296 Vulnerability Jobs - Page 6

Engineering solutions as part of an Agile Team working with Architects, Managers, and Product Owners to deliver the product. Contribute to the engineering practices and standards, and when required participate in the adoption of new technologies Passion to educate and mentor others in engineering best practices and patterns, team player. Ensure that engineering processes, best practices, and continuous improvement, aligned with Agile-Scrum methodology are followed Excellent interpersonal skills, demonstrated ability to influence others, especially in sensitive or complex situations Have you got what it takes? 2+ years of software development experience Has high-attention to details and works well in a dynamic and intense environment. Experience in developing high performance, highly available and scalable enterprise-grade software products that can perform, scale, and integrate into a broad enterprise ecosystem. Experience in one of: NodeJS, Typescript, Python technology stack. Experience with Angular or Vue preferred. Good experience with public cloud infrastructures and technologies, preferably Amazon Web Services (AWS). Experience with event driven architectures and/or microservices architectures is preferred. Experience in database development with SQL and MongoDB. MongoDB experience preferred or experience in other NoSQL databases. Experience in driving quality assurance practices within engineering using a shift left mindset. Experience with Open-Source Software (OSS) technology frameworks, platforms, and tools. Experience with enterprise Secure SDLC implementation comprising of static code analysis, vulnerability and licensing scan, penetration testing, etc. You will have an advantage if you also have: Familiarity and/or experience with public cloud infrastructures and technologies such as Amazon Web Services (AWS) Knowledge of Serverless computing and/or Cloud-Native Development

So, what s the role all about? Our full stack engineers are responsible for developing of APIs, integrations, UI, and processing of data within the Playvox by NICE platform. You will need to have experience in building solutions in cloud native environments using open-source technology. We are looking for someone who is passionate about delivering high quality software, working on challenging problems, and will bring their ideas and innovation to the team. You will join a large local engineering team and work with an extended engineering team in other geo locations. How will you make an impact? Engineering solutions as part of an Agile Team working with Architects, Managers, and Product Owners to deliver the product. Contribute to the engineering practices and standards, and when required participate in the adoption of new technologies Passion to educate and mentor others in engineering best practices and patterns, team player. Ensure that engineering processes, best practices, and continuous improvement, aligned with Agile-Scrum methodology are followed Excellent interpersonal skills, demonstrated ability to influence others, especially in sensitive or complex situations Have you got what it takes? 2+ years of software development experience Has high-attention to details and works well in a dynamic and intense environment. Experience in developing high performance, highly available and scalable enterprise-grade software products that can perform, scale, and integrate into a broad enterprise ecosystem. Experience in one of: NodeJS, Typescript, Python technology stack. Experience with Angular or Vue preferred. Good experience with public cloud infrastructures and technologies, preferably Amazon Web Services (AWS). Experience with event driven architectures and/or microservices architectures is preferred. Experience in database development with SQL and MongoDB. MongoDB experience preferred or experience in other NoSQL databases. Experience in driving quality assurance practices within engineering using a shift left mindset. Experience with Open-Source Software (OSS) technology frameworks, platforms, and tools. Experience with enterprise Secure SDLC implementation comprising of static code analysis, vulnerability and licensing scan, penetration testing, etc. You will have an advantage if you also have: Familiarity and/or experience with public cloud infrastructures and technologies such as Amazon Web Services (AWS) Knowledge of Serverless computing and/or Cloud-Native Development What s in it for you? Enjoy NICE-FLEX! At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere About NICE

Job Responsibilities Utilize and analyze security findings across the Perimeter Attack Surface Management toolset (e.g. BitSight, Security Scorecard, BlueVoyant, IONIX, Shodan, NMAP, VulnDB, etc.) to obtain insights on security posture Perform Vulnerability Assessments utilizing various tools, prioritizing vulnerabilities, and assisting in assessing impact to MetLife Perform Internal Attack Surface Management assessments to identify opportunities to reduce attack surface and exposure risks Support Forbidden Software Tracking workflows Support Forbidden Port and Service Monitoring efforts Create various reports for leadership and stakeholder utilization Proactively seek self-paced training videos and learning forums Actively participate in team meetings Education, Technical Skills Other Critical Requirement Education IT Graduate Knowledge of Networks, Hardware, Firewalls and Encryption Experience (In Years) Total of 4 years of Vulnerability, Threat, and Security Assessments experience Degree in Computer Science, Information Systems or equivalent experience Ability to perform basic scripting to analyze and automate repeatable processes (e.g. Python, Perl, Ruby, PowerShell, REST API) is a plus Technical Skills General Vulnerability, Threat, and Security Assessments experience General knowledge of Operating Systems, Networking, Firewalls, Security Controls, etc. Familiarity with various infrastructure assessment tools, Linux and CLI tools experience Stakeholder relationship management experience (e.g. good written/verbal skills) Other Critical Requirements Like Voice/ Non-Voice for Insurance Ops Preferably: Offensive Security Certified Professional (OSCP) Certified Network Defender (CND) Certification

