384 Vulnerability Jobs - Page 4

Role Overview: We are seeking a highly skilled InfoSec Specialist - Cloud security to join our InfoSec team. In this role, you will be responsible for implementation and management of cloud security controls, identification and remediation of vulnerabilities, and mitigation of cloud misconfigurations across our cloud environments. This role is critical in driving visibility and risk reduction in our multi-cloud infrastructure. This is a Hybrid position based in Bangalore. You must be within a commutable distance from the location. You will be required to be onsite on an as-needed basis; when not working onsite, you will work remotely from your home location. About role: Design, implement, and maintain security controls across multi-cloud environments like AWS, GCP, and Azure. Leverage CSPM tools to detect misconfigurations, vulnerabilities and identity risks, and drive remediation workflows with relevant teams. Collaborate with DevOps and cloud engineering teams to implement secure cloud configurations, including IAM policies, encryption, logging, and monitoring tools. Establish preventative guardrails and IaC controls to reduce risk at a deployment stage. Partner with infrastructure, application, and DevOps teams to track and close findings within defined SLAs. About you: 4 to 6 years of experience in information security, with focus on cloud security. Proficiency with cloud security tools, vulnerability scanners, and infrastructure-as-code (IaC) security. Strong interpersonal and communication skills, with the ability to collaborate effectively with stakeholders at all levels of the organization to drive security initiatives and remediation efforts. Strong project management skills and experience in managing security projects, including planning, execution, monitoring, and reporting on project progress and outcomes. #LI- Hybrid Company Overview McAfee is a leader in personal security for consumers. Focused on protecting people, not just devices, McAfee consumer solutions adapt to users needs in an always online world, empowering them to live securely through integrated, intuitive solutions that protects their families and communities with the right security at the right moment. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone at McAfee to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Bonus Program Pension and Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement Were serious about our commitment to diversity which is why McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Bachelors or Masters degree in Computer Science, Information Technology, or related field 8-12 Years of experience with 5-7 years of cybersecurity experience include public cloud security operations. Experience implementing security controls, conducting vulnerability assessments, and leading incident response efforts. Preferred certifications: AWS, Offensive Security, SANS Cyber Defense Certification . Implement security controls to safeguard cloud infrastructure and applications, collaborating with teams to enforce security best practices and mitigate risks. Conduct security assessments and vulnerability scans for cloud assets. Configure and maintain WAF, SIEM, IPS, and EDR solutions. Work with Cloud Operations teams to implement security standards and practices using tools like Prisma Cloud and AquaSec. Lead incident response efforts, coordinating with teams to identify, contain, and remediate security incidents. Develop and maintain incident response procedures and documentation. Conduct forensic analysis and evidence collection for security incidents. Collaborate with development teams to ensure secure coding practices and deployment of applications. Stay updated on current security threats and industry best practices. Strong analytical and problem-solving skills. Excellent communication and collaboration skills. Proficiency in AWS/Azure logging services, CloudTrail, CloudWatch. Experience with WAF, SIEM, IPS, and EDR technologies. Knowledge of network architecture, TCP/IP protocols, and OSI model layers. Familiarity with security frameworks such as NIST CSF, CIS, OWASP

Charles Technologies is a dynamic startup based in Chennai, dedicated to creating innovative mobile applications that transform user experiences. We are looking for a highly skilled and experienced Azure DevOps Engineer to join our team and ensure the cloud security and integrity of our cutting-edge projects. Qualifications : Education: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field. Experience: Minimum of 2 years of experience in Azure DevOps with a focus on cloud security Foundational Knowledge: Basic understanding of cybersecurity principles, best practices, and common threats. Technical Skills : Azure Fundamentals : Knowledge of Azure services and core security concepts. Azure Security Center : Experience with Azure Security Center for threat detection and assessment. Azure Active Directory: Understanding of Azure Active Directory user management and basic authentication concepts. Stakeholder Management: Strong skills in managing and communicating with stakeholders at all levels to gather requirements, provide updates, and align on priorities. Azure DevOps: Hands-on experience with Azure DevOps for CI/CD pipelines. Responsibilities : CI/CD Pipeline Management Design, implement, and maintain CI/CD pipelines using Azure DevOps Automate build, test, and deployment processes for applications Troubleshoot and resolve issues within CI/CD pipelines Implement and maintain automated testing frameworks Security Assist with security assessments and vulnerability scans Support security controls implementation and maintenance Assist with incident response and investigation Contribute to security documentation and awareness programs Collaboration & Integration Work closely with developers, and product owners to ensure smooth integration of security practices within the development process Participate in code reviews to identify potential security vulnerabilities Manage code repositories using Git, including branching strategies, pull request workflows, and merge conflict resolution Continuous Learning & Development Stay updated on the latest advancements in Azure DevOps and best security practices Continuously improve CI/CD pipelines for efficiency, security, and deployment reliability

