as best practices documentation. Able to translate technical requirements into business requirements. Assist team members to update their security and networking skills and knowledge. Collaborate with other IT teams, developers, and business stakeholders to ensure alignment on network and security requirements. Stay up-to-date with the latest cloud networking and security trends and technologies. Develop and execute security roadmaps and initiatives. Drive change and improvements in security delivery of our Cloud security services. Education / Qualifications A university qualification of Bachelor's degree level in Engineering/IT, or a related field. Skills Required: Strong experience in a Security and networking leadership role (5 years+ in a management role combined with previous experience working at a senior technical level for 5 years+ in network/security role). Extensive security management experience in an environment leveraging Azure and/or AWS public cloud platforms. Strong Application, Networking, Cloud Security knowledge and experience. Previous experience working in environments that leverage public Cloud. Extremely knowledgeable in security and networking technical matters. Experience of compliance standards, including ISO27001 and/or SOC2. Familiarity with directives such as GDPR and NIS2/DORA. Experience of team management and interview protocols. Strong understanding of penetration testing and vulnerability assessments. Experience with project management and security project delivery. Solid understanding of application development and SDLC. Security certifications a strong plus (eg CISSP). Fluent English speaker. Desired technical skills or knowledge areas: Expertise in Azure and AWS networking and security services. Proficiency in network protocols and technologies (e.g., TCP/IP, DNS, VPN, routing). Knowledge of security frameworks and standards (e.g., NIST, CIS). Experience with SIEM, IDS/IPS, and vulnerability management tools. Strong practical experience with Fortinet security solutions (FortiGate, FortiAnalyzer, etc.). Proficiency in using Rapid7 security tools (Insight IDR VM) for vulnerability management and forensic investigation. Experience with tooling used for malware analysis and threat prevention. Experience with ManageEngine suite of products, especially PAM360 and Patch Manager Plus. Scripting and automation knowledge (e.g., Python, PowerShell, Terraform).