The resource will act as real time alert monitoring analyst in cyber security team and supporting its three main functions 24x7 monitoring, threat analysis and counter threat, and incident response and recovery activities. Additional responsibilities include maintain enterprise security capabilities and operationalization of the same. Key Responsibilities Provide timely and effective operational support for the firms information security tools, processes and practices. Partner with other support teams and vendors to resolve problems or implement new products or services. Use standard technology monitoring tools to monitor assigned environments and/or technical assets and identify/detect behavior outside of established standards. Escalate key security issues to the appropriate team to be addressed. Assist with security assurance testing activities. Review, analyze and respond to security events triggered through automated security monitoring systems. Validate and track security breaches, along with threats to the firms logical information, while still allowing for appropriate access. Coordinate responses to information security incidents. Work to reduce information security risks by effectively administering the information security processes across the vulnerability scanning, anomaly detection, intrusion detection, security policy and forensic functions. Maintain and develop knowledge of regulatory security trends, new security technologies and best practices. Conduct security and industry specific research to keep self and the firm abreast of the latest security issues and regulatory developments that may impact existing policies, procedures and practices. Participate in information security education, training and awareness activities for technology and business teams. Required Qualifications Bachelor s degree in Information Security, Computer Science, or related technical field; or equivalent work experience. 3+ years of general Information Technology-related experience, such as; networking, end-user computing, server administration, email administration, or other related fields. Working knowledge of Information Security and computer network/system access technologies. Experience working in the financial services industry or other highly regulated/compliance-oriented environments. Effective verbal and written communication skills, that include the ability to describe highly technical concepts in non-technical terms. Preferred Qualifications 1-3 years of relevant security experience Certifications preferred: Security+, Network+ or any equivalent/higher security certifications. Broad hands-on knowledge of firewalls, intrusions detection/prevention systems, anti-virus software, data encryption and other industry-standard techniques and practices. Very good understanding of security controls, monitoring systems and regulatory/business drivers that impact security policies and practices. Ameriprise India LLP has been providing client based financial solutions to help clients plan and achieve their financial objectives for 125 years. We are a U. S. based financial planning company headquartered in Minneapolis with a global presence. The firm s focus areas include Asset Management and Advice, Retirement Planning and Insurance Protection. Be part of an inclusive, collaborative culture that rewards you for your contributions and work with other talented individuals who share your passion for doing great work. You ll also have plenty of opportunities to make your mark at the office and a difference in your community. So if youre talented, driven and want to work for a strong ethical company that cares, take the next step and create a career at Ameriprise India LLP. Full-Time/Part-Time Timings (4:45p-1:15a) India Business Unit AWMPO AWMP&S Presidents Office Job Family Group Technology

Enterprise Architecture work involves developing high level frameworks that align an organization s IT infrastructure with business processes/data to improve the efficiency and productivity of business operations. Main Tasks Essential Duties and Responsibilities Mandatory Skills Participate in the maintenance of a large enterprise network & security which includes an Enterprise WAN, IP-SEC, LAN, W-LAN, Data Centers, Firewall devices [Paloalto] Planning and implementation of patch and release management Installation, configuration, administration, monitoring, maintenance and troubleshoot of Network & Firewall Devices Preparing proposals for IT requirements for upgrades or green field projects, migration projects, acquisition projects Lifecycle management of network security devices Perform regular network security audits, vulnerability assessments, and penetration tests. Best practice commonly used concepts, operations, practices, and procedures within a system administration and policies Lead incident response efforts during network security breaches, including analysis, containment, and remediation Lifecycle management of network & security devices and update the process based on best practice Develop and enforce security policies and procedures in accordance with industry best practices Maintenance of all network and security devices (Hot Fixes, patches, OS, back-out) Your Profile Good to Have/Advantage/Certifications Certification: CCNP, PCNCS, PCNSE are highly desirable. Maintain compliance with all company policies and procedures. Experience in developing and building security content, scripts, tools, or methods to enhance the incident investigation processes Assistance and implement in the technical conception of global projects. Minimum Educational Requirement Bachelor Degree in Computer Sciences or Related fields Experience Education and/or Work Experience in Years: Diploma / Graduation or B.E from reputed University or Institute 4 to 6 years of progressive experience in networking, enterprise routing, security [Checkpoint / Paloalto] Added advantage to know German language Ability to work independently and to carry out assignments to completion within parameters of instructions given, prescribed routines, and standard accepted practices Taking ownership for Incident tickets and resolve within SLA.

