1033 Vulnerability Management Jobs

Cowbell is signaling a new era in cyber insurance by harnessing technology and data to provide small and medium-sized enterprises (SMEs) with advanced warning of cyber risk exposures bundled with cyber insurance coverage adaptable to the threats of today and tomorrow. Championing adaptive insurance, Cowbell follows policyholders" cyber risk exposures as they evolve through continuous risk assessment and continuous underwriting. In its unique AI-based approach to risk selection and pricing, Cowbell's underwriting platform, powered by Cowbell Factors, compresses the insurance process from submission to issue to less than 5 minutes. Founded in 2019 and based in the San Francisco Bay Area, Cowbell has rapidly grown, now operating across the U.S., Canada, U.K., and India. This growth was recently bolstered by a successful Series C fundraising round of $60 million from Zurich Insurance. This investment not only underscores the confidence in Cowbell's mission but also accelerates our capacity to revolutionize cyber insurance on a global scale. With the backing of over 25 prominent reinsurance partners, Cowbell is poised to redefine how SMEs navigate the evolving landscape of cyber threats. In support of business objectives, we are actively looking for an ambitious person, who is not afraid of hard-work and embraces ambiguity as it comes to join our Information Security Team as a Sr. Developer, Application Security. The InfoSec team drives security, privacy, and compliance improvements to reduce risk by building out key security programs. We enable our colleagues to keep the company secure and support our customers" security journey with tried and true best practices. We are a Java, Python, and React shop combined with world-class cloud infrastructure such as AWS & Snowflake. Balancing proper security while enabling execution speed for our colleagues is our ultimate goal. It's challenging and rewarding! If you are up for the challenge, come join us. You will be instrumental in curing security defects in code, burning down any new and existing vulnerabilities. You can fix the code yourself and continuous patching is your north star. You will be the champion for safeguards and standards that will keep our code secure and reduce the introduction of new vulnerabilities. Partner and collaborate with internal stakeholders in assisting with the overall security posture with an emphasis on the Engineering and Operations/IT areas. Work across engineering, product and business systems teams to enhance and evangelize security in applications (& infrastructure). Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts. Develop and maintain application scanning solutions to inform stakeholders of security weaknesses & vulnerabilities. Review outstanding vulnerabilities with product teams and assist in remediation efforts to reduce risk. Bachelor's degree in computer science or another STEM discipline and 8 to 10+ years of professional experience in security software development. Majority of prior experience as a Security Engineer focused on remediation of security vulnerabilities and defects in Java and Python. Must have prior in-depth demonstrable experience developing in JAVA and Python; Basically you are developer first and a security engineer second. Applicants that do not have this experience will not be considered. Experience developing in, and securing, Javascript and React a plus. Experience securing integrations and code that utilizes Elasticsearch, Snowflake, Databricks, RDS a big plus. Detail-oriented with problem-solving, communication, and analytical skills. Expert understanding of CVE and CVSS scoring and how to utilize this data for validation, prioritization, and remediation. Excellent understanding and utilization of OWASP. Demonstrated ability to secure API; Techniques, patterns, will be assessed. Experience designing and implementing application security solutions for web and or mobile applications. Experience developing and reporting vulnerability metrics as well as articulating how to reproduce and resolve those security defects. Experienced in application penetration testing; and understanding of remediation techniques for common misconfigurations and vulnerabilities. Demonstrable experience in understanding patching and library upgrade paths including interdependencies. Familiarity with CI/CD tools. Previous admin experience in CI/CD is not required but a big plus. Capability to deploy, provide maintenance for, and operationalize scanning solutions. Hands-on ability to conduct scans across application repositories and infrastructure. Must be willing to work extended hours and weekends as needed. Great at and enjoys documenting solutions; creating repeatable instruction for others, operational documentation, developing technical diagrams, and similar artifacts. Preferred Qualifications: You can demonstrate and document threat modeling scenarios using well-known frameworks such as STRIDE. Proficient with penetration testing tools such Burp suite, Metasploit or ZAP. You are already proficient with SAST & SCA tools; proficiency with DAST and/or OAST tool usage and techniques would be even better. As a mentor you also have the experience and desire in providing fellow engineering teams with technical guidance on the impact and priority of security issues and driving remediation. Capability to develop operational process from scratch or improve current processes and procedures through well-thought-out hand-offs, integrations, and automation. Familiarity with multiple security domains such as application security, infrastructure security, network security, incident response, and regulatory compliance and certifications. Understanding of modern endpoint security technologies/concepts. Adept at working with distributed team members. What Cowbell brings to the table: Employee equity plan for all and wealth enablement plan for select customer-facing roles. Comprehensive wellness program, meditation app subscriptions, lunch and learn, book club, happy hours, and much more. Professional development and the opportunity to learn the ins and outs of cyber insurance, cybersecurity as well as continuing to build your professional skills in a team environment. Equal Employment Opportunity: Cowbell is a leading innovator in cyber insurance, dedicated to empowering businesses to always deliver their intended outcomes as the cyber threat landscape evolves. Guided by our core values of TRUE Transparency, Resiliency, Urgency, and Empowerment, we are on a mission to be the gold standard for businesses to understand, manage, and transfer cyber risk. At Cowbell, we foster a collaborative and dynamic work environment where every employee is empowered to contribute and grow. We pride ourselves on our commitment to transparency and resilience, ensuring that we not only meet but exceed industry standards. We are proud to be an equal opportunity employer, promoting a diverse and inclusive workplace where all voices are heard and valued. Our employees enjoy competitive compensation, comprehensive benefits, and continuous opportunities for professional development.,

As a Security Advisor, your primary responsibility will be to provide enterprise-level advice to organizations to enhance their cyber resilience. You will play a key role in navigating the complex landscape of cyber threats, ensuring robust digital asset protection while maintaining trust with stakeholders. The ideal candidate should have at least 12 years of experience in Network Security Operations. You will be required to possess strong proficiency in Network Security Operations and a solid understanding of risk assessment methodologies and frameworks. Additionally, you should have a strong knowledge of network security, cloud security (AWS, Azure, GCP), and endpoint protection. Key responsibilities of this role include developing and implementing infrastructure security strategies, policies, and procedures. You will lead the design and enforcement of security controls across on-premises and cloud environments, manage firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and endpoint protection. Regular vulnerability assessments, penetration tests, and risk assessments will also be part of your duties. Monitoring security alerts and responding to incidents, coordinating with SOC and IT teams, ensuring compliance with relevant regulations and standards (e.g., ISO 27001, NIST, GDPR), and collaborating with IT, DevOps, and application teams to embed security into infrastructure projects are crucial aspects of this role. You will oversee third-party security assessments and vendor risk management, prepare and present security reports and metrics to senior leadership, and lead and mentor a team of security engineers and analysts. Relevant certifications such as CISSP, CISM, CCSP, or equivalent are preferred. This position requires a minimum of 12 years of experience in Network Security Operations and a 15 years full-time education. The role is based at our Chennai office. If you have excellent leadership, communication, and project management skills along with the required technical expertise, we encourage you to apply for this challenging and rewarding role.,

