296 Vulnerability Jobs

Step into a leadership role for skilled security teams at one of the worlds largest and most powerful corporations. As a Manager of Cybersecurity Architecture at JPMorgan Chase within the Cybersecurity & Tech Controls team, you lead multiple teams and manage day-to-day implementation activities by identifying and escalating issues and ensuring your team s work adherence to compliance standards, business requirements, and tactical best practices. Job responsibilities Provides guidance and cultivates skills for immediate team of architects on daily tasks and activities Sets overall guidance and expectations for team output, practices, and collaboration Anticipates dependencies with other teams to deliver products and applications in line with business requirements Manages stakeholder relationships and the team s work in accordance with compliance standards, service level agreements, and business requirements Champions the firm s culture of diversity, equity, inclusion, and respect, and prioritizes diverse representation Required qualifications, capabilities, and skills Formal training or certification on security engineering concepts and 5+ years applied experience. In addition, demonstrated coaching and mentoring experience Experience running teams of architects that design and deliver cybersecurity products and solutions Hands on experience of key security concepts in SAST, DAST, SCA, Cloud, and Vulnerability MGMT Proficient in automation Proficient in agile methodologies Experience creating internal software platforms to enable engineering workflows Preferred qualifications, capabilities, and skills Familiarity with modern front-end technologies Relevant experience in designing, developing, and implementing software solutions, constantly seeking to be an expert

We are seeking a highly skilled Lead Azure DevOps Engineer to join our team and drive the end-to-end deployment, scalability, and operationalization of machine learning models in production. You will collaborate closely with data scientists, data engineers, and DevOps teams to ensure seamless CI/CD, reproducibility, monitoring, and governance of ML pipelines Key Responsibilities Design, implement, and maintain CI/CD pipelines for deploying and monitoring microservices efficiently. Manage infrastructure as code using Terraform for repeatable and scalable provisioning. Deploy and optimize containerized applications using Docker and Azure services (Container Apps, Container Registry, Key Vault, Service Bus, Blob Storage). Apply best practices for securing Docker images, including vulnerability scanning, reducing image size, and optimizing build efficiency. Implement and maintain Azure Monitor for logging, monitoring, and alerting to ensure system reliability. Ensure security best practices across cloud environments, including secrets management, access control, and compliance. (Nice to have) Design and manage multi-client architectures within shared pipelines and storage accounts in Azure Blob Storage 6+ years of experience in DevOps or MLOps with a strong focus on production-grade ML solutions. Strong expertise in Azure, particularly with CI/CD, container orchestration, and cloud security. Proficiency in Terraform for infrastructu

You will help us run one of the largest and most sophisticated cloud-scale, big data, and microservices platforms in the world. You will be responsible to maintain and provision the base infrastructure that runs Splunk Observability Cloud , including cloud compute platforms, managed services, Kubernetes, and required tooling. You will be a key part of the team that strives to offer a fully automated and self-serve, secure, performant, compliant, and cost-efficient Platform-as-a-Service that follows cloud-native best practices and empowers product teams to easily and quickly deploy and operate workloads. You are passionate about automation, infrastructure-as-code, microservices, and getting rid of tedious, manual tasks. You will: Design new services, tools, and monitoring to be implemented by the entire team. Analyze the tradeoffs of the proposed design and make recommendations based on these tradeoffs. Mentor new engineers to achieve more than they thought possible. You enjoy making other teams successful and are fulfilled through the success of others. You will work on infrastructure projects, including: Adopting new cloud-native frameworks and services Automating cloud provider infrastructure via Terraform, Kubernetes, and Helm Developing code for tools and automation to reduce manual tasks and reduce human error Establishing and documenting run books and guidelines for using the multi-cloud infrastructure and microservices platform. Improve the resiliency of multi-cloud microservices platform Networking, routing, and load balancing Security vulnerability remediation and patching automation Automating deployment of our services in new provider zones/regions Designing and productionizing access tiers to provide appropriate permissions across roles Qualifications Must-Have: 6+ years of solid hands-on cloud infrastructure experience on public cloud platforms specifically AWS or GCP. 3+ years of strong hands-on experience deploying, managing, and monitoring large-scale Kubernetes clusters in the public cloud Experience with Infrastructure-as-Code using Terraform and/or Helm. Experience with infrastructure automation and scripting using Python and/or bash scripting. Knowledge of microservices fundamentals including Service Mesh using Istio, service discovery, deployment strategies, monitoring, scheduling, and load balancing Excellent problem-solving, triaging, and debugging skills in large-scale distributed systems Preferred: AWS Solutions Architect certification preferred. CKA and HashiCorp-certified Terraform Associate certifications preferred Experience with Infrastructure-as-Code using Terraform, CloudFormation, Google Deployment Manager, Packer, Pulumi, ARM, etc. Experience with developing infrastructure or platform services using GoLang or Python. Experience with CI/CD frameworks and Pipeline-as-Code such as Jenkins, Spinnaker, Gitlab, Argo, Artifactory, etc. Exposure to monitoring tools such as Splunk, Prometheus, Grafana, ELK stack, etc. in order to build observability for large-scale microservice deployments. Proven skills to effectively work across teams and functions to influence the design, operations, and deployment of highly available software.