Application Security Engineer with up to 3 years of experience to join our security team. The ideal candidate should have a strong understanding of application security principles, Conduct penetration testing, and vulnerability assessments for web,API and mobile applications and Network. Identify, analyze, and mitigate security vulnerabilities in applications based on OWASP Top 10, NIST, and other industry standards. Work closely with stakeholders, including developers, product managers, and leadership, to ensure security awareness and adherence to security policies. Evaluate and implement security tools and automation to improve application security testing processes. 2-3 years of experience in application security, penetration testing, or security engineering. Certifications such as CEH,EJPT,EWPTX

Hi All, Greetings !!! Urgent hiring for Servicenow Developer Exp- 4yrs to 8yrs Loc- Hyderabad/Pune 3+yrs exp in Servicenow, Secops and Vulnerability Exp in ITIC Framework, Knowledge management Servicenow Certification is required Hybrid Excellent communication Immediate joiners only If interested share your resume to hrd9@ontimesolutions.in or call 7204275811

Installing and configuring new software and hardware. Conducting security audits and vulnerability assessments. Maintaining software licenses and hardware inventory. Monitoring system performance and making recommendations for improvements. Responding to user inquiries and resolving technical issues. Collaborating with other members of the IT team to develop and implement new technologies. Key skills and qualifications required for a Desktop Engineer To become a desktop engineer, one must possess a specific set of skills and qualifications: A bachelor s degree in computer science or a related technical field. Experience in managing Windows and Mac OS. Familiarity with desktop support software and tools. Knowledge of network protocols and security systems. Strong problem-solving skills. Excellent communication skills to interact with users and other IT professionals. Ability to work well under pressure.

We are looking for a SecOps MAC professional with an experience of 5+ years in security operations, threat detection and response. Requirements: In-depth knowledge of SIEM tools such Splunk, IBM QRadar and ArcSight. Familiarity with compliance frameworks such as SOC 2, PCI DSS and HIPAA. Strong understanding of network and endpoint security. Monitoring security events, alerts, and logs to detect threats. Performing security analysis and incident response. Ensuring compliance with security policies and frameworks such as ISO 27001, NIST, etc. Conducting security audits and vulnerability assessments. Implementing security automation and monitoring tools such as SIEM, SOAR. Collaborate seamlessly with IT and DevOps teams for security integration. #LI-MK2

Security Tool Development : The primary role is to design and develop cutting-edge security tools and automation frameworks to identify and mitigate potential security threats in complex web applications. You will be responsible for creating innovative solutions to enhance the security testing process. Technology Stack Architecture : Collaborate with the team to define and implement the technology stack required for building efficient security automation tools. This includes selecting appropriate programming languages, frameworks, and libraries to ensure scalable and robust solutions. AI/ML Model Development : Apply machine learning and artificial intelligence techniques to build models that can learn and adapt to new security threats. This may involve training models to detect anomalies, classify attacks, or predict potential vulnerabilities. Automation and Tooling : Automate the application security testing process by developing tools that can perform static and dynamic analysis, code reviews, and vulnerability assessments. These tools should integrate seamlessly with the existing development pipelines. Research and Development : Stay updated with the latest advancements in AI/ML and cybersecurity. Research and implement new technologies, algorithms, or methodologies to improve the effectiveness of security automation. Collaboration and Knowledge Sharing : Work closely with other security professionals, developers, and stakeholders to ensure the successful integration of security tools. Mentor and guide junior team members and promote knowledge-sharing within the team. The AI/ML Developer will play a crucial role in fortifying the organizations security infrastructure by developing intelligent automation tools and contributing to the overall security strategy. At the IC3 career level, this position demands a high level of expertise and a hands-on approach to tackle complex security challenges.

You will contribute as a DevOps Engineer enabling continuous integration and continuous deployment (CI/CD) pipelines in cloud-based solutions. You will work closely with cross-functional teams to design, implement, and manage scalable and highly available cloud infrastructure, automate operational processes, and manage containerized workloads. You have: B.E./B.Tech/M.E/M.Tech 12-16 years of experience in design and architect scalable infrastructure products/services. Proven experience as a DevOps Engineer or in a similar role with a focus on cloud technologies, Kubernetes, and OpenStack. Experience with cloud platforms like AWS, Azure, Google Cloud, OpenStack, and VM Technologies. Hands-on experience in deploying, managing, and optimizing Kubernetes clusters and containerized workloads. Expertise in working with Linux OS and related tools. Expertise in problem-solving in a complex global environment. It would be nice if you also had: Knowledge in the understanding of networking concepts and protocols. Knowledge of Telecom/Network Management products or services. You will design, deploy, and manage cloud-based infrastructure solutions on major platforms such as AWS, Azure, or Google Cloud, as well as private cloud environments using OpenStack. You will oversee the deployment, scaling, and management of containerized applications using Kubernetes. Ensure high availability, scalability, and security of Kubernetes clusters. You will implement automation using tools such as Terraform, Ansible, or Chef to manage infrastructure and configuration at scale. You will develop, implement, and maintain CI/CD pipelines to automate the build, test, and deployment processes. Ensure automated, repeatable, and reliable deployments. You will set up and manage monitoring, logging, and alerting solutions using tools like Prometheus, Grafana, ELK Stack, or Splunk to monitor system health, performance, and security. You will implement security best practices in cloud environments, including identity and access management (IAM), data encryption, vulnerability scanning, and compliance auditing. You will work closely with development teams to design and deploy containerized applications and ensure seamless integration into the CI/CD pipeline. You will provide rapid response and resolution for production issues. Troubleshoot and resolve problems with cloud infrastructure, Kubernetes clusters, and applications.