Genpact is a global professional services and solutions firm focused on delivering outcomes that shape the future. With a workforce of over 125,000 professionals spread across 30+ countries, we are motivated by curiosity, entrepreneurial agility, and the goal of creating lasting value for our clients. Driven by our core purpose of relentlessly pursuing a world that works better for people, we serve and transform leading enterprises, including the Fortune Global 500, leveraging our deep business and industry knowledge, digital operations services, and expertise in data, technology, and AI. We are currently looking for a Principal Consultant specializing in L3 Patching & Vulnerability Management and Endpoint Compliance. The ideal candidate will have a strong background in Endpoint Compliance, Patching & Vulnerability Management. Responsibilities: - Demonstrated expertise in vulnerability assessment and remediation for Endpoints, Servers, and Network Devices - Analyzing scan reports and recommending remediation or mitigation plans - Knowledge of various patching tools like AirWatch, Tanium, SCCM, Manage Engine, etc. - Collaborating with stakeholders and Subject Matter Experts (SMEs) to facilitate vulnerability/Patch remediation, reporting, and closure - Familiarity with IT security practices, methodologies, tools, mechanisms, and trends - Sound understanding of networks, operating systems (Windows, Unix, Linux), firewalls, and security engineering concepts - Developing reporting, analytical, and presentation skills, including creating dashboards for Vulnerability and Patching compliance for Management - Strong verbal, written, and interpersonal communication skills - Ability to work independently or as part of a technical team - Self-motivated with the capability to produce results with minimal supervision - Analyzing and reporting issues related to End Points - Collecting audit-related evidence, validating its effectiveness, and ensuring readiness for audits - Tracking remediation efforts to ensure identified defects are addressed - Leading audits from an end-point perspective and overseeing observation closures - Evaluating processes and recommending changes to improve effectiveness - Acting as the primary point of contact for assigned pursuits to collaborate with the Information Security team, Operations team, and customer team for End Point effectiveness Qualifications: Minimum Qualifications / Skills: - Engineering/MCA degree or equivalent technical experience in an L3 role at a reputed organization - Strong troubleshooting skills and experience in front-ending IT audits - Extensive compliance experience and knowledge of computer hardware/software - Ability to work independently and proactively solve problems - Proficient in critical thinking, analytical, problem-solving, and reasoning - Quick learner with the ability to adapt to new and evolving technologies - Proficiency in MS Excel and PowerPoint Preferred Qualifications / Skills: - Excellent communication and customer service skills If you possess the required qualifications and skills and are passionate about making a significant impact in the realm of Patching & Vulnerability Management and Endpoint Compliance, we invite you to join us as a Principal Consultant at Genpact's location in Gurugram, India. This is a full-time position requiring a Bachelor's degree or equivalent. The job posting is scheduled for Mar 24, 2025, with an unposting date of Apr 23, 2025.,

NTT DATA is looking for an EPM Vulnerability Management and 3rd party patching Associate to join their team in Noida, Uttar Pradesh, India. As a Sr. System Administrator, you will be responsible for patch management, including 3rd Party Patching & Vulnerability Remediation. Your role is crucial in maintaining the stability, security, and performance of the organization's IT infrastructure through efficient deployment and management of patches and updates via SCCM & Intune. Your responsibilities will include configuring and maintaining System Center Configuration Manager (SCCM) for OS deployment and patch management, creating and managing SCCM collections, queries, and deployment packages, monitoring SCCM health, troubleshooting issues, and performing regular maintenance tasks. You will also develop and implement patch management strategies, coordinate patch testing and deployment schedules, ensure compliance with patch levels and configuration standards, and automate endpoint configuration and software deployments using SCCM. Additionally, you will be responsible for maintaining documentation of SCCM configurations and procedures, generating reports on patch compliance and system health, collaborating with IT security teams on critical patches, providing technical support to IT teams and end-users, and staying updated on industry best practices in patch management. The ideal candidate should have 8 years of relevant experience or equivalent education, a good understanding of SCCM Software Updates, in-depth knowledge of configuration management principles, and skills in SCCM Patching, Patch Compliance Reporting, 3rd Party Patching, Vulnerability Management, Microsoft Endpoint Manager Admin Center, and other related areas. NTT DATA is a trusted global innovator of business and technology services, serving Fortune Global 100 clients. They are committed to helping clients innovate, optimize, and transform for long-term success. With experts in over 50 countries, NTT DATA offers services in business and technology consulting, data and artificial intelligence, industry solutions, application development, infrastructure management, and more. As a part of NTT Group, they invest significantly in R&D to support organizations in their digital transformation journey.,

As a Security Testing professional with 3-10 years of experience in SAST/DAST/API, Network, Mobile Security, DevSecOps, Cloud Security, Threat Modelling, Vulnerability Management, Logging & Audit, GRC, Security Operations, and IAM, your role as a part of the Infosys delivery team will encompass various responsibilities. Your main responsibility will be to ensure effective Design, Development, Validation, and Support activities to meet and exceed client expectations in the technology domain. This will involve gathering requirements and specifications to deeply understand client needs and translating them into system requirements. Additionally, you will be pivotal in estimating work requirements accurately to provide vital input on project estimations to Technology Leads and Project Managers. Your contribution will be essential in the creation of efficient programs and systems that align with client requirements and industry best practices. If you are passionate about aiding clients in their digital transformation journey and possess the required expertise, then this opportunity is tailored for you! This job opening is available in multiple locations including Bangalore, Hyderabad, Trivandrum, Chennai, and Pune.,

As a Manager Information Security (Release Management) with over 6 years of experience, you will be based in Hyderabad and expected to demonstrate expertise in the insurance industry. Working seamlessly with various vendors and global teams is a vital aspect of this role. Your technical proficiency should encompass tools such as JIRA, ServiceNow, Fortify, and vulnerability management platforms. Additionally, having a foundational understanding of Java, Linux, and HTML will be beneficial. Your responsibilities will include executing scans, generating reports, and adeptly resolving tool-related issues. Experience in release and change management is essential, alongside familiarity with ISO and SOC audit processes. Monitoring and ensuring SLA compliance for L1 and L2 tickets, coordinating production releases, and conducting post-implementation reviews are among your operational duties. You will oversee application access, manage license renewals, and be responsible for the ServiceNow access/removal request process. Guiding teams to address access and vulnerability concerns will be part of your daily routine. Your role will also involve active participation in change advisory board meetings, collaborating with stakeholders to ensure seamless release execution, and taking the lead in scan template reviews and vulnerability assessments. If you are looking to leverage your skills in information security and release management within a dynamic and collaborative environment, this position offers a platform for professional growth and impact. Regards, Infosys BPM Recruitment team,

