296 Vulnerability Jobs - Page 3

Cyber Security Engineer As an Cyber Security Engineer II here at Honeywell, you will be accountable for ensuring the security of our products and services. You will work closely with our team to implement and maintain security measures to protect our customers from cyber threats. You will report directly to our Security Engineering Manager and you ll work out of our Orion Campus, Bangalore location on a hybrid work schedule. In this role, you will impact the security of all of our products and services, ensuring the self-assured integrity and availability of our customers products, data, and information. You will work with cross-functional teams to develop and implement security solutions, conduct vulnerability assessments, and respond to security incidents. At Honeywell, our people play a critical role in developing and assisting our employees to help them perform at their best and drive change across the company. Help to build a strong, diverse team by recruiting talent, identifying, and developing successors, driving retention and engagement, and fostering an inclusive culture. KEY RESPONSIBILITIES Develop and implement security measures to protect systems and networks Conduct vulnerability assessments and penetration testing Monitor and respond to security incidents Work with cross-functional teams to ensure security requirements are met Stay up-to-date with the latest cybersecurity trends and technologies YOU MUST HAVE 3+ years of experience in cybersecurity or a related field Bachelors degree or equivalent experience in Software Engineering, Computer Science, or related discipline Familiarity with the following tools with direct experience in several of them: o Java / Groovy o Python o JIRA ScriptRunner o Jenkins o Ansible / Boto3 o DevSecOps o Security Requirements o Threat Modeling o Penetration Testing Tools o Public Key Infrastructure o Embedded Device Software Engineering o Hardware Engineering WE VALUE Strong knowledge of python-based development Experience designing and deploying global technology services Deep understanding of tool automation and integration Strong knowledge of secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response Understanding of security by design principles and architecture level security concepts Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Excellent communication and leadership skills Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders Technical leadership experience in the software security field Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP Understanding of Agile software development practices ABOUT HONEYWELL Honeywell International Inc. (Nasdaq: HON) invents and commercializes technologies that address some of the world s most critical demands around energy, safety, security, air travel, productivity, and global urbanization. We are a leading software-industrial company dedicated to introducing state-of-the-art technology solutions to improve efficiency, productivity, sustainability, and safety in high-growth businesses in broad-based, attractive industrial end markets. Our products and solutions enable a safer, more comfortable, and more productive world, enhancing the quality of life of people around the globe. THE BUSINESS UNIT The Corporate Strategic Business Group (CORP SBG) at Honeywell is a division focused on corporate-level functions and initiatives that facilitate the overall operations and strategy of the company. It is accountable for overseeing areas such as finance, legal, human resources, communications, and corporate governance, working closely with other business units and SBGs to ensure alignment and coordination across the organization. The CORP SBG plays a crucial role in the overall strategic direction and management of Honeywells corporate functions and operations, assisting the companys business objectives. Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, care or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.

Advanced Cyber Security Engineer As an Advanced Cyber Security Engineer II here at Honeywell, you will be accountable for ensuring the security of our products and services. You will work closely with our team to implement and maintain security measures to protect our customers from cyber threats. You will report directly to our Security Engineering Manager and you ll work out of our Orion Campus, Bangalore location on a hybrid work schedule. In this role, you will impact the security of all of our products and services, ensuring the self-assured integrity and availability of our customers products, data, and information. You will work with cross-functional teams to develop and implement security solutions, conduct vulnerability assessments, and respond to security incidents. At Honeywell, our people play a critical role in developing and assisting our employees to help them perform at their best and drive change across the company. Help to build a strong, diverse team by recruiting talent, identifying, and developing successors, driving retention and engagement, and fostering an inclusive culture. KEY RESPONSIBILITIES Develop and implement security measures to protect systems and networks Conduct vulnerability assessments and penetration testing Monitor and respond to security incidents Work with cross-functional teams to ensure security requirements are met Stay up-to-date with the latest cybersecurity trends and technologies COMPENSATION The annual base salary for this position is . Please note that this salary information serves as a general guideline. Honeywell considers various factors when extending an offer, including but not limited to the scope and responsibilities of the position, the candidates work experience, education and training, key skills, as well as market and business considerations. BENEFITS OF WORKING FOR HONEYWELL Benefits - Medical, Vision, Dental, Mental Health Paid Vacation 401k Plan/Retirement Benefits (as per regional policy) Career Growth Professional Development YOU MUST HAVE 3+ years of experience in cybersecurity or a related field Bachelors degree or equivalent experience in Software Engineering, Computer Science, or related discipline Familiarity with the following tools with direct experience in several of them: Java / Groovy Python JIRA ScriptRunner Jenkins Ansible / Boto3 DevSecOps Security Requirements Threat Modeling Penetration Testing Tools Public Key Infrastructure Embedded Device Software Engineering Hardware Engineering WE VALUE Strong knowledge of python-based development Experience designing and deploying global technology services Deep understanding of tool automation and integration Strong knowledge of secure software development lifecycle and practices such as threat modeling, security reviews, penetration tests, and security incident response Understanding of security by design principles and architecture level security concepts Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Excellent communication and leadership skills Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders Technical leadership experience in the software security field Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP Understanding of Agile software development practices ABOUT HONEYWELL Honeywell International Inc. (Nasdaq: HON) invents and commercializes technologies that address some of the world s most critical demands around energy, safety, security, air travel, productivity, and global urbanization. We are a leading software-industrial company dedicated to introducing state-of-the-art technology solutions to improve efficiency, productivity, sustainability, and safety in high-growth businesses in broad-based, attractive industrial end markets. Our products and solutions enable a safer, more comfortable, and more productive world, enhancing the quality of life of people around the globe. THE BUSINESS UNIT The Corporate Strategic Business Group (CORP SBG) at Honeywell is a division focused on corporate-level functions and initiatives that facilitate the overall operations and strategy of the company. It is accountable for overseeing areas such as finance, legal, human resources, communications, and corporate governance, working closely with other business units and SBGs to ensure alignment and coordination across the organization. The CORP SBG plays a crucial role in the overall strategic direction and management of Honeywells corporate functions and operations, assisting the companys business objectives. Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, care or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.

Dev Support Engineer We are looking for a skilled Workday Dev BAU Support Engineer to join our DAMO team. This role involves troubleshooting and maintaining backend applications, managing cloud resources, ensuring security compliance, and supporting automation pipelines. The ideal candidate should have experience with Node.js, Google Cloud Platform (GCP), and security tools, along with a strong problem-solving mindset. Responsibilities Debug and troubleshoot Node.js backend applications using console logs and monitoring tools. Manage and establish secure connections between Node.js applications and GCP using service accounts, SSH, and shell scripting. Work with various GCP resources, including App Engine, Datastore, Cloud Scheduler, BigQuery, and Secret Manager. Monitor and analyze GCP notifications for hosted applications, identifying and resolving issues proactively. Investigate InfoSec vulnerability alerts and leverage GCP Security Command Center for security analysis. Ensure application security by working with tools such as Wiz and Snyk to detect and remediate vulnerabilities. Understand and support CircleCI pipelines for continuous integration and deployment. Work with the NEO platform, including token generation, subscription management, and replaying events. Qualifications Experience: 4+ years of experience in Level 2 or Level 3 technical support, with a strong focus on Workday. Experience in Node.js application development and debugging. Hands-on experience with GCP services, including authentication and resource management. Strong knowledge of CI/CD pipelines, especially CircleCI. Familiarity with security tools such as Wiz, Snyk, and GCP Security Command Center. Ability to analyze and respond to cloud security alerts and notifications. Soft Skills: Excellent problem-solving skills with the ability to analyze and resolve complex issues. Strong communication skills to interact effectively with technical teams and business users. Ability to work independently and as part of a team in a fast-paced environment. Strong documentation skills to ensure knowledge sharing and process standardization.