As a Security Lead at Nokia, you will play a pivotal role in designing and implementing innovative cloud-native solutions that enhance our global networks. Your day-to-day work will involve developing containerized applications using Docker and Kubernetes, ensuring robust security through vulnerability assessments. You will be encouraged to take risks and showcase your authentic self while working alongside passionate professionals committed to driving technology leadership. You have: Bachelor of Engineering degree or equivalent with10-12 years of experience in software development Proficient in cloud-native principles, Docker, and Kubernetes Knowledge of vulnerability assessment and security testing Working knowledge of RHEL/CentOS and its utilities It would be nice if you also had: Knowledge of networking protocols and automation tools like Jenkins Familiarity with Wireshark and protocol analysis Design, develop, and deploy cloud-native applications using containerization technologies like Docker and Kubernetes. Implement and manage Kubernetes networking, including service meshes (Istio) and configuration tools (Helm). Conduct vulnerability assessments and security testing, utilizing tools like Nessus, nmap, and CIS benchmarks. Oversee the integration of OpenStack and VMware technologies to support cloud infrastructure.

As a Security Assurance Expert, you will drive security assurance for our internal platforms, built on Linux containers, Kubernetes (K8s), and modern infrastructure services. You will work closely with engineering teams, guiding them on best practices, security testing, and compliance using tools like Tenable, Anchore, Xray, and VAMS. You have: Bachelor s degree in a relevant field like engineering, computer science, or security. Minimum 5 years of experience in security tools such as Tenable, Web, Anchore, Xray, and VAMS. Strong expertise in security technology and architecture principles, with a deep understanding of Product Security processes. Technical knowledge of Linux, Kubernetes, and Android, including system architecture, security, and deployment best practices. Experience in Cloud Security and DevSecOps implementation. It would be nice if you also had: Experience with compliance tooling and data analytics and reporting tools like PowerBI. Establish and enforce security testing standards by defining clear requirements, developing robust frameworks, and integrating best practices into the Software Development Life Cycle (SDLC). Develop and implement strategies to identify SBOM and hardware composition in DevOps-based products and infrastructure, ensuring clear communication with stakeholders and effective vulnerability tracking. Identify and address compliance gaps by benchmarking security test requirements against industry standards. Identify, assess, and track vulnerabilities across Nokia solutions while ensuring timely remediation in collaboration with teams. Ensure compliance with Nokia s security policies and support audits and reviews related to security testing.

-Handling students virtually and training and developing skills to be job ready for cybersecurity space. -Provide cyber training at an intermediate level for software Engineering/Software development personnel. -Preparing Study materials for training students via a variety of training methods for improving training deliveries. -Handling student queries effectively and efficiently. -Maintain training related to MIS (attendance, feedback forms evaluation scores and certificate issued). -Conduct training sessions on cybersecurity fundamentals, ethical hacking, network security, malware analysis, and related topics. -Stay updated with the latest cybersecurity trends, threats, and best practices. -Conduct workshops and awareness sessions on cybersecurity Requirements -Bachelor\s degree in Cyber Security, Information Technology, Computer Science, or a related field. -Strong understanding of cybersecurity principles, network security, ethical hacking, firewalls, and intrusion detection systems. -Hands-on experience with security tools, penetration testing, and vulnerability assessments. -Good communication, presentation, and training skills. -Prior experience in training, mentoring, or teaching is an added advantage.

Position : SOC ANALYST Work Location : Chennai (city office ) Work Mode : From office Rotational Shifts Mandatory Job Summary : The SOC Analyst will be responsible for monitoring, analyzing, and responding to security threats and vulnerabilities across the organizations IT infrastructure. This role includes monitoring and managing alerts from SIEM and AV/AM, as well as coordinating with the vendormanaged Security Operations Center (SOC) for incident response. The SOC Analyst will collaborate with cross functional teams to identify, assess, and remediate vulnerabilities promptly. Job Responsibilities: Identify, assess, and prioritize security risks, providing actionable recommendations. Coordinate with the vendormanaged SOC team for effective incident response and collaborate on incident response planning. Monitor and respond to suspected phishing threat email reports from users Analyze and research vulnerabilities to assess their impact and severity, providing mitigation and remediation recommendations. Oversee the Vulnerability Management process, working with relevant teams to identify, assess, and remediate known vulnerabilities while tracking and reporting their status. Collaborate with IT and operations teams to ensure timely vulnerability remediation and implementation of security controls. Support encryption, data loss prevention (DLP), and identity and access management (IAM) initiatives. Stay updated on emerging threats, vulnerabilities, and industry best practices, recommending security improvements. Assist in preparing security reports and documentation for management and regulatory compliance. Job Specifications : A bachelors degree in IT, cybersecurity, or a related field, or equivalent experience with relevant certifications. Min 2 to 3 years of IT experience, in a Security Operations Center (SOC) focusing on SIEM, EDR, vulnerability management, and incident response. Experience with IBM QRadar SIEM is a plus. Strong knowledge of vulnerability scanning tools, assessment techniques, and vulnerability databases. Familiarity with security frameworks and standards such as MITRE ATT&CK, NIST Cybersecurity Framework, CIS Controls, OWASP Top Ten and ISO 27001. Ability to analyze and interpret technical data, providing actionable mitigation and remediation recommendations. Strong problemsolving and analytical skills to identify, assess, and prioritize vulnerabilities based on risk and impact. Excellent communication skills, capable of conveying technical concepts to both technical and nontechnical audiences. Professional certifications such as CompTIA Security+ or Certified Ethical Hacker (CEH) or a similar is preferred. Looking for candidates who presently work / Living in chennai for process. Short joiners preferred. Interested candidates pl mail your resume to mail : krishnan.g@talentfocuz.com