As an experienced audit professional with our Information Technology audit team, you will be responsible for assisting with ongoing risk assessment, control identification, audit execution, and continuous monitoring activities across firm-wide cybersecurity functions. The team collaborates closely with the Line of Business Audit team to ensure consistent coverage of cybersecurity controls. Ideal candidates for this position possess knowledge of various cybersecurity functions such as cybersecurity operations, attack simulation (red team, blue team), vulnerability management, cybersecurity tools/processes across network, endpoints, cloud environments, and cyber threat modeling. Additionally, candidates should have audit and risk skills to effectively execute global cybersecurity audits. This role reports locally to the Audit Lead in India and functionally to the Audit Director globally. You will be responsible for executing global cybersecurity audit engagements, including risk assessments, audit planning, audit testing, control evaluation, audit report drafting, follow-up, and verification of issue closure. Participation during audit engagements is crucial, including performing timely reviews and providing constructive feedback. Meeting deliverable deadlines, adhering to department and professional standards, utilizing consistent methodology, and effectively communicating audit findings to management are essential aspects of this role. Building and maintaining relationships with senior cybersecurity team stakeholders, engaging in a culture of value addition, and coordinating proactively with Global Corporate Sector auditors and Line of Business Audit teams are key responsibilities. Staying updated with evolving industry and regulatory developments and finding ways to drive efficiencies in the audit process through automation are also part of the role. Required qualifications, capabilities, and skills for this position include a minimum of 3 years of cybersecurity with internal/external auditing experience, familiarity with core cybersecurity operations and one or more cybersecurity tools/process areas, a Bachelor's degree (or relevant financial services experience), and demonstrated knowledge of technology processes such as change management, security operations, technology operations, and business resiliency. Ability to multitask, execute audit activities with minimal supervision, strong analytical skills, proficiency in risk analysis and report preparation, flexibility, strategic thinking, leadership skills, and strong partnerships across technology and business teams are also required. Excellent verbal and written communication skills, enthusiasm, self-motivation, effectiveness under pressure, and willingness to take personal responsibility and accountability are further essential traits. Preferred qualifications, capabilities, and skills include a professional certification (e.g., CISA, CISM, CISSP, CEH, GIAC, etc.) or a willingness to pursue such certification.,

As a Vulnerability Management Specialist at Amdocs, you will play a crucial role in leading, implementing, identifying, assessing, and mitigating security vulnerabilities across our infrastructure, including cloud environments. Your responsibilities will include conducting regular vulnerability scans, analyzing scan results, prioritizing vulnerabilities, collaborating with stakeholders to implement remediation plans, and overseeing patch deployment processes to ensure timely remediation. You will also perform risk and vulnerability assessments, document findings, engage with stakeholders to address risks, and oversee risk acceptance and exclusion processes. Additionally, you will monitor container security and cloud security posture, provide threat management support, respond to identified threats effectively, maintain comprehensive reports on vulnerability findings and trends, and support security audits and compliance requirements related to vulnerability management. To excel in this role, you should have 6-9 years of experience in vulnerability management and threat management, hands-on experience with vulnerability scanning tools such as Wiz, Rapid7, Nessus, CrowdStrike, MDE, and Axonius, proficiency in container security, On-prem and Cloud Vulnerability Management, and experience with cloud platforms like AWS, Azure, or GCP. You should also be familiar with risk acceptance and exclusion processes, have a basic understanding of Generative AI (GenAI) concepts, possess strong analytical skills, attention to detail, excellent communication, and stakeholder management skills. Moreover, you should have a good understanding of Security Frameworks and Standards such as NIST, CIS, PCI-DSS, and experience leading a team of Vulnerability Analysts. Preferred qualifications for this role include experience with other security tools and frameworks, data visualization tools like Power BI, AWS Quicksight, scripting and automation experience in Python, Go, and security certifications like CISSP, CISM, or CEH. By joining Amdocs as a Vulnerability Management Specialist, you will have the opportunity to work with industry-leading technologies and experts in a global company, evolve yourself in cutting-edge technologies and business trends, and collaborate with a great team. Amdocs is an equal opportunity employer that welcomes applicants from all backgrounds and is committed to fostering a diverse and inclusive workforce.,

The HybridCloud Managed Containers PO will be part of a team responsible for designing, building, and operating global AWS, Azure, and On-premises environments at Siemens Healthineers. You should have experience in Cloud and On-premises IT architecture, software implementation, automation, quality assurance, monitoring, and maintaining services with various dependencies. Collaboration with DevOps and SysOps teams is crucial to deliver highly available and scalable services. Working closely with business teams to understand requirements and translate them into performant cloud solutions is also a key aspect of this role. Prior experience in designing cloud and on-premises n-tier applications or IT infrastructure is required. As a HybridCloud Managed Containers PO, your responsibilities will include owning product end-to-end responsibility, defining product roadmap and capabilities, managing the product life cycle, ensuring product security, governance, and operations, providing product training and documentation, and interfacing with various teams and stakeholders. Desired qualifications for this position include having over 9 years of experience, in-depth knowledge of Kubernetes and Docker, hands-on experience with AKS, EKS, OpenShift Kubernetes distributions, and standalone Docker servers, as well as knowledge of containerizing applications, container image registries, DevOps, and integrating cloud resources with DevOps tools. Additionally, familiarity with non-functional requirements like patching, backup, monitoring, vulnerability management, and cost management of resources is important. The ideal candidate for this role should be highly self-motivated, able to communicate effectively with individuals at all levels, possess strong oral, written, and presentation skills, demonstrate strong business acumen, work well under pressure, excel in dynamic and fast-paced environments, and build solid relationships with team members and stakeholders. You should be technically innovative, have excellent communication and negotiation skills, and the ability to document complex concepts clearly. Encouraging open communication, taking initiative to solve technical problems, driving innovation, and striving for standardization and simplification in work processes are key competencies for this role. Soft skills requirements include leadership qualities, collaboration, customer orientation, intercultural sensitivity, value orientation, team development, multitasking abilities, initiative, efficient communication skills, quick learning capability, and a focus on delivery quality.,

Work with MCX to enhance your career growth and excel in the field of Information Security. MCX values its employees" domain expertise and commitment, which have been pivotal in the company's success. If you are an ambitious and result-oriented professional, MCX offers exciting career opportunities for you to realize your potential in the cybersecurity domain. As a Manager - Information Security at MCX based in Mumbai, you will play a crucial role in ensuring the optimal performance of security technologies through operational oversight. With a Bachelor's degree in Cybersecurity, Information Technology, or related fields, along with 8-10 years of experience in cybersecurity (including 3+ years in managerial roles), you will be responsible for managing L2 activities and listed technologies hands-on. Your key responsibilities will include overseeing L2 activities, incident response, audits, and reviews of security operations. You will also be involved in developing and maintaining comprehensive documentation and SOPs for security technologies and processes, ensuring compliance and standardization. Additionally, you will configure, optimize, and maintain various security tools while evaluating their effectiveness and ensuring integration with the organization's IT infrastructure. In this role, you will lead threat hunting efforts, collaborate with stakeholders for risk mitigation, and manage security incidents promptly. You will generate security reports, communicate with stakeholders, and mentor junior team members to enhance their skills in security tools and best practices. If you are ready to climb the career ladder with MCX and have the necessary qualifications and experience in cybersecurity, this role offers you a platform to grow and excel in the dynamic field of Information Security. For further assistance or inquiries about this opportunity, please contact us at 022-67318888 / 66494000 or careers@mcxindia.com.,