In our always on world, we believe it s essential to have a genuine connection with the work you do. Are you excited by a challenge? Driven by learning and growth? Then joining CommScope s cybersecurity team may be the right next step for you. We are looking out for a Cyber Security Engineer to join our team in Hyderabad. In this role, you will serve as a key individual contributor on our Security Architecture and Engineering team. A CommScope Security Engineer is responsible for designing, implementing, maintaining, monitoring, and managing key technical security systems/controls that protect our business. Success in this role will require foundational understanding of technology stacks, security tooling, and securing cloud environments (Azure, GCP, AWS. Ideal candidates will be willing to grow their technical skills by working on a broad range of security technical controls in an environment where your contribution will matter. Your work will be critical to our organization s cyber security success. CommScope s security team takes pride in protecting the people, processes, and technologies that serve our customers, and their customers - the billions of people our products and services help to connect each day. Join us and pursue your personal best! How Youll Help Us Connect the World : Implement, maintain, monitor, and manage cyber security systems and controls. Deliver projects on time, within budget and in accordance with service level agreements (SLAs). Work in tandem with architects, senior engineers, the security operations center (SOC), incident responders (in cases of anomalous activity and host compromise), and technology infrastructure and development team members. Participate regularly change management meetings. Conduct performance and efficacy testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted. Collaborate with other team members to develop technical security standards and best practices across various security domains; socialize and evangelize to other technology teams. Articulate common practices and tactics used by malicious software and threat actors, along with associated remediation, to other IT teams. Assist members of the Governance, Risk, and Compliance team to answer technical questions from auditors and clients. Required Qualifications for Consideration: A bachelor s degree with Preferably 4+ years of cyber security experience, demonstrating increased responsibility and success in each role. Hands-on experience in implementing and supporting at least 2 security capabilities (firewalls, CASB, SSE, DLP, SIEM, endpoint, vulnerability scanning, PKI, MFA, CSPM, etc.) Previous professional experience in other IT / technical domains and communicating relevant domain information with a non-technical audience. Proven analytical and critical thinking skills. Strong interpersonal, written, and oral communication skills. Demonstrated customer service and solution-focused orientation. Ambitious and disciplined. Self-starter, able to manage one s own time and juggle competing tasks, proactively seeking prioritization and guidance when needed. You Will Excite Us If You Have: Hands-on experience working with a major public cloud provider, such as Azure, AWS, or GCP. Significant familiarity with Azure security controls and services. Familiarity with Netskope. Familiarity with Palo Alto Networks firewalls and related controls.

Design and implement security controls for products throughout the SDLC. Perform threat modeling, security reviews, and vulnerability assessments. Collaborate with development teams to integrate security best practices. Respond to, investigate, and remediate security incidents related to products. Develop and maintain security automation tools and scripts. Conduct secure code reviews and penetration testing. Research and evaluate emerging security technologies and threats. Create and deliver developer training on secure coding practices. Document security guidelines, standards, and compliance requirements. Communicate risks and mitigation strategies to technical and non-technical stakeholders. Requirements Bachelors degree in Computer Science, Information Security, or a related field. Strong experience in application security, threat modeling, and vulnerability assessment. Proficiency in secure coding practices and common security tools (e.g., SAST, DAST). Familiarity with SDLC, DevSecOps, and cloud security principles. Excellent communication skills and ability to collaborate across teams.

Roles & Responsibilities Project Related Would be leading 1-2 large projects at any time involving suspicions of fraud and misconduct by employees, management or third parties, as well as, fraudulent financial reporting on the part of management. They shall be having teams report to them at a project level. Will have the responsibility of project execution and shall report to a director/partner on every project. They shall be responsible for ensuring project profitability, quality as well as adherence to the agreed project plan Help direct activities involving the tracing, identification and recovery of lost assets Assist organizations in protecting value through the assessment of their risk and vulnerability to fraud and misconduct Use a variety of diagnostic and forensic technology techniques to help determine key areas of risk and assess how well that risk is managed Establish steps to test and help mitigate vulnerabilities to fraud and misconduct. The candidate will drive the delivery of various engagements including undertaking status reviews, developing process frameworks for fraud monitoring systems (FMS), implementation methodology, training client personnel The Individual Experience in the Forensic Sector with strong experience and understanding of processes and controls. Background in consulting preferably from the Big 4 or similar firms is a pre-requisite. Demonstrated track record of project execution capabilities and strong ability to map client business requirements and convert the same to a viable business proposition Will be able to take responsibility on revenue numbers and bring new clients to the group Strong communication skills with client facing experience with ability to interact and make presentations at the CXO level Strong team management responsibilities and people management skills. Should be able to lead by example and motivate the team and be a team player Provide strategic decisions to team and clients Strong analytical and problem-solving skills Consistent display of leadership skills Ability to work under pressure - stringent deadlines and tough client conditions which may demand extended working hours. Ability to work well in teams Willingness to travel within India or abroad for continuous long periods of time Demonstrate integrity, values, principles, and work ethics .

Required Skills Technology | Scripting and Automation | Level 2 Support Technology | Network Security Fundamentals | Level 3 Support Technology | Secured Configuration Management | Level 3 Support Technology | Incident and Breach Response | Level 2 Support Technology | Endpoint Encryption | Level 2 Support Education Qualification : Engineer - B.E / B.Tech / MCA Certification Mandatory / Desirable : Technology | Certified Endpoint Detection and Response Professional/Certified Endpoint Security Administrator/Microsoft Certified: MD-100/CompTIA CySA+/CISSP/CISM/Cisco Certified CyberOps Associate/VMware Certified Professional - Desktop and Mobility Delivery Skills required are: - Advanced Technical Proficiency: - *Mastery of endpoint security solutions such as antivirus, endpoint detection and response (EDR), endpoint protection platforms (EPP), and mobile device management (MDM) systems. *Ability to configure, manage, and troubleshoot advanced endpoint security technologies effectively. *Advanced skills in conducting vulnerability assessments, prioritizing vulnerabilities, and overseeing remediation efforts across endpoint devices. Strategic Oversight and Management: - *Strategic oversight of endpoint security operations, including policy development, deployment strategies, and performance monitoring. *Collaboration with IT teams, network security specialists, compliance officers, and senior management to integrate endpoint security initiatives with broader organizational security strategies. *Facilitation of collaborative efforts to improve endpoint security posture and incident response capabilities. Communication and Stakeholder Management: - *Clear and concise communication of complex technical concepts, security risks, and recommendations to stakeholders at all levels. *Ability to articulate endpoint security issues, incident findings, and remediation strategies effectively. *Comprehensive documentation of endpoint security incidents, investigations, and remediation activities. Continuous Improvement and Adaptability: - *Commitment to staying updated with the latest cybersecurity trends, emerging threats, and technologies through ongoing training, certifications, and industry participation. *Implementation of continuous improvement initiatives to enhance endpoint security operations and resilience against evolving threats. Leadership and Mentorship: - *Mentorship of endpoint security team members to foster their professional growth and technical expertise. *Providing guidance on career development paths and skill enhancement within the endpoint security domain.