Manage and maintain on-premises Microsoft Exchange environments. Perform installation, configuration, and upgrades of Exchange servers and related components and troubleshooting. Manage and maintain a complex Office 365 tenant, including core services like Exchange Online, SharePoint Online, Teams, OneDrive for Business. Deep understanding of Office 365 architecture, services, and administration tools. Provide expert-level technical support and troubleshooting for complex Office 365 issues. Lead and participate in Office 365 projects, including migrations, upgrades, and new service implementations. Develop project plans, timelines, and budgets Manage and configure Intune policies for mobile devices to ensure secure access to email and other corporate data. Troubleshoot Microsoft Intune-related issues affecting email access on mobile devices. Configure and maintain the Cisco Email Security Gateway to protect against spam, malware, and other email-borne threats. Monitor gateway performance and analyze logs to identify and mitigate security risks. Manage and maintain the Veritas Email Archive system to ensure compliance with regulatory requirements and internal policies. Configure archiving policies, perform data restorations, and troubleshoot archiving issues. Advanced Troubleshooting and Problem Resolution: Diagnose and resolve complex messaging problems, including mail flow issues, connectivity problems, and performance bottlenecks. Ensure high availability and disaster recovery for messaging services. Security and Compliance: Implement and maintain security policies and procedures to protect messaging data. Ensure compliance with industry regulations and internal security standards. Conduct security audits and vulnerability assessments. Collaboration and Communication: Work effectively with other IT team members to support overall infrastructure and applications.Provide technical guidance and mentorship to junior team members Qualifications Any Graduate 100% Work from Office only Rotational shifts (24 X7) including Night Shifts Current office location is Vikhroli however team will move to Thane sometime in Mar Apr 25

Role Purpose: Supports projects that include developing, installing, deploying, and configuring various architectural components Key Accountabilities: Support in development of product architecture based on the solution architecture strategy and roadmap Support the teams understanding, implementing and supporting the product architecture Manage the development and operation of the architecture and handle the escalations and issues arising out of development and customer requirements Preferred Experience and Qualification: Degree in Computer Science or Information Systems or equivalent 8+ years of experience in technology development team Cyber Risk Consultant (7 to 10 years experience) 1. Must have 10 years of experience reviewing contract documents like Master Services Agreements and Statement of Works for significant customer proposals, product-related deliverables, or contracts. 2. Expertise in data protection-related contract review, information security processes, GDPR, CPA, and other data-related compliance reviews on contract documents from a cybersecurity risk perspective. 3. Must have 7 years of experience in third-party vendor risk management, internal audits, and reviewing the governance risk and compliance process (GRC) for third-party-related contracts, processes, or anything to do with third-party risks. 4. Experience in internal auditing vendor-related processes and documents and preparing reports with identified risks and mitigation plans. 5. Experience and thorough understanding of the Risk Management Framework process and working knowledge of each stage. Must deliver documents such as a System Security Plan, Security Assessment Report, Contingency Planning, Incident Response Plan, Plans of Action, and Milestones. 6. Ability to interpret security vulnerability scan results. 7. Minimum 2+ years' experience conducting risk and controls assessments per NIST 800-53, Rev.4 and Rev 5. Skills : Strong expertise in SOC2 Type2, HIPAA, ISO27001, USDPI, and familiarity with Policy as Code. Must hold active certification in at least two of the following: CISSP, CRISC, CISM, CCSP, ISO 27001 Lead Implementer / Auditor, and ISO 22301 Lead Implementer / Auditor. Location : Pune/Bangalore/Ahmedabad