The Company PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We operate a global, two-sided network at scale that connects hundreds of millions of merchants and consumers. We help merchants and consumers connect, transact, and complete payments, whether they are online or in person. PayPal is more than a connection to third-party payment networks. We provide proprietary payment solutions accepted by merchants that enable the completion of payments on our platform on behalf of our customers. Our beliefs are the foundation for how we conduct business every day. We live each day guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Together, our values ensure that we work together as one global team with our customers at the center of everything we do - and they push us to ensure we take care of ourselves, each other, and our communities. Job Summary: What you need to know about the role: The Container Platform Team (Genesis Team) in APAC plays a critical role in engineering and operations of manifest creation & promotion, application container deployment orchestration, deployment experience, large scale vulnerability through autonomous patching and many such critical Developer facing functionalities that are essential for uninterrupted services, productivity and efficiency for the global Developer community in PayPal. There are multiple high priority initiatives and outcomes directly aligned to our One PayPal Platform Enterprise priority like technology transformation from Mesos to Kubernetes for better reliability and security compliance for PayPal. Meet our team: Team consists of around 10-12 engineers and at org level, we are around 50-60 people who manages entire cluster for PayPal Team manages thousands of application deployment, this role becomes very critical to understand domain in depth. Since the platform is in a Hybrid model, requires to be proficient in Cloud technologies & having knowledge in Kubernetes is a plus. Job Description: Your way to impact: The Container Platform Team plays a critical role in developing a proprietary deployment product which handles the deployment of thousands of container application along with many such critical Developer facing functionalities that are essential for high availability and reliable services which greatly helps in the productivity and efficiency for the global Developer community in PayPal. There are multiple high priority initiatives and outcomes directly aligned to our One PayPal Platform Enterprise priority like technology transformation from Mesos to Kubernetes for better reliability and security compliance for PayPal. There are multiple high priority initiatives and outcomes directly aligned to our One PayPal Platform Enterprise priority like technology transformation from Mesos to Kubernetes for better reliability and security compliance for PayPal. Your day to day: 2+ years of hands on experience in GoLang development Designs, develops, troubleshoots and debugs software programs for enhancements to existing and new applications using GoLang programs. Using current programming language and technologies, uses code to modify existing software applications to add new functions, adapt to new hardware, improve performance or enhance usability. May participate in all aspects from detailed programming to high-level system design. May analyze requirements, tests and integrates application components and ensure that system improvements are successfully implemented. What do you need to bring: Exhibit great leadership skills Put People First, Work Customer Back, Win Together **We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please dont hesitate to apply. Preferred Qualification: Subsidiary: PayPal Travel Percent: 0 For the majority of employees, PayPals balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit https://www.paypalbenefits.com . Who We Are: Click Here to learn more about our culture and community. Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at talentaccommodations@paypal.com . Belonging at PayPal: Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal. Any general requests for consideration of your skills, please Join our Talent Community . We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don t hesitate to apply.

As a Security Engineer II at JPMorgan Chase within the Cyber Security and Technology Controls, you are part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As an emerging member of the security engineering team, you execute basic software solutions through the design, development, and troubleshooting of multiple components within a technical area, while gaining skills and experience to grow within your role. Job responsibilities Executes software solutions, design, development, and technical troubleshooting with ability to think beyond routine or conventional approaches to build solutions or break down technical problems Creates secure and high-quality production code and maintains algorithms that run synchronously with appropriate systems Produces architecture and design artifacts for complex applications while being accountable for ensuring design constraints are met by software code development Gathers, analyzes, synthesizes, and develops visualizations and reporting from large, diverse data sets in service of continuous improvement of software applications and systems Proactively identifies hidden problems and patterns in data and uses these insights to drive improvements to coding hygiene and system architecture Contributes to software engineering communities of practice and events that explore new and emerging technologies Adds to team culture of diversity, equity, inclusion, and respect Required qualifications, capabilities, and skills Formal training or certification on security engineering concepts and 2+ years applied experience Hands on experience in React, Java\J2EE, Microservices, Spring, Database knowledge, Spring Data JPA, CI\CD, Designing features, Production issue debugging and fixing Proficient in developing security engineering solutions Experience in Software Development Life Cycle Exposure to agile methodologies such as CI/CD, application resiliency, and security Knowledge of information and network security, IT risk management, and architectural concepts and patterns Proficient in specialized tools (eg, vulnerability scanner) used to analyze incident data Preferred qualifications, capabilities, and skills Familiar with Camunda 8 , Database modelling, Performance tuning & Cloud BS/BA degree or equivalent experience

As part of this global team, you'll be involved in projects and services including bug bounty programs where you can: Combine technical expertise with communication skills to effectively manage time sensitive and confidential product vulnerability reports. Advise and work closely with researchers and the engineering teams to drive the timely delivery of security patches. Work closely with stakeholders in ensuring an aligned delivery of security advisories to customers. WHAT YOU BRING: 6 to 10 years of total experience with 4+ years of relevant experience in Security domain. Bachelor or masters degree in computer science, information systems, or a related engineering discipline with enthusiasm for cybersecurity and Artificial Intelligence(AI). Fundamental understanding of AI concepts, including machine learning, deep learning, natural language processing, and data analytics. Awareness of common AI algorithms and models, their applications, and limitations. Deep understanding on AI relevant security vulnerabilities and ability to interpret using right metrics. Stay current with the latest advancements in AI, ML, and cybersecurity. Conduct continuous research on emerging threats and vulnerabilities related to AI to improve knowledge base and support stakeholders. Provide technical guidance and training on AI-related security initiatives. Hands-on experience in using tools like Burp Suite is preferred Industry specific security related certifications (eg, Security+, CEH, CISSP, OSCP, CISA, CCSK) preferred. Any relevant AI/ML certifications preferred. Excellent problem-solving and analytical skills. Strong communication and teamwork abilities with Skills to communicate technical concepts and AI insights to non-technical stakeholders. Ability to work in a fast-paced, dynamic environment and manage multiple tasks simultaneously.