You are an exceptional, innovative, and passionate individual looking to grow with NTT DATA, a forward-thinking organization committed to inclusivity. Currently, we are seeking a Technical Analysis Senior Analyst to join our team. As a Technical Analysis Senior Analyst at NTT DATA, you will be responsible for supporting EPM Desktop Engineering SCCM/Intune operations. Your role will involve deploying security patches, applications, and settings using SCCM Configuration Manager. You should have 1-3 years of relevant experience or an equivalent combination of education and work experience. You are expected to have a basic understanding of current scripting technologies, batch commands, and windows end-user platforms. Knowledge of Intune & Autopilot operations, vulnerability management, and configuration management principles is essential. Possessing Microsoft & ITIL certification would be advantageous. Your responsibilities will include monitoring and reporting on key metrics, troubleshooting and resolving operational and deployment issues, and ensuring compliance with service level agreements. Strong technical and communication skills are a must for this role. Join NTT DATA, a trusted global innovator with a $30 billion footprint. We serve 75% of the Fortune Global 100 and are dedicated to helping clients innovate, optimize, and transform for long-term success. As a Global Top Employer, we have diverse experts in over 50 countries and a robust partner ecosystem. Our services encompass business and technology consulting, data and artificial intelligence, industry solutions, application development, infrastructure management, and more. Be part of our team and contribute to our mission of moving confidently and sustainably into the digital future. Learn more about us at us.nttdata.com.,

We are currently looking for a Lead TPM, Vulnerability Remediation & Patch Management for our team based in HDC, Hyderabad. As a Lead TPM, you will be responsible for overseeing and managing the end-to-end vulnerability management lifecycle to ensure our organization maintains a strong security posture through timely identification, prioritization, and remediation of vulnerabilities. The ideal candidate should have a minimum of 8-10 years of experience in technical program management, with a focus on vulnerability and patch management. Key Responsibilities: - Lead the Vulnerability and Patch Management Program, ensuring timely identification, assessment, and remediation of vulnerabilities across all systems. - Collaborate with various teams to ensure patches are applied promptly and effectively. - Utilize tools such as QUALYS, SEEMPLICITY, RAPID7 or similar tools for vulnerability detection and remediation operations management, reporting. - Have a working knowledge of Jira, ServiceNow, and advanced Excel for tracking and reporting purposes. - Regularly communicate progress to key stakeholders and leadership, sharing key reports including Vulnerability Exposure Reports, Patch Compliance Reports, Remediation Progress Reports, and Risk Posture Reports. - Define and continuously optimize vulnerability and patch management processes that align with industry best practices. - Collaborate with stakeholders across engineering, IT, security, and product teams to ensure seamless process execution. - Present vulnerability management and patching status to leadership in a regular cadence. - Identify potential risks and communicate them effectively to senior leadership, along with recommendations for mitigation. Key Qualifications: - 5+ years of experience in technical program management, focusing on vulnerability and patch management. - Hands-on experience with vulnerability management tools such as Tenable/Nessus, Qualys, Rapid7, Microsoft SCCM, WSUS. - Strong organizational, communication, and program management skills. - Proficiency in using Jira, ServiceNow, and Excel for tracking and reporting. - Ability to manage multiple stakeholders and drive alignment across various teams. - Proven experience in defining and optimizing processes to enhance security posture. If you meet the above criteria and are ready to work from the office in a hybrid model, attend in-person interviews, and take US calls while being a general shift employee, kindly share your profile with us. Please ensure to include the tech stack on top of your resume for consideration. Thank you.,

You will integrate strategic priorities into a Requirements Traceability Matrix throughout the system life cycle. Your responsibilities will include configuration and change management, participating in configuration control boards, processing change requests, and coordinating with technical support organizations. Additionally, you will assist in Technical Implementation using best industry practices and perform system administration, system maintenance, and sustainment engineering for development, testing, and production environments. As part of your role, you will implement problem resolution by conducting system troubleshooting and requirements and software analysis at various stages of the system life cycle. You will be responsible for program and technical planning, resource management, and providing well-thought-out technical solutions based on best business practices. Your duties will involve providing configuration, support, maintenance, and troubleshooting of Windows servers within an Active Directory environment. This includes creating, maintaining, and deleting user accounts, groups, and rights within Microsoft Active Directory, as well as managing Microsoft Group Policy within the environment. You will also manage DNS, DHCP, WINS, VPN, IIS, and FTP services within a Microsoft Active Directory environment. Furthermore, you will maintain documentation such as Standard Operating Procedures (SOPs), Lifecycle Management Plans, Installation and Support Guides, After Action Reports, and Disaster Recovery Plans. You will also be responsible for implementing and managing DevSecOps or DevOps practices to improve the efficiency and security of the infrastructure. Collaborating with cybersecurity teams to implement and maintain vulnerability management processes will be a key aspect of your role. You will also troubleshoot infrastructure-related problems and ensure timely resolution to enhance the overall performance and security of the systems.,

As a Deal Solution Designer Manager in Cyber Security offerings at EY, you will play a critical role in enabling EY and its clients to effectively address Information Security challenges. Your expertise will be instrumental in crafting efficient and precise deal proposals that facilitate the transition, management, and transformation of clients" Information Security landscapes. Your primary responsibilities include: Client Interaction: You will serve as a trusted advisor, gathering client requirements and translating them into bespoke solutions aligned with the client's objectives. Working closely with the Global Managed Services solution architect, you will define deal scope and craft proposals leveraging your technical knowledge and understanding of EY's technological capabilities. As a technical leader, you will ensure seamless communication and alignment throughout the solution development process. Deal shaping: The Cyber Security DSD plays a pivotal role in deal architecture and solution design, providing guidance on solution definition, offering thought leadership, and evaluating technical feasibility and costs. You will leverage EY Client Technology's products, tools, and processes to propose solutions that align with client requirements and vision. Technical proposal development: You will collaborate with internal stakeholders to develop deal solutions focusing on managed services for various domains. In a cloud-first environment, you will propose suitable cloud solutions and identify implementation possibilities of existing EY products to enhance customer outcomes. Essential Functions of the Job: Deal Architecture & Solutioning for mid-large-scale managed services Cyber security deals. Thought leadership during deal development, pursuit & close phases. Deep understanding of EY Global Managed Services drivers, products, tools & processes. Conduct product demonstrations and presentations. Apply TOGAF and SAFe principles to deal/solution architecture design. Integrate all architecture disciplines and identify ways to reduce costs. Proactively contribute to the development of the Architecture community. Collaborate with various teams to handover detailed solution plans after deal closure. Knowledge and Skills Requirements: Maintain an up-to-date understanding of the global cyber threat landscape. Develop and architect CTI solutions tailored to client needs. Strong tech background with experience in deal development, architecture & strategy. Good Communication Skills in English. Business acumen and ability to develop ongoing customer relationships. Identify technical risks and develop mitigation strategies. Leadership & negotiating skills. Other Requirements: Proven experience in cybersecurity, with a focus on threat intelligence and vulnerability management. Strong understanding of cybersecurity frameworks, standards, and best practices. Experience in a presales or solutions architect role within the cybersecurity industry. Certifications in Agile Delivery, DevOps, TOGAF, or IASA would be desirable. Regular international and domestic travel may be required. Job Requirements: Education: BS/MS in Computer Science, Engineering, or related field. Relevant certifications such as CISSP, CISM, CEH, or GIAC. Experience: 12+ years of technology, business development & thought leadership in Cyber Security domain. Joining EY presents a great opportunity to be part of an innovative team where your knowledge and expertise are valued in shaping cutting-edge solutions for clients.,