Job Description: Essential Job Functions: Support security assessments, audits, and vulnerability scans, contributing to report generation and action items. Monitor security events and incidents, escalating as required and assisting in containment. Assist with the implementation of security policies and standards. Collaborate with the security team on documentation and process improvement. Participate in incident response activities, including investigations and reporting. Stay informed about emerging security threats and best practices. Contribute to security awareness training efforts. Seek opportunities for professional development in the security field. Basic Qualifications: Bachelors degree in a relevant field or equivalent combination of education and experience Typically, 4+ years of relevant work experience in industry, with a minimum of 1+ years in a similar role Proven experience in information security analysis Proficiencies in security technologies and risk assessment A continuous learner that stays abreast with industry knowledge and technology Other Qualifications: Advanced degree in a relevant field is a plus Relevant certifications such as CompTIA Security+, CEH, or equivalent are a plus At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We re committed to fostering an inclusive environment where everyone can thrive. Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here .

Job Description: o 1 resource with 5+ years of experience. Skill Set 1 -> Responsibilities for Cloud Container Security. Analyze, enhance and support Container Security tools and platforms that provide capabilities for security. Collaborate with multiple stakeholders and partners across Engineering and Operations teams and partner with teams in the wider organization across different time zones. Furthermore, you design security concepts for the platform and support in automation and provisioning of secure container solutions. Collaborate/Develop IR process for Container workload. Respond to security alerts generated by containers security platform. AWS knowledge with experience in EKS Container Security PaloAlto (Prisma) cloud experience is preferred. Responsibilities for Incident Response. Analysis of security events/alerts and investigations of phishing emails, Respond to security alerts in SIEM Create documentation/SOP/Run Books for responding to security alerts. o 1 resource with 3+ years of experience. Skill Set 2 -> Responsibilities for Incident Response. Responsible for effectively planning, designing, implementing and monitoring security technologies and projects that support firms underlying security policies and procedure. Design ,document and implement appropriate security polices and standards that protect firms information assets. Responsible for implementation, validation and reporting, technical documentation, operation support and reference documentation. Review, analyze and respond to security events triggered through automated security monitoring systems. Validate and track security breaches, along with threats to the firms logical information, while still allowing for appropriate access. Coordinate responses to information security incidents. Work to reduce information security risks by effectively administering the information security processes across the vulnerability scanning, anomaly detection, intrusion detection, security policy and forensic functions. Performs complex and advanced troubleshooting. SME ensures the firm receives expected security and business value by establishing operational support procedures, troubleshooting strategies, training team members for consistent performance. Responsibilities for Incident Response. Analysis of security events/alerts and investigations of phishing emails, Respond to security alerts in SIEM Create documentation/SOP/Run Books for responding to security alerts. o Preferred Qualifications: Certifications preferred: Security+, Network+ or any equivalent/higher security certifications. Broad hands-on knowledge of firewalls, intrusions detection/prevention systems, anti-virus software, data encryption and other industry-standard techniques and practices. Very good understanding of security controls, monitoring systems and regulatory/business drivers that impact security policies and practices. o Working shift -> Rotational shift including Nightshift. At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We re committed to fostering an inclusive environment where everyone can thrive. Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here .