Take on a crucial role where youll be a key part of a high-performing team delivering secure software solutions. Make a real impact as you help shape the future of software security at one of the worlds largest and most influential companies. As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity & Tech Controls team , you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circumvention, and malicious behavior. As a core technical contributor, you are responsible for carrying out critical technology solutions with tamper-proof, audit defensible methods across multiple technical areas within various business functions. Job responsibilities Executes creative security solutions, design, development, and technical troubleshooting with the ability to think beyond routine or conventional approaches to build solutions and break down technical problems Develops secure and high-quality production code and reviews and debugs code written by others Minimizes security vulnerabilities by following industry insights and governmental regulations to continuously evolve security protocols, including creating processes to determine the effectiveness of current controls Works with stakeholders and business leaders to understand security needs and recommend business modifications during periods of vulnerability Conducts discovery, vulnerability, penetration testing, and threat scenarios on multiple organizational assets to identify and assess if vulnerabilities are present, and executes threat modeling for multiple applications including external applications interacting with the internal JPMorgan Chase network Adds to team culture of diversity, equity, inclusion, and respect Required qualifications, capabilities, and skills Formal training or certification on security engineering concepts and 5+ years applied experience Experience developing security engineering solutions, along with design and implementation of cloud security solutions on AWS for best technical practices Advanced in one or more programming languages Python or Java Proficient in all aspects of the Software Development Life Cycle Advanced understanding of agile methodologies such as CI/CD, Application Resiliency, and Security Experience with threat modeling, discovery, vulnerability, and penetration testing In-depth knowledge of the financial services industry and their IT systems Preferred qualifications, capabilities, and skills Effective communication skills. Certified AWS solution Architect Familiar with AWS Security & CISSP/CCSP

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Senior Consultant Specialist In this role, you will: Perform highly technical/analytical security assessments of custom mobile applications, widely understood infrastructure and networks, web services and APIs. This covers manual penetration testing, source code and configuration review. Clearly and professionally document root cause and risk analysis of all findings Adhere to the security testing process and raise any gaps or opportunities for improvement with manager. Work closely with the DevOps teams to ensure that the security testing requirements are met and help automate repetitive tasks. Develop understanding of business functionality and apply testing methodology as appropriate to technologies and risks Code and demonstrate basic proof-of-concept exploits of vulnerabilities when required. Assist with coordination of security testing projects according to a structured process, including writing test plans, test cases and test reports. Advise on vulnerability remediation, control implementation and secure development practices Assess product release risk and complexity and identify potential misuse scenarios through review of business requirements and design specifications Assist with tracking, remediation, and risk acceptance for identified security vulnerabilities. Assist in planning, test execution and vulnerability mitigation Ensure that company security policies are implemented, enforced, and enhanced when appropriate Participate in team discussions to formulate new or enhance existing processes and standards Assist in security incident response activities Adhere strictly to compliance and operational risk controls in accordance with company and regulatory standards, policies and practices; report control weaknesses, compliance breaches and operational loss events Run evaluations of new security testing technologies and provide recommendations. Monitor security industry information sources and keep abreast of events, research, and developments. Identify opportunities to improve our processes, quality of the work and efficiencies. Mentor junior team members Other responsibilities as assigned Requirements To be successful in this role, you should meet the following requirements: Minimum 12+ years of experience in IT Maintain a wide breadth of penetration testing and/or leadership management skills to a significant degree of depth. Understand the business context/significance of technical penetration testing findings. Consistently output superior quality of deliverables. Poses an entrepreneurial attitude to excel in loosely defined scenarios. Ability to work independently or lead any size team of penetration testers. Superior time management skills and self-discipline. Be subject matter expert in at least 2 of penetration testing domains (i. e. infrastructure/apps/mobile). Demonstrated ability to solve complex technical problems. At least 5 years of prior demonstrable hands-on experience in penetration testing. Solid understanding of the platform security models for iOS and Android platforms. Excellent understanding of platform-specific security risks, common vulnerabilities for mobile applications, common risks in financial applications. Practical knowledge of penetration testing of widely understood infrastructure, web and mobile technologies, using manual and automated testing methods. Excellent TCP/IP knowledge and understanding of security implications/issues. Strong web application testing experience. Proven programming/scripting skills. Ability to explain security functionality from first principles. Ability to adapt and apply information to new scenarios and technologies. Strong understanding of applied use of cryptography in application development.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. We are currently seeking an experienced professional to join our team in the role of Lead consultant specialist In this role you will: Hunting for malicious or anomalous activity across the enterprise, using existing tools. Acting in co-ordination with GCO staff to lead the development and implementation of an advanced analysis and search capability focused on identifying potentially sophisticated APT and insider threat activities within the organization. Researching new and existing threat actors and associated tactics, techniques and procedures (TTPs); developing a detailed understanding of their potential impact to the organization, providing recommended solutions for improving our defensive and detective capability. Collaboration with the wider Cybersecurity functions, e. g. , Red Team, to develop hypotheses for new attack techniques and evasion methods. Coordinating threat hunting activities, leveraging intelligence from multiple internal and external sources. Reviewing incident and penetration testing reports and corresponding logs, to identify gaps in our detection capability and provide recommendations to improve them. Providing expert analytic investigative support on large scale and complex security incidents. Contributing to the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes Training, developing, mentoring, and inspiring colleagues across the function in area(s) of specialism, strengthening Cybersecurity Operations capabilities. Represent HSBC Global Cybersecurity Operations at internal awareness and external cybersecurity forums. Collaborate with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose. Identify processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources. Requirements To be successful in this role, you should meet the following requirements: Excellent investigative skills, insatiable curiosity, and an innate drive to win. Instinctive and creative, with an ability to think like the enemy. Strong problem-solving and trouble-shooting skills Deep knowledge of hacker culture Developed external peer network for sharing intelligence. Self-motivated and possessing of a high sense of urgency and personal integrity. Excellent understanding of HSBC cyber security principles, global financial services business models, regional compliance regulations and laws. Excellent understanding and knowledge of common industry cyber security frameworks, standards, and methodologies, including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards. Proven experience in identifying and responding to advanced attacker methodologies both within the corporate environment as well as external attack infrastructures, ideally with offensive experience and / or deception environment development (tripwire systems, honeypots, honey-token/accounts, etc. ) using open source, vendor purchased and bespoke/in-house developed solutions. Experience in computer forensics, vulnerability analysis, cyber security analysis, penetration testing and/or network engineering. Highest level of technical expertise in information security, including deep familiarity with relevant penetration and intrusion techniques and attack vectors Expert level knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems. Expert Knowledge and technical experience of 3rd Party Cloud Computing platforms such as AWS, Azure and Google