Would you like to be part of a team that delivers high-quality software to our customers Are you a visible champion with a can do attitude and enthusiasm that inspires others About the Business LexisNexis Risk Solutions is the essential partner in the assessment of risk. Within our Business Services vertical, we offer a multitude of solutions focused on helping businesses of all sizes drive higher revenue growth, maximize operational efficiencies, and improve customer experience. Our solutions help our customers solve difficult problems in the areas of Anti-Money Laundering/Counter Terrorist Financing, Identity Authentication & Verification, Fraud and Credit Risk mitigation and Customer Data Management. You can learn more about LexisNexis Risk at the link below, https://risk.lexisnexis.com About the Team T he team will be responsible for designing, implementing, and maintaining security dashboards that provide actionable insights into the organization s threat landscape . About the Role This role combines deep technical expertise in cybersecurity with strong data visualization and analytics skills to support proactive risk management and compliance reporting. Team primarily works on data extraction, manipulation, loading and analytics using technologies like Python, PySpark , Power BI, Data Fabric etc. Responsibilities: Build and maintain consolidated security dashboards using tools like Power BI, integrating data from multiple security scanning tools (e.g., Dependabot , SCA, WAF, IDS/IPS, Qualys). Automate data collection via APIs and transform raw data into meaningful visualizations . A nalyze vulnerability trends, false positives, and SLA breaches. Deliver insights to business units and leadership to drive remediation efforts. Track and report on key metrics such as critical/high severity alerts, patching status, and repository hygiene Collaborate with SOC and InfoSec teams to ensure dashboards reflect real-time threat intelligence and incident response metrics. Participate in the design and implementation of security controls and architecture W ork closely with engineering, DevOps, and compliance teams to align dashboard outputs with operational needs. Provide training and documentation for dashboard usage and interpretation. Requirements: Bachelor s or Master s degree in Computer Science , Data Engineering, or equivalent practical experience. Total experience of 5+ years and 4 years in engineering roles with hands-on experience in PySpark , SQL, and Azure-based data ecosystems. Strong knowledge of Python Proficiency in Power BI, SQL, DAX, and data transformation tools Proficient in Git, version control workflows, and CI/CD practices. Familiarity with security tools such as SAST/DAST scanners, SIEMs, and vulnerability management platforms. Understanding of OWASP Top 10, threat modelling, and incident response workflows Experience working in Agile environments and using tools like Jira for ticketing and workflow tracking. Good to Have Skills: Experience of Azure Cloud platform GitHub Actions Working for you: We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer: Comprehensive Health Insurance: Covers you, your immediate family, and parents. Enhanced Health Insurance Options: Competitive rates negotiated by the company. Group Life Insurance: Ensuring financial security for your loved ones. Group Accident Insurance: Extra protection for accidental death and permanent disablement. Flexible Working Arrangement: Achieve a harmonious work-life balance. Employee Assistance Program: Access s upport for personal and work-related challenges. Medical Screening: Your well-being is a top priority. Modern Family Benefits: Maternity, paternity, and adoption support. Long-Service Awards: Recognizing dedication and commitment. New Baby Gift: Celebrating the joy of parenthood. Subsidized Meals in Chennai: Enjoy delicious meals at discounted rates. Various Paid Time Off: Take time off with Casual Leave, Sick Leave, Privilege Leave, Compassionate Leave, Special Sick Leave, and Gazetted Public Holidays. Free Transport pick up and drop from the home -office - home (applies in Chennai) Learn more about the LexisNexis Risk team and how we work We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1-855-833-5120. Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here . Please read our Candidate Privacy Policy . We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. USA Job Seekers: EEO Know Your Rights .

About the Role: As the IT Security Associate Director, you will lead the execution of complex cybersecurity projects with substantial autonomy. Your expertise will guide the strategic cybersecurity planning and policy-making processes. You will ensure alignment with organizational goals and provide critical security insights that drive our mission forward. Wolters Kluwer is seeking a strategic and technically skilled Cybersecurity Reporting & Metrics Associate Director to drive the design, automation, and delivery of security and risk reporting across the enterprise. This role will lead the creation of dashboards and visualizations that provide insight into key domains including cybersecurity awareness training, risk programs, control effectiveness, and risk indicators and triggers across all Global Information Security domains. The ideal candidate has a strong background in cybersecurity, cloud, automation, Microsoft Systems and tools, general IT Risk, and control/governance knowledge. Additionally, this person will have hands-on experience in reporting tools like PowerBI and creating automations and integrations with ServiceNow. As a critical thinker and problem-solver, this person will help elevate the Company s security posture by delivering consistent, insightful, and action-oriented reporting. Responsibilities: Design, build, and maintain dashboards and reports that measure cybersecurity performance and risk across key programs including but not limited to: Security awareness and training, Cloud and IAM tooling and systems , Vulnerability management sources, Risk identification and mitigation, Control effectiveness, and Internal KPIs and metrics related to operational capabilities and internal demand management Automate recurring reporting processes using tools such as Power BI, Excel Power Query, and Power Automate amongst others to enable actionable insights and self-service Strong knowledge of ServiceNow across demand and intake modules, as well as vulnerability management and GRC/IRM modules and features Define and manage cybersecurity KPIs/KRIs in partnership with the security team and integrating feedback from key partners including HR, Legal, and business units Strong knowledge of key metrics related to core security capabilities such as training and awareness, vulnerability management, cloud security, identity, and access mgmt. Understanding of technical security and risk related domains to enable KRI development, triggers, and ongoing management of key cybersecurity programs and outcomes Work closely with capability owners to source, structure, and govern data across diverse systems and repositories Create and maintain executive-level reporting packages and presentations that support security governance forums, audits, and regulatory reviews Establish consistent standards for report quality, accuracy, and delivery timelines Translate complex technical security data into clear, business-relevant visuals and insights Support continuous improvement of cybersecurity programs by identifying reporting gaps, opportunities for automation, and metric-driven trends Serve as the technical reporting SME within the cybersecurity function, helping to align business insights with security data points Skills and Qualifications: 14+ years of experience in cybersecurity or Information Technology Experience in reporting across various security programs including training and awareness, phishing, cloud security, IAM, vulnerability management and overall IT risk and governance Strong reporting skills and attention to detail Knowledge of resource management practices and HR tools such as Workday, Clicktime, and deep understanding of ServiceNow and its core IT Security and Demand management modules and capabilities Expert level powerbi/visualization skills Experience delivering outcomes without direct control over stakeholders and behaviors, able to influence and drive actions Ability to collaborate and build relationships with cross-functional teams, senior management, technologists, and external stakeholders. Analytical mindset with excellent problem-solving skills, attention to detail, and ability to interpret regulatory requirements and assess their impact on business. Self-driven and ability to identify actions / goals and drive them through completion with minimal oversight