Job Title: SAP Security Consultant Experience: Minimum 7 years of experience in SAP Security, with expertise in SAP S/4HANA and Fiori. Job Description: We are seeking a highly skilled and experienced SAP Security Consultant to join our team. The ideal candidate should have a minimum of 7 years of hands-on experience in SAP Security, with a strong focus on SAP S/4HANA and Fiori applications. Key Responsibilities: Role and Authorization Management: Design, implement, and manage SAP roles and authorizations to control user access and permissions effectively. SAP S/4HANA Security: Expertise in securing SAP S/4HANA systems, including understanding the unique security features and requirements of the platform. Fiori Security: Ensure secure access and usage of SAP Fiori applications, including role-based access control for Fiori apps. Segregation of Duties (SoD): Identify and mitigate conflicts in user roles and authorizations to meet compliance requirements and reduce the risk of fraud. Security Compliance: Ensure SAP security compliance with industry standards and regulations, such as GDPR, SOX, or HIPAA. Security Assessment: Conduct regular security assessments, vulnerability scanning, and audits to identify and address security weaknesses and compliance gaps. Incident Response: Develop and implement incident response procedures to address and mitigate security incidents promptly. Security Patch Management: Manage the application of security patches and updates to SAP systems to address vulnerabilities and maintain system integrity. User Training: Provide training and awareness programs to SAP users and stakeholders to promote secure practices. Security Documentation: Maintain security policies, procedures, and documentation to ensure compliance and best practices. Integration Security: Understand how SAP systems integrate with other applications and ensure the security of data and processes across these integrations. Requirements: Bachelor's degree in Computer Science, Information Technology, or related field. Minimum of 7 years of experience in SAP Security. Proven expertise in SAP S/4HANA and Fiori security. Strong knowledge of SAP security architecture and best practices. Excellent problem-solving skills and the ability to work effectively in a team. Strong communication and interpersonal skills. Relevant SAP certifications (e.g., SAP Certified Security Consultant) are a plus.

Join us in pioneering breakthroughs in healthcare. For everyone. Everywhere. Sustainably. Our inspiring and caring environment forms a global community that celebrates diversity and individuality. We encourage you to step beyond your comfort zone, offering resources and flexibility to foster your professional and personal growth, all while valuing your unique contributions. Supports and consults the project teams (in development, engineering or service) to implement the required product & solution security (software and hardware). * Supports and consults the project leaders in implementing the required product & solution security (software and hardware). * Supports project teams in conducting the corresponding security activities during the development process, project management process and / or services. * Can support multiple projects at the same time and should occupy the function for the main part of is defined working time. * Reports to the Project / Functional Lead and the Product & Solution Security Officer. * Needs to be specialized in at least one of six different areas: Secure Architecture & Design, Secure Implementation, Security Testing, Secure Project Integration, Secure Manufacturing or Secure Services . Key Responsibilities: Assist in Threat Modeling to identify and mitigate security risks in application architectures. Conduct Risk Assessments to evaluate potential vulnerabilities and threats. Support Software Bill of Materials (SBOM) creation and management for software transparency. Perform Software Composition Analysis (SCA) to detect open-source vulnerabilities and licensing risks. Assist in Vulnerability Assessments and help track remediation efforts. Collaborate with development teams to integrate security best practices into SDLC. Contribute to security documentation, compliance reports, and policy development. Requirements: Basic understanding of application security concepts and secure development practices. Familiarity with cybersecurity frameworks, OWASP Top 10, and threat modeling methodologies. Knowledge of security tools related to SCA, SBOM, and vulnerability scanning is a plus. Strong analytical and problem-solving skills with attention to detail. Good communication and documentation skills.

The product security team at Worldpay is seeking a dynamic and motivated individual to join our new and growing team. The product team will be instrumental at defining the vision to help secure Worldpay going forward. You will work closely with development teams to enable them to build secure products and provide them with adequate security context to make the right decisions for Worldpay. What youll own: Responding to security requests from our engineering communities Explain detected vulnerabilities in software and recommend remediation options Administer the security tooling Perform DAST testing against software applications Scale product security via automations and self-service providing actionable visibility for engineers Align solutions with PCI, SOC, GDPR, CCPA, and cloud security best practices. What youll bring: Bachelors degree in Computer Science, Information Security, or a related field. 7+ years of experience in cybersecurity, with a focus on product security. Experience in software engineering and evaluating code (C#, Java, .NET, C++, etc.) for security risks and making informed decisions on non-exploitable or false-positive findings. Expertise in recommending mitigations and remediations for identified vulnerabilities and assist engineers with secure design, code reviews, and threat modeling. Expertise in authentication and authorization protocols, application security, and securing APIs. Experience working with CI/CD teams to implement new security technologies in the pipeline. Including SAST, DAST, and SCA tools. Ability to drive change by leading discussions, writing decision records, and persuading key stakeholders. Experience partnering with cross-functional teams to deliver impactful security initiative. Bonus if you have: Experience with BlackDuck and/or Checkmarx. Payment industry and PCI DSS experience. Expertise in both offensive and defensive tactics. Contributed to the open-source community.

