296 Vulnerability Jobs - Page 12

Role Overview As a Cybersecurity Engineer, you will be responsible for designing, implementing, and maintaining security measures to protect the organizations computer systems, networks, and data from cyber threats. This role will involve a combination of technologies, processes, and practices designed to safeguard data, applications, and networks from threats like malware, phishing, and data breaches. You will be tasked with identifying vulnerabilities , supporting the response to incidents , and ensuring that security protocols and controls are adhered to. Your role is vital in safeguarding critical assets and ensuring compliance with legal and regulatory standards. What will you do in this role: Lead the development of enhanced cloud and application security control integrations and architectural best practices . Lead the development and implementation of product security policies and standards to ensure that application, cloud services and infrastructure meet organizational security requirements. Lead the maintenance and monitoring security tools and dashboards, ensuring that applications deployed in our environments adhere to organizational security standards and compliance requirements. Lead adoption of our security tools within other teams ensuring the inputs and outputs are fully integrated enabling a complete security function. Design, implement, test, document, and support integration of security tools and technologies in pipelines, Also, assist the product teams in related activities . Work closely with cross-functional Infrastructure teams on Automation and Orchestration. Create and document detailed designs for simple software applications or components. Apply agreed modelling techniques, standards, patterns , and tools. Work within a matrix organizational structure, reporting to both the functional manager and the project manager. What should you have: Bachelors degree in Information Technology , Computer Science or any Technology stream. Working experience in cloud environments AWS must have and good to have Azure, or GCP. Understanding of OWASP Top 10 security risks and mitigation strategies, relevant NIST standards, and Zero Trust principles. Familiarity with programming/scripting languages like Python, Bash, Terraform, Ansible, JSON, PowerShell, or JavaScript for automating tasks. Familiarity with software development/delivery lifecycle and related technologies 7+ years of hands-on experience working with network protocols, firewalls, intrusion detection systems, encryption technologies, and endpoint security solutions. Proficiency in security tools in the areas of cloud, application, endpoint, network or identity, vulnerability scanners, and malware analysis platforms. Knowledge of authentication methods, identity management, and security access protocols (e.g., SSO, MFA, LDAP). Ideally AWS certified. Good interpersonal and communication skills (verbal and written). Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) are often required or highly desirable. Proven record of delivering high-quality results. Product and customer-centric approach. Innovative thinking, experimental mindset.

You are a self-driven, highly motivated professional with a strong commitment to tackling climate-health challenges in the Global South, particularly in India. You bring a deep understanding of environmental epidemiology and its intersection with public health, policy, and implementation. You thrive in environments where you independently drive high-impact research, engage with diverse stakeholders, and translate scientific findings into actionable climate-health interventions. You have a robust network of climate and health experts across India, South Asia, and other low- and middle-income countries (LMICs). You stay informed on cutting-edge developments in climate-health vulnerability assessment, disease surveillance, and public health policy. You are comfortable navigating ambiguity, working across data science, research, monitoring & evaluation (MEL), and policy teams, and ensuring your deliverables are strategically aligned with CHVI s long-term goals. You possess a strong ability to influence decision-making outside formal hierarchical structures and have experience engaging with government officials, funders, and global health organizations. You enjoy working at the intersection of research, implementation, and policy and are eager to contribute to the validation and scale-up of the CHVI model to improve climate resilience in health systems. You bring a strong analytical mindset, exceptional writing skills, and the ability to translate complex epidemiological concepts into practical, scalable interventions. This role requires a high degree of independence and accountability, and you will be expected to own your deliverables, manage competing priorities, and drive progress efficiently in collaboration with Khushi Baby s Research, MEL, Data Science, and Partnerships & Strategy teams. Key Responsibilities Climate-Health Vulnerability Assessment: Develop, validate, and refine the CHVI methodology for assessing regional climate-health risks, ensuring its alignment with state and national health policies. Geospatial and Epidemiological Analysis: Conduct spatial epidemiology, longitudinal cohort studies, and time-series analysis to measure climate-health impacts and develop real-time risk assessment frameworks. Health Systems Strengthening: Support recommendations for targeted interventions by analyzing attributable burden of climate-sensitive diseases (eg, air pollution, heat stress, vector-borne diseases). Government Engagement and Policy Recommendations: Collaborate with health departments and development agencies to integrate CHVI insights into disease surveillance programs and health adaptation strategies at the state and national level. Intervention Effectiveness Studies: Evaluate health system resilience by assessing the impact of climate adaptation measures on public health outcomes. Data Science & Predictive Analytics: Work with data scientists and public health experts to enhance CHVI through machine learning models, predictive analytics, and quasi-experimental designs for climate-health predictions to improve early warning systems. Multi-Sector Coordination: Work in a complex, multi-disciplinary environment, coordinating with climate scientists, health economists, data engineers, and government stakeholders to refine methodologies and scale the CHVI. Communication & Knowledge Translation: Present CHVI findings to policymakers, public health leaders, and global stakeholders, ensuring insights are actionable for decision-makers. Time Management & Strategic Execution: As a self-starter and strategic thinker, take ownership of independent deliverables, ensuring projects are executed on time and aligned with programmatic goals. Core Skills & Qualifications Climate-health risk assessment and exposure-response modeling. Spatial epidemiology, longitudinal cohort studies, and time series analysis. Climate vulnerability mapping and geospatial risk modeling. Attributable burden analysis for air pollution, heat stress, and vector-borne diseases. Intervention effectiveness studies for climate-sensitive health programs. Experience designing state or national-level health interventions in India. Experience presenting findings to policymakers, government stakeholders, and development agencies. Ability to work in a multi-disciplinary, fast-paced environment, managing multiple priorities effectively. Excellent analytical skills, including deep knowledge of global health trends. Structured and strategic thinking to drive high-impact policy recommendations. Excellent project management skills, ensuring efficient execution of CHVI initiatives. Ability to influence outside of formal hierarchical structures, working effectively with diverse stakeholders. Excellent writing, communication, and presentation skills to translate complex data into actionable insights. Highly Desired Qualities (Preferred but Not Required) Machine learning for climate-health predictions. Quasi-experimental study designs & interrupted time series analysis. Economic evaluation (cost-effectiveness, cost-benefit analysis) of climate-health interventions Preferred Experience & Educational Qualifications PhD with 3+ years of experience OR masters degree with 7+ years of experience in epidemiology, environmental health, climate science, public health data science, or a related field. Competitive pay based on years of experience. Fulency in English is required. Other languages desired, particularly Hindi, Marathi and Kannad you'll stand out with Prior experience working with government officials and NHM data sets Publications with mixed-methods research Prior experience working with mHealth / digital health projects Excellence in English writing and communication Demonstrated work / experimentation in prompt-engineering for tools like ChatGPT Work Location Hybrid role with a preference for candidates based in Delhi, Rajasthan, Mumbai and Bangalore. Candidates must be willing to travel to field locations (Rajasthan and Maharashtra) as needed for validation, government and health system engagements. Benefits Medical insurance Flexible work policies for those menstruating, needing time for grievance of a loved one, religious fasting, etc Monthly field visits, annual retreat Learning opportunities with world-class research institutions (Yale, Harvard) Learning Stipend Policy Sponsored Workshops and Seminars