Dreamplus colonizers and Developers private limited is looking for TeleCaller to join our dynamic team and embark on a rewarding career journey A telecaller is a customer service representative who contacts customers over the telephone A typical job description for a telecaller includes the following responsibilities: Make outbound calls to customers to promote products and services, or follow up on recent purchases Respond to customer inquiries and provide information about products and services Resolve customer complaints and provide appropriate solutions Keep records of all customer interactions and transactions, updating customer information in a database as necessary Meet and exceed sales and customer satisfaction targets Continuously improve product and service knowledge to provide accurate information to customers Stay up-to-date with industry developments and maintain a working knowledge of competitor offerings Follow all company policies and procedures, including those related to confidentiality and data security Participate in training and development opportunities to improve skills and knowledge 0 Adhere to schedules and work efficiently under pressure to meet deadlines

About this opportunity: We are looking for a Security Specialist profile within the Cyber Defense Center (CDC) in Group Security. The Cyber Defense Center defends Ericsson from cyberattacks originating from external threat actors. It ensures we are one step ahead of adversaries, identify their plans and means to execute them, block and disrupt their execution, and remove their presence from within Ericsson. Its focus is on sophisticated antagonistic threat actors who can do the most harm to Ericsson as a company. In order to achieve this the cyber defense center consists of four teams: threat intelligence, the red team, a process and governance team, and cyber operations. What you will do: 24x7 Security monitoring and incident handling across a complex network. End-to-End triage & investigation of all the threat detections originating from technology. Participate in incident response. Support use case development of detection analytics. Conduct research into new threats, identifying new IOC/TTPs. Work in shifts with efficient and accurate handover procedures. Identify improvements in automation and investigation procedures. Work with the Red team to identify gaps or weaknesses in security coverage. Create threat hunting use cases through security research and threat intelligence. Adhere to SLAs for security investigations. The skills you bring: A minimum of 7 to 12 years of experience working within a Security Operations Center /Managed Security Services environment. Organization and project management skills, Good documentation skills, Positive can-do attitude. Ability to work at odd hours and work constructively under pressure. Worked across different cultures in a global setting and with many stakeholders. Impeccable integrity and track record of working with sensitive information. Technical Competences The Incident Response Process Core networking skills Live Windows, Linux and Memory Forensics Active Directory Analysis Network Threat Hunting Basics of Vulnerability Management Demonstrable experience with Incidence Response in leading public Clouds Azure, AWS, GCP Experience with Microsoft Azure Cloud - Azure Sentinel, Microsoft security stack, MS Graph API, Entra ID Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS CloudTrail Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre Able to triage & investigate email threats using platforms like Microsoft EOP, Trellix, Proofpoint Working knowledge of `Security products like Endpoint Detection Response (EDR), Identity Threat Detection (ITDR) & Response, Network Detection & Response (NDR) from leading vendors like Trellix, CrowdStrike, MS Defender for Endpoint, Vectra Experience in IT Security and risk management. Security related certification like SANS GCIH, GCIA, GMON, GREM, CEH, CISSP, CHFI and Incident Response certification is an added advantage.

Role Proficiency: Maintain and improve security posture by identifying scoping and prioritizing vulnerabilities in our systems. Provide guidance and drive accountability of risk-based vulnerability remediation across business and technology teams. Outcomes: Identification of vulnerabilities in the organization's network and IT infrastructure. Identification of risk for the company and the required remediation performed. Perform gap analysis of current vulnerability remediation policies and processes versus industry best practices for the client and identify opportunities for improvement. Vulnerabilities prioritization based on their severity and impact. Accountable for the identification and subsequent use of remedial methods to improve the outcome Measures of Outcomes: Average time to action Mean time to remediation Rate Of Recurrence Total Risk Remediated Average Vulnerability Age Provide 3-5 reports and analysis follow-up on a weekly basis Provide at least 2 vulnerability analysis Produce 2 reports for management in each quarter Own and manage at least 2 identified threats & vulnerabilities Outputs Expected: Daily Activities : Daily/Weekly/Monthly Reports on the status of the Platform Execute the latest 1 threat variants to test detection and prevention capabilities. Priority assistance in agent upgrades (scenarios include - Agent update patching) Creating one Standard policy recommendation and configuration according to environment each month. IOC & IOA management. Security research community: Stay on top of the security research community. Will be up to date on current attacks campaigns and trends to initiate innovative research activities. Continuous Learning innovation and optimization: Ensure completion of the learning program suggested by Managers Suggest ideas that will help innovation and optimization of processes Skill Examples: Experience in IT optimally in Security with exposure to infrastructure and application vulnerability scan configurations vulnerability assessments and vulnerability management Good understanding of network protocols design and security operations Strong analytical skills and efficient problem solving Proficient in scripting languages such as Python Security hardening techniques and hardening standards patching Ability to design and document security operational procedures Understanding of attacker behaviors and techniques is required. Knowledge Examples: Knowledge Examples A strong understanding of the current threat landscape including the latest tactics tools and procedures common malware variants and effective techniques for detecting this malicious activity. Familiarity with basic security concepts in vulnerability management network security systems administration or other areas of technology is required. Hands-on experience with Vulnerability management tools such as Spotlight Rapid7 Nessus Tenable or Qualys. Knowledge of security principles techniques and technologies Knowledge in exploit development. Security certifications such as CEH GPEN GSEC CISSP. Additional Comments: # Areas Must to Have 1 Vulnerability Operations The candidate should have hands-on experience in vulnerability handling within large-scale or regulated environments (preferably financial services). strong understanding of theVulnerability management process including vulnerability lifecycle, including asset discovery, scanning, CVSS-based prioritization, remediation. Experience implementing or improving vulnerability lifecycle workflows Ability to interpret threat feeds (e.g., CISA KEV, AlienVault OTX, ThreatConnect) and map those threats to assets. Oversee vulnerabiliy consolidation system and promptly report any operational issues Monitor the health of interconnected environments updating the central planning platform,escalate and resolve failures, and coordinate with the internal engineering team. Ensure clear and concise senior management reporting Coordinating and leading regular meeting with internal business team focussed on vulnerability management 3 Stakeholder Management & Soft skills Experience in influencing and managing stakeholder with strong interpersonal skills to build relationships and collaborate within teams Strong communication skills to effectively coordinate with global infrastructure, application, and compliance teams. Skillled in preparing reports and presentations for senior management and delivering them to large audience 4 Tools and Technologies Experience in using Microsoft teams,JIRA Skilled in MS Excel for data analysis, including filtering, pivoting, and dashboarding Experience in analyzing large datasets to identify issues and gaps Proficient in Servicenow and Confluence 5 Education and experience Bachelor's degree in Computer Science, Engineer or Related field Minimum of 5 years in cybersecurity, specifically in vulnerability management, risk management, or cyber operations Good to have Knowledge of API, python Scripting Prior experience in handling JIRA tickets Expertize in Advanced excel or any other reporting tools Required Skills Advanced Excel,Vulnerability Management,Patch Management

