384 Vulnerability Jobs - Page 11

Work Timings: 2:30-11:30PM Location: Bangalore In this role, you will be responsible for managing the procurement and vendor management teams and their day-to-day operations. The ideal candidate will be a go-getter known for consistently ensuring operational efficiency. The appropriate candidate will be a success driven self-starter, skilled at managing teams and working with cross functional groups to ensure the team objectives are met Primary Responsibilities: Manage the Vendor Management and Procurement team - build, train and manage performance goals Improve and execute purchasing policies and procedures that include vendor base management, purchasing cycle (requisitions, purchase orders), developing the appropriate audit and goods received process. Review Purchase Requisition forms and create Purchase Orders accordingly. Complete New Vendor Setups in compliance with policies Review purchase orders against purchasing guidelines; obtain legal contract review, check against finance budget, review confirm accounting coding. Approve or reject and issue purchase orders to vendors. Negotiate and complete contracts for goods and services utilizing established contracting policies and procedures Review vendors, assess vendor capabilities and prevent vendor duplication. Additionally ensure clean vendor data, deactivating vendors not being used. Manage and update process controls and ensure team alignment to the controls Collaborate with internal leadership in other functional areas, as it relates to their respective programs, to ensure alignment of activities, objectives, and expectations. Build and develop vendor relationships, managing effective partnerships with key suppliers to encourage superior service, obtain competitive pricing, and obtain quality products and/or services. Identify and implement process improvements throughout the department to increase efficiency and accuracy and decrease high risk areas. Lead and contribute to the Coupa implementation and stabilization efforts. Maintain purchasing documents and assure that they are properly completed with all terms and conditions of purchases being met. Assure department records are maintained and that purchases are followed up or expedited when required. Maintain purchase contracts database. Audit database system for accuracy on a continual basis preventing any vulnerability for fraud or excessive errors. Ensure compliance with local and foreign requirements. Lead low-dollar sourcing efforts within the team Interface with accounting on audit issues and system management to ensure proper controls are in place and operating as planned Qualifications Bachelor s Degree, preferably in accounting. 10 plus years in procurement and vendor management with 3 plus year of team management experience Exceptional work ethic and strong

At Arctic Wolf, were redefining the cybersecurity landscape. With our employee Pack members, spread out globally, committed to setting new industry standards. Our accomplishments speak for themselves, from our recognition in the Forbes Cloud 100 , CNBC Disruptor 50 , Fortune Future 50 , and Fortune Cyber 60 to winning the 2024 CRN Products of the Year award. We re proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and earning a Customers Choice distinction from Gartner Peer Insights . Our Aurora Platform also received CRN s Products of the Year award in the inaugural Security Operations Platform category. Join a company that s not only leading, but also shaping, the future of security operations. Our mission is simple: End Cyber Risk. We re looking for a Lead Developer to be part of making this/that happen. About the Role You ll be working as a Lead Developer on our Endpoint Agent team, responsible for delivering the endpoint software for macOS that helps solve the real-world security problems that IT professionals face. We develop the internal tools used by the security services team to keep our customers safe and informed. As a lead developer you will be working other developers and managers to deliver complex features for our macOS endpoint agent, You ll also mentor and coach other developers in your team participate in code reviews, design reviews and help maintain a culture of quality and ownership within the team. Some of your day-to-day responsibilities will be: Deliver endpoint features that will help keep our customers safe. Write clear well test code that meets our quality standards. Participate in on call rotations. Troubleshoot customer issues working alongside customer facing teams. Understand and work on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Exercise judgment in selecting methods, evaluating, adapting of complex techniques and evaluation criteria for obtaining results. We value a culture of sharing, so every team has the opportunity to share their work with the entire department during our regular RD Demos. Once a year we hold a department-wide Hackathon, teaming up across all RD teams over four days to collaborate and build cool ideas outside the normal project scope. While innovation is the focus, some of these ideas do make it into our products. About You You re an experienced software developer who has the ability to perform programming tasks and large engineering projects with independence and expertise. You demonstrate mastery over software development practices and easily develop reusable design patterns. You have worked closely in a global team of professionals with different cultures and backgrounds to form one unit with a strong sense of purpose. You will learn as you teach, making the whole more than the sum. Here are some of the core technologies we use and teach across our Applications teams. You should have experience in one or more of these, or similar technologies: Experience in Cybersecurity for at least 3 years Expert level understanding of MacOS Internals and debugging tools. Experience with debugging or solving complex system level issues by using debugging tools such as GDB/LLDB/XCODE is a plus. This role requires good understanding of macOS internals and you should be able to demonstrate your ability to deliver end to end solutions on M acOS based systems Experience with security analysis, threat modelling, and vulnerability assessments Knowledge of network protocols, TCP/IP, and related security protocols Ability to work independently and as part of a team Demonstrated capacity to clearly and concisely communicate about complex technical, architectural, and/or organizational problems and propose thorough iterative solutions Comfort working in an agile software development process C#, 8+ years working experience with m acOS Go/Rust or any system level programming experience Object-oriented programming skills with data-structures and algorithms Python/PyTest AWS Azure Git/GitHub/Bitbucket Jenkins/Bazel Docker In addition, you have proven leadership experience from previous projects, regardless of title held. You have the ability to perform programming tasks and large engineering projects with Independence and expertise. You will be responsible for guiding and mentoring other staff members and will occasionally lead technical projects. You have a high level of mastery over software development best practices and building reusable design patterns. You have a history of delivering successful projects, as well as some lessons learned from failures. Even if you haven t worked with all of our specific technologies, you bring a diverse knowledge base that you use to help the team solve complex technical problems. You ll receive all the security training you need during our onboarding process and through additional training on the job. At Arctic Wolf, we foster a collaborative and inclusive work environment that thrives on diversity of thought, background, and culture. This is reflected in our multiple awards, including Top Workplace USA (2021-2024), Best Places to Work - USA (2021-2024), Great Place to Work - Canada (2021-2024), Great Place to Work - UK (2024), and Kununu Top Company - Germany (2024). Our commitment to bold growth and shaping the future of security operations is matched by our dedication to customer satisfaction, with over 7,000 customers worldwide and more than 2,000 channel partners globally. As we continue to expand globally and enhance our technology, Arctic Wolf remains the most trusted name in the industry. Our Values Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that by protecting people s and organizations sensitive data and seeking to end cyber risk we get to work in an industry that is fundamental to the greater good. We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here . We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities. All wolves receive compelling compensation and benefits packages, including: Equity for all employees Flexible annual leave, paid holidays and volunteer days Training and career development programs Comprehensive private benefits plan including medical insurance for you and your family, life insurance (3x compensation), and personal accident insurance. Fertility support and paid parental leave Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com. Security Requirements Conducts duties and responsibilities in accordance with AW s Information Security policies, standards, processes, and controls to protect the confidentiality, integrity, and availability of AW business information assets. Must pass a criminal background check and an employment verification as a condition of employment.