We are MG Global Services Private Limited (formerly known as 10FA India Private Limited, and prior to that Prudential Global Services Private Limited) . We are a fully owned subsidiary of the MG plc group of companies, operating as a Global Capability Centre providing a range of value adding services to the Group since 2003. At MG our purpose is to give everyone real confidence to put their money to work. As an international savings and investments business with roots stretching back more than 170 years, we offer a range of financial products and services through Asset Management, Life and Wealth. All three operating segments work together to deliver attractive financial outcomes for our clients, and superior shareholder returns. MG Global Services has rapidly transformed itself into a powerhouse of capability that is playing an important role in MG plc s ambition to be the best loved and most successful savings and investments company in the world. Our diversified service offerings extending from Digital Services (Digital Engineering, AI, Advanced Analytics, RPA, and BI Insights), Business Transformation, Management Consulting Strategy, Finance, Actuarial, Quants, Research, Information Technology, Customer Service, Risk Compliance and Audit provide our people with exciting career growth opportunities. Through our behaviours of telling it like it is, owning it now, and moving it forward together with care and integrity; we are creating an exceptional place to work for exceptional talent. We have a diverse workforce and an inclusive culture at MG Global Services, regardless of gender, ethnicity, age, sexual orientation, nationality, disability or long term condition, we are looking to attract, promote and retain exceptional people. We also welcome those who take part in military service and those returning from career breaks.

Threat Hunting analyst performs a wide variety of security duties with a primary focus on threat actor-based tactics, techniques, and procedures The ability to manage multiple simultaneous threat hunts spanning several platforms with various TTPs is a key function of this role Knowledge sharing and mentoring of team members is a critical and necessary skill Must have the ability to operate under pressure and influence the team dynamic when responding to incidents Should be able to work to enhance and improve the team and processes over time in a well-established manner Roles and responsibilities: Perform hypothesis-based threat hunts using popular MITRE attack framework Perform intel-based threat hunting Conduct threat simulation exercises to test current security control Create diamond models to model threat activity Work directly with leadership to develop and improve existing internal processes Develop new processes that will add value to threat hunting team Provide proactive assistance to junior analysts to help them develop their skillset Develop advanced correlation rules for threat detection using CQL (CrowdStrike Query Language) Create and utilize threat intel report to conduct manual hunts across available data sources Perform static and dynamic analysis of malicious files Work proactively on critical security incidents Perform vulnerability review and risk assessment Required skills: Ability to perform threat hunting using MITRE attack framework Ability to identify/detect/explain malicious activity that occurs within environments with high accuracy/confidence level Ability to develop advanced correlation rules for threat detection Must be expertise in creating queries using SPL (Search processing language used by Splunk) or CQL (CrowdStrike Query language) Ability to create threat intelligence reports based on available threat intel Ability to perform static and dynamic analysis of possible malicious files Ability to perform Vulnerability analysis and risk assessment Should have strong log analytical skills Should be able to demonstrate good incident response skills in case of critical security incidents Moderate understanding of Windows and Linux operating systems, as well as command line tools Strong verbal as well as written communication skills Basic understanding of malware analysis Year of Experience: 6+ years (Security Operations + Threat Hunting - [Minimum 2 years should be in threat hunting]) Tools - CrowdStrike, Splunk, Logscale Humio Certification: COMPTIA Security+, CEH Programing language - Python (Good to have) Qualification: Bachelor of Engineering in any stream