Responsibility & Skill Set Good understanding and work experience of Change Management, Access Management & IT Vulnerability Proficient knowledge of Excel, Work-Flow diagrams and Word Knowledge or experience of aspects of Change Management Validate information in RFC for its completeness and accuracy Knowledge or experience of aspects of Application/Platform Access Management Communication skills - should be able to read, create & interpret business documents. Excellent oral/written communication Ability to work on multi-task on deliverables from varied fronts (Change Mgmt / Access Mgmt / IT Vulnerability)Team work/ Managing Self / Adaptability Ability to work successfully in production driven environment Adaptability to change Skill set Good understanding and work experience of Change Management, Access Management & IT Vulnerability Proficient knowledge of Excel, Work-Flow diagrams and Word Knowledge or experience of aspects of Change Management Validate information in RFC for its completeness and accuracy Knowledge or experience of aspects of Application/Platform Access Management Communication skills - should be able to read, create & interpret business documents. Excellent oral/written communication Ability to work on multi-task on deliverables from varied fronts (Change Mgmt / Access Mgmt / IT Vulnerability)Team work/ Managing Self / Adaptability Ability to work successfully in production driven environment Adaptability to change

Job Overview: Understand the basics and principles of cat modelling and outputs (exposure, hazard, geocoding, vulnerability, financial model) Know how to use one or more than one cat modelling software (RMS, AIR, IF etc.) Run and analyze QBE exposures on different modelling software like Risk Modeler, AIR Touchstone, ELEMENTS as per model validation project needs and business. Understand different model profile settings and run sensitivity tests as per needs, extract and report results Understand Client exposure and view of risk, enabling better decision making, get familiarized with in-house tools Your responsibilities for this role may include, but are not limited to: Perform model validation and provide recommendations on model use and/or required adjustments. Work with internal teams and external data providers on analysis, utilizing available data including scientific information, claims and insured exposure. Contribute to and lead Group projects as required, liaising with other teams globally Produce customized reports on exposure and modelled results. Evaluate re/insurance pricing for individual accounts and product classes. Analyze catastrophe reinsurance structures and strategies to support reinsurance placements. Assist with the analysis of real time events and identify learnings from post-event reviews. You will need to be able to display you have the following qualifications and experience Postgraduate/Undergraduate degree, preferably in a quantitative, scientific, or environmental discipline Strong analytical and numerical ability, in order to interrogate large datasets Experience of working with re/insurance catastrophe data and/or catastrophe modelling software Excellent written and verbal communication skills, and the ability to explain technical concepts clearly Pro-active attitude to identifying inefficient processes and developing improvements Desirable Requirements Knowledge of commercial insurance and/or the catastrophe modelling industry Sound working knowledge of RMS/AIR and any other vendor modelling platforms Coding experience in a relevant language (e.g. SQL, VBA, R, C#) Experience in using mapping software (e.g. GIS) Qualifications Degree in Mathematics, Applied Mathematics, Statistics, Engineering, or Actuarial Science

Business Unit: Cubic Transportation Systems We have a top-tier portfolio of businesses, including Cubic Transportation Systems (CTS) and Cubic Defense (CD). Explore more on Cubic. com. Job Details: Job Summary : We are looking for a highly skilled Security Operations Technical Project Manager to support and enhance our global security posture. This role focuses on the co-ordination and scheduling of vulnerability remediation work globally across infrastructure, applications, databases and network workstreams. The ideal candidate will have hands-on experience with project management and will work closely with program stakeholders and customers. This role will also work closely with the technical engineers to ensure security compliance and operational excellence. Work Shift: 24x7 Rotational Experience: 5+ Years Primary Skills: Agile project management Secondary Skills: Technical skills in Applications, Database, Infrastructure or Networks Responsibilities: Lead and manage projects and/or workstreams, providing technical leadership, ensuring the required quality standards and milestones are met. Work collaboratively with local and remote stakeholders including management, technology architects and technology staff with the lifecycle of operational security compliance, from design and development, through to implementation and maintenance. Implementing a patching schedule to align with SLA and program activities on a re-occurring cadence. Reporting and SLA alignment to be provided into the leadership team on a regular cadence. Regional time zone representation on internal and external customer CAB. Collaborate with global teams to align with security standards and best practices. Provide support with industry standard audits, ensuring compliance with ISO 27001 standards and internal security policies. Maintain documentation and reports related to security operations and remediation efforts. Contribute to future hardware & software planning. Minimum Job Requirements: Bachelors degree, or Minimum 5 years of experience as a technical project manager. Agile adoption towards project management. Ability to balance and drive multiple project deliveries. Familiarity with global security standards, especially ISO 27001. Strong analytical and problem-solving skills. Ability to work in a rotational 24x7 support model . You bring a solution-driven mindset , stay updated with tech trends, and thrive in a collaborative, high-stakes environment. Desirable Certifications: Prince2 Technical certifications - Azure Fundamentals etc Worker Type: Employee