Handling students virtually and training and developing skills to be job ready for cybersecurity space. -Provide cyber training at an intermediate level for software Engineering/Software development personnel. -Preparing Study materials for training students via a variety of training methods for improving training deliveries. -Handling student queries effectively and efficiently. -Maintain training related to MIS (attendance, feedback forms evaluation scores and certificate issued). -Conduct training sessions on cybersecurity fundamentals, ethical hacking, network security, malware analysis, and related topics. -Stay updated with the latest cybersecurity trends, threats, and best practices. -Conduct workshops and awareness sessions on cybersecurity Requirements -Bachelor\u2019s/Master\u2019s degree in Cyber Security, Information Technology, Computer Science, or a related field. -Strong understanding of cybersecurity principles, network security, ethical hacking, firewalls, and intrusion detection systems. -Hands-on experience with security tools, penetration testing, and vulnerability assessments. -Good communication, presentation, and training skills. -Prior experience in training, mentoring, or teaching is an added advantage.

Handling students virtually and training and developing skills to be job ready for cybersecurity space. -Provide cyber training at an intermediate level for software Engineering/Software development personnel. -Preparing Study materials for training students via a variety of training methods for improving training deliveries. -Handling student queries effectively and efficiently. -Maintain training related to MIS (attendance, feedback forms evaluation scores and certificate issued). -Conduct training sessions on cybersecurity fundamentals, ethical hacking, network security, malware analysis, and related topics. -Stay updated with the latest cybersecurity trends, threats, and best practices. -Conduct workshops and awareness sessions on cybersecurity Requirements -Bachelor\u2019s/Master\u2019s degree in Cyber Security, Information Technology, Computer Science, or a related field. -Strong understanding of cybersecurity principles, network security, ethical hacking, firewalls, and intrusion detection systems. -Hands-on experience with security tools, penetration testing, and vulnerability assessments. -Good communication, presentation, and training skills. -Prior experience in training, mentoring, or teaching is an added advantage.

IT Operations Engineer - Security Chennai, Tamil Nadu, India Apply now Share Company Overview At Zuora, we do Modern Business . We re helping people subscribe to new ways of doing business that are better for people, companies and ultimately the planet. It s an approach resulting from the shift to the Subscription Economy that puts customers first by building recurring relationships instead of one-time product sales and focuses on sustainable growth. Through our leading expertise and multi-product suite, we are transforming all industries and working with the world s most innovative companies to monetize new business models, nurture subscriber relationships and optimize their digital experiences. The Team & Role The IT Security Operations team at Zuora is responsible for safeguarding digital assets, defending against cyber threats, and maintaining the confidentiality, integrity, and availability of information systems. The team implements a comprehensive framework of policies, technologies, and procedures to identify, assess, and mitigate security risks across Z s infrastructure, networks, applications, and endpoints. Role: Monitor, Detect and Respond to alerts generated by security controls as part of IT Security operations team Security Incident Response, Containment and Remediation handling. Analyze, document and report on potential security incidents and perform Threat Hunting for business critical environments Collaborating with cross-functional teams to address and resolve vulnerabilities detected within the environment. This is a hybrid position, so you ll work both remotely and in the office. Whenever it is required the engineer should be working from the office Our Tech Stack: Rapid7, Zscaler, CrowdStrike, AWS , WIZ, GCP, HP Aruba, Palo Alto, What you ll do Evaluate, implement, and configure security tools and platforms (e.g., SIEM, EDR, NDR, SOAR) to enhance detection, monitoring, and response capabilities. Familiarity with cloud security (AWS, Azure, GCP), endpoint protection, and network security best practices. Design and implement robust detection and response strategies to identify and mitigate cyber threats. Conduct threat hunting activities and provide recommendations for improving detection capabilities. Deploy and integrate security tools and frameworks into the existing environment. Conduct security assessments, gap analyses, and vulnerability assessments to identify security risks and recommend solutions. Design and implement automation solutions for security operations, incident response, and monitoring processes (e.g., using SOAR tools or custom scripts). Create playbooks, automated workflows, and integration strategies to reduce response time and increase operational efficiency. Provide expert guidance and hands-on support for security incident response efforts, from detection to containment and recovery. Your experience 2-6 years of security experience, specifically on SIEM/ SOC operations. Strong understanding of Network Security, System Security, Web application security, End-point Security including hands-on exploitation skills coupled with defensive skills. Familiarity with infrastructure and systems security domains and automation. Ability to explain complex security issues and their impact to diverse audiences. Be a fast learner and have experience partnering with cross-functional teams. Strong communication and interpersonal skills, with the ability to explain complex technical concepts to nontechnical stakeholders. BA/BSc in Computer Science or similar technical degree or equivalent experience Nice to haves: Industry certifications such as Certified SOC Analyst (CSA), CISM,CISSP or similar are preferred. Additional certifications in security automation (e.g., SOAR tools) or specific technologies like Rapid7, Zscaler, CrowdStrike, Palo Alto are a plus. #ZEOLife at Zuora As an industry pioneer, our work is constantly evolving and challenging us in new ways that require us to think differently, iterate often and learn constantly it s exciting. Our people, whom we refer to as ZEOs are empowered to take on a mindset of ownership and make a bigger impact here. Our teams collaborate deeply, exchange different ideas openly and together we re making what s next possible for our customers, community and the world. As part of our commitment to building an inclusive, high-performance culture where ZEOs feel inspired, connected and valued, we support ZEOs with: Competitive compensation, variable bonus and performance reward opportunities, and retirement programs Medical, dental and vision insurance Generous, flexible time off Paid holidays, wellness days and company wide end of year break 6 months fully paid parental leave Learning & Development stipend Opportunities to volunteer and give back, including charitable donation match Free resources and support for your mental wellbeing Specific benefits offerings may vary by country and can be viewed in more detail during your interview process. Location & Work Arrangements Organizations and teams at Zuora are empowered to design efficient and flexible ways of working, being intentional about scheduling, communication, and collaboration strategies that help us achieve our best results. In our dynamic, globally distributed company, this means balancing flexibility and responsibility flexibility to live our lives to the fullest, and responsibility to each other, to our customers, and to our shareholders. For most roles, we offer the flexibility to work both remotely and at Zuora offices. Our Commitment to an Inclusive Workplace Think, be and do you! At Zuora, different perspectives, experiences and contributions matter. Everyone counts. Zuora is proud to be an Equal Opportunity Employer committed to creating an inclusive environment for all. Zuora does not discriminate on the basis of, and considers individuals seeking employment with Zuora without regards to, race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance(at)zuora.com. Apply now Let s do this. You re unique and we re on a journey so let s embark on a unique journey together. We encourage you to apply to all roles that utilize your skills and ignite the passion within you. No matter where you re located, or which team you work on, you ll be part of a group of people working together to build a better world: The World Subscribed. Go ahead and apply! Internal Job Opportunities Are you a current ZEO looking to take on new challenges? If so, check out our internal job openings on our internal job board .