About Us: Endpoint is an interactive response technology (IRT ) systems and solutions provider that supports the life sciences industry. Since 2009, we have been working with a single vision in mind, to help sponsors and pharmaceutical companies achieve clinical trial success. Our solutions, realized through the proprietary PULSE platform, have proven to maximize the supply chain, minimize operational costs, and ensure timely and accurate patient dosing. Endpoint is headquartered in Raleigh-Durham, North Carolina with offices across the United States, Europe, and Asia. Position Overview: The Senior SQL Server Database Developer will be the strategic and technical lead responsible for designing, implementing, and maintaining high-performance, mission-critical SQL Server code. This role requires extensive expertise in database architecture, high-availability configurations, performance optimization, and data security, with a strong focus on ensuring data integrity and system reliability. The Senior Database Developer will lead initiatives for automation and troubleshooting, acting as the top-level escalation point for complex database issues. In addition, this role will collaborate closely with cross-functional teams, provide mentorship to the development team , and drive continuous improvement efforts across all database operations. The ideal candidates will have a deep knowledge of SQL Server technologies, scripting for automation, and a proactive approach to managing cloud-based and on-premises database solutions to meet business objectives. Responsibilities: Develop, maintain, and enforce database standards and guidelines for DBAs and the operations development teams. Develop, manage, and maintain monitors to identify issues in the data tier. Analyze results and provide both SQL tuning and process development to get poorly performing code fixed. Work with the systems operations team to make sure the data tier is secure - including encryption and access control as it applies to relevant regulations. Perform regular security audits and vulnerability assessments to safeguard data. Top-level escalation point of contact for all database issues. Responsible for documenting and conducting CA/PA exercises in a data tier issue. Stay current with SQL Server advancements and trends, evaluating how emerging tools and technologies can benefit the organization. Identify areas for process improvements and implement enhancements to optimize database environments. Collaborate with cross-functional teams (Developers, Infrastructure, DevOps, etc.) to support project needs and database integration. Mentor junior DBAs and provide technical guidance, best practices, and training on SQL Server technologies. Education: Bachelor s degree in a relevant field or equivalent work experience. Experience: 8+ years of experience in SQL Server Database Administration, with proven expertise in managing large, mission-critical databases. Strong knowledge of SQL Server high-availability solutions and clustered environments. Proficiency in T-SQL and PowerShell scripting for database automation. Extensive experience writing T-SQL stored procedures and performing query optimization and tuning. Experience with cloud-based database solutions (Azure SQL and Cosmos) is highly desirable. Experience with monitoring tools such as SQL Server Management Studio (SSMS), SQL Profiler, Extended Events, and third-party tools (e.g., SolarWinds, Redgate). Ability to interact effectively with resources from the functional and technical tracks on the project team. The ability to manage multiple tasks with shifting priorities is a necessity. Must be willing to work on-call as part of regular work schedule and when required. Process and detail-oriented with excellent analytical and problem-solving skills. Previous experience working in a fast-paced, entrepreneurial environment preferred. Skills: Strong attention to detail. Excellent organizational and time management skills. Excellent communication and leadership skills, with a collaborative approach to working with various teams and mentoring junior staff. Prior experience with staff management. $100,000 - $140,000 a year Benefits : All job offers will be based on a candidate s location, skills and prior relevant experience, applicable degrees/certifications, as well as internal equity and market data. Regular, full-time or part-time employees working 30 or more hours per week are eligible for comprehensive benefits including: Medical, Dental, Vision, Life, STD/LTD, 401(K), Paid time off (PTO) or Flexible time off (FTO), and Company bonus where applicable. #LI-MT #LI-Onsite

Join our Team About this opportunity: The primary responsibility of this role is to assess new and existing security vulnerabilities from internal and external sources, determine applicability, and document the impact and remediation strategy in a customer viewable format. The role will focus on multiple technologies including all of the major cloud hosting environments, Linux based servers and firmware, specialized hardware products, multiple coding languages, and multiple virtualization technologies. The successful candidate will have the ability to understand the technical aspects of security, assess the risk, and translate that into simple to understand language. What Will You Do Review vulnerability scan reports Monitor and assess external sources for new vulnerabilities Assess the applicability of vulnerabilities in context Determine the real impact of vulnerabilities Document findings and disclosures for each vulnerability and publish them to customers Negotiate with external researchers on disclosure timing Monitor remediations and update documentation Participate in Security Incidents regarding urgent vulnerabilities Provide metrics and statistics Qualifications Minimum Qualifications: Six (6) years of experience required (can include indirectly related experience) A team player Ability to interpret and explain CVEs to technical and non-technical audiences Working knowledge of hacking techniques Working knowledge of programming Working knowledge of risk evaluation Experience with the MS Office suite Excellent written and verbal communication skills Ability to react to changing priorities quickly and effectively High school diploma, GED, and/or equivalent professional experience While there is a primary location listed on this requisition, other locations may be considered Preferred Qualifications: Experience evaluating security risk in context of the production environment Experience with Jira Experience communicating directly to customers Experience with at least one of these languages: Python, Go, Java, or C Experience with scan reports from Snyk, Qualys, Crowdstrike, Inspector, Vdoo, or Binwalk Experience working remotely across many time zones and cultures Security certifications such as CISSP, CRISC, AWS SCS, etc. Ability to work flexible hours

FOR DETAILS JD CLICK ON BELOW LINK: https://docs.google.com/forms/d/e/1FAIpQLSeQcxtHhXCTj_vEuebZVPrMZfsFFjW_8LN4ESNOtyzgVYuDSQ/viewform?usp=header At least 10 years of experience in providing technical support and advice for a Security Operations. Required Candidate profile Significant experience and ability to manage and lead in crisis situations, ensuring a swift and effective response. Demonstrable experience in leading and coordinating diverse teams effectively.

Summary The Manager of Customer Support will provide leadership for the customer support team with the primary goal of ensuring Armor customers have the best support possible. This role requires exceptionally high skills in building and managing high growth support groups, IT security, the hosting industry, and virtualization in a service-provider model. Essential Duties and Responsibilities (Additional duties may be assigned as required) Lead customer support operations for the APAC/India region, requiring availability during overlapping US hours. Demonstrate familiarity with diverse cultures and business practices in North America, EMEA, and APAC. Develop, document, and enforce standardized processes to maintain high service standards globally across all locations. Escalate critical issues to the appropriate departments and ensure prompt resolution. Manage support resources effectively, optimizing team utilization and productivity. Exhibit the ability to recruit talented individuals, fostering a positive team culture for sustained success. Coordinate training programs for new hires and ongoing education initiatives for support staff. Collaborate with cross-functional teams to address and resolve complex technical challenges. Monitor both employee performance and customer satisfaction, promptly addressing any shortcomings in an efficient manner. REQUIRED SKILLS Bachelors degree in Computer Science, Information Technology, or a related field. 10+ years of experience in technical support. 5+ years of experience in management or team leadership roles. Ability to work in 24/7 rotational shifts. Strong knowledge of technical support best practices. Excellent communication and interpersonal skills, with the ability to work effectively across diverse teams. Demonstrated ability to lead, motivate, and inspire teams to achieve goals. Proficiency in using customer support software and ticketing systems. Strong understanding of incident response and threat mitigation strategies. Proven experience in managing security-related support escalations effectively. Demonstrated experience with cybersecurity tools and platforms, including: Endpoint Detection and Response (EDR) tools Intrusion Detection/Prevention Systems (IDS/IPS) Firewall management and configuration Vulnerability scanning and assessment tools Multi-factor authentication (MFA) systems WHY ARMOR Join Armor if you want to be part of a company that is redefining cybersecurity. Here, you will have the opportunity to shape the future, disrupt the status quo, and be a part of a team that celebrates energy, passion, and fresh thinking. We are not looking for someone who simply fills a role we want talent who will help us write the next chapter of our growth story. Armor Core Values: Commitment to Growth: A growth mindset that encourages continuous learning and improvement with adaptability in the face of challenges. Integrity Always: Sustain trust through transparency + honesty in all actions and interactions regardless of circumstances. Empathy In Action: Active understanding, compassion and support to the needs of others through genuine connection. Immediate Impact: Taking initiative with swift, informed actions to deliver positive outcomes. Follow-Through: Dedication to delivering finished results with attention to quality and detail to achieve the desired outcomes. WORK ENVIRONMENT The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually low to moderate. The work environment can be either in an office setting or remotely from anywhere. Equal opportunity employer - it is the policy of the company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, national origin, age, disability, genetic information, veteran status, or any other consideration protected by federal, state or local laws.

