296 Vulnerability Jobs - Page 10

The Analyst will evaluate the firms digital exposure, identifying and mitigating risks stemming from misconfigurations, vulnerabilities, and mismanaged assets. The candidate will play a crucial role in managing third-party risk assessments and identifying assets failing to meet stringent EY security standards. Collaborating closely with multiple functions, the analyst will collaborate to build strategies to protect EYs digital assets. Additionally, the analyst will monitor emerging threats in the digital landscape, evaluating and advising proactive measures to safeguard the firm. Skills and attributes for success Expert attention to detail Demonstrated ability to thinking critically Interest in creating creative solutions to complex issues Ability to handle high volume requests Flexibility and comfortability pivoting between diverse environments Exceptional communication and rapport building skills Efficient research methodologies To qualify for the role you must have A minimum of 5 years of experience in vulnerability management, red team, or purple team Strong understanding of cloud services, network security, and data protection principles Well-developed knowledge of offensive security principles Familiarity and minimal experience in automating vulnerability discovery Professional-level analytical and problem-solving skills Developing ability to translate vulnerability information to business impact Demonstrated experience with third-party risk assessments Strong communication and interpersonal skills Ability to evaluate and prioritize competing priorities from varying stakeholders Ideally, you ll also have OWASP training Incident response experience

The Analyst will evaluate the firms digital exposure, identifying and mitigating risks stemming from misconfigurations, vulnerabilities, and mismanaged assets. The candidate will play a crucial role in managing third-party risk assessments and identifying assets failing to meet stringent EY security standards. Collaborating closely with multiple functions, the analyst will work to execute the Attack Surface Management strategy to protect EYs digital assets. Additionally, the analyst will assess emerging threats in the digital landscape as directed, evaluating and advising proactive measures to safeguard the firm. Skills and attributes for success Expert attention to detail Aptitude for thinking critically Ability to handle high volume requests Flexibility and comfortability pivoting between diverse environments Developing communication Skills Familiarity with research methodologies To qualify for the role you must have A minimum of 3 years of experience in vulnerability management, red team, or purple team Familiarity with cloud services, network security, and data protection principles Well-developed knowledge of offensive security principles Professional-level analytical and problem-solving skills Developing ability to translate vulnerability information to business impact Demonstrated experience with third-party risk assessments Strong communication and interpersonal skills Experience providing prioritization recommendations to stakeholders Ideally, you ll also have OWASP training Incident response experience

Continentals digital capabilities are growing every day. Our global Cloud Services team is at the forefront of this transformation, establishing scalable, secure, and efficient cloud platforms that power our innovative solutions worldwide. We are seeking an experienced Cloud Platform Architect to lead the design, implementation, and governance of our enterprise Azure landing zone. This is your opportunity to shape cloud architecture standards, create secure and compliant infrastructure, and build the foundation that empowers our development teams to deliver solutions efficiently and reliably. Join us to architect the future of Continentals digital landscape in an exciting, collaborative global environment. In this role, you will be responsible for the following tasks: Designing and leading the architectural vision for Continentals Azure cloud landing zone, establishing enterprise-wide guardrails, principles, and patterns that align with Microsofts recommended practices and Azure roadmap Driving strategic cloud platform enhancements in security, compliance, connectivity, and governance while providing technical oversight of the entire Azure landing zone infrastructure Architecting and enforcing cloud security controls across the enterprise, including automated compliance monitoring, vulnerability remediation processes, and integration with existing identity management systems Overseeing the development and implementation of Infrastructure as Code (IaC) solutions for automated provisioning, configuration, and management of Azure cloud landing zone Collaborating with internal stakeholders to provide secure, compliant access to Azure IaaS and PaaS offerings Troubleshooting platform issues and improving service documentation

About the Team The security team at Meesho is like the Avengers to Meeshos S.H.I.E.L.D. After all, when 5% of Indian households shop with us, it s important to build resilient systems to manage millions of orders every day. We ve done this - with zero downtime! Sounds impossibleWell, that s the kind of Engineering muscle that has helped Meesho become the e-commerce giant it is today. We value speed over perfection, and see failures as opportunities to become better. We ve taken steps to inculcate a strong Founder s Mindset across our engineering teams, making us grow and move fast. We place special emphasis on the continuous growth of each team member - and we do this with regular 1-1s and open communication. As a Security Engineer III, you will be part of self-starters who thrive on teamwork and constructive feedback. We know how to party as hard as we work! If we aren t building unparalleled tech solutions, you can find us debating the plot points of our favorite books and games - or even gossipping over chai. So, if a day filled with building impactful solutions with a fun team sounds appealing to you, join us. About the Role As our Security Engineer III, your primary focus will be on enhancing the security of Meesho s products and services, with particular attention to vulnerability assessment, patch management, purple teaming, incident detection and response in cloud environments. Leveraging your expertise in infrastructure security, you will conduct thorough security assessments across cloud environments and assist in mitigating the identified misconfigurations or vulnerabilities in our systems. Clear communication of complex security threats and solutions to stakeholders will be essential in driving security improvements. Your dedication to excellence will ensure the robust protection of Meeshos assets and the successful delivery of projects with heightened security measures. What you will do Conduct security assessments and assist in mitigating the identified misconfigurations or vulnerabilities in the systems. Own and manage security tools like CNAPP, SIEM. Reduce false-positives, correctly prioritize the flagged issues and mitigate them. Review access controls across cloud environments, mitigate security risks and follow the principle of least privilege. Ensure cloud environments comply with ISO-27001:2022, CIS benchmarks and industry standards. Perform attack simulation, log analysis, incident detection and response, and create custom detection rules. Enhance security aspects of CI/CD pipeline, WAF, OS, container technologies. Take new initiatives to enhance the infrastructure security posture of Meesho. What you will need Bachelor s or Master s degree in Computer Science, Information Security, or related field. Minimum 5-7 years of experience in cybersecurity roles, with a focus on infrastructure/cloud security. Experience with GCP (preferred) or other CSPs. Experience with Docker, Kubernetes and OS security hardening aspects. Experience with 0-day vulnerability response and deploying security patches. Experience with WAF (Akamai, Cloudflare).Experience with managing security tools like CNAPP, SIEM. Hands-on experience planning and executing red team exercises, including attack simulation, reconnaissance and post-exploitation activities. Understanding of ISO-27001:2022, CIS benchmarks. Experience with performing IAM/access control review and following the principle of least privilege. Familiarity with CI/CD tools, security automation processes, and tools integration. Strong scripting skills to automate security tasks. Experience with Terraform, Jenkins, ArgoCD. CTFs, Bug Bounties, CVEs will be a big plus. Strong analytical and problem-solving abilities. Exceptional communication skills for effective cross-functional collaboration. About us Welcome to Meesho, where every story begins with a spark of inspiration and a dash of entrepreneurial spirit. Were not just a platform; were your partner in turning dreams into realities. Our Mission Democratising internet commerce for everyone- Meesho (Meri shop) started with a single idea in mind -to be an e-commerce destination for the next billion Indian consumers and enable 100 million small businesses to succeed online. We provide sellers with a range of industry-first benefits such as zero commission and the lowest shipping cost. Over 1.75 million sellers are registered on Meesho, growing their business by tapping the company s massive customer base, state-of-the-art tech infrastructure, pan-India logistics at the lowest cost through third-party logistics providers in an Everyday Lowest Cost channel for sellers. Affordable, relatable merchandise mirroring local markets has helped us make inroads with first-time internet users in the country. We cater to an underserved and unique customer base and cover every serviceable pincode in the country. Our unique business model and continuous innovation has enabled us to become the first Indian horizontal E-commerce company. Culture and Total Rewards Our focus is on cultivating a dynamic workplace characterized by high impact and performance excellence. We prioritize a people-centric culture, dedicated to hiring and developing exceptional talent. Total rewards at Meesho comprises of a comprehensive set of elements - monetary, non monetary, tangible and intangible in nature. Our 11 guiding principles, or " Mantras ," are the backbone of how we operate - influencing everything from recognition and evaluation to growth discussions. Daily rituals processes like Reflections , Listen or Die , Internal Mobility Program, Talent Reviews, Continuous Performance Management - all embody these principles. We provide market leading compensation - both cash and equity-based - specific to job roles, individual experience and skill along with our employee centric benefits and work environment. We focus extensively on holistic wellness - through our MeeCare Program - encompassing benefits and policies across physical, mental, financial, and social wellness aspects. This includes extensive medical insurance benefits for employees and their families, wellness initiatives like telehealth, wellness events, and gym recreational discounts etc. To support work-life balance, we provide generous leave policies, parental support benefits, retirement benefits, and learning and development assistance. Through gratitude for stretched work, personalized gifts, engagement fun at work - we promote employee delight at the workplace. Many other benefits such as salary advance support, relocation assistance, and flexible benefits plans further enrich the Meesho employee experience. Know more about Meesho here : https://www.meesho.io/