About Evernorth: Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we don t just care about your well-being, we care about your career health too. That s why, when you work with us, you can count on a different kind of career - you ll make a difference, learn a ton, and share in changing the way people think about healthcare. Job Description Summary: The Information Protection Senior Analyst is responsible for providing general technical, operational and risk management support to Cignas Information Protection (CIP) Middle East and Africa (MEA) team. This role will support in enforcing standard information protection controls through infrastructure, application and third-party security assessments. Work with the Cigna Information Protection team as required to support vulnerability assessments, assisting with penetration tests, tracking and remediation of findings. This role will work closely with the CIP MEA team to identify, evaluate, and remediate potential weaknesses in Cigna s systems, using both manual and automated methods. In addition, this role will support the dashboard reporting, coordination of incident responses, risk assessments and other CIP led initiatives. Responsibilities: Perform regular risk activity reporting on Key Risk Indicators (KRI) and Key Performance Indicators (KPI) Perform issue tracking and resolution with local security teams Work with CIP MEA team and key stakeholders to managing security incidents relevant to the MEA region Work with individual local security teams assigned to ensure security controls applied are compliant to CIP policies and standards Assist in the review and approval of application/infrastructure changes in terms of security Assist in the creation of comprehensive and accurate security reports with recommendations for appropriate remediation and communicate risk findings with development and infrastructure teams. Assist in the review and development of local CIP policies , standards and guidelines Assist in the conduct of regulatory and internal audits as required Assist CIP and IT teams to implement standard security solutions and capabilities that are aligned with business, technology and threat drivers Maintain strong working relationships with individuals and groups involved in managing information risks across the organization Stay abreast of current and emerging security threats and security architectures to mitigate the threats Skills required: Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment. Demonstrated ability to identify cyber security risks and develop treatment plans working with key stakeholders Coordinate with people and teams to forecast activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Knowledge of Windows and *nix-based operating systems. Understanding of core Internet protocols (e.g. TCP, UDP, DNS, HTTP, TLS, IPsec) and the OSI model. Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.). Understanding of Cloud environments such as SaaS, PaaS and IaaS. Understanding of OWASP. Knowledge of networking fundamentals and common attacks. Ability to analyze vulnerabilities and misconfigurations, appropriately characterize threats, and provide remediation recommendations. Qualifications: High School diploma; Bachelors degree preferred. Qualified candidates will typically have 3 to 5+ years of professional IT experience work experience 4 years or more of security operations or security governance, risk and compliance experience. CISSP, CRISC or similar certifications desired Passionate about security and finding new ways to protect systems as well as break them Strong analytical and problem solving skills, with the ability to think outside the box . Ability to work in a flexible environment where requirements and procedures continuously evolve. Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences. About Evernorth Health Services

Techgen Cyber Solution Pvt. Ltd. is offering an exciting Cybersecurity Internship for aspiring professionals eager to gain hands-on experience in the world of ethical hacking, system hardening, and threat analysis. This internship is ideal for students or recent graduates looking to kickstart their career in cybersecurity under the mentorship of industry experts. Key Responsibilities Assist in conducting vulnerability assessments and penetration testing. Monitor and report suspicious network activity under supervision. Support in securing web applications, APIs, and backend infrastructure. Research and stay updated with the latest cyber threats and tools. Help draft basic security reports and recommendations. Learn and follow company protocols for threat detection and response. Requirements Basic knowledge of cybersecurity principles and concepts. Understanding of networks, firewalls, and operating systems (Windows/Linux). Familiarity with tools like Wireshark, Burp Suite, Nmap, or Kali Linux. Awareness of OWASP Top 10 vulnerabilities. Strong willingness to learn and adapt quickly. Preferred Qualifications Pursuing or recently completed a degree in Cybersecurity, IT, or related field. Certifications like CEH, CompTIA Security+, or any online course completion is a plus. Good communication skills and ability to document findings clearly. Job Category: Cyber Security Job Type: Internship Job Location: Hybrid Kolkata Apply for this position Allowed Type(s): .pdf, .doc, .docx By using this form you agree with the storage and handling of your data by this website. *

Management Level G Role Summary As a Threat Intelligence Analyst you will play a key role in helping to protect EQ against external and internal threat actors. You will consume and evaluate threat intelligence to understand the evolving threat landscape, adversarial tactics, techniques, and procedures (TTPs), and areas of concern that could potentially impact our environment. Based on this analysis you will create actionable threat intelligence reports and subsequently collaborate with internal stakeholders to ensure EQ is best placed to prevent and detect any threats that are realised within the EQ environment. Core Duties/Responsibilities You will be required to undertake the following specific activities: Proactively monitor and analyse the cyber threat landscape to assess risk and applicability to EQ . Analysis of emerging adversarial tactics, techniques, and procedures (TTPs) and their likelihood and impact to EQ. Production of strategic, tactical and operational Threat Reports/Vulnerability Assessments detailing identified threats and vulnerabilities, the potential impact on EQ. Provide actionable insight to enable Equiniti to deploy appropriate countermeasures against vulnerabilities and threats to EQ. Collaborate with internal teams, including security operations, incident response, and IT, to assess and prioritise security risks and vulnerabilities. Aid in strengthening EQs incident response capabilities by providing timely and accurate information to facilitate rapid response and recovery in the event of a security incident. Providing actionable insights and recommendations to senior EQ management to support strategic decision-making processes related to cybersecurity investments and resource allocations. Perform deep dive analysis of malicious artefacts / IOC s using recognized TI programmes, and the MITRE ATT&CK TI Framework. Carry out Threat Hunting across the EQ environment using IOCs gathered during threat assessment and analysis. Develop and maintain threat intelligence processes, procedures, and tools to enhance our organizations cybersecurity capabilities. Manage brand protection activities and initiatives, including the management of takedown requests. Skills, Knowledge & Experience The key skills and experience required for this role can be summarised as follows. Experience of having worked in cyber threat intelligence within a global organisation - ideally within Financial Services. Demonstrable knowledge of the Cyber Kill Chain and MITRE ATT&CK Framework. Excellent knowledge and technical understanding of the global cyber threat landscape, and the tactics, techniques, and procedures (TTPs) used by adversaries, especially those related to the financial sector. Ability to analyse complex threat and vulnerability data and convert that into clear and actionable intelligence. Experience in the identification and deep analysis of vulnerabilities and CVE s to determine their impact to the organisation. Experience in the identification of IOCs and the utilisation of those IOCs to carry out threat hunts across the environment. Experience in evaluating existing cyber defences against identified threats and attacks to determine weaknesses and propose relevant detective or preventive control enhancements. Strong analytical, critical thinking, and problem-solving skills. Strong verbal/written communication skills, with the ability to present threat and intelligence reports to both technical and non-technical audiences. Core Values & Behaviours EQ Group adheres to a number of Values and Behaviours that are central to the way we conduct business. The ones relevant to this role are expected to be evidenced in the way the incumbent works: Trust Acts with integrity and has high personal standards when dealing with others Treats others with respect, openness, honesty, and fairness (empathy) Accepts responsibility, rather than apportioning blame Creates the right blend of support and challenge - for themselves and others Maintains the organisation s reputation for high standards of business conduct Building Relationships Adds value and builds true partnerships Effectively manages expectations to achieve a positive outcome Builds effective networks (internally and externally) Belief Is passionate and believes in what we do and who we are Champions collaboration across the business for the benefit of clients and customers Maintains motivation and commitment, despite changes in direction Consistently demonstrates the Equiniti Group Values, even under pressure People Acts as a role model to others Positive, enthusiastic and supportive of others Promotes teamwork and works effectively with others to achieve own and wider business goals Leads in sharing best practice, knowledge and experience with others Embraces challenge and responds quickly and positively to change Is receptive, flexible and resilient Adopts personal style to suit the situation and needs of others Excellence Works hard to get it right first time and keeps promises and commitments to others Proactively takes actions and works with others to enhance our performance and reputation Takes ownership for problems and finds solutions Effective use of own time and commits to realistic deadlines Continuously learns and improves from experience and shares this with others