Build threat defenses, security rules, and triggers. Map cloud compliance standards and analyze data. Automate tasks, troubleshoot issues, and protect information assets.

Perform routine information security tasks, such as source code scanning, monitoring, analysis, and tracking of security incidents, and website vulnerability scanning. Create or revise technical documents. Handle other assigned tasks, assist in various activities, and other related matters. Essentials to Succeed Currently enrolled or graduated in an information-related discipline, or possess relevant work experience or certifications. Preferred experience in any of the following: Web or App development, script automation, server/network management, and network security. Applicants from all varsities are welcome to apply, including University, Polytechnic, and ITE Minimum commitment period of 6 months, full-time ShopBackers DNA Grit - We tackle all challenges head-on, working together to solve problems and achieve success. Hunger - We value hard work, and having relentless drive. Speed - We move fast and have a bias for action, all to deliver maximum impact. Impact - We focus on results, always aiming for the best possible outcomes and timelines. Growth - We embrace a growth mindset, constantly striving to learn, improve, and excel in our roles.

Analytical problem solvers . People who go beyond just fixing to identify root causes, evaluate optimal solutions, and recommend comprehensive upgrades to prevent future issues. Managers who drive performance. People who implement process improvements and leverage the talent of their team to consistently increase performance and productivity. Curious learners . People who seek out cutting-edge research and information to expand and enhance their ability to develop new ideas into reality. Goal-oriented developers . Keeping the customer and requirements squarely in focus, people who deliver safe and robust solutions. Effective communicators . People who can interpret information clearly and accurately to concisely communicate results and recommendations to stakeholders, senior management, and their teams. Goal-oriented orchestrators. People who can effectively coordinate and prioritize skilled employees toward the right activities that lead to success. Position Description : Stryker is looking for a strong manager to lead the Edge Platform Engineering team. In this role, you will build a high performing team that helps maintain, upgrade and modernize the Edge platform and provides expert guidance to development and testing teams to improve their productivity. What you will do: Responsibilities: Build a high performing engineering team responsible for maintaining and upgrading core infrastructure on the Edge Clinical Workflow Platform. Provide technical leadership and strategic direction to the Edge development and QA teams in one or more of the core functional areas (Infrastructure Upgrade and Modernization, Database Optimization, Platform Stability and Resiliency, Observability, CI/CD, Security, Data Engineering & Analytics). Partner with DevOps to ensure on-going cooperation between teams on DevOps initiatives. Own infrastructure upgrades for key tools and technologies on the platform (e. g. Java, Drools, Openfire, etc. ). Manage internal scalability environments and improve Edge scalability, resiliency and reliability. Improve insights into the functioning of the Edge Platform and enhance observability into core components that make up the platform. Assist with fixes and deficiencies identified as a part of vulnerability scans, penetration tests and SOC audits. Mentor junior engineers, ensuring adherence to best practices and supporting their professional development. Competencies: Strong experience building and managing high performing teams. Familiarity with relational databases a strong plus (e. g. , Microsoft SQL Server, PostgreSQL). Prior knowledge of upgrading tools and technologies on mission critical platforms a strong plus. Strong knowledge of one or more leading Cloud platforms (AWS Preferred) and CI/CD tools such as Jenkins, Azure DevOps, or equivalent. Knowledge of application monitoring tools a strong plus. (Datadog preferred) Ability to collaborate cross-functionality with internal and external stakeholders. Excellent problem-solving, analytical, and communication skills, with a proven ability to lead complex initiatives. Requirements: Bachelor s degree in computer science, Engineering, or a related field. 10+ years of overall experience in technology. Minimum of 3 years experience managing high performing teams of 4 or more employees.

As a Principal Offensive Security Consultant, you'll be reporting to a Vice President in our Offensive Security team and deliver projects for some of the biggest enterprises in the world. You will perform various web application, API, mobile, and infrastructure penetration tests. You will also draft reports based on the assessment results and gathered evidence and help address client inquiries regarding these results. In addition to the execution of traditional security assessments, you will participate in their refinement and improvement. Day to day responsibilities Lead the execution of consultative, offensive security, and cloud security engagements as a thought-leader in the eyes of the client and your teammates Solution and scope engagements for our clients, including penetration tests, consultative engagements, cloud security projects, and more Oversee the delivery of multiple engagements in parallel to ensure that junior members of the team can deliver and exceed client expectation Execute internal strategic initiatives to help our practice grow, adapt, and evolve Manage junior members of the team by conducting one-on-ones, providing feedback and coaching, and supporting their career growth Remote working would be an option Essential Traits: 7+ years in cybersecurity, with at least 5 years in penetration testing, cloud security or red teaming A strong understanding of offensive security methodology and vulnerability frameworks such as the OWASP Top 10, MITRE ATT&CK, PTES, or others An ability to analyze root causes and deliver technological recommendations to our clients Essential Traits: Bachelor s degree or college diploma in information security, computer science or engineering, software engineering, or IT/System/Network administration Deep understanding of penetration testing, cloud security, or red teaming The capability to build and cultivate relationships with clients and colleagues A proven ability to lead and deliver information security assessments that don t always come with a playbook A deep understanding of application security, cloud security, infrastructure security, and other offensive or defensive security domains Demonstrated ability to manage and coach a team of ambitious information security phenoms