Good hands on towards design, development maintenance of secure software solutions for Linux-based systems on embedded and automotive systems also security controls e.g (Secure Boot, secure unlock, secure reprogramming, message authentication) Good understanding on configuration of AppArmor profiles to enforce security policies and mitigate risks in Linux environments. Hands on towards development and integration of Trusted Execution Environment (TEE) solutions Good knowledge of development and implementation in Cryptography and Key Management. Experience in working with Client Product teams and collaboration with hardware and software team members. Incorporate secure coding standards and practices in DevSecOps, conduct security assessment and code reviews, enforce Static Application Security Testing (SAST), Open Source SW vulnerability scanning and license analysis to ensure SW security. Collect, generate, maintain and update SW bill of materials and contribute to GIT repositories Participate in PI planning, provide effort estimation to implement security controls and contribute to the Feature Roll Out Plan (FROP)

Job Summary What you need to know about the role The Container Platform Team (Genesis Team) in APAC plays a critical role in engineering and operations of manifest creation promotion, application container deployment orchestration, deployment experience, large scale vulnerability through autonomous patching and many such critical Developer facing functionalities that are essential for uninterrupted services, productivity and efficiency for the global Developer community in PayPal. There are multiple high priority initiatives and outcomes directly aligned to our One PayPal Platform Enterprise priority like technology transformation from Mesos to Kubernetes for better reliability and security compliance for PayPal. Meet our team Team consists of around 10-12 engineers and at org level, we are around 50-60 people who manages entire cluster for PayPal Team manages thousands of application deployment, this role becomes very critical to understand domain in depth. Since the platform is in a Hybrid model, requires to be proficient in Cloud technologies having knowledge in Kubernetes is a plus. Job Description Your way to impact The Container Platform Team plays a critical role in developing a proprietary deployment product which handles the deployment of thousands of container application along with many such critical Developer facing functionalities that are essential for high availability and reliable services which greatly helps in the productivity and efficiency for the global Developer community in PayPal. There are multiple high priority initiatives and outcomes directly aligned to our One PayPal Platform Enterprise priority like technology transformation from Mesos to Kubernetes for better reliability and security compliance for PayPal. There are multiple high priority initiatives and outcomes directly aligned to our One PayPal Platform Enterprise priority like technology transformation from Mesos to Kubernetes for better reliability and security compliance for PayPal. Your day to day 2+ years of hands on experience in GoLang development Designs, develops, troubleshoots and debugs software programs for enhancements to existing and new applications using GoLang programs. Using current programming language and technologies, uses code to modify existing software applications to add new functions, adapt to new hardware, improve performance or enhance usability. May participate in all aspects from detailed programming to high-level system design. May analyze requirements, tests and integrates application components and ensure that system improvements are successfully implemented. What do you need to bring Exhibit great leadership skills Put People First, Work Customer Back, Win Together **We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please dont hesitate to apply. Preferred Qualification Subsidiary PayPal Travel Percent 0 For the majority of employees, PayPals balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit https//www.paypalbenefits.com . Who We Are Click Here to learn more about our culture and community. Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at talentaccommodations@paypal.com . Belonging at PayPal Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal. Any general requests for consideration of your skills, please Join our Talent Community . We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don t hesitate to apply.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Senior Software Engineer. Work Location: Pune In this role, you will: Understand the release cycles within GPE and aligned testing associated with it. Release deployment on various environments. Automation script creation for the stable functioning of the environments like healthchecks / monitoring. Troubleshoot Incidents drive resolution where necessary; aiding support to SME s from application teams to facilitate resolution. Drive root cause analysis with involved teams. Report updates for ongoing issues to stakeholder. Critical vulnerability fixing, OS/DB/MQ patching, certificate renewals. Build Automation pipelines for requirements Requirements To be successful in this role, you should meet the following requirements: Must have strong UNIX and SQL experience. Basic knowledge on middleware products like WAS/MQ. Experience of DevOps tools like Jenkins, GITHUB Experience of Control-M, Connect Direct (C:D). Experience of deployment / change pipelines like CI / CD Strong analytical skills supported by problem solving skills attitude The successful candidate will also meet the following requirements: Basic understanding of the Payment flow and banking processes. Strong communication skills (verbal, written, and presentation of complex information and data). Stakeholder Management skills. Knowledge Automation tools like Tosca and UFT.

Take on a crucial role where youll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the future of software security at one of the worlds largest and most influential companies. As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity Tech Controls team, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions. Job responsibilities Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs Executes security solutions design, development, and technical troubleshooting with the ability to apply knowledge of existing security solutions to satisfy security requirements for internal clients (e. g. , product, platform, application owners) Creates secure and high-quality production code and maintains algorithms that run synchronously with appropriate systems Applies specialized tools (e. g. , vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize the probability and impact of threats when determining specific vulnerabilities Leads delivery of continuity-related awareness, training, educational activities, and exercises Adds to team culture of diversity, equity, inclusion, and respect Required qualifications, capabilities, and skills Formal training or certification on security engineering concepts and 5+ years applied experience Experience in developing security engineering solutions, including the design and implementation of cloud security solutions on AWS Proficiency in software engineering with code development using Python and Terraform/Cloud Formation Infra as Code concepts. Experience in development, management, configuration, testing, and integration tasks related to Cloud Network Security platforms. Proficient in Public/Private Cloud Cybersecurity for mission-critical settings, encompassing complex data analysis, enhancement of technical documentation. Expertise in Cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering, and threats and vulnerabilities. Preferred qualifications, capabilities, and skills Familiar of core concepts for Public/Private/Hybrid Clouds (Networking, Policy placement, IAM, Network/Application Firewall) Familiarity with modern front-end technologies Effectively communicating with senior business leaders