Innovation is our driving force towards your success Description of the role: The Security Monitoring Analyst is responsible for manning the India SOC for our client based in the US. The key responsibilities include: Handling of all alerts SIEM, IPS/IDS solutions, EDR the Resource is expected to monitor, investigate, respond, and resolve these alerts. Resolving general support requests device control, URL whitelisting, lockouts, etc. Completion of daily checklists as well as preparation and sending of daily reports. Monitor patching status and respond to patch failures by either redeploying the patch manually or escalating to the relevant teams. Monitor Vulnerability scans, review the reports, and parse through these to remove false alarms. Document the response and resolution of alerts and tickets. Creating exclusions/Detection lists to reduce false alarms. Key requirements: The individual is expected to be a graduate (Engineering preferred). CompTIA / CySA+ / equivalent preferred. Ability to think logically, understand and apply learning into practice 2.5+ years of experience in IT security monitoring. Experience working with intrusion detection/prevention systems is a must. Experience in Darktrace would be preferred. Experience working with a SIEM tool is a must. Experience in patch management and IBM BigFix would be an advantage. Experience with vulnerability scanners and their reporting management would be beneficial. Excellent verbal and written English is mandatory. The candidates will be communicating with users based in the US and must communicate effectively. Hours of operation : Rotational shifts shift 7am 3pm / 3pm 11pm / 11pm to 7am. Description of the role: The Security Monitoring Associate is responsible for monitoring security and patching alerts for our clients based in the US. This primarily includes alerts being received on the SIEM tool (Rapid 7 Insight IDR) and also on two different IPS/IDS solutions (SecureWorks and Darktrace) the resource is expected to monitor, investigate and respond to these alerts. Patching of all Windows based systems is carried out on a monthly/quarterly basis using IBM BigFix. The resource is expected to monitor the patching status, respond to patch failures by either redeploying the patch or escalating to the relevant teams. The resource is also expected to review vulnerability reports and parse through these to remove false alarms. Position location: Mumbai Andheri (E). Hours of operation: Rotational shifts shift 7am -3pm/3pm -11pm/11pm to 7am. Salary: INR 4.5L 6L p.a. Key requirements: The individual is expected to be a graduate, any discipline. 2-3 years of experience in IT security monitoring. Experience in working with Intrusion Detection/Prevention Systems is a must. Experience in Secureworks/Darktrace would be preferred. Experience in working with a SIEM tool is must. Experience in patch management and IBM BigFix would be an advantage. Experience with vulnerability scanners and their reporting management would be beneficial. Excellent verbal and written English is a must. The candidates will be communicating with users based in the US and must be able to communicate effectively. The individual will be on the rolls of Interspence Solutions LLP (a Mumbai-based IT company) and will be working to support a leading US based Oil & Gas company. About Company: Interspence Solutions (www.interspence.com) was established in August 2017 and is a company that provides IT consulting and support services within the manufacturing and process industry. Interspence has entered into a long term contract with an Major US based Oil & Gas company to provide skilled IT resources on a T&M basis working under the direction of the their IT leadership team. The company is transforming its business on the back of heavy investments in technology around real time data capture, Big Data platforms, in-memory databases and analytical engines and elastic search services. There is also a significant push towards mobility with majority of the applications being converted into mobile apps. The company is also looking at moving towards DevOps in the near future. With this significant push within the IT space, there is an increasing for skilled and talented resources. Towards this end, we are searching for talented and smart resources who wish to learn and grow their skills working with a company that is defining the art of the possible with the latest technology. Apply for this position Allowed Type(s): .pdf, .doc, .docx By using this form you agree with the storage and handling of your data by this website. *

Innovation is our driving force towards your success About Company: No. Of Position : 1 The key responsibilities include: Provide operational support to the team, including handling meetings and taking minutes. Ensure the operational delivery as per the quality criteria and maintaining client satisfaction. Liaise with internal/external clients to ensure client satisfaction. Maintain time sheets, compilation of data and update the activity list weekly for relevant stakeholders. Provide documentation and presentation support to relevant stakeholders as required. Prepare weekly reports and assist with operational resources if required. Assist with activity planning and maintain the activity calendar. Assist with queries and operational monitoring. Perform any other miscellaneous activity as required. Knowledge and Attributes: Ability to work with diverse personalities and demonstrate a high level of performance. Proactive in approach and meticulous attention to detail. Excellent communication is essential for coordinating with team members and stakeholders. Service-oriented aptitude. Understanding of IT processes, structure, and control requirements. Confident and resilient individual who is organized and outcomes-focused. Ability to provide support with limited guidance for projects. Ability to keep on track and meet deadlines. Ability to address any challenges that arise during project execution. Qualification : Any Degree/BBA/BMS/Bachelor in Project Management/MBA. Work Time : 11 am to 7 pm OR 2 pm to 10 pm. Work Schedule : Hybrid (3 days work from office). Work location : Andheri East. Required Experience : 2 4yrs Description of the role: The Security Monitoring Associate is responsible for monitoring security and patching alerts for our clients based in the US. This primarily includes alerts being received on the SIEM tool (Rapid 7 Insight IDR) and also on two different IPS/IDS solutions (SecureWorks and Darktrace) the resource is expected to monitor, investigate and respond to these alerts. Patching of all Windows based systems is carried out on a monthly/quarterly basis using IBM BigFix. The resource is expected to monitor the patching status, respond to patch failures by either redeploying the patch or escalating to the relevant teams. The resource is also expected to review vulnerability reports and parse through these to remove false alarms. Position location: Mumbai Andheri (E). Hours of operation: Rotational shifts shift 7am -3pm/3pm -11pm/11pm to 7am. Salary: INR 4.5L 6L p.a. Key requirements: The individual is expected to be a graduate, any discipline. 2-3 years of experience in IT security monitoring. Experience in working with Intrusion Detection/Prevention Systems is a must. Experience in Secureworks/Darktrace would be preferred. Experience in working with a SIEM tool is must. Experience in patch management and IBM BigFix would be an advantage. Experience with vulnerability scanners and their reporting management would be beneficial. Excellent verbal and written English is a must. The candidates will be communicating with users based in the US and must be able to communicate effectively. The individual will be on the rolls of Interspence Solutions LLP (a Mumbai-based IT company) and will be working to support a leading US based Oil & Gas company.

Innovation is our driving force towards your success About Company: Role Overview : The Patch Management Specialist will be responsible for ensuring 100% patch compliance across all servers and workstations (Windows ONLY). This role involves managing the BigFix console for administration, coordinating patch deployments, and maintaining system security and performance. Location : Remote (Preferred Mumbai/Pune) Time : 7 pm to 3 am OR 8 pm to 4 am Work Hours : 5 days a week with a Saturday and Sunday of key responsibilities : Patch Compliance : Ensure 100% patch compliance across all EOG servers and workstations (Windows ONLY). BigFix Console Management : Administer and manage the BigFix console to deploy patches and updates effectively. Coordination and Scheduling : Collaborate with various IT teams to schedule and coordinate patch deployments, minimizing system downtime. Issue Resolution : Address and resolve any issues arising from patch deployments and update failures. Documentation : Maintain and update patch management documentation, including deployment schedules, compliance reports, and issue logs. Reporting : Provide regular reports on patch management activities, system compliance, and performance metrics. Audits : Conduct regular audits of patch levels and system statuses to ensure ongoing compliance and security. Key Requirements: Experience : Proven experience in patch management, particularly with Windows servers and workstations. Technical Skills : Proficiency in using patch management tools such as BigFix, SCCM, WSUS, or equivalent. Communication Skills : Excellent verbal and written communication skills to effectively coordinate with various teams and stakeholders. Problem-Solving : Strong analytical and problem-solving skills to address issues promptly and efficiently. Attention to Detail : High attention to detail to ensure accurate documentation and compliance reporting. Team Collaboration : Ability to work collaboratively within the RRT and other IT teams to achieve patch management goals. Preferred Qualifications: Certifications : Relevant certifications in patch management, system administration, or IT security. Experience with BigFix : Specific experience in administering and managing the BigFix console. Shift Flexibility : Willingness to work in shifts, including rotational shifts if required. This role is crucial for maintaining the security and efficiency of the organization s IT infrastructure by ensuring that all systems are up-to-date and secure. If you have any further questions or need additional details, feel free to ask! Description of the role: The Security Monitoring Associate is responsible for monitoring security and patching alerts for our clients based in the US. This primarily includes alerts being received on the SIEM tool (Rapid 7 Insight IDR) and also on two different IPS/IDS solutions (SecureWorks and Darktrace) the resource is expected to monitor, investigate and respond to these alerts. Patching of all Windows based systems is carried out on a monthly/quarterly basis using IBM BigFix. The resource is expected to monitor the patching status, respond to patch failures by either redeploying the patch or escalating to the relevant teams. The resource is also expected to review vulnerability reports and parse through these to remove false alarms. Position location: Mumbai Andheri (E). Hours of operation: Rotational shifts shift 7am -3pm/3pm -11pm/11pm to 7am. Salary: INR 4.5L 6L p.a. Key requirements: The individual is expected to be a graduate, any discipline. 2-3 years of experience in IT security monitoring. Experience in working with Intrusion Detection/Prevention Systems is a must. Experience in Secureworks/Darktrace would be preferred. Experience in working with a SIEM tool is must. Experience in patch management and IBM BigFix would be an advantage. Experience with vulnerability scanners and their reporting management would be beneficial. Excellent verbal and written English is a must. The candidates will be communicating with users based in the US and must be able to communicate effectively. The individual will be on the rolls of Interspence Solutions LLP (a Mumbai-based IT company) and will be working to support a leading US based Oil & Gas company. About Company: Interspence Solutions (www.interspence.com) was established in August 2017 and is a company that provides IT consulting and support services within the manufacturing and process industry. Interspence has entered into a long term contract with an Major US based Oil & Gas company to provide skilled IT resources on a T&M basis working under the direction of the their IT leadership team. The company is transforming its business on the back of heavy investments in technology around real time data capture, Big Data platforms, in-memory databases and analytical engines and elastic search services. There is also a significant push towards mobility with majority of the applications being converted into mobile apps. The company is also looking at moving towards DevOps in the near future. With this significant push within the IT space, there is an increasing for skilled and talented resources. Towards this end, we are searching for talented and smart resources who wish to learn and grow their skills working with a company that is defining the art of the possible with the latest technology. Job Type: Full Time Job Location: Mumbai Apply for this position Allowed Type(s): .pdf, .doc, .docx By using this form you agree with the storage and handling of your data by this website. *