REQUIRED QUALIFICATIONS: Bachelor s degree in computer science, engineering, business, or comparable studies 2-4 years of experience in Requirement Analyses. Analytical mind and problem-solving aptitude Good to have ServiceNow Admin Cert, CIS - VR, CIS - SIR as this will help me primary understanding of the platform. Responsibilities Experienced in Story writing in ServiceNow JIRA, SDLC Agile module, Visio and expected outcomes based on customer communication. Excellent documentation and communication skills and strong attention to detail required . Must have Knowledge of Modules - Vulnerability Response, Security Inc ident response & Threat intelligence Good to have knowledge - GRC & Security Operations Center . Understanding of basics of REST and SNOW Integration Good to have k nowledge of Service Portal & Workspaces. Ability to recognize potential and actual issues, needs and opportunities for improvement in the implementation. Close collaboration with Developer , Solution architects and other team members for the requirements and associated functionality. Demonstrate strong ability to evaluate constraints, risks, and dependencies. Ameriprise India LLP has been providing client based financial solutions to help clients plan and achieve their financial objectives for 125 years. We are a U. S. based financial planning company headquartered in Minneapolis with a global presence. The firm s focus areas include Asset Management and Advice, Retirement Planning and Insurance Protection. Be part of an inclusive, collaborative culture that rewards you for your contributions and work with other talented individuals who share your passion for doing great work. You ll also have plenty of opportunities to make your mark at the office and a difference in your community. So if youre talented, driven and want to work for a strong ethical company that cares, take the next step and create a career at Ameriprise India LLP. Full-Time/Part-Time Timings (2:00p-10:30p) India Business Unit AWMPO AWMP&S Presidents Office Job Family Group Technology

Work Flexibility: Hybrid What You will do: Administer user access and authorization within SAP or JDE systems. Implement and uphold security policies and guidelines for SAP environments. Conduct regular security audits and assess vulnerabilities in the systems. Investigate and respond to security incidents, collaborating with IT and security teams. Stay informed on SAP or JDE security trends and recommend necessary enhancements. Maintain documentation of security configurations and provide training on best practices. What You will Need: Bachelors degree in Computer Science, Information Security, or a related field. 4 to 6 years of experience in SAP/JDE security administration, ideally within a complex enterprise setting Excellent problem-solving skills to analyze complex security issues. Proficiency in SAP or JDE security best practices. Experience with security audits and vulnerability assessments. Knowledge of compliance standards such as GDPR and SOX . Professional certifications in JDE security administration (e.g., Oracle Certified Professional) and/or cybersecurity (e.g., CISSP, CISM) are a plus. Travel Percentage: 10%

Job Description: o ~5-10 years of experience. o Skill Set -> Deep knowledge of security vulnerabilities and attacks, Perform high quality web application pen tests while meeting project deadlines. Validate security tool output, find vulnerabilities the tools cant, and create proof of concepts of various vulnerabilities to demonstrate them to stakeholders. Research new tools and techniques to constantly improve the pen test process. Generate high quality reports and be able to present them to technical and non-technical stakeholders. Working with application developers to help them understand various vulnerabilities, the impact of the vulnerabilities, and high-level recommendations on how to fix the vulnerability. Fundamental understanding of security knowledge around native applications, web applications, distributed and database systems. (Understanding of Web Services is a plus) o Working shift -> Afternoon Shift 2:00 PM to 10:30 PM. Web Application Penetration Testing - Red Team At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We re committed to fostering an inclusive environment where everyone can thrive. Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here .

Penetration Tester Role: The Penetration Tester, will provide broad and in depth knowledge to conduct offensive cyber operations across the organization globally. In this role, you will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective and response controls across the global technology landscape. You will use your expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques. Penetration Testing Duties and Responsibilities: Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired, wireless networks, and mobile applications/devices, Cloud(Azure, AWS, Google Etc) apps and softwares. Set up environment and maintain required tools needed for the team. Lead and manage Penetration Testing team and Supporting vendors to get qualitative deliveries to our customer. Develop and maintain security testing plans Able to automate penetration and other security testing on networks, systems and applications. Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk. Produce actionable, threat-based, reports on security testing results Act as a source of direction, training, and guidance for less experienced staff Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation Communicate security issues to a wide variety of internal and external customers to include technical teams, executives, risk groups, vendors and regulators Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests. Foster and maintain relationships with key stakeholders and business partners Certificates: Must Have Offensive Security Certified Professional (OSCP) Good to have CREST Registered Penetration Tester (CRT) Certified Ethical Hacker (CEH) Certification GIAC Certified Penetration Tester (GPEN) Penetration Testing Expert Requirements and Qualification: Previous working experience as a Penetration Testing Expert for 5 - 7 year BE in Computer Information Systems, Management Information Systems, or similar relevant field In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) Must know about standard Industry security Practices (OWASP, SANS, etc), Knowledgeable about industry Security guidelines and compliance such as ISO27001, SOC2, HIPPA etc. Hands on experience with testing frameworks such as the PTES and OWASP. Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud Critical thinker and problem solver Excellent organizational and time management skills Must Have Offensive Security Certified Professional (OSCP)