Join a team where you can play a crucial role in shaping the future of a world-renowned company and make a direct and meaningful impact in a space designed for top performers. As a Senior Lead Security Engineer at JPMorgan Chase within the Cybersecurity Tech Controls team , you are an integral part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. Drive significant business impact through your capabilities and contributions and apply deep technical expertise and problem-solving methodologies to tackle a diverse array of cybersecurity challenges that span multiple technology domains. Job responsibilities Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs Executes security solutions design, development, and technical troubleshooting with the ability to apply knowledge of existing security solutions to satisfy security requirements for internal clients (e. g. , product, platform, application owners) Creates secure and high-quality production code and maintains algorithms that run synchronously with appropriate systems Applies specialized tools (e. g. , vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize the probability and impact of threats when determining specific vulnerabilities Leads delivery of continuity-related awareness, training, educational activities, and exercises Adds to team culture of diversity, equity, inclusion, and respect Required qualifications, capabilities, and skills Formal training or certification on security engineering concepts and 5+ years applied experience Experience in developing security engineering solutions, including the design and implementation of cloud security solutions on AWS Proficiency in software engineering with code development using Python and Terraform/Cloud Formation Infra as Code concepts. Experience in development, management, configuration, testing, and integration tasks related to Cloud Network Security platforms. Proficient in Public/Private Cloud Cybersecurity for mission-critical settings, encompassing complex data analysis, enhancement of technical documentation. Expertise in Cybersecurity organization practices, operations, risk management processes, principles, architectural requirements, engineering, and threats and vulnerabilities. Preferred qualifications, capabilities, and skills Familiar of core concepts for Public/Private/Hybrid Clouds (Networking, Policy placement, IAM, Network/Application Firewall) Familiarity with modern front-end technologies

Communication Good Email Good Experience Range 3-5 Years Required Skills Set Perform SoD and EoD of NSDL/CDSL/RTGS/SFMS/CCIL/Cash & other banking applications.., Process batch jobs including uploads and downloads required to be performed on various applications as a process or on need basis based on the SOP, SOD/EOD activities based on the SOP provided and as per cut off time on daily basis except when informed by regulator / application teams on account of national holidays & Sundays., Perform Backup support as per SOP, Schedule processes including the processes that need to be executed on a daily, monthly and yearly basis on applications and its databases, Execute the monthly and yearly processes as per schedule , Hand and Feet Support for the devices hosted in PDC, Manage File Transfer jobs- Schedule the given Scripts for file transfer and monitor, Backup Media management - Hands and feet support for . Hardware Networking Course, Computer course, MCSE, CCNA) Technical Question Can you describe your experience with data center infrastructure components such as servers, storage systems, networking equipment, and cooling systems? What monitoring tools have you used to oversee data center operations? How do you use these tools to ensure up-time and performance? How do you manage and maintain power distribution units (PDUs) and uninterruptible power supplies (UPS) in a data center? What are the key considerations when planning and implementing cable management in a data center? Can you explain the importance of environmental controls (temperature, humidity) in a data center, and how do you ensure optimal conditions? Can you describe your experience with data center infrastructure components such as servers, storage systems, networking equipment, and cooling systems? What monitoring tools have you used to oversee data center operations? How do you use these tools to ensure up-time and performance? How do you manage and maintain power distribution units (PDUs) and uninterruptible power supplies (UPS) in a data center? What are the key considerations when planning and implementing cable management in a data center? Can you explain the importance of environmental controls (temperature, humidity) in a data center, and how do you ensure optimal conditions? How do you prioritize and manage tasks in a high-pressure data center environment? Can you describe your approach to managing change requests and implementing updates in a live data center? What procedures do you follow for routine maintenance and inspections of data center equipment? How do you handle capacity planning and scalability in a data center? What steps do you take to ensure compliance with operational standards and best practices in a data center? Describe a critical incident you managed in a data center. What was the issue, and how did you resolve it? How do you prepare for and respond to power outages or cooling system failures in a data center? What protocols do you follow in the event of a fire alarm or other emergency situation in a data center? Can you explain your approach to disaster recovery planning and testing? How do you conduct root cause analysis for data center incidents, and what steps do you take to prevent recurrence? How do you communicate operational status and issues to stakeholders and management? Describe a time when you collaborated effectively with other teams (IT, facilities, security) to resolve a data center issue. How do you handle conflicts or disagreements within your team or with other departments? What strategies do you use to ensure effective communication and coordination during maintenance or upgrades in a data center? A critical server in the data center is experiencing performance issues. Walk me through your troubleshooting approach. You receive a notice of an impending power outage due to external factors. What steps do you take to ensure data center up time and safety? A new equipment upgrade needs to be deployed urgently in the data center. How do you plan and execute this without disrupting ongoing operations? You notice an unusual spike in temperature readings from one section of the data center. How do you investigate and address this issue? During a routine inspection, you discover a security vulnerability in the data centers physical access controls. How do you respond and mitigate this issue?