Min 4 years of experience in SOC, Edu: Engineer (BE/B.Tech)/MCA/ M.Tech/M. E. / PhD(Computers / IT / Electronics)Certifications Must: CEH/CCNA/CCNA Security SOC Analyst - L2 | Incident Validation, Incident Analysis, Solution Recommendation, Resolve Escalations, VA Tool admin, Maintain Knowledge base, Escalation point for device issue resolution, Patch implementation, Rule base Management, General SOC Administration, Optimization, Scaling, Patching, Rules, Policy, Configurations, Data Retrieval and additional queries as required by the bank. Scheduling/Performing VA Scans, Submission Scan reports, Rectification, Resolve user queries. MITRE Framework. Qualifications: Academics: Engineer (BE/B.Tech)/MCA/ M. Tech/M. E./PhD (Computers/IT/Electronics) Certifications Must: CEH/CCNA / CCNA Security and Any SIEM Technical certification Tool Knowledge: SIEM(RSA Netwitness) , WAF, PAM ANTI-APT, NBAD, Deception (Minimum experience in 2plus tools . Experience: Minimum of 3 years of experience in cybersecurity and SOC Proficient in Incident Management and Response In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc. Responsible for working in a 24x7 Security Operations Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices Provide threat and vulnerability analysis as well as security advisory services Knowledge of various tools such as SIEM, SSL, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Remedy, ServiceNow Ticketing Toolset, Web Security, AV, UBEA, and Advanced SOC Required administration skills in SIEM and other security solutions Creation of rules and dashboards in the SIEM platform Tuning of detections based on SOC input and detection noise SIEM upgrades, patches, onboarding of log sources, etc. Onboarding of sites in WAF and analysis of packets and logs to identify attack patterns and network issues Must have work experience in user onboarding in PAM, troubleshooting access-related issues, and performing DC/DR drills Experience in handling sandbox environments and analyzing phishing emails and malicious files Correlation of MITRE ATTCK Framework and Cyber Kill Chain, and performing manual threat hunting

Implement vulnerability response module in ServiceNow 3-7 years of relevant ServiceNow Development experience. Have implemented and Developed SecOps Vulnerability Response Application / Now Assist. In-depth understanding of the ITIL framework Experience Enterprise Operational Tools/Processes (Incident management Problem, Change management, Knowledge management etc). Experience working with Business Rules, Client Scripts, UI pages, UI Actions, Script Includes, ACL, UI Script and other major components of ServiceNow Development, which also includes devel-opment of Scoped Application in ServiceNow Platform. Proficient in Java script and hands on technical expertise in ServiceNow Integration with 3rd Party applications. Experience of Test Driven development with knowledge of ServiceNow Automated Testing Framework. Strong Technical background in building scalable, complex solutions in ServiceNow. Secops, Service Now, Vulnerability

Your Impact OR Responsibilities: Combine your technical expertise and problem-solving passion to work closely with clients, turning complex ideas into end-to-end solutions that transform our clients business. Lead and support the implementation of Engineering side of Digital Business Transformations with cloud, multi-cloud, security, observability and DevOps as technology enablers. Responsible for Building Immutable Infrastructure & maintain highly scalable, secure, and reliable cloud infrastructure, which is optimized for performance cost, and compliant with security standards to prevent security breaches. Enable our customers to accelerate their software development lifecycle and reduce the time-to-market for their products or services. Qualifications 4 to 6 years of experience in Cloud & DevOps with Full time Bachelor s /Master s degree (Science or Engineering preferred) Expertise in at-least one Cloud: GCP (Compute, IAM, VPC, Storage, Serverless, Database, Kubernetes, Pub-Sub, Operations Suit) Azure (Virtual Machines, Azure Active Directory, Virtual Network, Blob Storage, Functions, Database, Azure Service Bus, Azure Monitor) AWS (EC2, IAM, VPC, S3, Lambda, RDS, SNS, Cloud Watch) Configuration and monitoring DNS, APP Servers, Load Balancer, Firewall for high volume traffic Extensive experience in designing, implementing, and maintaining infrastructure as code using preferably Terraform or Cloud Formation/ARM Templates/Deployment Manager/Pulumi Experience Managing Container Infrastructure (On Prem & Managed e. g. , AWS ECS, EKS, or GKE) Design, implement and Upgrade container infrastructure e. g. , K8S Cluster & Node Pools Create and maintain deployment manifest files for microservices using HELM Utilize service mesh Istio to create gateways, virtual services, traffic routing and fault injection Troubleshoot and resolve container infrastructure & deployment issues. Continues Integration & Continues Deployment Develop and maintain CI/CD pipelines for software delivery using Git and tools such as Jenkins, GitLab, CircleCI, Bamboo and Travis CI Automate build, test, and deployment processes to ensure efficient release cycles and enforce software development best practices e. g. , Quality Gates, Vulnerability Scans etc. Automate Build & Deployment process using Groovy, GO, Python, Shell, PowerShell Implement DevSecOps practices and tools to integrate security into the software development and deployment lifecycle. Manage artifact repositories such as Nexus and JFrog Artifactory for version control and release management. Design, implement, and maintain observability, monitoring, logging and alerting using below tools Observability: Jaeger, Kiali, CloudTrail, Open Telemetry, Dynatrace Logging: Elastic Stack (Elasticsearch, Logstash, Kibana), Fluentd, Splunk Monitoring: Prometheus, Grafana, Datadog, New Relic Good to Have: Associate Level Public Cloud Certifications Terraform Associate Level Certification Additional Information Gender-Neutral Policy 18 paid holidays throughout the year Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of next, our 20, 000+ people in 53 offices around the world combine experience across truly value.