Serve as the POC for everyday Patching and Vulnerability Functions in the Infrastructure Engineering a nd Ope r ations organization across the Infrastructure towers Serve as key liaison and spokesperson during a n y risk and control meetings for any Infrastructure tower as per patching and vulnerability remediation , as soon as a threat has been identified and facilitating communications between Northern Trust groups Have or acquire an in depth understanding of the different moving parts and functions involved in the vulnerability remediation process especially as involves Infrastructure components Represent the Infrastructure towers in Risk Control with IT Leadership and operational committees to communicate the status, capabilities, and issues of the infrastructure organization Apply broad technical knowledge to provide remediation guidance across several of the technology areas Integrate technical control expertise and business understanding to coordinate / envision superior solutions for the infrastructure components Maintain an effective technical network across the Control community, ITOC, technical SMEs and architects for multiple service areas Analyze high volumes of vulnerabilities across individual towers requiring special attention Ingest and communicate vulnerability metrics with the greater Infrastructure team and Executive Management to allow for data-driven risk management Issue Management - Validate accuracy of vulnerability record s to be uploaded to ServiceNow Ensure responsible vulnerability o wners provide regular status updates in ServiceNow and escalate to accountable owner(s), as needed Support Management in providing timely information on status to key stakeholders (CIO, CTO etc . ) and obtain necessary approvals Support Management in monitoring issues with upcoming due dates (30 - 60 - 90 days), communicating and validating on progress to ensure transparency on status and vulnerability resolution Escalate any vulnerability downgraded to at risk within 90 days of due date to Management Facilitate deferral and extension process with formal notification and approvals (where needed) to appropriate accountable owners Review and validate evidence for closure of issues to ensure conditions for closure are met; document validation conclusion in vulnerability tickets Share key insights and learnings from participation in Infrastructure meetings to share with management As a partner at Northern Trust, you must actively manage and mitigate risk and act with integrity. In accordance with our core values of service, integrity, and expertise , you are expected to: Adhere to all applicable risk management programs, policies, and procedures Complete all mandatory training by the deadline Understand how your behavior could expose Northern Trust, its clients, and financial markets to different types of risk Ensure that Northern Trust or its clients are not exposed to inappropriate or excessive risk Escalate any risk concerns, including those resulting from mistakes / errors to a manager or business unit risk officer Exercise diligence regarding cyber-security Cooperate with internal control functions (including first-line Control, Risk, Compliance, Audit, self-assigned, etc.) and applicable regulatory bodies Avoid conflicts of interest or behaviors that might produce unfair outcomes for Northern Trust or its clients or damage the integrity of financial markets Qualifications Bachelors degree in information technology , Management Information Systems, Computer Science or a related discipline 10 + years as Infrastructure vulnerability and patching operating at enterprise scale Advanced technical problem-solving skills Practical experience in both technology infrastructure and application development architectures Strong system analysis and service development experience Financial or Regulatory domain experience Service Now experience Familiarity with Fusion a plus Knowledge/Skills Well-versed in patching and security industry best practices , tools and regulatory and compliance frameworks Highly motivated, energetic self-starter who takes ownership of issues and drives them to resolution Good organizational skills - manages and prioritizes multiple tasks across different time horizons within deadlines Cooperative, and collegial manner to be able to flex to wide range of stakeholders and in high-stakes situations Strong decision-making skills Strong analytical, problem solving and process re-engineering skills Excellent project management skills; oral and written communication Skills in translating broad strategic intent into tactical plans and directions are essential Applies broad industry knowledge and awareness Negotiates with senior leaders across the business

App security analyst 1 - - - - - - - - - - - - MISSION As part of the Michelin Groups Cybersecurity Expert (Business Support, Business Protection, Promotion of Responsible Security Behavior), in a field defined by the Michelin (Department DOTI) for ISIT security activities at DOTI and as a member of the CSSI team at DOTI : He/she is the privileged point of contact for all security aspects of his/her entity and liaises with his/her management team for the implementation of and compliance with security rules and practices. Together with DOTI/SSI, he/she defines the security roadmap for his/her entity, communicates it and contributes to its adoption. Provides the necessary support to project teams and day-to-day operations to ensure that security requirements are effectively implemented (e.g. follow-up of action plans following penetration tests, MGSR (security guidelines by Michelin). Deploys the Security by design approach within the entity and contributes to security education and training, which includes but not limited to SAT (security acceptance testing), vulnerability management, obsolescence management, patch management, enforcement of strong authentication and security by design framework. Participates in the network of entity security correspondents and monitors the various ad-hoc subjects initiated with Group Security. Maintains a technological and innovation watch for elements specific to his entity in terms of safety, in line with the entitys needs and requirements (for all non-specific matters, other entities oversee safety watch). Conducts and provides first-level support for risk analysis within the entitys application perimeter and contributes to vulnerability detection and remediation (EBIOS analysis, vulnerability scan follow-up, patch forum). He/she contributes to the dissemination and evangelization of best practices and safety regulations, by coordinating a network of safety contacts within his/her entity. He/she will act as backup to the Team Lead technical team. KEY EXPECTED RESULTS PERFORMANCE MEASUREMENT 1 Security by design enforcement All projects should follow the best practices of SecByDesign, max deviation should not cross 0.02% defects 2 Vulnerability Patch management Maintain the N-1 cycle and approach and ensure all assets, library and platform is updated with latest patch 3 Security Acceptance Testing All project should qualify the specific security requirement on project and should not over-cross the requirement 4 Obsolescence Management Life-cycle management of all ISIT assets, platform, OS, DB, Middleware, front-end, back-end and libraries Deviation should be mitigated within stipulated time-frame, maintain proactive eol and eos information and communicate with business for refresh 5 Security Authentication / Privilege management Strong security authentication for integrated system and human interacted software systems, if user is privilege then it must go thru MFA or Passwordless authentication mechanism. Generic ID s and PKI certificate life-cycle should be maintained and managed within due course of time-line. MAIN ACTIVITIES By following security charter process: Identifies evolution of critical assets and local points of contacts. Contributes to cybersecurity plan and evolutions of cybersecurity methods. Select CIS Framework controls, validate what is needed with respect to business services solution Lead the business team to create right synergies between core security team and PNI security team Work with the business to promote a culture of Risk awareness and control and to ensure consistency of practice and approach. Being proactive to provide right learning content to your team of developer to adopt the security by design framework Ensure the implementation of good security practices by dev/indus/test/operation teams, including in devops mode. Ensure regular reviews of user accounts on the scope of consolidation to ensure a good level of security Ensure regular reviews to ensure that the observed scope is compliant and that there is no shadow IT, identify the possible shadow IT. Verifies project security architectures in conjunction with the DOTI and group security teams. Controls the security level of dev/indus/test/prod environments and compliance with security rules for multi-tenant cloud environments and outsourcing actions. Ensure timely creation of roadmap and leading discussion with business to ensure all platforms are refreshed on timely manner, OS/DB s are updated once they are reaching their life-cycle, middleware, libraries are refreshed and used as and when they become obsolete Follows up progress of corrective action plans until closure.