About the Company: At AT&T, we re connecting the world through the latest tech, top-of-the-line communications and the best in entertainment. Our groundbreaking digital solutions provide intuitive and integrated experiences for millions of customers across online, retail and care channels. Join our mission to deliver compelling communication and entertainment experiences to customers around the world as we continue to evolve as a technology-powered, human-centered organization. As part of our team, you ll transform the way we deliver a seamless customer experience with digital at the center of all you do. In our world, digital is much larger than just an eCommerce channel, we are transforming all channels to digitally perform as one team to create a better customer experience. As we move into 2024, the digital transformation will revolutionize the digital space and you can build a career that will propel your future. About the Job: This position is a Senior Specialist Cyber Security for performing Application Security Testing in Cyber Security Organization. This profile will be passionate in preventing risk by identifying vulnerabilities in the applications of the enterprise by configuring scan settings for effective vulnerability enumeration, Identify and document findings, approve false positives and define/document approved mitigations used by AppSec Testers. Experience Level: 8+ years Location: Hyderabad or Bengaluru Roles and Responsibilities: Perform SAST/SCA/DAST scans using industry vulnerability scanner SAST/SCA Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWE s as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file. DAST Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution. During testing process, tester MUST ensure application is not degraded and/or taken out of service due to scanning activities Tester must ensure results from scanner are present in VM reporting platforms and visible to approved app users Perform manual validation and false-positive analysis on the automated scan results. Provide remediation support will analyze the top-rated vulnerabilities along with provide support to application teams on remediation strategies from identified risks. Execute scan retest by performing revalidation tests of previously identified critical and high severity vulnerabilities as requested by the client application teams. Primary / Mandatory skills: Overall 8+ years of IT experience 7+ years of application security Experience 5+ years of Application Security testing Experience Bachelors degree required. Deep familiarity with the OWASP Top 10 and other security concerns for web applications Deep Understanding of OWASP Application Security Verification Standards (ASVS) Deep understanding of SAST, DAST, SCA Scanning practices Experience in scanning leveraging Veracode, Appscan.or other enterprise tools. Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) and CWEs (Common Weakness Enumeration) as found by scanning tools Understanding of SAST, DAST tools and dependency scanning tools Experience working/integrating with secret management systems Advanced knowledge of front-end and back-end web application development in at least one technology stack (.NET, Java, PHP, Ruby/Rails, Angular, Node.js, etc.) Track record of staying current with trends, techniques, tools, and processes that drive improvement of security posture of applications Strong documentation skills Excellent verbal and written communication skills, with proven technical writing abilities (English language proficiency required) Team-oriented thinking with demonstrated ability to produce high-quality work as part of a fast-paced, dynamic team Proven ability to communicate, collaborate, and present effectively with teams and individuals in different disciplines or areas Technical Skills: SAST, DAST, SCA Additional information (if any): Flexible to provide coverage in US morning hours upon need. Certification : CSSLP or equivalent #Cybersecurity Location: IND:KA:Banglaore / Intl Tech Park, Whitefield Rd - Storage: Innovator Building, Itpb, Whitefield Rd Job ID R-69182 Date posted 06/06/2025

IT Industry experience in DevOps, SW Development: 10 - 15 years Technical skills 5-7 years of experience in Azure DevOps, AWS DevOps Have hands on experience in DevOps pipeline, Triggers 3-4 years of experience in Solutioning with DevOpsTools Ansible, Terraform, TerraTest Scripts using Yaml Security scan and Testing SonarQube and Integration Security vulnerability tools and assessment Optional skills: Puppet, Chef Successful implementation of DevOps Environment and tool chain 4 - 6 years in Azure and AWS environment Experience in DevOps Automation scripts Knowledge of Cloud Infrastructure (Azure /AWS) and IaaC Team Management and Development Managed a team 7 - 10 DevOps engineers for large projects SME Capability building, Training Plan development and mentor DevOps engineers Collaboration skills and working across multiple project teams Conduct interviews for the Practice and do the hiring on need basis Business development, Artefacts and Case studies Ability to prepare case studies, Practice Plan and implementation Proposals: Experience in working with Sales Team, Pre-sales Presentations and interactions with customers Campaigns: Working with Marketing team

BE, B.Tech, MSc (Information Technology), CISA, CISSP, CEH General Description: Candidates must possess hands-on audit experience in IT general controls. As Information Technology Auditor, you will examine, evaluate and verify policies, procedures and internal controls around information systems and networks. Exposure to ISO27001, SSAE16, Vulnerability Assessment and Penetration Testing, Security Technologies is an added advantage. Responsibilities: Timely completion of information technology and information security audits in a manner that is consistent with the professional standards set by Qadit. Adequately analyze and document all information systems and related controls, and develop an appropriate audit program to test the controls identified. Evaluate the adequacy of security and processing controls as they relate to each audit, and the effectiveness of general IT controls in effect in the IT environment. Review the means of safeguarding information assets and monitor ongoing performance metrics established by the IT and Security Departments of clients. Prepare audit work papers according to established corporate guidelines and industry standards, and as applicable create audit reports. Maintain and enhance audit work paper templates. Maintain active communication with clients to manage expectations, ensure satisfaction, make sure deadlines are met, and lead change efforts effectively. Team with partners and senior managers on proposals and business development calls. 1. Conducting vulnerability assessments & penetration testing analyzing related reports. 2. Running VA PT tools 4. IT general computer controls audits Position will be based in Chennai, but will need to travel extensively both within and outside India. Role Summary Support IT audits, risk assessments, and compliance tasks in the IT GRC domain. B.E./B.Tech (CS/IT/ECE), B.Sc/M.Sc (IT/CS), or B.Com/BBA with interest in IT GRC audit. Key Skills Basic understanding of ISO 27001 and other security frameworks including SOC 2, GDPR and HIPAA, audits, MS Office; good communication and analytical skills. Pursuing CISA, ISO 27001 Foundation, or DISA is a plus. Not mandatory; freshers are welcome. Hands-on exposure to cybersecurity, compliance, and IS audit under expert guidance. Lead and execute IS audits, risk assessments, and compliance reviews within the GRC framework. Graduate in B.E./B.Tech (CS/IT), B.Sc/M.Sc (IT/CS), or equivalent. Upto 2 years in information security, IT audit, or risk/compliance roles. Strong knowledge of ISO 27001 and other security frameworks including SOC 2, GDPR and HIPAA, ITGC, regulatory frameworks (RBI, SEBI), audit tools, and MS Office. CISA, DISA, ISO 27001 Lead Auditor (preferred). Opportunity to lead audits, enhance GRC maturity, and work with senior stakeholders in a dynamic environment.