Our client is a globally recognized financial services firm operating across more than 30 countries, with strong divisions in Retail, Asset Management, and Wholesale Banking. The firm combines disciplined strategy with innovative solutions to connect Eastern and Western markets. Its Global Cyber Threat Intelligence (CTI) team plays a central role in shaping and executing the organization s security vision. The CTI team drives vulnerability analysis, threat monitoring, and cross-functional coordination, ensuring timely intelligence and robust security coverage across the enterprise. Please note that due to the high number of applications only shortlisted candidates will be contacted. If you do not hear from us in the next 5 business days, we regret to inform you that your application for this position was unsuccessful. Apply for this Job Key responsibilities The candidate will need to have a solid grounding within both Cyber Threat Intelligence and understanding of wider cyber security practices. Led CTI operations to monitor emerging vulnerabilities, manage CVE enrichment, and analyze exploitation trends for informed mitigation. Designed and maintained processes to ingest and prioritize threat data from diverse sources including open-source, commercial, and government feeds. Delivered actionable threat intelligence products, supported executive communication, and collaborated across internal security functions during incident response and strategy briefings. Role requirements Minimum of 8 years in Information Security, including at least 3 years specializing in Cyber Threat Intelligence. Strong expertise in OSINT techniques, dark web monitoring, and application of CTI models such as MITRE ATT & CK, Kill Chain, and Diamond Model. Proven experience in identifying, classifying, and analysing diverse threat landscapes including nation-state actors, cybercrime, and social engineering.

Our client is a globally recognized financial services firm operating across more than 30 countries, with strong divisions in Retail, Asset Management, and Wholesale Banking. The firm combines disciplined strategy with innovative solutions to connect Eastern and Western markets. Its Learn More Senior Analyst - The Edge Our client is a globally recognized financial services firm operating across more than 30 countries, with strong divisions in Retail, Asset Management, and Wholesale Banking. The firm combines disciplined strategy with innovative solutions to connect Eastern and Western markets. Its Global Cyber Threat Intelligence (CTI) team plays a central role in shaping and executing the organization s security vision. The CTI team drives vulnerability analysis, threat monitoring, and cross-functional coordination, ensuring timely intelligence and robust security coverage across the enterprise. Please note that due to the high number of applications only shortlisted candidates will be contacted. If you do not hear from us in the next 5 business days, we regret to inform you that your application for this position was unsuccessful. Key responsibilities The candidate will need to have a solid grounding within both Cyber Threat Intelligence and understanding of wider cyber security practices. Led CTI operations to monitor emerging vulnerabilities, manage CVE enrichment, and analyze exploitation trends for informed mitigation. Designed and maintained processes to ingest and prioritize threat data from diverse sources including open-source, commercial, and government feeds. Delivered actionable threat intelligence products, supported executive communication, and collaborated across internal security functions during incident response and strategy briefings. Role requirements Minimum of 8 years in Information Security, including at least 3 years specializing in Cyber Threat Intelligence. Strong expertise in OSINT techniques, dark web monitoring, and application of CTI models such as MITRE ATT & CK, Kill Chain, and Diamond Model. Proven experience in identifying, classifying, and analysing diverse threat landscapes including nation-state actors, cybercrime, and social engineering.