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters. The Position The Global Security Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. You drive the strategic direction and execution of penetration testing initiatives. Leveraging your deep understanding of security assessments and the vulnerability management landscape, you will define and prioritize penetration testing activities as a Product Owner. Your expertise will ensure the ongoing safety of our networks, users, proprietary information, patient data, and computer systems and web applications against evolving threats. Responsibilities: Define and prioritize penetration testing activities and requirements, acting as the Product Owner within an agile framework. Leverage your penetration testing expertise to inform the evaluation and prioritization of security issues identified through testing and bug bounty programs. Utilize enterprise vulnerability management tools in conjunction with penetration testing insights to pinpoint high-risk systems. Communicate identified risks effectively and collaborate with system owners and other teams to develop and track vulnerability mitigation plans. Enhance security vulnerability and incident response capabilities, informed by penetration testing outcomes. Contribute to security monitoring efforts within a global environment. Minimum Qualifications: Associate s degree in a relevant field or 5+ years of experience in information security with a strong foundation in penetration testing principles and methodologies. Proven understanding of web application, network, and computer security assessment concepts. Experience working within agile methodologies, with a demonstrated aptitude for product ownership or similar strategic roles. Preferred Qualifications: Web application, network, and computer security assessments Attack surface management experience Cloud security assessment experience Programming experience (e.g. Python, Node.js, JavaScript) Demonstrated ability to analyze, triage, and escalate security vulnerabilities Familiarity with various defensive and offensive security tool sets Relevant Offensive security certifications such as OSCP and eCPPT. Familiarity with mobile security is a plus Experience working in a large, global, and complex environment Ability to communicate information security related risks, concepts, and situations to a technical and non-technical audience A passion for the field of computer and network security, with awareness of current penetration testing trends. Fluent English, other languages are a plus Who we are . Let s build a healthier future, together. Roche is an Equal Opportunity Employer. "

Sprinto is a leading platform that automates information security compliance. By raising the bar on information security, Sprinto ensures compliance, healthy operational practices, and the ability for businesses to grow and scale with unwavering confidence. We are a team of 300+ employees & helping 2500+ Customers across 75+ Countries . We are funded by top investment partners Accel, Elevation, and Blume Ventures and have raised 31.8 million USD in funding, including our latest Series B round. The Role We are looking for a Product Security Engineer to lead efforts in securing our products. This role involves integrating security into the SDLC, conducting threat assessments, and collaborating with engineering teams to ensure secure design and coding practices. You will also manage vulnerability remediation, ensure compliance, and educate teams on security best practices What you will do Secure SDLC Integration : Embed security into CI/CD pipelines and secure coding practices across development teams. Threat Modeling & Risk Assessments : Perform threat assessments and define mitigation strategies for new features. Application Security Audits : Conduct security reviews and vulnerability assessments for applications. Security Design Reviews : Provide feedback on product designs to ensure security is built in from the start. Vulnerability Management : Oversee vulnerability identification, prioritization, and remediation workflows. Cross-Functional Collaboration : Work closely with development teams to promote secure coding and operational practices. What We re Looking For 5-9 years in application security, product security, or related roles. Proficient in web application security (OWASP Top 10), secure coding practices, and vulnerability remediation. Hands-on experience with security tools (SAST/DAST) and securing cloud environments. Familiar with cloud security (AWS, Azure) and container security (Docker, Kubernetes). Strong understanding of compliance standards like SOC 2, ISO 27001, and GDPR.. Benefits Remote First Policy. 5 Days Working With FLEXI Hours. Group Medical Insurance (Parents, Spouse, Children). Group Accident Cover. Company Sponsored Device. Education Reimbursement Policy.

Calix is hiring Senior Threat Intelligence Researcher to join their Threat Intelligence team in Bangalore. The successful candidates will lead efforts in identifying, analyzing, and mitigating network threats. Develop and implement advanced threat detection and prevention strategies. Additionally, they will enhance threat detection capabilities through various research activities. This role offers an opportunity to work on innovative projects in cyber security. Key Responsibilities: Lead comprehensive investigations into threats, conducting detailed research and intelligence analyses to strengthen security frameworks. Partner with diverse teams to design and enhance advanced security measures across systems. Develop and optimize IDPS signatures while contributing to NDR solution advancements for effective threat detection. Create engaging and informative content, including reports, white papers, and other materials focused on threat research and cybersecurity insights. Pioneer automation and machine learning-driven approaches to elevate threat detection capabilities. Stay at the forefront of security trends, continuously monitoring and adapting to emerging threats and innovative technologies. Execute proactive threat-hunting activities, employing blue teaming strategies, vulnerability research, and exploit analysis to eliminate vulnerabilities exploited by malicious actors. Conduct in-depth research on malware, exploits, and infection chains (kill-chain) to ensure robust detection and mitigation strategies. Qualifications: BS/MS degree in Computer Science, Electrical Engineering, or a related field. Over 5 years of experience in threat research and signature writing for intrusion detection solutions. Proficiency in tools like Wireshark, Network Miner, Ghidra, and OllyDbg. Expertise in crafting high-quality Snort/Suricata and Yara signatures. Strong knowledge of threat hunting methodologies and tracking threat actors. Experience analyzing adversary tactics using frameworks like MITRE ATT&CK, VirusTotal, and ReversingLabs. Familiarity with developing and maintaining threat intelligence sources and feeds. Knowledge of commercial and open-source threat detection tools. In-depth understanding of operating systems and TCP/IP network protocols. Proficiency in Python for developing detection algorithms and automation scripts. Excellent communication and documentation skills. Strong analytical and problem-solving abilities.

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters. The Position The Global Security Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. You drive the strategic direction and execution of penetration testing initiatives. Leveraging your deep understanding of security assessments and the vulnerability management landscape, you will define and prioritize penetration testing activities as a Product Owner. Your expertise will ensure the ongoing safety of our networks, users, proprietary information, patient data, and computer systems and web applications against evolving threats. Responsibilities: Define and prioritize penetration testing activities and requirements, acting as the Product Owner within an agile framework. Leverage your penetration testing expertise to inform the evaluation and prioritization of security issues identified through testing and bug bounty programs. Utilize enterprise vulnerability management tools in conjunction with penetration testing insights to pinpoint high-risk systems. Communicate identified risks effectively and collaborate with system owners and other teams to develop and track vulnerability mitigation plans. Enhance security vulnerability and incident response capabilities, informed by penetration testing outcomes. Contribute to security monitoring efforts within a global environment. Minimum Qualifications: Associate s degree in a relevant field or 5+ years of experience in information security with a strong foundation in penetration testing principles and methodologies. Proven understanding of web application, network, and computer security assessment concepts. Experience working within agile methodologies, with a demonstrated aptitude for product ownership or similar strategic roles. Preferred Qualifications: Web application, network, and computer security assessments Attack surface management experience Cloud security assessment experience Programming experience (e.g. Python, Node.js, JavaScript) Demonstrated ability to analyze, triage, and escalate security vulnerabilities Familiarity with various defensive and offensive security tool sets Relevant Offensive security certifications such as OSCP and eCPPT. Familiarity with mobile security is a plus Experience working in a large, global, and complex environment Ability to communicate information security related risks, concepts, and situations to a technical and non-technical audience A passion for the field of computer and network security, with awareness of current penetration testing trends. Fluent English, other languages are a plus Who we are A healthier future drives us to innovate. Together, more than 100 000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact. Let s build a healthier future, together. Roche is an Equal Opportunity Employer. "