Your Impact OR Responsibilities: Combine your technical expertise and problem-solving passion to work closely with clients, turning complex ideas into end-to-end solutions that transform our clients business. Lead and support the implementation of Engineering side of Digital Business Transformations with cloud, multi-cloud, security, observability and DevOps as technology enablers. Responsible for Building Immutable Infrastructure & maintain highly scalable, secure, and reliable cloud infrastructure, which is optimized for performance cost, and compliant with security standards to prevent security breaches. Enable our customers to accelerate their software development lifecycle and reduce the time-to-market for their products or services. Qualifications 4 to 6 years of experience in Cloud & DevOps with Full time Bachelor s /Master s degree (Science or Engineering preferred) Expertise in at-least one Cloud: GCP (Compute, IAM, VPC, Storage, Serverless, Database, Kubernetes, Pub-Sub, Operations Suit) Azure (Virtual Machines, Azure Active Directory, Virtual Network, Blob Storage, Functions, Database, Azure Service Bus, Azure Monitor) AWS (EC2, IAM, VPC, S3, Lambda, RDS, SNS, Cloud Watch) Configuration and monitoring DNS, APP Servers, Load Balancer, Firewall for high volume traffic Extensive experience in designing, implementing, and maintaining infrastructure as code using preferably Terraform or Cloud Formation/ARM Templates/Deployment Manager/Pulumi Experience Managing Container Infrastructure (On Prem & Managed e. g. , AWS ECS, EKS, or GKE) Design, implement and Upgrade container infrastructure e. g. , K8S Cluster & Node Pools Create and maintain deployment manifest files for microservices using HELM Utilize service mesh Istio to create gateways, virtual services, traffic routing and fault injection Troubleshoot and resolve container infrastructure & deployment issues. Continues Integration & Continues Deployment Develop and maintain CI/CD pipelines for software delivery using Git and tools such as Jenkins, GitLab, CircleCI, Bamboo and Travis CI Automate build, test, and deployment processes to ensure efficient release cycles and enforce software development best practices e. g. , Quality Gates, Vulnerability Scans etc. Automate Build & Deployment process using Groovy, GO, Python, Shell, PowerShell Implement DevSecOps practices and tools to integrate security into the software development and deployment lifecycle. Manage artifact repositories such as Nexus and JFrog Artifactory for version control and release management. Design, implement, and maintain observability, monitoring, logging and alerting using below tools Observability: Jaeger, Kiali, CloudTrail, Open Telemetry, Dynatrace Logging: Elastic Stack (Elasticsearch, Logstash, Kibana), Fluentd, Splunk Monitoring: Prometheus, Grafana, Datadog, New Relic Good to Have: Associate Level Public Cloud Certifications Terraform Associate Level Certification Additional Information Gender-Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well-being. Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of next, our 20, 000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients businesses through designing the products and services their customers truly value.

Your Impact OR Responsibilities: Combine your technical expertise and problem-solving passion to work closely with clients, turning complex ideas into end-to-end solutions that transform our clients business. Lead and support the implementation of Engineering side of Digital Business Transformations with cloud, multi-cloud, security, observability and DevOps as technology enablers. Responsible for Building Immutable Infrastructure & maintain highly scalable, secure, and reliable cloud infrastructure, which is optimized for performance cost, and compliant with security standards to prevent security breaches Enable our customers to accelerate their software development lifecycle and reduce the time-to-market for their products or services. Qualifications Your Skills & Experience: 4 to 12 years of experience in Cloud & DevOps with Full time Bachelor s /Master s degree (Science or Engineering preferred) Expertise in below DevOps & Cloud tools: Expertise in at-least one Cloud Must Have GCP (Compute, IAM, VPC, Storage, Serverless, Database, Kubernetes, Pub-Sub, Operations Suit) Azure (Virtual Machines, Azure Active Directory, Virtual Network, Blob Storage, Functions, Database, Azure Service Bus, Azure Monitor) AWS (EC2, IAM, VPC, S3, Lambda, RDS, SNS, Cloud Watch) Configuration and monitoring DNS, APP Servers, Load Balancer, Firewall for high volume traffic Extensive experience in designing, implementing, and maintaining infrastructure as code using preferably Terraform or Cloud Formation/ARM Templates/Deployment Manager/Pulumi Experience Managing Container Infrastructure (On Prem & Managed e. g. , AWS ECS, EKS, or GKE) Design, implement and Upgrade container infrastructure e. g. , K8S Cluster & Node Pools Create and maintain deployment manifest files for microservices using HELM Utilize service mesh Istio to create gateways, virtual services, traffic routing and fault injection Troubleshoot and resolve container infrastructure & deployment issues Continues Integration & Continues Deploymen t Develop and maintain CI/CD pipelines for software delivery using Git and tools such as Jenkins, GitLab, CircleCI, Bamboo and Travis CI Automate build, test, and deployment processes to ensure efficient release cycles and enforce software development best practices e. g. , Quality Gates, Vulnerability Scans etc. Automate Build & Deployment process using Groovy, GO, Python, Shell, PowerShell Implement DevSecOps practices and tools to integrate security into the software development and deployment lifecycle. Manage artifact repositories such as Nexus and JFrog Artifactory for version control and release management. Design, implement, and maintain observability, monitoring, logging and alerting using below tools Observability: Jaeger, Kiali, CloudTrail, Open Telemetry, Dynatrace Logging: Elastic Stack (Elasticsearch, Logstash, Kibana), Fluentd, Splunk Monitoring: Prometheus, Grafana, Datadog, New Relic Good to Have: Associate Level Public Cloud Certifications Terraform Associate Level Certification Additional Information Benefits of Working Here: Gender-Neutral Policy 18 paid holidays throughout the year Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being Company Description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of next, our 20, 000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients businesses through designing the products and services their customers truly value.

What you get to do in this role: Design, develop, and maintain ServiceNow applications and workflows to enhance our Developer Experience platform Architect and implement innovative solutions to streamline Developer Experience processes and eliminate manual work Create and optimize ServiceNow integrations with existing tools and systems in our software delivery pipeline Conduct vulnerability assessments and implement security enhancements within the ServiceNow environment Perform root cause analysis on incidents, providing detailed documentation and actionable insights to development teams Develop and maintain comprehensive technical documentation for all custom ServiceNow implementations Proactively identify system inefficiencies and implement solutions to prevent recurring issues Collaborate with stakeholders across Engineering, Operations, Security, and Product teams to align ServiceNow capabilities with business requirements Be a mentor for colleagues and help promote knowledge-sharing To be successful in this role you have: Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AIs potential impact on the function or industry. Bachelors degree in Computer Science, Information Technology, or related field 8+ years of experience in technical engineering roles Strong proficiency in backend development using JavaScript Working knowledge of RESTful APIs, web services, and integration methodologies Experience with agile development methodologies and tools Strong problem-solving skills with the ability to adapt quickly to changing technical requirements Excellent communication skills with ability to translate technical concepts to non-technical stakeholders Preferred Qualifications Proven ServiceNow platform development expertise ServiceNow Certified System Administrator certification, with Developer certification preferred ServiceNow Certified Application Developer or Implementation Specialist certification Experience implementing and maintaining ServiceNow integrations with DevOps tools (Jenkins, GitHub, Jira) Proven track record of analyzing operational data to identify trends and implement process improvements Experience with additional programming languages such as Python Demonstrated experience implementing DevOps practices, CI/CD pipelines, and release management workflows FD21 Not sure if you meet every qualification? We still encourage you to apply! We value inclusivity, welcoming candidates from diverse backgrounds, including non-traditional paths. Unique experiences enrich our team, and the willingness to dream big makes you an exceptional candidate!