In this role, you will be responsible for managing the procurement and vendor management teams and their day-to-day operations. The ideal candidate will be a go-getter known for consistently ensuring operational efficiency. The appropriate candidate will be a success driven self-starter, skilled at managing teams and working with cross functional groups to ensure the team objectives are met Primary Responsibilities: Manage the Vendor Management and Procurement team - build, train and manage performance goals Improve and execute purchasing policies and procedures that include vendor base management, purchasing cycle (requisitions, purchase orders), developing the appropriate audit and goods received process. Review Purchase Requisition forms and create Purchase Orders accordingly. Complete New Vendor Setups in compliance with policies Review purchase orders against purchasing guidelines; obtain legal contract review, check against finance budget, review & confirm accounting coding. Approve or reject and issue purchase orders to vendors. Negotiate and complete contracts for goods and services utilizing established contracting policies and procedures Review vendors, assess vendor capabilities and prevent vendor duplication. Additionally ensure clean vendor data, deactivating vendors not being used. Manage and update process controls and ensure team alignment to the controls Collaborate with internal leadership in other functional areas, as it relates to their respective programs, to ensure alignment of activities, objectives, and expectations. Build and develop vendor relationships, managing effective partnerships with key suppliers to encourage superior service, obtain competitive pricing, and obtain quality products and/or services. Identify and implement process improvements throughout the department to increase efficiency and accuracy and decrease high risk areas. Lead and contribute to the Coupa implementation and stabilization efforts. Maintain purchasing documents and assure that they are properly completed with all terms and conditions of purchases being met. Assure department records are maintained and that purchases are followe'd up or expedited when required. Maintain purchase contracts database. Audit database system for accuracy on a continual basis preventing any vulnerability for fraud or excessive errors. Ensure compliance with local and foreign requirements. Lead low-dollar sourcing efforts within the team Interface with accounting on audit issues and system management to ensure proper controls are in place and operating as planned Qualifications Bachelor s Degree, preferably in accounting. 10 plus years in procurement and vendor management with 3 plus year of team management experience Exceptional work ethic and strong attention to detail Excellent written and verbal communication skills, and the ability to interact effectively Self-starter who can take on responsibility with little oversight Ability to read and comprehend moderately complex instructions, short correspondence, and memos Ability to write correspondence with understanding of audience Ability to effectively present information in one-on-one and small group situations to other managers and employees Exhibits our core values: Results Orientation, Winning Attitude, Be One Team, Disciplined Execution, and Growth Mindset

ECMS Requirement Format Number of Openings 1 ECMS ID in sourcing stage 528445 Assignment Duration 6 months -1 year Total Yrs. of Experience 10+ Relevant Yrs. of experience 6+ Detailed JD (Roles and Responsibilities) Certified ServiceNow Developer Need to have extensive development experience and be an SME in the ServiceNow Vulnerability Response/Configuration Compliance modules specifically Must be able to build custom ServiceNow integrations from scratch Must be able to configure new store integrations and maintain existing integrations Deep experience across complex ServiceNow integrations Perform code changes and customizations for enhancement requests within ServiceNow Vulnerability Response/Configuration Compliance Mandatory skills ServiceNow Developer Desired/ Secondary skills NA Domain Any Max Vendor Rate in Per Day (Currency in relevance to work location) INR 12000 Delivery Anchor for tracking the sourcing statistics, technical evaluation, interviews, and feedback etc. Rinky Biswas Work Location given in ECMS ID Any WFO/WFH/Hybrid WFO Hybrid WFO BG Check (Before OR After onboarding) Before Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO 2pm-11pm(IST)(India 2 nd Shift)

Hiring for Windows Server Admin- Gurugram Job Summary: We are seeking a skilled and proactive Windows Server Administrator with 4 years of experience to manage, maintain, and optimize our Windows-based infrastructure. The ideal candidate will have a strong technical background in Windows Server environments, Active Directory, and virtualization technologies, ensuring system uptime, security, and performance. Key Responsibilities: Install, configure, and maintain Windows Server environments (2012/2016/2019/2022). Manage Active Directory, Group Policy Objects (GPOs), DNS, DHCP, and file/print services. Monitor server performance and ensure high availability and reliability. Perform regular system updates, patching, and backups. Administer Microsoft Exchange or O365 and integrate with Active Directory. Manage virtualization platforms (e.g., Hyper-V or VMware). Implement security policies, perform vulnerability assessments, and harden server configurations. Troubleshoot server and network issues, providing timely resolution. Document system configurations, procedures, and changes. Collaborate with cross-functional teams for deployments and incident resolution.

? ?Job Description ?Exp: 9 to 14 Years Job Location: Mumbai (Powai - Hiranandani) It is Work from Office role 5 Days working Job Role: Supporting smooth application operation and development of small enhancements for multiple applications Taking over the internal product responsibility for Business managed applications (BMA), IT products or product groups Planning, controlling and monitoring of external providers with regards to capacity, performance and result quality for applications or application groups in the area of responsibility Escalation management regarding tickets or general issues, set up alignment calls with customers Taking responsibility for or participating in the planning, managing and reporting of all global cost elements of the service budgets as well as verification of monthly invoicing Advising business departments or IT colleagues on service offerings Collaborating in transition projects and in the further development of the service in general Creating and maintaining procedures for existing processes and documentation around knowledge management, compliance regulations and vulnerability remediation Ensuring compliance based on internal and external regulations Required: University degree in IT or business information management or equivalent qualification Sound IT software development and cloud infrastructure experience as well as quality and result orientation Basic Experience in managing external service providers ideally in an offshore model Ability to think in a global meta-organizational as well as networked manner Talent in capture things quickly as well as structure and orchestrate topics Strong planning, coordination and organizational skills to ensure smooth AMS processes and as well to assist the Service Manager or the customer directly Flexibility and bringing a curious and creative mindset, open to new things and able to propose innovative ideas Confidence, assertiveness and strong commitment Fluent command of Business English Cultural awareness