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Secure Development Consultant Specialist In this role, you will: Contribute to develop and adopt security utilities and tools that will enable development teams to operate more efficiently and securely. Be "hands on" with technology and to contribute to the design, development and support development teams with security recommendations and adoption of tools. Contribute to process, procedures, and tool identification/development. Liaison with Developers, Project Managers to understand the working of an application, how effectively they are implemented and where security mechanisms are employed. Stay up to date within the industry of new trends, and best practices. Training and supporting developer and security champion activities to improve the quality of security scanning services to maximize the benefit for application teams. Oversight of changes in the risk profile through development of metrics and analysis of risks and controls Support the team with activities such as quality reviews, audit requirements and service desk management. Requirements To be successful in this role, you should meet the following requirements: Understanding of integration & automation of security technologies in at least two from SAST, DAST, MAST, container security tools within DevOps tooling pipeline (Jenkins, GitHub, Chef, Ansible, Nexus, etc). Proficiency in one or more industry security tooling (Checkmarx, Invicti(Netsparker), Quokka(Kryptowire), IriusRisk, Aquasec, etc. ) would be beneficial. Experience in DevSecOps with a focus on security. Knowledge of security flaws in different programming languages. Understanding of common public cloud environment (including AWS, GCP, Azure, Alicloud). Knowledge in implementing vulnerability identification tools within the development pipeline. Knowledge of Common Vulnerability Scoring System (CVSS). Knowledge of collaboration tools preferably JIRA and Confluence. Understanding of emerging technologies and its corresponding security threats would be beneficial. Strong analytical skills, including but not limited to attention to detail, research, data analysis, problem solving, evaluating and decision making.

Jr. Network Engineer Managing and prioritizing assigned tasks collaborating with team members when needed - business projects, change controls, documentation, and vulnerability remediation, etc. Enhance and maintain network environments performing routine tasks - e.g. Firewall policy changes Upkeep of IPAM and network diagrams Network monitoring and resiliency Software/Firmware Updates Contribute to documentation by writing and updating existing documents and diagrams. Provide network architecture recommendations and best practices. Supporting escalated tickets from Service Desk Team Research & advise on new technologies and practices. Support Fortigate systems, Manage ACL, centralized logging for firewalls Support for Configuration based, version based, policy based issues Configure new, updating firmware, policy changes Infra team manages all issues related to this through proactive monitoring and use it Log in to the switch and managing it (E.g. Configure new, updating firmware, policy changes) Networking, including vnets, private networking, and private endpoints in Azure Ability to work with Hybrid-networking scenarios with on-prem to Azure connectivity, VPN Gateways Qualifications 3+ years of hands-on experience with Fortinet Product 3+ years of hands-on experience with Cisco/Juniper 3+ years of experience with Azure/AWS/Google Cloud NetworkingBachelor s Degree Qualifications Bachelor

About Tekion: Positively disrupting an industry that has not seen any innovation in over 50 years, Tekion has challenged the paradigm with the first and fastest cloud-native automotive platform that includes the revolutionary Automotive Retail Cloud (ARC) for retailers, Automotive Enterprise Cloud (AEC) for manufacturers and other large automotive enterprises and Automotive Partner Cloud (APC) for technology and industry partners. Tekion connects the entire spectrum of the automotive retail ecosystem through one seamless platform. The transformative platform uses cutting-edge technology, big data, machine learning, and AI to seamlessly bring together OEMs, retailers/dealers and consumers. With its highly configurable integration and greater customer engagement capabilities, Tekion is enabling the best automotive retail experiences ever. Tekion employs close to 3,000 people across North America, Asia and Europe. We are looking for a highly skilled and motivated Security Engineer to join our dynamic team. In this role, you will be responsible for managing security incidents, identifying vulnerabilities, and implementing strategies to mitigate risks across our organization s infrastructure. If you have a proven track record in incident response, vulnerability management, and enhancing overall security posture, we would love to hear from you. Responsibilities and Deliverables: Incident Response : Monitor and analyze security event logs and alerts to detect potential incidents, and lead investigations for containment, eradication, and recovery. Root Cause Analysis : Perform in-depth analysis of sophisticated security incidents and targeted attacks across systems, networks, and code to identify root causes and prevent recurrence. Security Automation : Enhance detection and response capabilities through automation, including fine-tuning alerts to reduce false positives and automating responses to repetitive incidents. Playbook Creation : Develop and maintain incident response playbooks for distinct types of security incidents, ensuring they align with current threats. Security Event Enrichment : Leverage IOCs, threat intelligence, and other data sources to enrich security events, improving detection accuracy and reducing incident response time. Collaboration : Work with security stakeholders and cross-functional teams to coordinate incident response efforts and improve overall security initiatives. Threat Hunting : Conduct proactive threat hunting to identify potential malicious activities and mitigate emerging risks before they escalate. Vulnerability Management : Identify, assess, and prioritize vulnerabilities across systems, applications, and networks, and ensure effective remediation strategies. Vulnerability Scanning & Testing : Regularly conduct vulnerability scans, penetration tests, and risk assessments to uncover weaknesses in the security posture. Patch Management : Collaborate with IT and development teams to ensure timely patching and remediation of vulnerabilities. Required Experience & Education: Education: Bachelors/Masters degree in computer science, Information Technology, Cybersecurity, or a related field. Experience: A minimum of 3 years of experience in a Security Operations Center (SOC) environment. Certifications: Relevant certifications such GCIA, GCIH, AWS Security Specialist or any other certification that is in the field of Security Operations or Incident Response Coding Skills: Proficient in coding languages like Python or Go Technical Skills: Hands-on experience with security tools and technologies such as SIEMs, Endpoint Detection and Response (EDR), Web Application Firewalls (WAFs), Intrusion Detection Systems (IDS), and vulnerability scanners. Hands-on Experience: Proficient in the incident response process, including identification, containment, remediation, and recovery. Cloud Experience: Experience with cloud security services, preferably in AWS or Azure environments. Analytical Skills: Strong analytical and problem-solving skills with a detail-oriented approach to security challenges. Soft Skills: Excellent verbal and written communication skills, capable of conveying complex security concepts to non-technical stakeholders.