Job Description Bachelor s degree required. Deep familiarity with the OWASP Top 10 and other security concerns for web applications Deep Understanding of OWASP Application Security Verification Standards (ASVS) Deep understanding of SAST, DAST, SCA Scanning practices Experience in scanning leveraging Veracode, Appscan.or other enterprise tools. Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) and CWEs (Common Weakness Enumeration) as found by scanning tools. Understanding of SAST, DAST tools and dependency scanning tools Experience working/integrating with secret management systems. Advanced knowledge of front-end and back-end web application development in at least one technology stack (.NET, Java, PHP, Ruby/Rails, Angular, Node.js, etc.) Track record of staying current with trends, techniques, tools, and processes that drive improvement of security posture of applications. Strong documentation skills Excellent verbal and written communication skills, with proven technical writing abilities (English language proficiency required) Team-oriented thinking with demonstrated ability to produce high-quality work as part of a fast-paced, dynamic team. Proven ability to communicate, collaborate, and present effectively with teams and individuals in different disciplines or areas. Technical Skills: SAST, DAST, SCA Roles and Responsibility Perform SAST/SCA/DAST scans using industry vulnerability scanner SAST/SCA Veracode, using supplied compiled binary, configure scan platform to correct scan for both static code CWE s as well as SCA derived CVEs. Work will include coordination with app owner to ensure all branches of code are included in compiled binary file. DAST Work begins with crawling the target application to identify existing directory and file structure. Once identified, execute DAST scan using HCL product to identify dynamic issue only visible during code execution.

EMI/EMC Testing: - Conduct EMI/EMC radiation testing using the 3-meter semi-anechoic chamber. - Perform EMI/EMC immunity testing to assess the products resilience against external electromagnetic disturbances. - Familiarity with software tools such as EMC 32 or higher versions for data analysis and reporting. 2. Specific Tests: - Electrostatic Discharge Immunity Test (ESD): Evaluate the products resistance to electrostatic discharges. - Radiated Susceptibility Test Assess the products vulnerability to radiated electromagnetic fields. -Electrical Fast Transient (EFT)/Burst Immunity Test Evaluate the products immunity to sudden voltage transients. - Surge Immunity Test: Assess the products response to power surges. -Conducted RF Immunity Test: Evaluate the products immunity to conducted radio frequency interference. -Harmonics and Inter-Harmonics Immunity Test: Assess the impact of harmonic distortions on the product. - Voltage Fluctuation Immunity Test: Evaluate the products performance un

Company description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers.We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting and customer experience with agile engineering and problem-solving creativity.United by our core values and our purpose of helping people thrive in the brave pursuit of next, our 20,000+ people in 53 offices around the world combine experience across truly value. Overview Your Impact OR Responsibilities: Combine your technical expertise and problem-solving passion to work closely with clients, turning complex ideas into end-to-end solutions that transform our clients business. Lead and support the implementation of Engineering side of Digital Business Transformations with cloud, multi-cloud, security, observability and DevOps as technology enablers. Responsible for Building Immutable Infrastructure maintain highly scalable, secure, and reliable cloud infrastructure, which is optimized for performance cost, and compliant with security standards to prevent security breaches. Enable our customers to accelerate their software development lifecycle and reduce the time-to-market for their products or services. Qualifications 4 to 6 years of experience in Cloud DevOps with Full time Bachelor s /Master s degree (Science or Engineering preferred) Expertise in at-least one Cloud: GCP (Compute, IAM, VPC, Storage, Serverless, Database, Kubernetes, Pub-Sub, Operations Suit) Azure (Virtual Machines, Azure Active Directory, Virtual Network, Blob Storage, Functions, Database, Azure Service Bus, Azure Monitor) AWS (EC2, IAM, VPC, S3, Lambda, RDS, SNS, Cloud Watch) Configuration and monitoring DNS, APP Servers, Load Balancer, Firewall for high volume traffic Extensive experience in designing, implementing, and maintaining infrastructure as code using preferably Terraform or Cloud Formation/ARM Templates/Deployment Manager/Pulumi Experience Managing Container Infrastructure (On Prem Managed e.g., AWS ECS, EKS, or GKE) Design, implement and Upgrade container infrastructure e.g., K8S Cluster Node Pools Create and maintain deployment manifest files for microservices using HELM Utilize service mesh Istio to create gateways, virtual services, traffic routing and fault injection Troubleshoot and resolve container infrastructure deployment issues. Continues Integration Continues Deployment Develop and maintain CI/CD pipelines for software delivery using Git and tools such as Jenkins, GitLab, CircleCI, Bamboo and Travis CI Automate build, test, and deployment processes to ensure efficient release cycles and enforce software development best practices e.g., Quality Gates, Vulnerability Scans etc. Automate Build Deployment process using Groovy, GO, Python, Shell, PowerShell Implement DevSecOps practices and tools to integrate security into the software development and deployment lifecycle. Manage artifact repositories such as Nexus and JFrog Artifactory for version control and release management. Design, implement, and maintain observability, monitoring, logging and alerting using below tools Observability: Jaeger, Kiali, CloudTrail, Open Telemetry, Dynatrace Logging: Elastic Stack (Elasticsearch, Logstash, Kibana), Fluentd, Splunk Monitoring: Prometheus, Grafana, Datadog, New Relic Good to Have: Associate Level Public Cloud Certifications Terraform Associate Level Certification Additional information Gender-Neutral Policy 18 paid holidays throughout the year Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being