App security analyst 1 MISSION As part of the Michelin Groups Cybersecurity Expert (Business Support, Business Protection, Promotion of Responsible Security Behavior), in a field defined by the Michelin (Department DOTI) for ISIT security activities at DOTI and as a member of the CSSI team at DOTI : He/she is the privileged point of contact for all security aspects of his/her entity and liaises with his/her management team for the implementation of and compliance with security rules and practices. Together with DOTI/SSI, he/she defines the security roadmap for his/her entity, communicates it and contributes to its adoption. Provides the necessary support to project teams and day-to-day operations to ensure that security requirements are effectively implemented (e.g. follow-up of action plans following penetration tests, MGSR (security guidelines by Michelin). Deploys the Security by design approach within the entity and contributes to security education and training, which includes but not limited to SAT (security acceptance testing), vulnerability management, obsolescence management, patch management, enforcement of strong authentication and security by design framework. Participates in the network of entity security correspondents and monitors the various ad-hoc subjects initiated with Group Security. Maintains a technological and innovation watch for elements specific to his entity in terms of safety, in line with the entitys needs and requirements (for all non-specific matters, other entities oversee safety watch). Conducts and provides first-level support for risk analysis within the entitys application perimeter and contributes to vulnerability detection and remediation (EBIOS analysis, vulnerability scan follow-up, patch forum). He/she contributes to the dissemination and evangelization of best practices and safety regulations, by coordinating a network of safety contacts within his/her entity. He/she will act as backup to the Team Lead technical team. KEY EXPECTED RESULTS PERFORMANCE MEASUREMENT 1 Security by design enforcement All projects should follow the best practices of SecByDesign, max deviation should not cross 0.02% defects 2 Vulnerability Patch management Maintain the N-1 cycle and approach and ensure all assets, library and platform is updated with latest patch 3 Security Acceptance Testing All project should qualify the specific security requirement on project and should not over-cross the requirement 4 Obsolescence Management Life-cycle management of all ISIT assets, platform, OS, DB, Middleware, front-end, back-end and libraries Deviation should be mitigated within stipulated time-frame, maintain proactive eol and eos information and communicate with business for refresh 5 Security Authentication / Privilege management Strong security authentication for integrated system and human interacted software systems, if user is privilege then it must go thru MFA or Passwordless authentication mechanism. Generic ID s and PKI certificate life-cycle should be maintained and managed within due course of time-line. MAIN ACTIVITIES By following security charter process: Identifies evolution of critical assets and local points of contacts. Contributes to cybersecurity plan and evolutions of cybersecurity methods. Select CIS Framework controls, validate what is needed with respect to business services solution Lead the business team to create right synergies between core security team and PNI security team Work with the business to promote a culture of Risk awareness and control and to ensure consistency of practice and approach. Being proactive to provide right learning content to your team of developer to adopt the security by design framework Ensure the implementation of good security practices by dev/indus/test/operation teams, including in devops mode. Ensure regular reviews of user accounts on the scope of consolidation to ensure a good level of security Ensure regular reviews to ensure that the observed scope is compliant and that there is no shadow IT, identify the possible shadow IT. Verifies project security architectures in conjunction with the DOTI and group security teams. Controls the security level of dev/indus/test/prod environments and compliance with security rules for multi-tenant cloud environments and outsourcing actions. Ensure timely creation of roadmap and leading discussion with business to ensure all platforms are refreshed on timely manner, OS/DB s are updated once they are reaching their life-cycle, middleware, libraries are refreshed and used as and when they become obsolete Follows up progress of corrective action plans until closure.

As the Head of Compliance , you will be responsible for overseeing and ensuring compliance with all regulatory requirements and risk management practices for IMC India. You will work closely with Global Compliance teams, Risk Manager, Trading, Technology, Finance, Operations and other key stakeholders. As a Compliance Officer you will ensure that IMC operates within the legal and regulatory framework set by SEBI and other regulators.. This role requires a strategic thinker with strong analytical skills to provide key compliance insights and business recommendations to management based on regulatory updates. Your Core Responsibilities: Your responsibilities will include, but not be limited to: Oversee and coordinate regulatory reporting efforts and audits, ensuring timely and accurate submissions. Manage and oversee regulatory inspections, periodic regulatory audits, including Internal, Systems, Cyber, and other regulatory audits, ensuring timely resolution of findings / observations. Address and resolve Exchange and Regulatory alerts, investigations, and suspicious activity reports, while effectively communicating updates to the Board of Directors and Group Chief Risk Officer. Oversee employee compliance requirements, including mandatory trainings and declarations and provide relevant assistance where required. Oversee all the secretarial compliances as per Companies Act, 2013 and other applicable rules and regulations. Supervising follow-up actions with internal teams and external stakeholders to ensure prompt resolution of compliance related issues. Monitoring the Risk Management System (RMS) in the absence of Risk Manager. Provide strategic recommendations to management on business opportunities and key action points stemming from revised regulations, ensuring proactive alignment with evolving compliance requirements. Conduct periodic risk assessments to identify areas of potential compliance vulnerability and drive mitigation strategies. Keep abreast of regulatory developments, ensuring timely implementation of changes in laws and regulations. Acting as the company s primary liaison with SEBI and other regulators, representing IMC India in regulatory discussions and engagements. Ensure the compliance programs and systems are regularly updated and functioning effectively, aligning with all relevant regulatory frameworks. Assist the Board and Senior Management in overseeing the implementation of Compliance Policies, procedures, prescriptions in Compliance Manuals, and internal codes of conduct. Promote IMC s Compliance culture, awareness of regulatory developments, and best practices within the business Identify innovative and technology-driven solutions to streamline and scale compliance processes Play a central role in identifying the level of Compliance risk in the organization and provide insights to the Board on mitigation strategies. Ensure compliance with supervisory directions from regulatory bodies and communicate relevant updates to the Board. Collaborate with the Board and Senior Management to ensure that compliance measures align with business objectives while adhering to all compliance requirements. Your Skills and Experience: Over 10+ years of experience in compliance, secretarial, and risk management roles in the securities market. Qualified Company Secretary (CS) or Chartered Accountant. LLB will be an added advantage. A thorough understanding of Business Rules, Bye-Laws, and various regulatory provisions of SEBI and various Exchanges and Clearing Corporations NISM-Series-III-A and VII certifications (or readiness to obtain before joining). Strong analytical, communication, and project management skills. Technology skills involving scripting and databases (eg SQL) are an advantage. IMC is a leading global trading firm powered by a cutting-edge research environment and a world-class technology backbone. Since 1989, we ve been a stabilizing force in financial markets, providing essential liquidity upon which market participants depend. Across our offices in the US, Europe, and Asia Pacific, our talented quant researchers, engineers, traders, and business operations professionals are united by our uniquely collaborative, high-performance culture, and our commitment to giving back. From entering dynamic new markets to embracing disruptive technologies, and from developing an innovative research environment to diversifying our trading strategies, we dare to continuously innovate and collaborate to succeed.