Job Summary If you are a graduate looking for an opportunity to build career in Cybersecurity domain, Emerson has an exciting opportunity for you! Based in our Pune, India location, you will be a member of a collaborative product Security group. You will have the opportunity to learn product Security and work with global technical leadership teams for product Security for Emerson business units located across the globe. You ll be employed for Emerson Innovation Centre, Pune (EICP) In This Role, Your Responsibilities Will Be: Perform Vulnerability Analysis and Penetration testing of Web / Thick client / Mobile applications used in critical infrastructure Perform protocol fuzz Testing of industrial communication protocol Provide appropriate mitigation actions for the identified vulnerabilities to development team Work closely with development team to validate and strengthen security controls. Who You Are: You will quickly learn the dynamic and fast changing security area under mentorship of senior resources and build skillset to deliver results independently by the end of training period. For This Role, You Will Need: Familiar with different security pen test tools like Burp Suite, Kali Linux, DAST like App Scanner or similar other tools widely used for Penetration Test. Understanding of security protocols (HTTPS, HSTS, TLS, SSH). Strong learning agility and commitment to learn. Good analytical skills and decision-making capabilities. Proven verbal and written communications. Knowledge of scripting language (TCL, Perl, Python, Shell etc. ) for exploit development. Familiar with OWASP Top10 and IEC62443 standard Preferred Qualifications that Set You Apart: BCA / BSC-Computer Science completed in 2024 or due to complete by June 2025 from reputed institute. Cybersecurity training / Certification will have added advantage. Our Culture Commitment to You . .

Ensure the seamless creation, delivery, and maintenance of the IT environment at MB Indias Mumbai branch, focusing on infrastructure, networking, connectivity, IT and cybersecurity, and resolving everyday technical problems Offer complete IT support to various bank departments, helping them deliver their products and services to the highest customer satisfaction. This role is responsible for professionally supporting the IT department, including daily tasks, PC support, updates, enhancements, and optimizing available resources. Having experience of 12+ years in the IT industry with 7-8 years banking experience Strong vendor management skills and the ability to negotiate agreements. Excellent communication and networking skills with the ability to develop relationships. Excellent problem solving and troubleshooting abilities Manage and provide end-to-end support for the branchs IT environment, covering infrastructure, networking, connectivity, IT and cybersecurity, daily problem-solving, and proactive engagement with stakeholders Provide assistance for projects / initiatives from head office in terms of coordinating all required support activities from Dubai & India office. Effective management of all regulatory submissions and regulatory web portals like Daksh, E-BRC. Provide PC based software support to the India Branch Personnel ensuring timely service to ensure smooth operations. Ensure that a maintenance agreement is in place for all computer hardware and software. Ensure CCTV s, Server rooms and allied software & hardware are kept secure, updated and managed via proper contracting with Vendors as per Bank policies. Support the Branch activities and provide secured physical facilities to the end users, ensure its upkeep and general administration Support in in-depth vulnerability analysis along with remediation plan for MB India Periodic updates and evidences of IT SOP, RCSA for MB India, Mumbai location. Participate in BCP and DR drills for the branch. Mumbai Audits: Lead Mumbai on all Internal/External and Central Bank related ensuring there are no unsatisfactory results. Remediate findings from Audit in a timely manner and ensure closure of issue assurance with Audit teams as per the agreed action plan. Budget Management: Co-ordinating and providing in yearly budgetary exercises for MB India, Mumbai branch. Vendor Management: Effective vendor management, vendor identification, onboarding & performance management including initiation of bill/invoice/payable management. Information Security: Effective engagement with stakeholders on all info security issues, ensuring timely remediation of identified issues. Participate and support annual information security attestations of Mumbai branch.

Role: Vulnerability Mgmt Analyst Location: Remote Work timing: UK Hours \ US Hours Overview: We are seeking a detail-oriented and highly skilled Vulnerability Management Analyst to join our cybersecurity team. The successful candidate will be responsible for identifying, analyzing, prioritizing, and remediating vulnerabilities across the organizations IT assets. The role involves leveraging industry-standard tools like Qualys , Tenable Nessus , Rapid7 , and integrating findings into ServiceNow SecOps for streamlined remediation. Key Responsibilities: Perform regular vulnerability scans using tools such as Qualys , Tenable Nessus , and Rapid7 InsightVM . Analyze scan results to identify true positives, prioritize findings based on risk and criticality, and recommend remediation actions. Collaborate with IT infrastructure, application, and network teams to ensure timely patching and mitigation of identified vulnerabilities. Integrate vulnerability data into ServiceNow Security Operations (SecOps) for incident tracking and response coordination. Monitor vulnerability trends and provide risk insights to leadership. Support compliance initiatives and audits by providing reports and evidence of remediation efforts. Maintain documentation for vulnerability management procedures and policies. Assist in developing and improving vulnerability management workflows, processes, and automation. Required Skills & Experience: 3+ years of hands-on experience in vulnerability management or related cybersecurity roles. Strong expertise in using Qualys , Tenable Nessus , Rapid7 InsightVM , or equivalent tools. Familiarity with ServiceNow SecOps or other security orchestration and response platforms. Solid understanding of TCP/IP, operating systems (Windows, Linux), and common network services. Experience with CVSS scoring and vulnerability remediation prioritization. Ability to communicate technical issues to both technical and non-technical audiences. Preferred Certifications (at least one required): CompTIA Security+ CompTIA CySA+ GIAC Enterprise Vulnerability Assessor (GEVA) Nice to Have: Knowledge of regulatory and compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS). Familiarity with scripting (Python, PowerShell) for automation of scanning and reporting tasks. Exposure to SIEM platforms and incident response procedures. Education: Bachelors degree in Information Security, Computer Science, or a related field (or equivalent practical experience). Thanks & Regards: Kanika Katiyar Associate Recruiter Email: kkatiyar@fcsltd.com FCS Software Solutions Limited https://www.fcsltd.com