Company description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients businesses through designing the products and services their customers truly value. Overview Your Impact OR Responsibilities: Combine your technical expertise and problem-solving passion to work closely with clients, turning complex ideas into end-to-end solutions that transform our clients business. Lead and support the implementation of Engineering side of Digital Business Transformations with cloud, multi-cloud, security, observability and DevOps as technology enablers. Responsible for Building Immutable Infrastructure maintain highly scalable, secure, and reliable cloud infrastructure, which is optimized for performance cost, and compliant with security standards to prevent security breaches. Enable our customers to accelerate their software development lifecycle and reduce the time-to-market for their products or services. Qualifications 4 to 6 years of experience in Cloud DevOps with Full time Bachelor s /Master s degree (Science or Engineering preferred) Expertise in at-least one Cloud: GCP (Compute, IAM, VPC, Storage, Serverless, Database, Kubernetes, Pub-Sub, Operations Suit) Azure (Virtual Machines, Azure Active Directory, Virtual Network, Blob Storage, Functions, Database, Azure Service Bus, Azure Monitor) AWS (EC2, IAM, VPC, S3, Lambda, RDS, SNS, Cloud Watch) Configuration and monitoring DNS, APP Servers, Load Balancer, Firewall for high volume traffic Extensive experience in designing, implementing, and maintaining infrastructure as code using preferably Terraform or Cloud Formation/ARM Templates/Deployment Manager/Pulumi Experience Managing Container Infrastructure (On Prem Managed e.g., AWS ECS, EKS, or GKE) Design, implement and Upgrade container infrastructure e.g., K8S Cluster Node Pools Create and maintain deployment manifest files for microservices using HELM Utilize service mesh Istio to create gateways, virtual services, traffic routing and fault injection Troubleshoot and resolve container infrastructure deployment issues. Continues Integration Continues Deployment Develop and maintain CI/CD pipelines for software delivery using Git and tools such as Jenkins, GitLab, CircleCI, Bamboo and Travis CI Automate build, test, and deployment processes to ensure efficient release cycles and enforce software development best practices e.g., Quality Gates, Vulnerability Scans etc. Automate Build Deployment process using Groovy, GO, Python, Shell, PowerShell Implement DevSecOps practices and tools to integrate security into the software development and deployment lifecycle. Manage artifact repositories such as Nexus and JFrog Artifactory for version control and release management. Design, implement, and maintain observability, monitoring, logging and alerting using below tools Observability: Jaeger, Kiali, CloudTrail, Open Telemetry, Dynatrace Logging: Elastic Stack (Elasticsearch, Logstash, Kibana), Fluentd, Splunk Monitoring: Prometheus, Grafana, Datadog, New Relic Good to Have: Associate Level Public Cloud Certifications Terraform Associate Level Certification Additional information Gender-Neutral Policy 18 paid holidays throughout the year. Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well-being.

Company description Publicis Sapient is a digital transformation partner helping established organizations get to their future, digitally-enabled state, both in the way they work and the way they serve their customers. We help unlock value through a start-up mindset and modern methods, fusing strategy, consulting and customer experience with agile engineering and problem-solving creativity. United by our core values and our purpose of helping people thrive in the brave pursuit of next, our 20,000+ people in 53 offices around the world combine experience across technology, data sciences, consulting and customer obsession to accelerate our clients businesses through designing the products and services their customers truly value. Overview Your Impact OR Responsibilities: Combine your technical expertise and problem-solving passion to work closely with clients, turning complex ideas into end-to-end solutions that transform our clients business. Lead and support the implementation of Engineering side of Digital Business Transformations with cloud, multi-cloud, security, observability and DevOps as technology enablers. Responsible for Building Immutable Infrastructure maintain highly scalable, secure, and reliable cloud infrastructure, which is optimized for performance cost, and compliant with security standards to prevent security breaches Enable our customers to accelerate their software development lifecycle and reduce the time-to-market for their products or services. Qualifications Your Skills Experience: 4 to 12 years of experience in Cloud DevOps with Full time Bachelor s /Master s degree (Science or Engineering preferred) Expertise in below DevOps Cloud tools: Expertise in at-least one Cloud Must Have GCP (Compute, IAM, VPC, Storage, Serverless, Database, Kubernetes, Pub-Sub, Operations Suit) Azure (Virtual Machines, Azure Active Directory, Virtual Network, Blob Storage, Functions, Database, Azure Service Bus, Azure Monitor) AWS (EC2, IAM, VPC, S3, Lambda, RDS, SNS, Cloud Watch) Configuration and monitoring DNS, APP Servers, Load Balancer, Firewall for high volume traffic Extensive experience in designing, implementing, and maintaining infrastructure as code using preferably Terraform or Cloud Formation/ARM Templates/Deployment Manager/Pulumi Experience Managing Container Infrastructure (On Prem Managed e.g., AWS ECS, EKS, or GKE) Design, implement and Upgrade container infrastructure e.g., K8S Cluster Node Pools Create and maintain deployment manifest files for microservices using HELM Utilize service mesh Istio to create gateways, virtual services, traffic routing and fault injection Troubleshoot and resolve container infrastructure deployment issues Continues Integration Continues Deployment Develop and maintain CI/CD pipelines for software delivery using Git and tools such as Jenkins, GitLab, CircleCI, Bamboo and Travis CI Automate build, test, and deployment processes to ensure efficient release cycles and enforce software development best practices e.g., Quality Gates, Vulnerability Scans etc. Automate Build Deployment process using Groovy, GO, Python, Shell, PowerShell Implement DevSecOps practices and tools to integrate security into the software development and deployment lifecycle. Manage artifact repositories such as Nexus and JFrog Artifactory for version control and release management. Design, implement, and maintain observability, monitoring, logging and alerting using below tools Observability: Jaeger, Kiali, CloudTrail, Open Telemetry, Dynatrace Logging: Elastic Stack (Elasticsearch, Logstash, Kibana), Fluentd, Splunk Monitoring: Prometheus, Grafana, Datadog, New Relic Good to Have: Associate Level Public Cloud Certifications Terraform Associate Level Certification Additional information Benefits of Working Here: Gender-Neutral Policy 18 paid holidays throughout the year Generous parental leave and new parent transition program Flexible work arrangements Employee Assistance Programs to help you in wellness and well being

Qualifications: Graduate In IT(Minimum) Skills: Knowledge of tools: Nessus, Burp Suite, HCL Appscan, Qualys, OWASP ZAP, Wireshark, Nmap, Postman, Kali Linux Manual and Automated Web Mobile (iOS Android) Application Penetration Testing ( SAST and DAST ) as per OWASP guidelines or SANS guidelines API Security Assessment (REST/SOAP) Network Security Devices VAPT Host VAPT Knowledge of Web Application Development Concepts (HTML/JavaScript) Knowledge of Cryptographic standards - Encryption, Hashing, Digital certificate for all the applications and suggesting the best standards based of the purpose of the application. Knowledge of Configuring web applications for dynamic scanning using any of the authentication methods like Basic authentication, Forms authentication etc., role of cookies Token Understanding of threat modeling like using STRIDE and the ability to simulate attacks. Knowledge of encryption technologies, PKI, and identity and access management (IAM) solutions. Passion for cybersecurity and a hacker mindset with a commitment to ethical hacking. Ability to document findings clearly and provide actionable recommendations. (Nice to Have Skills) Red Teaming Concepts tools like Metasploit etc. VAPT in AWS Azure Cloud Environment Familiarity with SIEM (Security Information and Event Management) tools for log and event monitoring Certifications: (Optional but Preferred) Certified Ethical Hacker (CEH). Offensive Security Certified Professional (OSCP). Certified Information Systems Security Professional (CISSP). GIAC Penetration Tester (GPEN). CompTIA Security+. CREST Registered Penetration Tester Personal attributes: Excellent communication skills, both verbal and written. Training Presentation Skill Effectively articulate ideas, convey information. Establishing rapport, actively listen to customer needs and concerns, and demonstrate empathy. Address customer inquiries or issues promptly and professionally. Clear and concise communication is essential for understanding requirements expectations. Work Environment : Posting at Faridabad May have to travel Greater Noida/Chennai/Overseas Roles Responsibilities Main Tasks: Perform vulnerability assessments and penetration testing on network infrastructures, web applications, and systems to identify security gaps. Conduct both manual and automated testing to uncover potential weaknesses, including exploiting vulnerabilities to demonstrate impact. Work with development, operations, and security teams to remediate vulnerabilities and verify fixes. Monitor and assess the network, system, and web application security for possible threats. Create detailed reports on findings, including risk assessments and remediation guidance. Research and stay updated on emerging vulnerabilities, attack vectors, and new security tools/technologies. Assist in the development and improvement of internal security tools and processes. Conduct security audits and develop security assessments for compliance with industry standards and regulations. Collaborate with external teams and vendors when necessary for third-party penetration testing. Participate in incident response activities, analyzing security incidents and recommending corrective measures. Co-ordination with QAG (Quality Assurance Group) for IT process formation Security Auditing Other Tasks Identify potential risks or issues before they escalate Ability to stay updated with the latest security vulnerabilities and attack techniques. Embrace change, adapt quickly to shifting IT Security needs or conditions. Proactively seek new opportunities of improvements and Adjust IT Security strategies accordingly Stay updated on industry trends to implement relevant Security solutions Pay attention to details to ensure project requirements and deliverables are met accurately Work closely with diverse teams, stakeholders, and clients