This is an exciting opportunity to join a new team and help build a comprehensive security program from the ground up. The Senior Engineer of Security Operations and Infrastructure will support the implementation of the forward-looking security architecture (heavily driven by Microsoft) for our systems and networks (Zero Trust). The ideal candidate will be responsible for implementing, operating (administering, maintaining, and optimizing) the security technology infrastructure that protects, detects, and responds to threats against our business and customer data. In this role, you will have duties in the security operations of red teams (vulnerability management) and blue teams (monitor, detect, respond). You will interact and engage with third-party providers that are part of the team. You will also collaborate with internal stakeholders and customers in Human Resources, Sales, Marketing, Product Management, Engineering, etc Responsibilities: Independently handle global team work: Work independently or asynchronously on a globally distributed team. Expertise in Zero Trust architectures: Demonstrate knowledge of Zero Trust architectures and the associated tooling and technology. Participate in security operations: Participate in the general operations of a security operations center, incident response team, threat intelligence unit, and/or security engineering or tools teams (integrate, automate, optimize). Hands-on experience with security technologies: Have hands-on experience with core security operations infrastructure technologies such as EDR, SASE, WAF, IAM, PAM, Vulnerability Management, Threat Intelligence, SIEM, etc., and services like MDR, MSSP, Forensics and Incident Response, Attack Surface Management, etc. Implement cloud security controls: Understand cloud security controls and how to implement them for Azure and AWS. Utilize Microsoft Defender Stack: Utilize hands-on experience with the Microsoft Defender Stack, including Defender for Cloud, Defender for Endpoint, Defender for M365, Defender for CSPM etc. Respond to real-world incidents: Respond to real-world incidents, including ransomware and other threats, threat modeling, and the development of architectures and designs. Hands-on software development or scripting experience is a plus. Familiarity with Scripting Languages: Familiarity with PowerShell scripting and KQL is an asset. Maintain threat knowledge: Maintain knowledge of attacks, attackers, their tools and techniques, vulnerabilities, and how to model those threats against our business. Develop detection rules and algorithms: Build detection rules and algorithms. Implement compliance requirements: Implement governance, risk, compliance, and audit requirements in security operations, especially for a technology company. Exhibit strong communication skills: Exhibit excellent written and oral communication skills. About you: Experience in security and cross-functional areas: 4+ years of combined experience in security and other cross-functional areas. Educational background: Bachelors or Master s Degree is preferred but optional. Preferred certifications: Industry certifications (SANS, etc.) are preferred but optional. Strong analytical skills: Strong analytical and problem-solving skills. Adaptability: Ability to work in a dynamic and fast-paced environment. Team collaboration: Strong team player with the ability to collaborate effectively with colleagues and stakeholders. Proficiency in security tools: Proficiency in security tools and technologies relevant to the role. Critical thinking skills: Ability to think critically, adapt to changing priorities, and effectively solve problems with a resourceful approach. Additional Skills: Conduct risk assessments : Proficiency in conducting security risk assessments and vulnerability assessments. Experience in incident response : Experience in incident response planning and execution. Develop security policies: Ability to develop and maintain security policies, standards, and procedures. Familiarity with compliance requirements : Familiarity with regulatory compliance requirements and frameworks (e.g., GDPR, ISO 27001, NIST). Project management skills: Strong project management skills with the ability to manage multiple projects simultaneously

A career in our Ethics and Business Conduct Practice Support practice, within Risk and Compliance services, will provide you the opportunity to work with a team that provides clients with extensive risk and controls technical knowledge and sector specific experience. You ll have the opportunity to develop a holistic approach to risk that protects businesses, facilitates strategic decision making and enhances efficiency by assisting management in the assessment of project risks and controls. Our team helps PwC develop and design effective compliance and ethics initiatives that help us proactively manage our ethics and compliance programmes. You ll assist through all stages of the compliance and ethics life cycle including compliance programme assessments, development and transformation, risk assessment, and industry regulatory compliance. The role involves working in the following areas 1. Analyze and assess risks and internal controls, identifying potential areas of vulnerability and recommending mitigation strategies 2. Review and evaluate the effectiveness of internal controls, identifying areas for improvement and recommending enhancements. 3. Conduct comprehensive monitoring and testing of compliance with a wide range of regulations, including but not limited to the Labor laws, EHS, Data privacy regulations, Companies Act, Tax laws, etc. 4. Utilize data analysis tools like Power BI, Alteryx, and Excel to analyze large datasets, identify trends, and generate comprehensive reports for senior management 5. Collaborate with stakeholders across various departments within PwC India, including legal, finance, HR, and operations, to ensure compliance with relevant regulations. 6. Support and lead other functional initiatives (as needed) in areas such as trainings, promoting culture of controls compliance awareness, etc. Mandatory skill sets Strong understanding of Indian laws and regulations, particularly those related to labor, environmental, data privacy, secretarial, tax, etc Hands on exposure of monitoring and testing of applicable statutory requirements for large MNCs in service sector or listed entities Preferred skill sets Compliance Monitoring Years of experience required 3-5 years Education qualification CA, MBA, M.Com, CS, LLB (Experience in regulatory compliances monitoring will be an added advantage) Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required Chartered Accountant Diploma, Bachelor of Laws, Master of Business Administration Degrees/Field of Study preferred Certifications (if blank, certifications not specified) Required Skills Compliance Reviews, Internal Auditing, Process Reviews Optional Skills Compliance Monitoring