At Cadence, we hire and develop leaders and innovators who want to make an impact on the world of technology. Position: IT- Sr Staff Systems Engineer Location: Noida/Bangalore Experience: 15+ Yrs Job Summary: We are looking for a skilled detail-oriented specialist to manage and secure Active Directory environment, Windows server administration including OS hardening, vulnerability, patch management. Candidate with solid background in Windows based environment and Active Directory architecture, identity, and access management, and securing directory services against evolving threats. Job Description: Provide day-to-day administration and support of Microsoft Active Directory environments (version 2016/2019 and above). Version upgrade of Windows Active Directory. Setting up Read/Write and Read only domain controllers. Maintain and troubleshoot Group Policy Objects (GPOs) to ensure secure and consistent configurations. Setup and manager authentication Policies / Silos, gMSA. Work with DNS, DHCP, and other core services closely integrated with AD. Perform regular audits and cleanup of AD objects to maintain a secure and efficient environment. Monitor and troubleshoot authentication issues including Kerberos, NTLM, and account lockouts. Ensure the security and integrity of the Active Directory infrastructure. Conduct regular audits of AD objects, group memberships, and permissions to identify and remediate misconfigurations or security risks. Administer and maintain Windows Server environments. Implement and maintain security hardening across Windows Servers. Version 2016/1029 and above Analyze security bulletins, prioritize patches based on risk, and deploy patches. Document changes, configurations, and standard operating procedures. Proficiency in PowerShell or other scripting languages for task automation. Requirements: 15 years of experience in support Active directory and windows server environments. . In-depth knowledge of Active Directory, Kerberos, GPOs, DNS, and DHCP. Strong understanding of Microsoft Windows Server environments and administration. Familiarity with security best practices for hybrid identity environments. Proficiency with PowerShell scripting and other scripting tools for auditing, automation, and remediation. Strong troubleshooting and analytical skills. Good written and verbal Communications Skills. Education: Should have engineering degree (Computers/Electronics) We re doing work that matters. Help us solve what others can t.

We are looking for a motivated and detail-oriented Linux Security Engineer to join the MTAS product development team at Ericsson What you will do: In this role, you will focus on enhancing the security posture of our telephony application server platform. You will work closely with system architects, developers, and security specialists to ensure MTAS remains secure, compliant, and high-performing in cloud-native environments and virtual environments. You will write detailed specs and functional documents designing solutions for various requirements The skills you bring: 8-14 years of hands-on experience in Linux system security and work experience in Cloud native environments Knowledge of C++ coding language. Familiarity with security scanning tools and vulnerability analysis techniques Ability to perform upgrade testing and workflows. Proficient in Python and Shell scripting for automation and configuration Good understanding of Linux auditing and logging systems Experience working with MTAS or similar telecom core products (preferable) Knowledge of cryptographic algorithms Exposure to security protocols - SNMPv3, NTP, DNSSec, IPSec, TLS, HTTPS, SSHv2, LDAP and Rsyslog Exposure to telecom protocols, IMS stack, or VoLTE/VoNR infrastructure (preferable)

We are seeking a skilled Qt Developer to identify, analyze, and remediate security vulnerabilities in Qt framework. The candidate should have strong experience in C++ development, a deep understanding of Qt internals, and knowledge of secure coding practices and vulnerability mitigation. Responsibilities Identify and fix security vulnerabilities within the Qt framework. Analyze Qt-based code for common security issues (e. g. , buffer overflows, race conditions, input validation flaws). Analyze CVEs and security advisories related to Qt and assess their impact. Apply secure coding guidelines and best practices. Collaborate with security teams to build and run automated security tests. Patch or contribute to the Qt framework when necessary to resolve underlying issues. Stay updated with security trends, especially those related to C++ and GUI application frameworks.

We are looking for an experienced Chromium Security Engineer to identify, analyze, and resolve security vulnerabilities in the Chromium open-source browser engine. The candidate should have strong experience in C++ development, a deep understanding of Chromium internals, and knowledge of secure coding practices and vulnerability mitigation. Responsibilities Investigate, reproduce, and fix security vulnerabilities in Chromium codebase. Review security reports (internal or external, including CVEs), determine root causes and mitigations. Perform secure code audits and refactoring. Collaborate with the Chromium open-source community and follow established security patching processes. Integrate and maintain security-focused tests. Monitor upstream Chromium changes for potential regressions or vulnerabilities. Contribute to security documentation and internal security standards. Document findings, mitigation steps, and assist in secure software design reviews.