As a Security Engineer II at JPMorgan Chase within the Cybersecurity & Tech Control team, you are part of an agile team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As an emerging member of the security engineering team, you execute basic software solutions through the design, development, and troubleshooting of multiple components within a technical area, while gaining skills and experience to grow within your role. Job responsibilities Executes standard security solutions in accordance with existing playbooks to satisfy security requirements for internal clients (eg, product, platform, and application owners) Writes secure and high-quality code using Java programming language with limited guidance Applies specialized tools (eg, vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize probability and impact of threats when determining specific vulnerabilities Supports delivery of continuity-related awareness, training, educational activities, and exercises Adds to team culture of diversity, equity, inclusion, and respect Required qualifications, capabilities, and skills Formal training or certification on software engineering concepts and 2+ years applied experience Hands-on experience in system design, application development, testing, and maintaining operational stability. Proficient in coding with Java using Spring Boot, with experience in a large corporate environment. Experience across the entire Software Development Life Cycle, including developing, debugging, and maintaining code with modern programming and database querying languages. Exposure to agile methodologies, such as CI/CD, application resiliency, and security. Emerging knowledge of software applications and technical processes within disciplines like cloud, artificial intelligence, machine learning Preferred qualifications, capabilities, and skills Familiarity with modern front-end technologies - React JS Exposure to cloud technologies - AWS

Job Title: Security Engineer - II Location: Bangalore (On-site; full-time) About Locus : At Locus , we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastog i and Geet Garg , Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform . Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers . Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: Key Responsibilities: Conduct comprehensive threat modeling for applications , cloud infrastructure, and overall systems architecture. Perform secure code reviews and security assessments for web, Android, and iOS applications, with a strong focus on cloud infrastructure security. Proactively identify and mitigate vulnerabilities across platforms , collaborating with development and DevOps teams to implement secure solutions. Automate and streamline security processes, aligning with the principle that Complexity is the enemy of Security. Oversee Vulnerability Management and Patch Management processes, ensuring timely remediation. Design and implement robust security measures and contribute to Red Team activities, including assessments of cloud, network, wireless, physical, and social engineering scenarios. Take ownership of assigned tasks and drive the continuous improvement of security practices across the organization. Assist in setting up and maintaining monitoring systems to identify and respond to potential incidents in real time. Develop custom tools, scripts, and scanners to address unique security challenges and automate repetitive tasks. Provide architectural guidance for securing cloud-based applications and DevOps pipelines. Continuously stay updated on emerging security technologies and techniques, sharing knowledge with the team. Qualifications: 3-5 yrs experienced Sr security engineer. Expertise in cloud security (AWS, Azure, or GCP) with a strong understanding of securing applications and infrastructure in cloud environments. Proficiency in DevOps and DevSecOps practices, including secure CI/CD pipeline integration and automation. Strong knowledge of OWASP and SANS testing methodologies for identifying and mitigating security vulnerabilities. Good understanding of software security weaknesses, architecture vulnerabilities, and mitigation strategies. Hands-on experience in threat modeling, vulnerability assessments, and penetration testing. Proficiency in any scripting language - Python. Experience in developing or customizing tools, scanners, or extenders for specific security needs. Ability to work independently and collaboratively within a team to solve complex security challenges. Experience in implementing security monitoring systems for early incident detection. Strong problem-solving skills and the ability to think creatively to simulate attack scenarios. Certification in security-related fields ( e.g., AWS Certified Security, CISSP, CEH, OSCP). Experience with container security and orchestration platforms like Kubernetes and Docker. Knowledge of Infrastructure as Code (IaC) tool s like Terraform or CloudFormation. Familiarity with modern DevOps tools (e.g., Jenkins, GitLab, Ansible). What We Offer Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

Lytx is seeking a highly skilled Sr DevSecOps Engineer to join our innovative team. In this role, you will be instrumental in designing, implementing, and maintaining our secure continuous integration and deployment pipelines, infrastructure, and tools. Youll act as a subject-matter expert on core AWS services and security best practices, collaborating closely with cross-functional teams to ensure AWS standard methodologies, infrastructure as code (IaC), and security optimizations are integrated early in the design process. Key Responsibilities Develop and implement secure systems and frameworks to strengthen our global IoT platform. Maintain and support solutions that empower engineering teams while maintaining robust security measures. Drive improvements in security, monitoring, and reliability of core and supporting systems. Required Qualifications Minimum 3 years hands-on experience as a devsecops engineer. AWS 1 of the following CSPM Wiz Prism Dome9 Orca Terraform CI/CD Proficiency (ability to demonstrate) in Python or Go Demonstrated experience with application security and SAST and DAST Experience with endpoint management tools Strong skills in managing Kubernetes and various container and cloud-native technologies securely. Proven experience in implementing security best practices, including identity and access management, encryption, and vulnerability assessments. In-depth knowledge of containerization technologies such as OpenShift, Kubernetes, and Docker, with a focus on security aspects. Ability to provide coaching, mentoring, and training on security practices for team members. Knowledge of secure Systems Administration/System Engineering with Microsoft Windows/Linux. Familiarity with networking concepts and their security implications, including routing, load balancing, DNS, content delivery, and domain trusts. Excellent documentation and interpersonal skills, with the ability to present technical and security content to management and engineering teams. Preferred: Experience with Github Actions & Advanced Security, ArgoCD AWS Certified Security - Specialty

Job Description We are looking for a talented React.js Developer to join our dynamic development team. The ideal candidate will be responsible for delivering high-quality React.js applications, adhering to best practices, and ensuring security compliance in the code. You will work in a fast-paced, agile environment, handle both internal and external requests, and contribute to knowledge sharing within the team. Key Responsibilities: Ensure timely and efficient delivery of tasks, maintaining a high standard of quality, Manage and prioritize work to meet project deadlines. Manage and handle requests from both internal teams and external stakeholders, ensuring clear communication and timely resolution of issues. Actively contribute to team knowledge sharing by documenting solutions, sharing best practices, and mentoring junior developers. Write and maintain unit tests to ensure the reliability, performance, and stability of React.js applications. Adapt to different projects, technologies, and client requirements quickly, ensuring smooth execution and transition between tasks and projects. Assist in project management tasks such as sprint planning, task estimation, and progress tracking using Agile methodologies and tools like Jira and Confluence. Follow security best practices in coding, perform regular vulnerability checks, and ensure that the application is secure and compliant with security standards. Skills and Qualifications: Proven experience with React.js and front-end technologies like HTML, CSS, and JavaScript Strong understanding of Agile development practices, including sprint cycles, Jira, and Confluence. Knowledge of security best practices for web applications and the ability to conduct vulnerability checks.