ABOUT ELEVANCE HEALTH Elevance Health is a leading health company in America dedicated to improving lives and communities and making healthcare simpler. It is the largest managed health care company in the Blue Cross Blue Shield (BCBS) Association serving more than 45 million lives across 14 states. A regular in Fortune 500 list, Elevance Health ranked 20 in 2022. Gail Boudreaux, President and CEO of Elevance Health has been a consistent name in the Fortune list of most powerful women and currently holds 4th rank on this list. ABOUT CARELON Carelon Global Solutions (CGS) is a healthcare solutions company that is simplifying complex operational processes to improve the health of the healthcare system. Previously known as Legato Health Technologies, Carelon Global Solutions (hereinafter, CGS) underwent a name change and joined the Carelon family of brands in January 2023, as a fully owned subsidiary of Elevance Health (Previously Anthem Inc.). CGS brings together a global team of like-minded innovators who manage and optimize operational processes for health plans as well as providers. Our brightest minds housed across our global headquarters in Indianapolis as well as Bengaluru, Hyderabad and Gurugram in India, Manila in the Philippines, Limerick in Ireland and San Juan in Puerto Rico bring with them innovative capabilities and an unmatched depth of experience. This global team uniquely positions CGS to enable scalable, next-generation platforms and specialized digital tools that make healthcare operations more practical, effective and efficient. OUR MISSION & VALUES Our Mission: Improving Lives and Communities. Simplifying Healthcare. Expecting More. Our Values: Leadership | Community | Integrity | Agility | Diversity JOB POSITION Carelon Global Solutions India is seeking a Senior Business Analyst who will be responsible for managing multiple applications in a comprehensive process throughout their lifecycle. This includes tasks such as installation, updating, patching, upgrading, and overseeing both the software and hardware components necessary for application operation. The role involves streamlining processes, improving efficiency, and enhancing productivity within the organization. The Associate will act as a subject matter expert and provide guidance to others. JOB RESPONSIBILITY Manage application lifecycle, including provisioning and deprovisioning. Manage user roles and permissions. Bulk update user types and premium app permissions. Manage user profile visibility. Application management by managing routine tasks like deployments, updates, and patches without manual intervention. Establishing strong data governance practices within application management ensures that applications comply with regulatory requirements while protecting sensitive data. This element aligns data handling and security standards with business goals. Continuously monitor and optimize Smartsheet and other applications solutions to improve efficiency and accuracy Provide technical support to end-users for Smartsheet and other applications that falls under the support-related issues Create and maintain standards, procedures, and documentation which may include participation in IT audits and other processes to ensure the integrity of IT systems. Their duties may also involve implementing system changes and administering access to information and systems using IT security policies, standards, and guidelines. The Application manager will closely with key business stakeholders to provide strategic and tactical reporting solutions and business recommendations for current and future business needs Run reports on user data and Application usage. Monitor activity logs to track user actions. Work collaboratively with IT and InfoSec teams to implement and enforce Smartsheet policies. Provide training and support to end-users on Smartsheet functionalities. Maintain detailed documentation of Smartsheet configurations and workflows. Stay informed about Smartsheet updates, features, and best practices. QUALIFICATION Bachelors or masters degree ITIL Foundation EXPERIENCE Hands on experience on Application life cycle management Possess a strong understanding of various software applications, platforms, and technologies. Experience with risk management/risk radar Proficient with MS PowerPoint, Excel and Smartsheet Well-developed logical structuring approach to solving problems, framing ideas or developing plans Experience with Pivots & Functional Design Documentation Strong Communication skills, both written and verbal Business Analysis skills essential SKILLS AND COMPETENCIES At least 5 -8 years of experience in large scale IT Infra environment Accurate, attentive, detail-oriented, with strong analytical skills. Ability to prepare and perform account analysis, reconciliations, cash flow projections, budgets and analysis, and journal entries. Knowledge of Control Center and premium apps. Ability to create and maintain Smartsheet and other App templates, workflows, and dashboards. Desire to become a Application Manager. Analytical skills to assess risks, identify vulnerabilities, and develop mitigation strategies THE CARELON PROMISE Aligning with our brand belief of limitless minds are our biggest asset, we offer a world of limitless opportunities to our associates. It is our strong belief that one is committed to a role when it is not just what the role entails, but also what lies in its periphery that completes the value circle for an associate. This world of limitless opportunities thrives in an environment that fosters growth and well-being, and gives you purpose and the feeling of belonging. LIFE @ CARELON Extensive focus on learning and development An inspiring culture built on innovation, creativity, and freedom. Holistic well-being Comprehensive range of rewards and recognitions Competitive health and medical insurance coverage Best-in-class amenities and workspaces Policies designed with associates at the center. EQUAL OPPORTUNITY EMPLOYER Carelon is committed to a diverse and inclusive workplace and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. Reasonable Accommodation Our inclusive culture empowers Carelon to deliver the best results for our customers. We not only celebrate the diversity of our workforce, but we also celebrate the diverse ways we work. If you have a disability and need accommodation such as an interpreter or a different interview format, please ask for the Reasonable Accommodation Request Form. *Disclaimer: Offered designation title differs.*