We are seeking a Senior ServiceNow Developer - Core Platform to lead the design, development, and governance of the ServiceNow platform, ensuring scalability, automation, and security compliance across ITAM, ITOM, ITSM, ITBM, CSM, GRC, GDPR, and Security Operations. This role will drive platform standardization, automation initiatives, and technical leadership while ensuring data integrity and compliance with regulatory requirements. The ideal candidate will have deep hands-on experience in ServiceNow development, expertise in core tables across all supported applications, and the ability to influence platform-wide strategies. Key Responsibilities: Architect, develop, and optimize ServiceNow s core platform components, ensuring efficiency, security, and scalability. Ensure compliance with GDPR and security policies, working closely with risk and compliance teams to implement best practices. Implement and support Security Operations (SecOps) capabilities, including security incident response, vulnerability response, and threat intelligence. Develop and maintain expertise in ServiceNow core tables across ITAM, ITOM, ITSM, ITBM, CSM, GRC, GDPR, and SecOps to ensure data integrity and system performance. Lead technical reviews, including code reviews, to enforce platform development standards and maintain system health. Drive platform governance efforts, ensuring security best practices, performance tuning, and data integrity. Optimize workflows and automation, reducing manual processes through scripting, Flow Designer, and other automation tools. Partner with business leaders, IT teams, and process owners to gather and refine requirements, translating them into scalable ServiceNow solutions. Mentor junior developers and administrators, providing technical leadership and best practice guidance. Lead and coordinate UAT and deployment activities, ensuring smooth feature releases. Stay updated on industry trends and new ServiceNow capabilities, making recommendations to enhance the platform. Qualifications & Skills: 6+ years of hands-on experience in ServiceNow development and administration. Certified ServiceNow Administrator (CSA) and Certified Application Developer (CAD) certifications are required. Expertise in ITAM, ITOM, ITSM, ITBM, CSM, GRC, GDPR, and Security Operations (SecOps). In-depth understanding of core ServiceNow tables across all supported applications. Proficiency in JavaScript, Glide APIs, Flow Designer, UI policies, business rules, and integrations (REST/SOAP). Experience with Agile development methodologies, SDLC best practices, and DevOps principles for ServiceNow. Strong knowledge of platform governance, access control, and security best practices. Ability to lead development efforts, mentor teams, and drive strategic platform improvements. Excellent problem-solving, analytical, and leadership skills. Why Join Us Lead and shape the future of the ServiceNow platform, driving compliance, security, and automation. Work on cutting-edge initiatives across GDPR, Security Operations, and enterprise-wide automation. Collaborate with an elite team focused on innovation, efficiency, and platform optimization. Opportunities for continuous learning, professional growth, and advanced ServiceNow certifications. Competitive salary and benefits package.

We are looking for a motivated and detail-oriented Linux Security Engineer to join the MTAS product development team at Ericsson What you will do: In this role, you will focus on enhancing the security posture of our telephony application server platform. You will work closely with system architects, developers, and security specialists to ensure MTAS remains secure, compliant, and high-performing in cloud-native environments and virtual environments. You will write detailed specs and functional documents designing solutions for various requirements The skills you bring: 8-14 years of hands-on experience in Linux system security and work experience in Cloud native environments Knowledge of C++ coding language. Familiarity with security scanning tools and vulnerability analysis techniques Ability to perform upgrade testing and workflows. Proficient in Python and Shell scripting for automation and configuration Good understanding of Linux auditing and logging systems Experience working with MTAS or similar telecom core products (preferable) Knowledge of cryptographic algorithms Exposure to security protocols - SNMPv3, NTP, DNSSec, IPSec, TLS, HTTPS, SSHv2, LDAP and Rsyslog Exposure to telecom protocols, IMS stack, or VoLTE/VoNR infrastructure (preferable)

Candidate will be responsible for managing vulnerability remediation activities using Microsoft Defender, with a strong focus on endpoint security and management. Additionally, should possess expertise in Mobile Device Management (MDM) solutions such as Intune, and demonstrate advanced troubleshooting skills at the Windows OS level. Scripting knowledge is considered a plus. Key Responsibilities: Review vulnerabilities report, analyze the solutions available and execute vulnerability remediation activities using Microsoft Defender. Collaborate with the Security Team to assess vulnerabilities and implement mitigation strategies. Manage endpoint security configurations and policies through Microsoft Defender. Implement solutions through Mobile Device Management solutions, Intune/WS1/SCCM. Develop policies as required in collaboration with Product Owners and Security team. Provide L3 level support for Windows OS-related issues. Diagnose complex system problems and work towards resolution swiftly. Utilize scripting languages (e.g., PowerShell) to automate or deploy solutions as needed. Develop scripts to enhance monitoring capabilities or streamline solution deployment processes. Maintain comprehensive documentation of processes, incidents, resolutions, and changes implemented. Qualifications:: Proven experience in managing Microsoft Defender Endpoint solutions. Expertise in MDM tools like Intune/WS1/SCCM. Strong troubleshooting skills at the Windows OS level. Proficiency in scripting languages such as PowerShell. Excellent analytical skills with attention to detail. Strong communication skills; ability to collaborate effectively with cross-functional teams. Ability to work independently while managing multiple priorities efficiently. Work experience with monitoring tools like Nexthink is an advantage.