Job Description: Key Responsibilities, Deliverables / Outcomes As a Security Analyst specializing in Web Penetration Testing, you will assist in identifying vulnerabilities and assessing the security posture of web applications. You will work closely with senior team members to enhance your skills, perform web penetration testing, and contribute to delivering high-quality security assessments. Assist in performing web application penetration tests (both manual and automated) on internal and external web applications. Identify, exploit, and document web vulnerabilities (e.g., SQL injection, XSS, CSRF, etc.) under guidance. Conduct vulnerability assessments using automated web application testing tools like OWASP ZAP, Burp Suite, and other relevant tools. Analyze web application architectures and workflows to identify security risks. Document findings, security weaknesses, and suggested remediation steps in detailed reports. Collaborate with senior team members to refine findings and deliver professional-grade reports to clients. Utilize tools such as Burp Suite, OWASP ZAP, Nikto, and Nmap for web security testing. Ensure that testing tools and systems are kept up-to-date to ensure efficiency and coverage of emerging vulnerabilities. Stay updated with the latest web security threats, exploits, and penetration testing techniques. Participate in internal training sessions, contribute to team knowledge sharing, and expand your knowledge of web application security. Follow industry standards such as OWASP Top 10, PTES, and other relevant guidelines during assessments. Adhere to internal and client-specific security policies, ensuring compliance with industry best practices and security regulations. Key Skills Basic understanding of web application security concepts and common vulnerabilities. Familiarity with web penetration testing tools like Burp Suite, OWASP ZAP, Nikto, and others. Knowledge of common web application attack vectors (e.g., SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF)). Ability to analyze and identify vulnerabilities in web technologies (e.g., HTML, JavaScript, HTTP, APIs). Strong communication skills, including the ability to document findings clearly and concisely. Willingness to stay up-to-date with the latest trends in web security and penetration testing. Experience with basic web security testing or bug bounty programs. Knowledge of OWASP Top 10 vulnerabilities and web security best practices. Exposure to common web technologies like HTML, CSS, JavaScript, and web frameworks (e.g., React, Angular, Node.js). Familiarity with basic network security tools like Wireshark, Nmap, and others.

About ZenTrades: ZenTrades is a growing product startup with a strong foundation in the world of SaaS (Software as a Service) business solutions for Field Service Management software. Why should you join the ZenTrades Team This is an opportunity to be part of the blitz-scaling team thats shaping an industrys narrative. We are on a mission to revolutionize the Field Service Management domain boost their sales metrics, productivity, and efficiency by scoring on leadership opportunities that are otherwise lost in the field. At ZenTrades we foster a culture of openness and we arent a company where information and ideas exist in silos. Team members are empowered and encouraged to pursue out-of-the-box ideas, think for the organization, and make mistakes that will assist us to grow through which we create a difference in customers and our lives. We encourage our people to challenge the status quo. We value creativity, hard work, initiative, and radical ideas above all else. We value transparency, and vulnerability and love to work with people who are self-driven, resourceful, and want to create an impact. Most importantly its fun working with a group of people who are passionate about building a legacy. Every Leader within the team is hands-on and has inculcated the vision of being open to putting the best interest of the organization first. The Leader should inspire the team, be resourceful to ensure the team and the organization succeed, and be hands-on in bringing the best resources within the team and promoting talent. Position Overview - SDR manager We are seeking an experienced and results-driven Sales Development Representative (SDR) Manager to lead our dynamic team. The SDR Manager will play a pivotal role in driving ZenTrades growth by overseeing the development and execution of strategic sales initiatives. The successful candidate will be responsible for managing and mentoring a team of Sales Development Representatives while collaborating closely with other departments to achieve company objectives. We are seeking candidates with a credible attitude, who are humble, energetic, ambitious, and can thrive in a fast-paced ambiguous environment. Were looking for a high-energy focused, and success-driven person who is technically savvy and quick on the feet. Roles and Responsibilities: 1. Lead, mentor, and inspire a team of Sales Development Representatives to achieve and exceed targets. 2. Develop and implement effective sales strategies to generate qualified leads for the sales team. 3. Conduct regular training sessions to enhance the skills and performance of the SDR team. 4. Analyze performance metrics and implement improvements to optimize the lead generation process. 5. Collaborate with the marketing team to align lead-generation efforts with overall marketing objectives. 6. Utilize CRM software to track, analyze, and report on key performance indicators. 7. Foster a high-performance culture that values teamwork, continuous learning, and individual growth. 8. Stay informed about industry trends, competitor activities, and market developments to guide strategy. Eligibility and Requirements: 1. Bachelors/Masters degree in Business, Marketing, or a related field. 2. Proven experience (4 to 8 years) in managing and leading successful Sales Development Representative teams. 3. Demonstrated success in meeting and exceeding lead generation targets. 4. Strong understanding of SaaS and the blue-collar industries. 5. Excellent communication, leadership, and interpersonal skills. 6. Ability to thrive in a fast-paced, dynamic startup environment. 7. Proficiency in using CRM software (e.g., Hubspot) and other relevant tools. 8. Proven ability to analyze data and generate actionable insights. 9. Hands-on experience with prospecting and nurturing cold leads 10. Experienced at handling the SDR team within an organization 11. End to End-to-end sales experience. 12. Proven experience with SaaS Solutions (Preferred) What We Offer: 1. Competitive salary and performance-based incentives. 2. Opportunities for career advancement in a rapidly growing startup. 3. A collaborative and innovative work environment. 4. Health and wellness benefits. 5. Ongoing professional development opportunities. 6. If you are passionate about driving success in a high-growth startup environment and have a proven track record in SDR management, we invite you to apply. Join ZenTrades and be part of a team dedicated to transforming the way blue-collar industries operate in North America and Canada.