We are seeking a highly skilledInformation Security Specialist to join our team. The ideal candidate will haveextensive experience in addressing client queries related to product security,AI security, and cloud security (AWS and Azure). This role requires a proactiveapproach to identifying and mitigating security risks, as well as excellentcommunication skills to effectively interact with clients. Key Responsibilities: Good and detailed understanding of Azure and AWS services provisioning, architecture and security recommendations Respond to client queries regarding product security, AI security, and cloud security (AWS and Azure). Develop and implement security policies, protocols, and procedures. Conduct regular security audits and assessments to identify vulnerabilities. Collaborate with the product development team to ensure security best practices are integrated into the product lifecycle. Monitor and analyze security incidents to determine root causes and implement corrective actions. Stay updated with the latest security trends, threats, and technologies. Provide training and guidance to internal teams on security best practices. Co-ordinate with internal InfoSec team for timely deliverables, as required Hands-On experience for Azure and AWS Cloud services and application end -to-end provisioning on Cloud. Key Performance Indicators (KPIs): Client Query Response Time: Ensure all client queries related to security are addressed within 24 hours. Incident Resolution Time: Resolve security incidents within the defined SLA (Service Level Agreement). Security Audit Compliance: Achieve a compliance rate of 95% or higher in all security audits. Client Satisfaction: Maintain a client satisfaction score of 90% or higher for security-related queries and support. Training Effectiveness: Conduct quarterly security training sessions with an average feedback score of 4.5/5. Cloud Architecture: Ensure secure hosting of product at Cloud Environment. Qualifications: Bachelor's degree in computer science, Information Technology, or a related field. Minimum of 10-15 years of experience in information security, with a focus on AI security and cloud security (AWS and Azure). Relevant certifications such as CISSP, CISM, or AWS Certified Security Specialty. Strong understanding of security frameworks and standards (e.g., ISO 27001, NIST). Excellent problem-solving skills and attention to detail. Strong communication and interpersonal skills. Nice to have Exposure to financial researchdomain Industry recognizedcertification programs on Data Management/Cloud etc. Experience with JIRA,Confluence Understanding of scrum andAgile methodologies Experience with datavisualization tools, such as Grafana, GGplot, etc. Soft skills Oral and written communicationskills Good problem solving andnegotiation skills Intellectual curiosity to findnew and unusual ways of how to solve data management issues. Passionate about the work andattention to detail

about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Information Security Project Specialist ZSs India Capability & Expertise Center (CEC) houses more than 60% of ZS people across three offices in New Delhi, Pune and Bengaluru. Our teams work with colleagues across North America, Europe and East Asia to create and deliver real world solutions to the clients who drive our business. The CEC maintains standards of analytical, operational and technological excellence across our capability groups. Together, our collective knowledge enables each ZS team to deliver superior results to our clients. What Youll Do: Executes the end-to-end management of security projects: including resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What Youll Bring: Bachelors Degree required. 7 - 10 years of relevant work experience, including Information Security, project management (5+ years), and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. (CISM- Certified Information Security Manager, CompTIA Security+, Etc ) Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (Vulnerability Management, Identity and access management, Cloud Strategy & Governance, Data Security, Enterprise Risk Management, Asset Management, Security awareness & training) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk.

Overview Exp. - 3-6 Years Location - Hyderabad Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

Key Responsibilities Incident Response and Management: Lead the incident response process, including identification, containment, eradication, and recovery. Analyze and respond to complex security incidents and breaches. Conduct post-incident analysis and develop reports with recommendations to prevent future incidents. Security Monitoring and Analysis: Oversee the continuous monitoring of security alerts and events. Analyze logs and data from various sources (e.g., SIEM, firewalls, EDR, IDS/IPS) to identify suspicious activity. Perform advanced threat hunting and forensic analysis. Vulnerability Management: Conduct regular vulnerability assessments. Identify, prioritize, and remediate security vulnerabilities in systems and applications. Collaborate with IT and development teams to implement security patches and updates. Security Architecture and Engineering: Design and implement security solutions to protect the organization's networks, systems, and data. Develop and maintain security policies, standards, and procedures. Evaluate and recommend new security technologies and tools. Compliance and Risk Management: Ensure compliance with relevant regulatory requirements and industry standards (e.g., ISO 27001, NIST). Perform risk assessments and develop mitigation strategies. Document and maintain security controls and frameworks.Required Skills and Qualifications Technical Expertise: Advanced knowledge of cybersecurity principles, techniques, and technologies. Proficiency in using security tools such as SIEM, IDS/IPS, firewalls, and endpoint protection solutions. Experience with vulnerability management, penetration testing, and forensic analysis. Experience: Minimum of 7-10 years of experience in cybersecurity, with at least 2-3 years in an L3 or senior role. Proven track record of handling complex security incidents and leading incident response efforts. Experience in designing and implementing security architectures and solutions. Certifications: Relevant certifications such as CISSP, CISM, CEH, GIAC, or equivalent are highly desirable. Analytical and Problem-Solving Skills: Strong analytical skills with the ability to identify and mitigate security threats. Excellent problem-solving skills and the ability to think critically under pressure. Communication and Collaboration: Strong communication skills, both written and verbal. Ability to collaborate effectively with cross-functional teams and stakeholders.Preferred Skills and Qualifications Experience with cloud security (e.g., AWS, Azure, Google Cloud). Knowledge of scripting and automation tools (e.g., Python, PowerShell). Familiarity with regulatory requirements and standards (e.g., GDPR, HIPAA).

Role Overview: The OT Security Analyst Level 2 (L2) plays a pivotal role in defending operational technology (OT) environments against evolving cyber threats. This role requires a deep understanding of security incident analysis, threat detection, and incident response, specifically tailored to Industrial Control Systems (ICS) and OT networks. The analyst will investigate complex security incidents within the OT infrastructure, collaborate with IT/OT teams, and enhance security posture through actionable insights. ________________________________________ Key Responsibilities: Conduct in-depth analysis of security events and incidents within OT environments, leveraging SIEM and OT-specific monitoring tools. Perform root cause analysis and develop incident timelines to support forensics and remediation efforts. Apply standard incident response frameworks (e.g., NIST, MITRE ATT&CK for ICS, Cyber Kill Chain) for threat classification and response. Use threat intelligence platforms and sandbox environments to investigate malware and suspicious artifacts in OT networks. Analyze access logs, network traffic, and protocol behaviours across OT systems (e.g., SCADA, DCS, PLCs). Support investigations related to unauthorized device communications, anomalous behaviours, or compromised industrial assets. Collaborate with OT security engineers and external vendors to escalate and remediate incidents. Refine alert rules and detection logic to reduce false positives and improve signal-to-noise ratio in OT SOC operations. Document incident findings and support continuous improvement of the OT SOC playbooks and knowledgebase. Liaise with the IT SOC and CIR (Cyber Incident Response) teams to align incident handling and cross-domain investigations. Participate in threat hunting activities tailored for OT environments using behavioural analysis and attack-path simulation. ________________________________________ Technical Skills & Knowledge: Strong understanding of OT/ICS protocols (Modbus, DNP3, OPC, etc.) and industrial network topologies. Hands-on experience with OT cybersecurity tools and platforms (e.g., Nozomi Networks, Claroty, Dragos). Familiar with ISA/IEC 62443, NIST SP 800-82, NIST CSF, and ISO 27001 compliance requirements for OT. Proficiency in using SIEM systems (e.g., Microsoft Sentinel, Splunk, QRadar) for log correlation and event triage. Understanding of firewalls, WAFs, proxies, and network segmentation principles in OT. Working knowledge of tools such as THOR Scanner, VMRay, or Recorded Future is a plus. Experience in vulnerability management and patch advisory for OT assets with limited patch cycles.Role & responsibilities Preferred candidate profile