Serve as the primary point of contact and collaborate closely with our Infosec team to identify and prioritize vulnerabilities. Work with Engineering, Infrastructure, and IT teams to address vulnerabilities, provide guidance, and ensure timely remediation. Execute and enhance vulnerability management strategy, implementation, and operationalization. Establish policies, procedures, and standards for vulnerability identification, assessment, and remediation. Facilitate focus group meetings to discuss vulnerability remediation strategies and hold weekly steering committee meetings with leadership to review remediation progress. Collaborating with support teams to compile evidence and measure service level agreement (SLA) performance using analytical tools. Creating and sharing intuitive dashboards with clients to enhance transparency and exceed SLA compliance goals. Accumulate, monitor, and report on vendor performance metrics (SLAs & KPIs) to internal stakeholders. Partner with the Security Operations Center (SOC) to examine and communicate data loss prevention (DLP) incidents involving confidential or personal data to relevant business units and senior management. Define program controls, processes, procedures, reporting cadence, decision governance structures and ways of working with key stakeholders. Monitor the execution of defined task through tracking of program milestones and their statuses, developing program plans and measuring progress against ongoing key performance indicators. Analyze, evaluate, and overcome program, risks, and produce program reports for leadership and stakeholders. Sets stakeholder and program team expectations and ensures that the deliverables are aligned with business goals. Establishes the program KPIs measurements and quality control points and align reporting to track progress against the measurements. Proactively anticipates and mitigates issues through validations. 10+ years of total experience with 3+ years in project/ program management Candidate should have familiarity with Information Security and Vulnerability concepts. Any related certification in Information Security will be

Sound cloud security knowledge, specialized in Azure. Hands on experience on cloud security tools like Wiz.io. Evaluate & assess vulnerabilities/ threats published on internets cyber space and analysis the relevance to organization. Emergency vulnerability management process. Analysis Zero days, vulnerabilities exploited in the wild to safeguard organization IT landscape. Collaborate with technology, platform, and security teams to mitigate the emerging threats. Conduct assessment on security advisories and support vulnerability advisory process. Maintain & improve existing severity risk rating mechanism and provide sustainable ways for risk mitigation. Skills Must have Ideally up to eight years of hands-on experience with vulnerability scanning tools. Certifications like CEH, OSCP etc will be additional advantage. Good knowledge of CVEs, EPSS, vulnerabilities and exploits. Proven experience in vulnerability management and in depth understanding of vulnerability management lifecycle. Potentially, experience with other security processes e.g. vulnerability scanning or configuration management Prioritisation of complex technical tasks Good at communicating and documenting technical information (MS Teams, Confluence, Gitlab) Skills to collaborate & manage technology partners and other security counterparts. Technical communication and documentation skills Nice to have N/A Other Languages English: C1 Advanced Seniority Senior Refer a Friend Positive work environments and stellar reputations attract and retain top talent. Find out why Luxoft stands apart from the rest. Recommend a friend Related jobs View all vacancies Pune, India Req. VR-114914 Cybersecurity BCM Industry 06/06/2025 Req. VR-114914 Apply for Cyber Security Systems Engineer in Pune *

Location/s: Bengaluru Recruiter contact: Supriya Yadavalli Mott MacDonald is a global engineering, management, and development consultancy with over 20,000 employees across more than 50 countries and 140+ offices. We work across incredible global industries, delivering exciting work that is defining our future and making an important societal impact in the communities we serve. Our people power our performance - we succeed when they do. With countless opportunities to collaborate, learn, and grow, the possibilities for excellence are as varied as every individual. Whether you want to grow as a subject matter expert or broaden your experience with roles across our international community, you re surrounded by global specialists who want to combine their expertise and champion you to be your best. As a proudly employee-owned business, we benefit our clients, our communities, and each other, investing in creating the right space for everyone to feel empowered, included, and valued. Whatever your ambition, Mott MacDonald is where people come to be brilliant. About the business unit Mott MacDonald s support services are the driving force behind our organisation enabling us to run efficiently and effectively. The team works collaboratively to offer specialist advice, best practice and technology to all areas of our business specifically designed for our global reach. Job Description: Working as an IT Specialist in Cyber Security you will assist and advise the IT Manager for Cyber Security regarding Risk Analysis and Remediation Risk Analysis and Remediation Service Desk analyst you will be the first point of contact for all employees seeking to resolve IT issues. Speedy and intelligent resolution of IT incidents is the key to ensuring that Mott MacDonald can deliver on its promises to its clients. Key duties and responsibilities include: Proactively seeking out the most effective means of monitoring information security related activities, by use of existing tools, or the investigation of new tools and methods Developing and adopting appropriate Risk Assessment methodologies to ensure we are correctly prioritizing the risks we have identified. Assist in the monitoring and resolution of all Information Security issues as they occur, driving through forensic investigation and remediation as appropriate. Feedback all lessons learned into Operational and/or Governance systems. Drive and support information security related change in Operational teams Governance Advice on appropriate security posture (approach, risks, technical measures, awareness) from the point of view of the business (both overall and specific teams) Assist with driving cultural change in the organization by helping people understand risks and make better choices to address enterprise security weaknesses. Communications Responsible for working with BMS and IT teams to communicate to the business and IT on known threats and best practices for information security, as they evolve. Operational Advice on all requirements around information security and appropriate use of specific systems or services, both those provided by IT or as required by the business, including projects with special security requirements and setup. Acting as a point of contact for Information Security champions within operational IT teams, advising on appropriate responses, escalation as required. Supervise the development of and relationship with the (planned) Security Operations Centre Help to ensure that risk is measured and understood effectively by operational teams. Penetration testing and vulnerability assessments Assist with prioritisation of security controls and remediation. Architecture Review and recommend tools and processes for managing information security around new and existing systems. Price out solutions and advise on the best risk solution portfolio. Identify, review and evaluate technology risk. Input to design choices for new systems to ensure security is addressed appropriately. Scan and provide feedback on new products and risks to inform management strategy. Candidate Specification: Essential: Demonstrable experience of business operations and processes in a large multinational or global organisation In-depth understanding of the Office 365 platform and Microsoft Windows Domain environment In-depth understanding of modern cloud and network technologies and protocols Demonstrate appreciation for user-centred design, experience, and usability Experience with mobile applications Working knowledge of international data privacy, data residency, and information security requirements Desirable: High degree of understanding of the evolving global and internal IT environments Knowledge of all Threat areas (deliberate, accidental, internal, external) Extensive experience of the ISO 27001 Information Security Management framework Understanding of Cyber Essential Plus and similar government security standards Personal Attributes: Passionate about technology and learning. Ability to balance demands and priorities and think clearly under pressure. Attention to detail and a focus on quality. Excellent conflict resolution, communication, and collaboration skills. Logical and analytical approach to solving problems. We can offer (subject to Company s policy): - Agile and safe working environment - Competitive annual leave and sick leaves - Group incentive scheme - Group term life insurance, Workmen s compensation and Group medical insurance coverage - Short and Long-term Global employment opportunities - Global collaboration and knowledge sharing - Digital Innovation and Transformation