Senior Security Analyst - VAPT About the Role: We are seeking a highly skilled and experienced Senior VAPT Analyst to join our cybersecurity team. The Senior VAPT Analyst will be responsible for conducting comprehensive vulnerability assessments and penetration tests to identify and address security vulnerabilities in our clients systems, networks, and applications. Responsibilities: Conduct end-to-end vulnerability assessments and penetration tests on a variety of systems, networks, and applications. Utilize automated tools, manual testing techniques, and industry best practices to identify security vulnerabilities. Analyze assessment and testing results to provide actionable recommendations for remediation and risk mitigation. Collaborate with cross-functional teams to develop and implement effective security solutions. Stay up-to-date on the latest cybersecurity threats, vulnerabilities, and best practices. Provide mentorship and guidance to junior members of the cybersecurity team. Prepare comprehensive reports documenting assessment findings, recommendations, and remediation strategies. Communicate effectively with clients to convey assessment results and recommendations in a clear and concise manner. Qualifications: Bachelors degree in Computer Science, Information Technology, or a related field. Masters degree preferred. Minimum of 3 years of experience in cybersecurity, with a focus on vulnerability assessment and penetration testing. Industry certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or GIAC Certified Penetration Tester (GPEN) are highly desirable. Deep understanding of common network protocols, operating systems, and security technologies. Proficiency in using a variety of security tools and techniques, including vulnerability scanners, penetration testing frameworks, and packet analyzers. Strong analytical and problem-solving skills, with the ability to assess complex systems and identify security vulnerabilities. Excellent communication and interpersonal skills, with the ability to effectively interact with clients and team members. Experience working in a consulting or client-facing role is a plus. Benefits: Competitive salary and benefits package Opportunity to work in a fast-paced and dynamic environment Make a real impact on the security of our organization Continuous learning and development opportunities Additional Information: While regulatory compliances are derived from standards, a basic understanding of relevant regulations for your industry is preferred. A strong grasp of risk management principles and methodologies is highly beneficial. Location- Ahmedabad, Mumbai, Delhi (NCR)

Job Title: Senior Manager IT Location: Noida Experience: 8-12 Years About C2Treds C2Treds is an RBI-approved TReDS platform, part of C2FO the world s leading on-demand working capital platform. Our mission is clear: to empower every MSME in India with the working capital they need to thrive, driving long-term sustainability and economic growth. At C2Treds, a strategic initiative by C2FO, we are transforming the landscape for MSMEs in India by unlocking easier access to working capital. As India s only fintech platform offering both Early Pay and TReDS functionalities, we enable businesses to bypass receivables delays, enhance financial agility, and unleash their full growth potential. We understand that MSMEs are the backbone of India s economy, contributing to 30% of the country s jobs. Yet, these businesses often face significant barriers like restrictive debt cycles, high interest rates, and delayed payments that stifle their growth potential. That s where C2Treds comes in with over 50,000 MSMEs in C2FO s India network, we are dedicated to breaking down these financial barriers and providing a direct path to success. By joining C2Treds, you ll be part of an innovative, growth-driven company at the forefront of transforming MSME financial empowerment and shaping India s economic future. Job Summary: We are seeking an experienced IT Manager to lead our technology and infrastructure initiatives at our Noida office. The ideal candidate will have 8-12 years of IT management experience, overseeing IT operations, infrastructure, security, and strategy. This role will ensure the smooth functioning of all IT systems and collaborate across departments to align IT with business goals. Key Responsibilities: Ensure IT security, data protection, and risk management compliance with RBI guidelines. Maintain policies per RBI s Cyber Security Framework and conduct regular audits, including vulnerability assessments and penetration testing. Oversee IT infrastructure design, implementation, and maintenance, ensuring high availability and optimal server, network, and cloud performance. Lead cybersecurity efforts to prevent breaches, ransomware, and other threats. Implement DLP protocols and encryption per RBI s Personal Data Protection mandates. Establish IT governance frameworks aligned with RBI s Technology Risk Management Guidelines. Continuously update IT policies to meet regulatory and business needs. Ensure audit readiness for RBI inspections. Collaborate with auditors and prepare compliance reports for senior management and RBI. Secure IT operations across network, hardware, and software. Implement endpoint security, antivirus, and firewalls to mitigate cyber threats. Maintain IT asset records, ensuring timely maintenance, upgrades, and decommissioning. Keep Active Directory updated with secure user access controls. Qualifications Skills: Bachelor s or Master s degree in Information Technology, Computer Science, or a related field. 8-12 years of progressive IT experience. Strong expertise in IT infrastructure, networking, cloud services, and security protocols. Proven experience in managing IT projects and leading teams. Excellent problem-solving, decision-making, and leadership skills. Ability to manage multiple priorities and work under pressure. Certifications such as ITIL, PMP, or CISSP are a plus. Benefits At C2FO, we value our customers and team members the vital human capital that drives our customers success. Thats why we offer a comprehensive benefits package, flexible work options to support work/life balance, volunteer time off, and more. Learn more about our benefits here . Commitment to Diversity and Inclusion As an Equal Opportunity Employer, we not only value diversity and equality, but we also empower our team members to bring their authentic selves to work every day. Our goal is to create a workplace that reflects the communities we serve and our global, multicultural clients. We recognize the power of inclusion, emphasizing that each team member was chosen for their unique ability to contribute to the overall success of our mission. We do not discriminate based on race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment decisions are based on qualifications, merit, and business needs. #LI-PV

Job Title: Security Engineer - II Location: Bangalore (On-site; full-time) About Locus : At Locus , we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastog i and Geet Garg , Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform . Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers . Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: Key Responsibilities: Conduct comprehensive threat modeling for applications , cloud infrastructure, and overall systems architecture. Perform secure code reviews and security assessments for web, Android, and iOS applications, with a strong focus on cloud infrastructure security. Proactively identify and mitigate vulnerabilities across platforms , collaborating with development and DevOps teams to implement secure solutions. Automate and streamline security processes, aligning with the principle that Complexity is the enemy of Security. Oversee Vulnerability Management and Patch Management processes, ensuring timely remediation. Design and implement robust security measures and contribute to Red Team activities, including assessments of cloud, network, wireless, physical, and social engineering scenarios. Take ownership of assigned tasks and drive the continuous improvement of security practices across the organization. Assist in setting up and maintaining monitoring systems to identify and respond to potential incidents in real time. Develop custom tools, scripts, and scanners to address unique security challenges and automate repetitive tasks. Provide architectural guidance for securing cloud-based applications and DevOps pipelines. Continuously stay updated on emerging security technologies and techniques, sharing knowledge with the team. Qualifications: 3-5 yrs experienced Sr security engineer. Expertise in cloud security (AWS, Azure, or GCP) with a strong understanding of securing applications and infrastructure in cloud environments. Proficiency in DevOps and DevSecOps practices, including secure CI/CD pipeline integration and automation. Strong knowledge of OWASP and SANS testing methodologies for identifying and mitigating security vulnerabilities. Good understanding of software security weaknesses, architecture vulnerabilities, and mitigation strategies. Hands-on experience in threat modeling, vulnerability assessments, and penetration testing. Proficiency in any scripting language - Python. Experience in developing or customizing tools, scanners, or extenders for specific security needs. Ability to work independently and collaboratively within a team to solve complex security challenges. Experience in implementing security monitoring systems for early incident detection. Strong problem-solving skills and the ability to think creatively to simulate attack scenarios. Certification in security-related fields ( e.g., AWS Certified Security, CISSP, CEH, OSCP). Experience with container security and orchestration platforms like Kubernetes and Docker. Knowledge of Infrastructure as Code (IaC) tool s like Terraform or CloudFormation. Familiarity with modern DevOps tools (e.g., Jenkins, GitLab, Ansible). What We Offer Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.