Position: C2H Mandate Skill: Vulnerability, Cybersecurity, Insight VM. Location: Bangalore Work Mode : Hybrid Notice Period: Immediate Joiner Role & responsibilities At least 10 years of experience in providing technical support and advice for a Security Operations Centre Demonstrate in-depth knowledge of Security incident Management and Security Operations. Excellent communication and client relationship skills to interface with clients, stakeholders, and senior leadership. At least 5 years experience in providing Vulnerability Management Services Demonstrable experience and knowledge in supporting and managing IDS & IPS technologies Significant experience and ability to manage and lead in crisis situations, ensuring a swift and effective response. Demonstrable experience in leading and coordinating diverse teams effectively. Excellent English writing skills for technical documents and improving processes (such as policies and reports). Outstanding English verbal communication skills with the ability to explain things in a clear and non-technical way. Strong attention to detail and the ability to deliver high quality work. A relevant and recognised professional Security / Risk / Compliance certification supporting the role, such as CISSP, CICM, GCIH, etc.

The Group You ll Be A Part Of The Global Information Systems Group is dedicated to the success of Lam through providing best-in-class and innovative information system solutions and services. Together, we support users globally with data, information, and systems to achieve their business objectives. The Impact You ll Make We are seeking an M365 System Security Analyst with 3+ years of experience to join our Information Security Department. This role focuses on monitoring and maintaining Lam s security tools, including DNS monitoring, Data Loss Prevention (DLP), spam/anti-phishing detection, vulnerability scanners, and anti-virus systems. Key responsibilities include triaging alerts from security tools and coordinating remediation with the IT team and 3rd party vendors. Supporting security incident response efforts as required by the Cyber Incident Response Plan (CIRP). Managing user requests via the ticketing system, including email investigations and access requests. This position requires foundational experience in information security, offering opportunities to enhance skills and contribute to a robust security program. What You ll Do Assist in the configuration and management of security tools and technologies Monitor and triage alerts from Lam s security stack (e.g., SIEM, DLP, and AV). Work with Lam s MSSPs to tune and enhance security solutions Monitor Lam s spam filters and provide recommendations on protective actions Conduct vulnerability scans, report findings and recommendations to senior team members Work with IT teams (e.g., Applications, Infrastructure, Networking) to remediate vulnerabilities Monitor Lam s internal ticketing system and respond to internal customer requests Conduct user account audits and correct discrepancies Serve as a member of the Security Operations Team during a cyber incident Assist senior team members in meeting organizational needs and completing other duties as assigned Who We re Looking For Bachelor s degree in cyber security, computer science or a related discipline 3+ years of experience in a cyber or information security role Hands-on experience with security monitoring and incident response Hands on experience with Microsoft Intune and M365 security solutions Understanding of SIEM, DLP, spam filters and anti-virus tools Hands on experience with Netskope preferred Experience running vulnerability scans and processing results Understanding of security control frameworks and compliance standards (e.g., NIST) Understanding of operating systems such as Microsoft and Linux Ability to quickly adapt and change priorities as business needs change Must be detailed and results-oriented Ability to clearly express ideas and information to senior team members Our Commitment We believe it is important for every person to feel valued, included, and empowered to achieve their full potential. By bringing unique individuals and viewpoints together, we achieve extraordinary results. Lam Research ("Lam" or the "Company") is an equal opportunity employer. Lam is committed to and reaffirms support of equal opportunity in employment and non-discrimination in employment policies, practices and procedures on the basis of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex (including pregnancy, childbirth and related medical conditions), gender, gender identity, gender expression, age, sexual orientation, or military and veteran status or any other category protected by applicable federal, state, or local laws. It is the Companys intention to comply with all applicable laws and regulations. Company policy prohibits unlawful discrimination against applicants or employees. Lam offers a variety of work location models based on the needs of each role. Our hybrid roles combine the benefits of on-site collaboration with colleagues and the flexibility to work remotely and fall into two categories - On-site Flex and Virtual Flex. On-site Flex you ll work 3+ days per week on-site at a Lam or customer/supplier location, with the opportunity to work remotely for the balance of the week. Virtual Flex you ll work 1-2 days per week on-site at a Lam or customer/supplier location, and remotely the rest of the time.