Associate Application Security Analyst Gurgaon/Bangalore, India An associate security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation and guidance service within the TAS Application Operations team The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery What you ll be DOING What will your essential responsibilities include? Assist the Application Operations (Security) team in all security related activities, forums and discussions Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys Assist in setting up Jenkins pipeline integration to CI/CD lifecycle Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization Contribute to the production of reporting and metrics to both internal and external stakeholders You will report to the Head of Application Operations What you will BRING We re looking for someone who has these abilities and skills: Required Skills and Abilities: Security First mindset Understanding of vulnerability analysis, scanning and remediation processes Understanding of CVEs, CVSS Understanding of security industry compliancy benchmarks and standards i e CIS Understanding of security best practices/standards i e OWASP, NIST Preferable experience with at least 2 coding languages i e Java, Dot Net, C++, Python etc Excellent analytical, critical thinking and organizational skills, ability to multitask and work to deadlines Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting Desired Skills and Abilities: Excellent communication, interpersonal and relationship building skills (verbal and written) Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks For mid-sized companies, multinationals and even some inspirational individuals we don t just provide re/insurance, we reinvent it How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business property, casualty, professional, financial lines and specialty With an innovative and flexible approach to risk solutions, we partner with those who move the world forward Learn more at axaxl com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success That s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential It s about helping one another and our business to move forward and succeed Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl com / about-us / inclusion-and-diversity AXA XL is an Equal Opportunity Employer Total Rewards AXA XL s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security It provides competitive compensation and personalized, inclusive benefits that evolve as you do We re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence Sustainability At AXA XL, Sustainability is integral to our business strategy In an ever-changing world, AXA XL protects what matters most for our clients and communities We know that sustainability is at the root of a more resilient future Our 2023-26 Sustainability strategy, called Roots of resilience , focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations Our Pillars: Valuing nature: How we impact nature affects how nature impacts us Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future We re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans Addressing climate change: The effects of a changing climate are far reaching and significant Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption Were building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions Integrating ESG: All companies have a role to play in building a more resilient future Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business We re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL s Hearts in Action programs These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving For more information, please see axaxl com/sustainability

At SAFE Security , our vision is to be the Champions of a Safer Digital Future and the Catalysts of Change . We believe in empowering individuals and teams with the freedom and responsibility to align their goals, ensuring we all move forward together. We operate with radical transparency, autonomy, and accountability there s no room for brilliant jerks. We embrace a culture-first approach , offering an unlimited vacation policy , a high-trust work environment, and a commitment to continuous learning. For us, Culture is Our Strategy check out our Culture Memo to dive deeper into what makes SAFE unique. We re looking for a Senior Threat Researcher to lead security efforts across our product and production environments and ensure that what we build is built to last and withstand. As part of our Security Operations (SecOps) team, you ll work closely with engineers and product managers, embedding security into every phase of the development lifecycle. What You ll Do: Lead a team of 3 Threat Researchers focused on product and production security Conduct manual security assessments of web/mobile applications and APIs as part of sprint ceremonies (biweekly) Perform static code analysis (SAST) , software composition analysis (SCA) , and secrets scanning using automated tools, followed by deep manual validation Monitor, triage, and prioritize vulnerabilities in the production environment Carry out perimeter security reviews based on emerging threats and attack surface changes Review the security implications of new architecture or deployment changes Monitor and action alerts from the Cloud Native Application Protection Platform (CNAPP) Collaborate cross-functionally with engineering and program teams to embed security best practices Automate repetitive security tasks using scripting (Python, Shell, JS, etc.) What You ll Bring: Bachelor s or Master s degree in Computer Science, IT, or related field Proven experience in Application & Cloud Security, with hands-on exposure to: - Burp Suite Pro - SAST/SCA tools - CNAPP solutions Strong understanding of vulnerability validation and risk prioritization Familiarity with code repositories (e.g., GitHub) and secure code practices Comfortable with scripting for automation and tooling Experience working in Agile Scrum environments Effective communicator with strong documentation and team collaboration skills Previous experience in leading or mentoring a security-focused team Nice to Have (Certifications): OSCP OSWE CRTP If you re passionate about cyber risk, thrive in a fast-paced environment, and want to be part of a team that s redefining security we want to hear from you!

Job Title: DevOps Engineer (3-8+ Years Experience) Location: Bengaluru, India Job Type: Full-time Experience: 3-8+ years Industry: Financial Technology / Software Development About Us: We are a cutting-edge software development company specializing in ultra-low latency trading applications for brokers, proprietary trading firms, and institutional investors. Our solutions are designed for high-performance, real-time trading environments, and we are looking for a DevOps Engineer to enhance our deployment pipelines, infrastructure automation, and system reliability. For more info, please visit: https://tradelab.in/ Responsibilities: 1. CI/CD & Infrastructure Automation Design, implement, and manage CI/CD pipelines for rapid and reliable software releases. Automate deployments using Terraform, Helm, and Kubernetes . Optimize build and release processes to support high-frequency, low-latency trading applications . Good knowledge on Linux/Unix 2. Cloud & On-Prem Infrastructure Management Deploy and manage cloud-based (AWS, GCP) and on-premises infrastructure . Ensure high availability and fault tolerance of critical trading systems. Implement infrastructure as code (IaC) to standardize deployments. 3. Performance Optimization & Monitoring Monitor system performance, network latency, and infrastructure health using tools like Prometheus, Grafana, ELK . Implement automated alerting and anomaly detection for real-time issue resolution. 4. Security & Compliance Implement DevSecOps best practices to ensure secure deployments. Maintain compliance with financial industry regulations (SEBI) . Conduct vulnerability scanning, access control, and log monitoring . 5. Collaboration & Troubleshooting Work closely with development, QA, and trading teams to ensure smooth deployments. Troubleshoot server, network, and application issues under tight SLAs. Required Skills & Qualifications: 5+ years of experience as a DevOps Engineer in a software development or trading environment. Strong expertise in CI/CD tools (Jenkins, GitLab CI/CD, ArgoCD). Proficiency in Cloud Platforms (AWS, GCP,) and Containerization (Docker, Kubernetes). Experience with Infrastructure as Code (IaC) using Terraform , or CloudFormation. Deep understanding of Linux system administration and networking (TCP/IP, DNS, Firewalls). Knowledge of monitoring & logging tools (Prometheus, Grafana, ELK ). Experience in scripting and automation using Python, Bash, or Go. Understanding of security best practices (IAM, firewalls, encryption). Good to have but not Mandatory Skills: Experience with low-latency trading infrastructure and market data feeds . Knowledge of high-frequency trading (HFT) environments . Exposure to FIX protocol, FPGA, and network optimizations . Experience with Redis, Nginx for real-time data processing. Perks & Benefits: Competitive salary & performance bonuses Opportunity to work in the high-frequency trading and fintech industry Flexible work environment with hybrid work options Cutting-edge tech stack and infrastructure Health insurance & wellness programs Continuous learning & certification support