Scrum Master Key Responsibilities: Facilitate Scrum ceremonies including daily stand-up meetings, sprint planning, sprint review, and sprint retrospective for the product development team. The Scrum Master acts as both a facilitator and a coach to the team; ensuring the Scrum framework and any organization-specific guidelines or practices are adhered to. Serve as a Scrum Master for multiple scrum teams, focusing on coaching the team on agile values and principles and the ensuing practices. Work closely with the Engineering team to understand the product & technology and contribute to product roadmap planning, scheduling, and release management. Work collaboratively with stakeholders to identify and mitigate risks. Develop & utilize metrics to help improve the teams effectiveness. Facilitate cross-team coordination, contacting the larger organization for dependency management and impediment removal. Plan and track the vulnerability backlog for Scrum teams based on the SLA. Experienced in tracking burn-down, and issues using JIRA/Azure, and good at emphasizing team velocity. Support the Product Owner by maintaining data in the appropriate Agile toolset, by providing transparency to the Product roadmap and related project priorities. Key Requirements: Bachelor s degree in computer science or a related field. Minimum of 6 years of experience as a Scrum Master with a focus on Product development. Strong knowledge of Agile Scrum principles and practices, particularly in database development. Excellent communication and interpersonal skills. Strong problem-solving and analytical skills relevant to database development challenges. Proficiency with Azure Dev Ops or Jira. Flexible to work in any shift timings. Knowledge and experience with Agile software development methods such as Scrum, Kanban, SAFe, or Lean. Preferred Certification : Certified Scrum Master (CSM) or Professional Scrum Master (PSM 1)

Responsibility: Oversee product cyber security in high-complexity development projects from acquisition to start of production (SOP) according to ISO/SAE 21434 or UNECE R-155. Planning & Development: Develop security activities and evaluate development efforts. Evaluation & Approval: Approve security concepts and strategies throughout development phases. QCT Targets: Achieve Quality, Cost, and Time targets related to cyber security work products. Tasks / Areas of Responsibility Planning & Guidance: Independently plan necessary cyber security activities and provide guidance to colleagues. Risk Analysis: Analyze product scope for cyber security risks, considering known weaknesses and vulnerabilities. Coordination: Define a holistic product cyber security concept. Coordinate with customers, suppliers, and subcontractors. Report to customers and obtain information from subcontractors. Support: Assist the development team in selecting security-compliant technologies and cryptographic procedures. Verification Methods: Define verification methods like fuzzing, vulnerability scanning, and penetration testing. Assessments & Training: Prepare cyber security assessments and implement training measures. Communication: Facilitate communication within the global HELLA cyber security network to improve processes. YOUR QUALIFICATIONS Bachelors OR masters degree in engineering ISO-21434 certification OR working experience CISSP certification is preferred Location - Hinjewadi Phase - 1.

About LeadSquared: One of the fastest-growing SaaS companies in the CRM space, LeadSquared empowers organizations with the power of automation. More than 1700 customers with 2 lakhs+ users across the globe utilize the LeadSquared platform to automate their sales and marketing processes and run high-velocity sales at scale.We are backed by prominent investors such as Stakeboat Capital, Jyoti Bansal, and Gaja Capital to name a few. We raised $153mn in our latest Series C funding round from WestBridge Capital, and were now Indias 103rd Unicorn! We are expanding rapidly and our 1100+ strong and still growing workforce is spread across India, the U.S, the Middle East, ASEAN, ANZ, and South Africa. * Among the Top 50 fastest-growing tech companies in India as per Deloitte Fast 50 programs * Frost and Sullivans 2019 Marketing Automation Company of the Year award * Among Top 100 fastest growing companies in FT 1000: High-Growth Companies Asia- Pacific * Listed as Top Rates Product on G2Crowd, GetApp, and TrustRadiusLocation: Cessna Business Park (Bangalore)-WFORequirements: * 2-3 years of experience in product or application security; at least 1 year of hands-on software development experience is highly desirable. * Proficiency in application security testing using tools such as Burp Suite, SonarQube, SQLMap, and others (SAST, DAST, SCA). * Experience with secure coding practices, and strong scripting skills in Python or JavaScript. * Solid understanding of industry standards and frameworks such as OWASP Top 10, SANS CWE, etc. * Knowledge of security fundamentals like cryptography, authentication, risk assessment, and threat modeling. * Exposure to cloud platforms (e.g., AWS, Azure) and their associated security best practices. * Familiar with CI/CD pipelines and DevSecOps practices for integrating security into development workflows. * Understanding of compliance standards such as ISO 27001 and HIPAA. * Ability to automate security testing to increase assessment coverage and efficiency. * Strong communication skills to effectively convey technical findings to both technical and non-technical stakeholders.Key Responsibilities: * Conduct application security assessments on web,API and mobile platforms. * Perform secure code reviews on apps * Carry out cloud security assessments for SaaS infrastructure and services. * Manage the vulnerability lifecycle from discovery to resolution. * Deliver security training and awareness sessions to internal teams. * Develop tools and frameworks to support security automation and engineering initiatives.