Information Systems Security work focuses on preventing IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to an organizations information systems and IT assets and intellectual property including: Designing, testing, and implementing secure operating systems, networks, and databases Password auditing, network based and Web application based vulnerability scanning, virus management, and intrusion detection Conducting risk audits and assessments, providing recommendations for application design Monitoring and analyzing system access logs Planning for security backup and system disaster recovery Positions on this level have advanced knowledge and experience and participates in/leads the development of new solutions/projects. Shares best practice and advice to the co-workers in the professional area. Not only generates own workload but outlines directions to others. Can supervise and coordinate lower-level specialists being single point of contact in complex matters. Coordinates the daily operations, enables and oversees the implementation of short to medium term activities within the team. Delivers input to policies, processes and standards, where decisions are of tactical and operational nature within a defined scope. Manages a mixed team of Specialist and Support jobs., with full employee lifecycle responsibility.

We are looking for a highly skilled Security Operations Technical Project Manager to support and enhance our global security posture. This role focuses on the co-ordination and scheduling of vulnerability remediation work globally across infrastructure, applications, databases and network workstreams. The ideal candidate will have hands-on experience with project management and will work closely with program stakeholders and customers. This role will also work closely with the technical engineers to ensure security compliance and operational excellence. Experience: 5+ Years Primary Skills: Agile project management Secondary Skills: Technical skills in Applications, Database, Infrastructure or Networks Responsibilities : Lead and manage projects and/or workstreams, providing technical leadership, ensuring the required quality standards and milestones are met. Work collaboratively with local and remote stakeholders including management, technology architects and technology staff with the lifecycle of operational security compliance, from design and development, through to implementation and maintenance. Implementing a patching schedule to align with SLA and program activities on a re-occurring cadence. Reporting and SLA alignment to be provided into the leadership team on a regular cadence. Regional time zone representation on internal and external customer CAB. Collaborate with global teams to align with security standards and best practices. Provide support with industry standard audits, ensuring compliance with ISO 27001 standards and internal security policies. Maintain documentation and reports related to security operations and remediation efforts. Contribute to future hardware & software planning. Minimum Job Requirements: Bachelors degree, or Minimum 5 years of experience as a technical project manager. Agile adoption towards project management. Ability to balance and drive multiple project deliveries. Familiarity with global security standards, especially ISO 27001. Strong analytical and problem-solving skills. Ability to work in a rotational 24x7 support model . You bring a solution-driven mindset , stay updated with tech trends, and thrive in a collaborative, high-stakes environment. Desirable Certifications: Prince2 Technical certifications Azure Fundamentals etc

Experience with Network Architecture Review and Firewall Rule-base Audit. Strong understanding of OWASP top 10 and SANS top 25 programming errors.Threat Hunting, attack identification, investigation, correlation and suggesting mitigation measures. Required Candidate profile Experience on Vulnerability Assessment and Penetration Testing for Infrastructure / network / web application / databases.Propose, plan, & execute Red Team operations based on threats to organization.

The purpose of this role is to work as part of a team to implement an organised approach to addressing and managing security requests, breaches or cyberattacks. Performing first responder and triage activities to assess the potential risk. Key responsibilities: Manage client audits, and MSAs Support client risk assessments. Performs daily, weekly, monthly maintenance and management tasks Monitors and manages security tool consoles, ensuring all alerts are responded to, escalating incidents quickly Performs risk and vulnerability assessments Maintains current knowledge of tools, techniques and procedures of attackers Investigates alerts, anomalies, errors, intrusions and malware for evidence of compromise Takes ownership of cyber security call queues ensuring tickets are closed based on defined SLAs