insightsoftware is a global provider of comprehensive solutions for the Office of the CFO. We believe an actionable business strategy begins and ends with accessible financialdata. With solutions across financial planning and analysis (FP&A), accounting, and operations, we transform how teams operate, empowering leaders to make timely and informed decisions. With data at the heart of everything we do, insightsoftware enables automated processes, delivers trusted insights, boosts predictability, and increases productivity. Learn more at insightsoftware.com Work Timings: 2:30-11:30PM Location: Bangalore Summary In this role, you will be responsible for managing the procurement and vendor management teams and their day-to-day operations. The ideal candidate will be a go-getter known for consistently ensuring operational efficiency. The appropriate candidate will be a success driven self-starter, skilled at managing teams and working with cross functional groups to ensure the team objectives are met Primary Responsibilities: Manage the Vendor Management and Procurement team - build, train and manage performance goals Improve and execute purchasing policies and procedures that include vendor base management, purchasing cycle (requisitions, purchase orders), developing the appropriate audit and goods received process. Review Purchase Requisition forms and create Purchase Orders accordingly. Complete New Vendor Setups in compliance with policies Review purchase orders against purchasing guidelines; obtain legal contract review, check against finance budget, review & confirm accounting coding. Approve or reject and issue purchase orders to vendors. Negotiate and complete contracts for goods and services utilizing established contracting policies and procedures Review vendors, assess vendor capabilities and prevent vendor duplication. Additionally ensure clean vendor data, deactivating vendors not being used. Manage and update process controls and ensure team alignment to the controls Collaborate with internal leadership in other functional areas, as it relates to their respective programs, to ensure alignment of activities, objectives, and expectations. Build and develop vendor relationships, managing effective partnerships with key suppliers to encourage superior service, obtain competitive pricing, and obtain quality products and/or services. Identify and implement process improvements throughout the department to increase efficiency and accuracy and decrease high risk areas. Lead and contribute to the Coupa implementation and stabilization efforts. Maintain purchasing documents and assure that they are properly completed with all terms and conditions of purchases being met. Assure department records are maintained and that purchases are followed up or expedited when required. Maintain purchase contracts database. Audit database system for accuracy on a continual basis preventing any vulnerability for fraud or excessive errors. Ensure compliance with local and foreign requirements. Lead low-dollar sourcing efforts within the team Interface with accounting on audit issues and system management to ensure proper controls are in place and operating as planned Qualifications Bachelor s Degree, preferably in accounting. 10 plus years in procurement and vendor management with 3 plus year of team management experience Exceptional work ethic and strong attention to detail Excellent written and verbal communication skills, and the ability to interact effectively Self-starter who can take on responsibility with little oversight Ability to read and comprehend moderately complex instructions, short correspondence, and memos Ability to write correspondence with understanding of audience Ability to effectively present information in one-on-one and small group situations to other managers and employees Exhibits our core values: Results Orientation, Winning Attitude, Be One Team, Disciplined Execution, and Growth Mindset

Step into a leadership role for skilled security teams at one of the worlds largest and most powerful corporations. As a Manager of Cybersecurity Architecture at JPMorgan Chase within the Cybersecurity & Tech Controls team, you lead multiple teams and manage day-to-day implementation activities by identifying and escalating issues and ensuring your team s work adherence to compliance standards, business requirements, and tactical best practices. Job responsibilities Provides guidance and cultivates skills for immediate team of architects on daily tasks and activities Sets overall guidance and expectations for team output, practices, and collaboration Anticipates dependencies with other teams to deliver products and applications in line with business requirements Manages stakeholder relationships and the team s work in accordance with compliance standards, service level agreements, and business requirements Champions the firm s culture of diversity, equity, inclusion, and respect, and prioritizes diverse representation Required qualifications, capabilities, and skills Formal training or certification on security engineering concepts and 5+ years applied experience. In addition, demonstrated coaching and mentoring experience Experience running teams of architects that design and deliver cybersecurity products and solutions Hands on experience of key security concepts in SAST, DAST, SCA, Cloud, and Vulnerability MGMT Proficient in automation Proficient in agile methodologies Experience creating internal software platforms to enable engineering workflows Preferred qualifications, capabilities, and skills Familiarity with modern front-end technologies Relevant experience in designing, developing, and implementing software solutions, constantly seeking to be an expert

We are seeking a highly skilled Lead Azure DevOps Engineer to join our team and drive the end-to-end deployment, scalability, and operationalization of machine learning models in production. You will collaborate closely with data scientists, data engineers, and DevOps teams to ensure seamless CI/CD, reproducibility, monitoring, and governance of ML pipelines Key Responsibilities Design, implement, and maintain CI/CD pipelines for deploying and monitoring microservices efficiently. Manage infrastructure as code using Terraform for repeatable and scalable provisioning. Deploy and optimize containerized applications using Docker and Azure services (Container Apps, Container Registry, Key Vault, Service Bus, Blob Storage). Apply best practices for securing Docker images, including vulnerability scanning, reducing image size, and optimizing build efficiency. Implement and maintain Azure Monitor for logging, monitoring, and alerting to ensure system reliability. Ensure security best practices across cloud environments, including secrets management, access control, and compliance. (Nice to have) Design and manage multi-client architectures within shared pipelines and storage accounts in Azure Blob Storage 6+ years of experience in DevOps or MLOps with a strong focus on production-grade ML solutions. Strong expertise in Azure, particularly with CI/CD, container orchestration, and cloud security. Proficiency in Terraform for infrastructu

You will help us run one of the largest and most sophisticated cloud-scale, big data, and microservices platforms in the world. You will be responsible to maintain and provision the base infrastructure that runs Splunk Observability Cloud , including cloud compute platforms, managed services, Kubernetes, and required tooling. You will be a key part of the team that strives to offer a fully automated and self-serve, secure, performant, compliant, and cost-efficient Platform-as-a-Service that follows cloud-native best practices and empowers product teams to easily and quickly deploy and operate workloads. You are passionate about automation, infrastructure-as-code, microservices, and getting rid of tedious, manual tasks. You will: Design new services, tools, and monitoring to be implemented by the entire team. Analyze the tradeoffs of the proposed design and make recommendations based on these tradeoffs. Mentor new engineers to achieve more than they thought possible. You enjoy making other teams successful and are fulfilled through the success of others. You will work on infrastructure projects, including: Adopting new cloud-native frameworks and services Automating cloud provider infrastructure via Terraform, Kubernetes, and Helm Developing code for tools and automation to reduce manual tasks and reduce human error Establishing and documenting run books and guidelines for using the multi-cloud infrastructure and microservices platform. Improve the resiliency of multi-cloud microservices platform Networking, routing, and load balancing Security vulnerability remediation and patching automation Automating deployment of our services in new provider zones/regions Designing and productionizing access tiers to provide appropriate permissions across roles Qualifications Must-Have: 6+ years of solid hands-on cloud infrastructure experience on public cloud platforms specifically AWS or GCP. 3+ years of strong hands-on experience deploying, managing, and monitoring large-scale Kubernetes clusters in the public cloud Experience with Infrastructure-as-Code using Terraform and/or Helm. Experience with infrastructure automation and scripting using Python and/or bash scripting. Knowledge of microservices fundamentals including Service Mesh using Istio, service discovery, deployment strategies, monitoring, scheduling, and load balancing Excellent problem-solving, triaging, and debugging skills in large-scale distributed systems Preferred: AWS Solutions Architect certification preferred. CKA and HashiCorp-certified Terraform Associate certifications preferred Experience with Infrastructure-as-Code using Terraform, CloudFormation, Google Deployment Manager, Packer, Pulumi, ARM, etc. Experience with developing infrastructure or platform services using GoLang or Python. Experience with CI/CD frameworks and Pipeline-as-Code such as Jenkins, Spinnaker, Gitlab, Argo, Artifactory, etc. Exposure to monitoring tools such as Splunk, Prometheus, Grafana, ELK stack, etc. in order to build observability for large-scale microservice deployments. Proven skills to effectively work across teams and functions to influence the design, operations, and deployment of highly available software.