At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. Those in governance, risk, controls and compliance at PwC will be responsible for confirming regulatory compliance and managing risks for clients. Your work will involve providing advice and solutions to help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Summary A career in our Ethics and Business Conduct Practice Support practice, within Risk and Compliance services, will provide you the opportunity to work with a team that provides clients with extensive risk and controls technical knowledge and sector specific experience. You ll have the opportunity to develop a holistic approach to risk that protects businesses, facilitates strategic decision making and enhances efficiency by assisting management in the assessment of project risks and controls. Our team helps PwC develop and design effective compliance and ethics initiatives that help us proactively manage our ethics and compliance programmes. You ll assist through all stages of the compliance and ethics life cycle including compliance programme assessments, development and transformation, risk assessment, and industry regulatory compliance. The role involves working in the following areas 1. Analyze and assess risks and internal controls, identifying potential areas of vulnerability and recommending mitigation strategies 2. Review and evaluate the effectiveness of internal controls, identifying areas for improvement and recommending enhancements. 3. Conduct comprehensive monitoring and testing of compliance with a wide range of regulations, including but not limited to the Labor laws, EHS, Data privacy regulations, Companies Act, Tax laws, etc. 4. Utilize data analysis tools like Power BI, Alteryx, and Excel to analyze large datasets, identify trends, and generate comprehensive reports for senior management 5. Collaborate with stakeholders across various departments within PwC India, including legal, finance, HR, and operations, to ensure compliance with relevant regulations. 6. Support and lead other functional initiatives (as needed) in areas such as trainings, promoting culture of controls compliance awareness, etc. Mandatory skill sets Strong understanding of Indian laws and regulations, particularly those related to labor, environmental, data privacy, secretarial, tax, etc Hands on exposure of monitoring and testing of applicable statutory requirements for large MNCs in service sector or listed entities Preferred skill sets Compliance Monitoring Years of experience required 1-3 years Education qualification CA, MBA, M.Com, CS, LLB Experience in regulatory compliances monitoring will be an added advantage Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required Chartered Accountant Diploma, Master of Business Administration, Bachelor of Laws Degrees/Field of Study preferred Required Skills Secretarial Experience Optional Skills Compliance Monitoring

Job responsibilities Executes security solutions design, development, and technical troubleshooting with the ability to apply knowledge of existing security solutions to satisfy security requirements for internal clients (e.g., product, platform, application owners) Creates secure and high-quality production code and maintains algorithms that run synchronously with appropriate systems Applies specialized tools (e.g., vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize the probability and impact of threats when determining specific vulnerabilities Leads delivery of continuity-related awareness, training, educational activities, and exercises Adds to team culture of diversity, equity, inclusion, and respect Required qualifications, capabilities, and skills Formal training or certification on Security Engineering concepts and 3+ years applied experience Hands-on experience in developing, engineering, or architecting within a public cloud environment. Development experience in Python and engineering with Terraform or infrastructure-as-code. Perform security reviews of infrastructure-as-code and Kubernetes platforms, including RBAC configurations. Conduct risk-based assessments of secure technology controls for cloud services, platforms, and architectural components Assist in executing and enhancing a long-term information risk and control strategy to secure public cloud information assets Proficient verbal and written communication skills, including the ability to effectively participate in discussions and meetings with internal management, peer groups, regulators and senior stakeholders. Preferred qualifications, capabilities, and skills Keen desire to understand and secure public cloud technology. Eagerness to collaborate in a team, and comfortable in both virtual and office environments. Ability to prioritize and work under stringent timelines. AWS, Azure or Google Cloud certifications would be an advantage. Understanding of DevOps or CI/CD concepts would be an advantage.

What this job involves As a Full Stack Engineer at JLL Technologies, your responsibilities are to: Develop web applications based on business requirements. Write unit tests and integration tests using code coverage tools. Troubleshoot and fix bugs in React frontend applications independently. Write SQL queries required to perform the task. Work on vulnerability remediations and application version upgrades. Work under the guidance of a technical lead. Required Qualifications 2-5 years experience in software development and lifecycle. Bachelors degree in Computer Science, Information Systems, Software Engineering, or a related field. Experienced in using C#, .Net Core, MVC Framework, SQL Server Strong experience in HTML5, CSS3, JavaScript, and React.js, including advanced concepts such as Components, Redux, Hooks and Node.js. Experience developing and integrating RESTful APIs, with experience handling JSON data formats. Solid grasp of fundamental SQL query writing. Good problem-solving skills and thrives in collaborative team settings. Experience with agile software development methodologies (Scrum, etc.) Available to attend calls and team collaborations during USA morning time - preferably 8 AM-12 PM CST. Preferred Technical Skills Competencies Experience using Git for version control and team collaboration. Working knowledge of CI/CD pipeline. Familiarity with monitoring tools like Datadog, Splunk, etc. is a plus. Knowledge of cloud technologies. Knowledge of Vue.js.