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. About the Role: We are seeking a skilled Site Reliability Engineer (SRE) / DevOps Engineer to join our infrastructure team. In this role, you will design, build, and maintain scalable infrastructure, CI/CD pipelines, and observability systems to ensure high availability, reliability, and security of our services. You will work cross-functionally with development, QA, and security teams to automate operations, reduce toil, and enforce best practices in cloud-native environments. Key Responsibilities: Design, implement, and manage cloud infrastructure (GCP/AWS/Azure) using Infrastructure as Code (Terraform). Maintain and improve CI/CD pipelines using tools like circleci, GitLab CI, or ArgoCD. Ensure high availability and performance of services using Kubernetes (GKE/EKS/AKS) and container orchestration. Implement monitoring, logging, and alerting using Prometheus, Grafana, ELK, or similar tools. Collaborate with developers to optimize application performance and deployment processes. Manage and automate security controls such as IAM, RBAC, network policies, and vulnerability scanning. Basic Qualifications: Strong knowledge of Linux Experience with scripting languages such as Python, Bash, or Go. Experience with cloud platforms (GCP preferred, AWS or Azure acceptable). Proficient in Kubernetes operations, including Helm, operators, and service meshes. Experience with Infrastructure as Code (Terraform). Solid experience with CI/CD pipelines (GitLab CI, Circleci, ArgoCD, or similar). Familiarity with monitoring and observability tools (Prometheus, Grafana, ELK, etc. ). Experience with scripting languages such as Python, Bash, or Go. Knowledge of networking concepts (TCP/IP, DNS, Load Balancers, Firewalls). Preferred Qualifications Experience with advanced networking solutions. Familiarity with SRE principles such as SLOs, SLIs, and error budgets. Exposure to multi-cluster or hybrid-cloud environments. Knowledge of service meshes (Istiol). Experience participating in incident management and postmortem processes. Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you re passionate about technology and eager to make an impact, we d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Senior Consultant Specialist In this role, you will: Act as trusted advisor for the senior management to properly manage their operational risk and all items related (Control environment, issues management). Own the delivery of risk & control projects and programmes for FinEX. Manage the promotion of accountable risk and control decision-making based on quality data. Collaborate with cross functional teams, including Cybersecurity, IT, and business units, to ensure control strategies align with organisational goals and requirements. Have knowledge of software development tools, technologies and methodologies and collaborate with IT Service Owners and Development Teams to develop control enhancement solutions and enforce control compliance. Stay current on industry trends and advancements in risk management and controls to identify opportunities for enhancement, automation, and innovation. Assist service owners in responding appropriately and effectively to firm-wide risk, cyber and corporate control initiatives. Develop and implement risk management strategies and control frameworks. Monitor and report on the effectiveness of risk management and control activities. Conduct risk assessments and identify potential areas of vulnerability. Provide guidance and support to business units on risk and control matters. Ensure compliance with regulatory requirements and internal policies. Facilitate risk and control training and awareness programs. Requirements To be successful in this role, you should meet the following requirements: Experience in a risk and control environment, understanding the principles of risk management, and strong engineering mindset to ideate and design control solutions for complex and interlinked IT processes. Effective influencing skills and a collaborative team working approach. Ability to develop trusted advisor status and be an accomplished influencer with key stakeholders. Experience and proven track record to influence/manage functionally and work independently at a senior level. Strong communication skills and a proven track record of senior executive engagement. Actively challenge poor, inefficient, or excessive controls, related tasks, and behaviours while proposing solutions and recommendations. Ability to work in a multi-country, culturally diverse, and time-zone separated management role. Analytical with the ability to understand and resolve complex problems. Proficiency in MS Excel to interrogate large data sets. Familiarity with SharePoint, Microsoft Teams, and Confluence. You ll achieve more when you join HSBC. .

A ServiceNow Solution Architect plays a crucial role in designing, implementing, and optimizing ServiceNow solutions for organizations. Their responsibilities can be broadly categorized into different product SKU s ServiceNow platform engineering (on premise) with ITSM Modules including Service Request, Incident, Problem, Change, Rot and Configuration Management and security / regulatory disciplines Major accountabilities: Execute technology delivery strategy for business systems, platforms, and processes for a particular Business domain / Function. Partner with senior business stakeholders and TT Strategic Business Partners for demand analysis, solution proposal/evaluation, and funding estimates. Partner with business partners to ensure Technology Service/Solutions Delivery teams deliver products according to strategy with reuse across other areas. Ensure on time, within budget, compliant, secure, and quality delivery of portfolio for responsible function / service area. Ensure services, solutions, platforms, products are fit for purpose and achieve the desired business value and impact. Run efficient DevOps for platforms, products, or systems ensuring availability and optimal performance for responsible function / service area. Establish governance structure for projects, operations, etc with right stakeholder representation. Track, report, and deliver against agreed success factors and KPIs for various stakeholders for responsible function / service area. Follow industry trends and emerging practices to drive agility, speed, efficiency, and effectiveness. Ensure the overall user experience is considered when designing deploying new solutions and services. Ensure adherence to Security and Compliance policies and procedures. Monitor and proactively manage the ServiceNow platform to ensure high availability and optimal performance. Troubleshoot and resolve any platform-related issues or outages promptly. Implement best practices to prevent system downtime and performance degradation. Collaborate with the platform security teams to ensure the ServiceNow platform adheres to security standards and policies. Manage security controls, such as role-based access control, data encryption, and vulnerability assessments. Prepare the platform for audits, maintaining a secure and compliant environment. Lead a team of ServiceNow L3 and L2 consultants, administrators, and support staff. Coordinate and oversee the deployment of ServiceNow changes, updates, and enhancements. Manage and prioritize incident resolution and problem-solving efforts. Maintain and enhance ServiceNow configurations, workflows, and integrations as needed. Ensure that ServiceNow remains aligned with business requirements and objectives. Maintain comprehensive documentation for ServiceNow configurations, procedures, and incident resolutions. Collaborate with ServiceNow vendors and external partners to leverage their expertise and resources. Minimum Requirements: Bachelors degree in a related field (Computer Science, Information Technology, etc) is preferred. 10-15 years of relevant experience in IT operations, with a minimum of 5 years of experience in ServiceNow administration. ServiceNow certifications, such as Certified System Administrator (CSA) or Certified Implementation Specialist (CIS), are mandatory . Strong leadership and team management skills. In-depth knowledge of IT service management (ITSM) and ITIL processes. Excellent problem-solving and analytical abilities. Strong communication and collaboration skills. Proficiency in ServiceNow development, scripting, and customization. Knowledge of database management and integration technologies

We are looking for a Cyber Defense Vulnerability Incident Response Senior Analyst to join our growing Cyber Defense Operations (CDO) Centre. This role provides an outstanding opportunity to lead the response to critical vulnerabilities while also contributing to security incident handling and response. The ideal candidate will have a solid background in vulnerability management, with additional expertise in incident response. This is a great opportunity for someone who wants to deepen their understanding of the overlap between vulnerability management (VM) and incident response (IR). We are at an exciting moment in our transformation! Arm has a bold vision to develop technology that invisibly enables opportunity for a globally connected population. To achieve this, Arm is growing rapidly and developing new products. With new business capabilities, Arm is encountering new security challenges that require a thoughtful, adaptable approach to strengthen its cyber defences and detect respond strategy. Responsibilities: Vulnerability Management (Main Focus) Lead operational vulnerability management activities across infrastructure, applications, cloud, and third-party platforms. Validate findings and prioritize remediation based on business risk and threat intelligence. Collaborate with global IT, Engineering, and Security teams to drive vulnerability remediation efforts. Optimize and manage ServiceNow Vulnerability Management workflows. Act as technical lead in remediation planning, providing guidance and support to stakeholders. Collaborate with Red Team, Threat Intelligence, and Product Security to identify high-risk vulnerabilities. Lead Major vulnerability Incident response efforts in accordance with the response plan and policies. Incident Response (Secondary Focus) Support team in incident triage and response efforts as needed, particularly those involving vulnerability exploitation. Assist in forensic investigations and log analysis for potential Security Incidents. Contribute to the development of playbooks for vulnerability incident response. Deliver training and mentorship to junior analysts. Required Skills Experience: Demonstrable experience in vulnerability management, including implementation of scanning tools like Tenable, Qualys, or similar platforms. Hands-on experience with ServiceNow Vulnerability Management workflows and integrations. Experience with remediation coordination, risk-based prioritization, and vulnerability lifecycle management. Exposure to incident handling, including forensic and malware analysis basics. Solid understanding of cloud and container security vulnerabilities (AWS, Azure, GCP). Sufficient understanding of web technologies to manage Web vulnerabilities. Ability to articulate risk and technical topics clearly to non-technical stakeholders. Scripting and automation skills (eg, Python, PowerShell) to streamline workflows. Deep understanding of the cyber threat landscape and emerging exploitation trends. Nice-to-Have Skills Certifications: BSc or higher in Cybersecurity, Computer Science, or related field! Professional certifications: GIAC (GCIH, GCFA, GPEN), OSCP, or CISSP. Exposure to penetration testing or Red Teaming methodologies. Understanding of ITIL processes and project management principles

HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com , General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024. HackerOne Values HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability. Product Security Analyst Location: Pune Position Summary HackerOne is seeking a dynamic individual with a passion for Information Security to join our Technical Services team. As a Security Analyst, you will gain hands-on technical experience and exposure to some of the world s best hackers while delivering high-impact vulnerabilities to the top bug bounty programs in the industry. This role requires excellent communication skills, intellectual curiosity and drive to acquire the technical skills you ll need to ensure every valid bug report is reproducible and provides value to HackerOne customers. What You Will Do Evaluate assigned vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers Collaborate with hackers to address missing information from reports as well as educate the HackerOne community members when reports are invalid Compose a technical summary for each valid report that includes clear and concise details regarding the impact, steps to reproduce and remediation advice Ensure clear and efficient communication between hackers and customers Proactively identify and solve issues, as well as accept and quickly respond to delegated work; as we are distributed, being able to win as a team to solve problems is critical to our success Assess vulnerability findings and determine whether the submission is valid based on program policies, scope and impact. Independently reproduce reported vulnerabilities in a test environment and compose a technical summary for valid findings. Minimum Qualifications Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required) Hands-on experience doing security testing or ethical hacking on web and mobile applications Strong technical knowledge of OWASP top 10 Comfortable using security testing tools including Burpsuite Excellent written and verbal communication skills Experience using frameworks such as CVSS Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm This role is based in our Pune office and you must be able to work 4-5 days a week in office. English fluency Compensation 2.6M - 3.2M Offers Equity # LI-MH1 Job Benefits: Health (medical, vision, dental), life, and disability insurance* Equity stock options Retirement plans Paid public holidays and unlimited PTO Paid maternity and parental leave Leaves of absence (including caregiver leave and leave under COs Healthy Families and Workplaces Act) Employee Assistance Program Flexible Work Stipend *Eligibility may differ by country Were committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR). Visa/work permit sponsorship is not available. Employment at HackerOne is contingent on a background check. HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws. This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time. For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.

Key Responsibilities Identity and Access Management (IAM) Design, implement, and manage IAM frameworks, ensuring secure access control across on-premises and cloud environments. Administer user accounts, roles, and permissions following the principle of least privilege. Perform periodic access reviews and audits to ensure compliance with organizational policies. Manage single sign-on (SSO), multi-factor authentication (MFA), and identity federation solutions. Collaborate with application teams to implement secure authentication and authorization protocols. Vulnerability Management Conduct regular vulnerability scans across infrastructure, applications, and endpoints using tools such as Qualys, Nessus, or equivalent. Analyze vulnerability reports, prioritize risks, and coordinate remediation efforts with relevant teams. Maintain and improve patch management processes to address identified vulnerabilities. Monitor and track emerging threats, ensuring timely implementation of mitigation measures. Create and present vulnerability management dashboards and reports for stakeholders. Security Operations Monitor and respond to security incidents, ensuring quick containment and resolution. Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions. Conduct root cause analysis for incidents and implement preventive measures. Ensure compliance with security standards such as ISO 27001, NIST, or CIS benchmarks. Develop and update runbooks and incident response procedures. and Governance Work closely with DevOps, infrastructure, and application teams to integrate security best practices. Participate in security assessments, audits, and risk analysis exercises. Support the development and enforcement of security policies and standards. Provide security awareness training to teams and stakeholders. Documentation and Reporting Maintain comprehensive documentation of IAM workflows, security processes, and vulnerability management activities. Provide periodic compliance and risk reports to management and relevant stakeholders. Qualifications and Skills Proven experience in IAM, vulnerability management, and security operations. Strong knowledge of identity management tools and vulnerability scanning tools (e.g., Qualys). Proficiency in configuring and managing security tools such as firewalls, IDS/IPS, and endpoint security solutions. Familiarity with cloud security practices across platforms like AWS, Azure, or Google Cloud. Strong analytical and problem-solving skills with attention to detail. Relevant certifications such as CISSP, CISM, CompTIA Security+, or GIAC are highly desirable. Key Responsibilities Identity and Access Management (IAM) Design, implement, and manage IAM frameworks, ensuring secure access control across on-premises and cloud environments. Administer user accounts, roles, and permissions following the principle of least privilege. Perform periodic access reviews and audits to ensure compliance with organizational policies. Manage single sign-on (SSO), multi-factor authentication (MFA), and identity federation solutions. Collaborate with application teams to implement secure authentication and authorization protocols. Vulnerability Management Conduct regular vulnerability scans across infrastructure, applications, and endpoints using tools such as Qualys, Nessus, or equivalent. Analyze vulnerability reports, prioritize risks, and coordinate remediation efforts with relevant teams. Maintain and improve patch management processes to address identified vulnerabilities. Monitor and track emerging threats, ensuring timely implementation of mitigation measures. Create and present vulnerability management dashboards and reports for stakeholders. Security Operations Monitor and respond to security incidents, ensuring quick containment and resolution. Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions. Conduct root cause analysis for incidents and implement preventive measures. Ensure compliance with security standards such as ISO 27001, NIST, or CIS benchmarks. Develop and update runbooks and incident response procedures. and Governance Work closely with DevOps, infrastructure, and application teams to integrate security best practices. Participate in security assessments, audits, and risk analysis exercises. Support the development and enforcement of security policies and standards. Provide security awareness training to teams and stakeholders. Documentation and Reporting Maintain comprehensive documentation of IAM workflows, security processes, and vulnerability management activities. Provide periodic compliance and risk reports to management and relevant stakeholders. Qualifications and Skills Proven experience in IAM, vulnerability management, and security operations. Strong knowledge of identity management tools and vulnerability scanning tools (e.g., Qualys). Proficiency in configuring and managing security tools such as firewalls, IDS/IPS, and endpoint security solutions. Familiarity with cloud security practices across platforms like AWS, Azure, or Google Cloud. Strong analytical and problem-solving skills with attention to detail. Relevant certifications such as CISSP, CISM, CompTIA Security+, or GIAC are highly desirable.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Sr. Associate Director, Delivery Management In this role, you will: Oversee the planning, execution, and delivery of projects, adopting the Agile delivery lifecycle. Collaborate closely with the team to define the project scope, objectives, requirements, and timeline. Identifying, managing, and communicating dependencies and risks to project delivery. Actively manage and monitor project progress and resolve Risks, Issues, Assumptions and Dependencies and escalating as required, making recommendations to influence decision-making to maintain progress towards delivery and benefits realisation. Requirements To be successful in this role, you should meet the following requirements: Proven experience as a Technical Project Manager or in a similar role within an Agile environment. Own and manage the product backlog, ensuring it is aligned with client needs and business objectives. Prioritize backlog items on client value, strategic goals, and resource availability. Clearly communicate the backlog items and their priorities to the development team. Experience with successfully implementing production technology products with an advanced understanding of the methods, principals, and process necessary to set priorities of development teams to successfully productionize a technology product. Experience in engaging with clients and managing stakeholder relationships. Understand clients roles, needs, and pressures to identify opportunities for innovative product solutions. Collaborate closely with clients to gather requirements and translate them into actionable user stories. Act as the voice of the client within the Agile Scrum team, ensuring products meet client expectations. Strong understanding of Agile Scrum methodologies and product management principles. Ability to understand and translate client needs into actionable user stories and product requirements. Collaborate with the Scrum team to develop and deliver high-quality products. Participate in Agile ceremonies, including sprint planning, daily stand-ups, and retrospectives. Ensure the development team has a clear understanding of the product vision and goals. Strong understanding of Agile Scrum methodologies and product management principles. Strong problem-solving skills and the ability to prioritize tasks effectively. Kn owledge of technical software or background of working with software engineering technologies and principles Understanding of cybersecurity threat and risk management landscape, including the evolving international regulation, policy, framework, and organisational cyber controls response to these threats Artificial Intelligent/Machine Learning (AI/ML) Security and Automation Knowledge of key cybersecurity data sources (e. g. endpoint detection response, firewall logs, proxy logs, and vulnerability reports), how they are used in AI/ML solutions/metrics and visualisations, how this improves the security posture of the Bank.

HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com , General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024. HackerOne Values HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability. Senior Analytics Engineer, DataOne Remote Location: Pune, India **This role requires the candidate to be based in Pune and work from an office 4 or 5 days a week. This role may also require evening-shift work to overlap with USA timezones. Please only apply if youre okay with both of these requirements. *** Position Summary HackerOne is seeking a Senior Analytics Engineer to join our DataOne team. You will lead the discovery, architecture, and development of high-impact, high-performance, scalable source of truth data marts and data products. Joining our growing, distributed organization, youll be instrumental in building the foundation that powers HackerOnes one source of truth. As a Senior Analytics Engineer, youll be able to lead challenging projects and foster collaboration across the company. Leveraging your extensive technological expertise, domain knowledge, and dedication to business objectives, youll drive innovation to propel HackerOne forward. DataOne democratizes source-of-truth information and insights to enable all Hackeronies to ask the right questions, tell cohesive stories, and make rigorous decisions so that HackerOne can delight our Customers and empower the world to build a safer internet . The future is one where every Hackeronie is a catalyst for positive change , driving data-informed innovation while fostering our culture of transparency, collaboration, integrity, excellence, and respect for all . What You Will Do Your first 30 days will focus on getting to know HackerOne. You will join your new squad and begin onboarding - learn our technology stack (Python, Airflow, Snowflake, DBT, Meltano, Fivetran, Looker, AWS), and meet our Hackeronies. Within 60 days, you will deliver impact on a company level with consistent contribution to high-impact, high-performance, scalable source of truth data marts and data products. Within 90 days, you will drive the continuous evolution and innovation of data at HackerOne, identifying and leading new initiatives. Additionally, you foster cross-departmental collaboration to enhance these efforts. Deliver impact by developing the roadmap for continuously and iteratively launching high-impact, high-performance, scalable source of truth data marts and data products, and by leading and delivering cross-functional product and technical initiatives. Be a technical paragon and cross-functional force multiplier, autonomously determining where to apply focus, contributing at all levels, elevating your squad, and designing solutions to ambiguous business challenges, in a fast-paced early-stage environment. Drive continuous evolution and innovation, the adoption of emerging technologies, and the implementation of industry best practices. Champion a higher bar for discoverability, usability, reliability, timeliness, consistency, validity, uniqueness, simplicity, completeness, integrity, security, and compliance of information and insights across the company. Provide technical leadership and mentorship, fostering a culture of continuous learning and growth. Minimum Qualifications 8+ years experience as an Analytics Engineer, Business Intelligence Engineer, Data Engineer, or similar role w/ proven track record of launching source of truth data marts. 8+ years of experience building and optimizing data pipelines, products, and solutions. Must be flexible to align with some cross over in USA timezone. Extensive experience working with various data technologies and tools such as Airflow, Snowflake, Meltano, Fivetran, DBT, and AWS. Expert in SQL for data manipulation in a fast-paced work environment. Expert in creating compelling data stories using data visualization tools such as Looker, Tableau, Sigma, Domo, or PowerBI. Proven track record of having substantial impact across the company, as well as externally for the company, demonstrating your ability to drive positive change and achieve significant results. Excellent communication skills, and can present data-driven narratives in verbal, presentation, and written formats. Passion for working backwards from the Customer and empathy for business stakeholders. Experience shaping the strategic vision for data. Experience working with Agile and iterative development processes. Preferred Qualifications Strong proficiency in at least one data programming language such as Python or R. Experience working within and with data from business applications such as Salesforce, Clari, Gainsight, Workday, GitLab, Slack, or Freshservice. Proven track record of driving innovation, adopting emerging technologies and implementing industry best practices. Thrive on solving for ambiguous problem statements in an early-stage environment. Experience designing advanced data visualizations and data-rich interfaces in Figma or equivalent. Compensation Bands: Pune, India 3.7M - 4.6M Offers Equity #LI-HM1 Job Benefits: Health (medical, vision, dental), life, and disability insurance* Equity stock options Retirement plans Paid public holidays and unlimited PTO Paid maternity and parental leave Leaves of absence (including caregiver leave and leave under COs Healthy Families and Workplaces Act) Employee Assistance Program Flexible Work Stipend *Eligibility may differ by country Were committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR). Visa/work permit sponsorship is not available. Employment at HackerOne is contingent on a background check. HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws. This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time. For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Sr. Associate Director, Delivery Management In this role, you will: Oversee the planning, execution, and delivery of projects, adopting the Agile delivery lifecycle. Collaborate closely with the team to define the project scope, objectives, requirements, and timeline. Identifying, managing, and communicating dependencies and risks to project delivery. Actively manage and monitor project progress and resolve Risks, Issues, Assumptions and Dependencies and escalating as required, making recommendations to influence decision-making to maintain progress towards delivery and benefits realisation. Requirements To be successful in this role, you should meet the following requirements: Proven experience as a Technical Project Manager or in a similar role within an Agile environment. Own and manage the product backlog, ensuring it is aligned with client needs and business objectives. Prioritize backlog items on client value, strategic goals, and resource availability. Clearly communicate the backlog items and their priorities to the development team. Experience with successfully implementing production technology products with an advanced understanding of the methods, principals, and process necessary to set priorities of development teams to successfully productionize a technology product. Experience in engaging with clients and managing stakeholder relationships. Understand clients roles, needs, and pressures to identify opportunities for innovative product solutions. Collaborate closely with clients to gather requirements and translate them into actionable user stories. Act as the voice of the client within the Agile Scrum team, ensuring products meet client expectations. Strong understanding of Agile Scrum methodologies and product management principles. Ability to understand and translate client needs into actionable user stories and product requirements. Collaborate with the Scrum team to develop and deliver high-quality products. Participate in Agile ceremonies, including sprint planning, daily stand-ups, and retrospectives. Ensure the development team has a clear understanding of the product vision and goals. Strong understanding of Agile Scrum methodologies and product management principles. Strong problem-solving skills and the ability to prioritize tasks effectively. Kn owledge of technical software or background of working with software engineering technologies and principles Understanding of cybersecurity threat and risk management landscape, including the evolving international regulation, policy, framework, and organisational cyber controls response to these threats Artificial Intelligent/Machine Learning (AI/ML) Security and Automation Knowledge of key cybersecurity data sources (e.g. endpoint detection & response, firewall logs, proxy logs, and vulnerability reports), how they are used in AI/ML solutions/metrics and visualisations, how this improves the security posture of the Bank. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.