Job Description We are looking for a technical, highly motivated and dynamic IT Product Information & Lead Research Analyst to play a key role in our growing team. This hands-on position is ideal for a self-starter who enjoys research, data curation, and taxonomy design, with a unique opportunity to transition into a leadership role as the team expands. The team is responsible for building and maintaining a comprehensive, accurate, and curated product catalog of all software and hardware technology products sold and deployed globally. The Lead Product Research Analyst will be responsible for: Lead and coach a team of research analysts working on technology data mining and curation. Conduct research on technology data/content about software and hardware products, including vendors, manufacturers, product suites, lifecycle data Collect, analyze, and curate information to enrich our technology catalog, ensuring accuracy and consistency Oversee the maintenance of a technology data catalog, ensuring comprehensive and up-to-date content Design and manage taxonomies for software and hardware products. Develop and enforce rules for normalizing and mapping data between source systems Define and implement end-to-end research workflows, including methodologies, training programs, and quality control measures. Respond to customer and internal requests to enrich catalog content and resolve content-related issues promptly. Act as the subject matter expert (SME) on technology data, working directly with customers and partners to address data-related issues and enhancement requests. Collaborate with internal stakeholders, including engineers and product teams, to translate business requirements into new data offerings and features. Qualifications Bachelor s degree in computer science, engineering, data management or related field Experience with Master Data Management or Product Information Management platforms Proficiency in writing regular expressions (Regex) - required Familiarity with database tools, data entry systems, and processes. In-depth, subject matter expertise-level understanding of how software is named, titled, and released by commercial and open-source teams, including EOL and vulnerability disclosures. Strong background in researching and managing technical content, with an eye for detail. Ability to identify gaps in data and develop proactive plans to close them. Experience in designing and managing taxonomies for technical products.

Required Skills Technology | Scripting and Automation | Level 2 Support Technology | Network Security Fundamentals | Level 3 Support Technology | Secured Configuration Management | Level 3 Support Technology | Incident and Breach Response | Level 2 Support Technology | Endpoint Encryption | Level 2 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | Certified Endpoint Detection and Response Professional/Certified Endpoint Security Administrator/Microsoft Certified: MD-100/CompTIA CySA+/CISSP/CISM/Cisco Certified CyberOps Associate/VMware Certified Professional - Desktop and Mobility Delivery Skills required are: - Advanced Technical Proficiency: - *Mastery of endpoint security solutions such as antivirus, endpoint detection and response (EDR), endpoint protection platforms (EPP), and mobile device management (MDM) systems. *Ability to configure, manage, and troubleshoot advanced endpoint security technologies effectively. *Advanced skills in conducting vulnerability assessments, prioritizing vulnerabilities, and overseeing remediation efforts across endpoint devices. Strategic Oversight and Management: - *Strategic oversight of endpoint security operations, including policy development, deployment strategies, and performance monitoring. *Collaboration with IT teams, network security specialists, compliance officers, and senior management to integrate endpoint security initiatives with broader organizational security strategies. *Facilitation of collaborative efforts to improve endpoint security posture and incident response capabilities. Communication and Stakeholder Management: - *Clear and concise communication of complex technical concepts, security risks, and recommendations to stakeholders at all levels. *Ability to articulate endpoint security issues, incident findings, and remediation strategies effectively. *Comprehensive documentation of endpoint security incidents, investigations, and remediation activities. Continuous Improvement and Adaptability: - *Commitment to staying updated with the latest cybersecurity trends, emerging threats, and technologies through ongoing training, certifications, and industry participation. *Implementation of continuous improvement initiatives to enhance endpoint security operations and resilience against evolving threats.

Required Skills Technology | Scripting and Automation | Level 2 Support Technology | Network Security Fundamentals | Level 4 Support Technology | Project Management | Level 4 Support Technology | Incident and Breach Response | Level 4 Support Technology | Technology Integration | Level 4 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | Certified EDR Professional/Certified Endpoint Security Administrator/Microsoft Certified: MD-100/CompTIA Cybersecurity Analyst/CISSP/CISM/Cisco Certified CyberOps Associate/VMware Certified Professional - Desktop and Mobility Delivery Skills required are: - Technical Expertise: - *Proficiency in managing and configuring endpoint security technologies such as antivirus, endpoint detection and response (EDR), endpoint protection platforms (EPP), and mobile device management (MDM) systems. *Ability to implement and manage advanced endpoint security controls and policies to protect against emerging threats. *Experience in conducting and overseeing vulnerability assessments across endpoint devices. Strategic Oversight and Management: - *Strategic oversight of endpoint security operations, including policy development, deployment strategies, and performance monitoring. *Development and optimization of endpoint security policies, standards, and procedures to align with organizational objectives and industry best practices. *Facilitation of collaborative efforts to enhance endpoint security posture and incident response capabilities. Communication and Stakeholder Management: - *Clear and concise communication of technical security issues, incident findings, and remediation strategies to stakeholders at all levels. *Regular reporting on endpoint security metrics, trends, and operational performance to senior management and other stakeholders. *Comprehensive documentation of endpoint security incidents, investigations, and remediation activities. Continuous Improvement and Adaptability: - *Commitment to staying updated with the latest cybersecurity trends, threats, and technologies through ongoing training, certifications, and professional development. *Implementation of continuous improvement initiatives to enhance endpoint security operations and resilience against evolving threats. Value Proposition: - Understand the existing environment and propose any opportunity of improvement. Look at nagging issues in the environment and come out with Get Around solutions by working with vendors and industry experts