Summary: The SecOps Engineer is responsible for supporting the development, implementation, and management of security policies, procedures, and protocols within the organization. This role involves monitoring security alerts, analyzing incidents to identify potential threats, conducting vulnerability assessments, and assisting with the investigation of security breaches. The SecOps Engineer will collaborate with IT and other departments to ensure adherence to security best practices while maintaining and managing security tools and technologies. The ideal candidate will have 3+ years of IT experience, a foundational understanding of cybersecurity principles, and experience working with security tools such as firewalls, Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), and Mobile Device Management (MDM). Key Responsibilities: Security Monitoring & Incident Response: Monitor security alerts, events, and incidents, performing detailed analysis to identify and mitigate potential security threats. Vulnerability Assessment & Management: Assist with the identification and management of vulnerabilities in the organization s infrastructure, ensuring regular assessments are performed to minimize security risks. Security Tools Management: Support the management, maintenance, and optimization of security tools, including firewalls, EDR, SIEM, and MDM systems. Policy Development & Implementation: Contribute to the development and enforcement of security policies, procedures, and protocols to ensure compliance with organizational and regulatory standards. Security Incident Investigation: Assist in investigating security breaches and incidents, providing detailed analysis and recommending corrective actions to prevent future occurrences. Collaboration & Best Practices: Work closely with IT, security, and other departments to ensure that security best practices are adhered to across the organization. Security Trend Monitoring: Stay current with the latest cybersecurity trends, vulnerabilities, and technologies, leveraging this knowledge to improve security posture and ensure proactive defenses. Reporting & Documentation: Maintain detailed records of security incidents, assessments, and responses. Regularly report on security status and compliance to internal stakeholders. Vendor Management & Compliance: Manage security and privacy processes related to the vendor management program, including collecting security and privacy questionnaires from vendors in compliance with ISO, SOC2, GDPR, and other standards. GRC Process Support: Collaborate with Governance, Risk, and Compliance (GRC) teams to ensure adherence to security standards (ISO 27001, SOC2, PCI) and support internal and external audits by providing necessary artifacts and documentation. Continuous Improvement: Identify areas for process improvement and assist in the enhancement of internal security processes, ensuring alignment with industry best practices. Skills & Qualifications: Experience: Minimum of 3 years of IT experience, with a focus on security operations, incident response, and vulnerability management. A Bachelor s degree in a related field (e.g., Information Security, Computer Sc

would be leading 1-2 large projects at any time involving suspicions of fraud and misconduct by employees, management or third parties, as well as, fraudulent financial reporting on the part of management. They shall be having teams report to them at a project level. Help direct activities involving the tracing, identification and recovery of lost assets Assist organizations in protecting value through the assessment of their risk and vulnerability to fraud and misconduct Use a variety of diagnostic and forensic technology techniques to help determine key areas of risk and assess how well that risk is managed Establish steps to test and help mitigate vulnerabilities to fraud and misconduct. The candidate will drive the delivery of various engagements including undertaking status reviews, developing process frameworks for fraud monitoring systems (FMS), implementation methodology, training client personnel The Individual Experience in the Forensic Sector with strong experience and understanding of processes and controls. Background in consulting preferably from the Big 4 or similar firms is a pre-requisite. Demonstrated track record of project execution capabilities and strong ability to map client business requirements and convert the same to a viable business proposition Will be able to take responsibility on revenue numbers and bring new clients to the group Strong communication skills with client facing experience with ability to interact and make presentations at the CXO level Strong team management responsibilities and people management skills. Should be able to lead by example and motivate the team and be a team player Provide strategic decisions to team and clients Strong analytical and problem-solving skills Consistent display of leadership skills Ability to work under pressure - stringent deadlines and tough client conditions which may demand extended working hours. Ability to work well in teams Willingness to travel within India or abroad for continuous long periods of time Demonstrate integrity, values, principles, and work ethics

We are seeking a highly skilled and experienced Compliance Officer APAC to join our team in Bangalore, India. The Group Compliance Officer APAC will take care of the Compliance Management System in the Compliance core areas Business Ethics, Anti-Money Laundering (AML) and Antitrust including but not limited to the operationalization of the Compliance strategy. As a key member of our compliance department, you will be responsible for ensuring our organization adheres to all relevant laws, regulations, and internal policies across the Asia-Pacific region. Global Compliance Support Interface between Group Compliance APAC and the other Group Compliance departments. Serve as a first contact point for the locations. Support the Group Compliance strategy at a regional level. Collaborate continuously with the Central Compliance team and embrace global compliance initiatives, e. g. regarding trainings, communication, and integrity culture. Continuously support the improvement of design and implementation of the Compliance Management System (CMS) especially considering the regional aspects and applications of the CMS. Ensure the effectiveness of compliance measures in the Compliance Cycle. Compliance Program Enable business by providing legal advice in the core Compliance areas. Give practical advice on changes in the regional businesses regulatory environments. Support communication on Compliance in APAC. Support business in developing adequate processes to implement Compliance requirements. Monitor legal and regulatory developments in the APAC region and, together with the Compliance region and the Central Teams, design and implement measures to update the Compliance Management System to address those developments in a timely manner. Develop a strong network across the APAC region and support the regional APAC Compliance team in all regional aspects. Actively interact with and support the APAC Compliance Coordinator network. Compliance Risk Management Support the local business with the identification of potential areas of legal and compliance vulnerability and risks evaluating the impact of potential non-compliant acts. Support the design and implementation of processes to eliminate and /or limit identified risks. In coordination with Business Management help identify risks and prevent compliance failures so that business leaders are updated on relevant legal developments and changes in compliance guidelines. Help ensure all employees are educated on all relevant local and Global regulations and processes. Help design and deploy training to prevent, detect, and mitigate those risks, fostering the continuous analysis of compliance risks in all business areas, especially the monitoring of internal control mechanisms for the early detection of compliance concerns in coordination with other relevant functions and help initiate a lessons-learned process. Report any Compliance incidents to the Compliance Case Management Department. Together with the relevant Group Functions and the business sector take care that appropriate measures, consequences and lessons learned are taken in case of any Compliance incident. Support any internal or external audit determined by the Continental businesses to find possible weaknesses, compliance risks, and opportunities to the Business. Reports Provide reports on a regular basis, and as directed or requested, to keep senior management informed of the cooperation and progress of compliance efforts. Training Compile training content and carry out trainings in the core Compliance areas to address key risk issues. Collaborate with Central Compliance to provide guidance and raise employee awareness regarding Compliance and security issues. Provide specific training sessions to the Compliance Coordinators.