471 Vulnerability Management Jobs - Page 10

Role: Vulnerability Mgmt Analyst Location: Remote Work timing: UK Hours \ US Hours Overview: We are seeking a detail-oriented and highly skilled Vulnerability Management Analyst to join our cybersecurity team. The successful candidate will be responsible for identifying, analyzing, prioritizing, and remediating vulnerabilities across the organizations IT assets. The role involves leveraging industry-standard tools like Qualys , Tenable Nessus , Rapid7 , and integrating findings into ServiceNow SecOps for streamlined remediation. Key Responsibilities: Perform regular vulnerability scans using tools such as Qualys , Tenable Nessus , and Rapid7 InsightVM . Analyze scan results to identify true positives, prioritize findings based on risk and criticality, and recommend remediation actions. Collaborate with IT infrastructure, application, and network teams to ensure timely patching and mitigation of identified vulnerabilities. Integrate vulnerability data into ServiceNow Security Operations (SecOps) for incident tracking and response coordination. Monitor vulnerability trends and provide risk insights to leadership. Support compliance initiatives and audits by providing reports and evidence of remediation efforts. Maintain documentation for vulnerability management procedures and policies. Assist in developing and improving vulnerability management workflows, processes, and automation. Required Skills & Experience: 3+ years of hands-on experience in vulnerability management or related cybersecurity roles. Strong expertise in using Qualys , Tenable Nessus , Rapid7 InsightVM , or equivalent tools. Familiarity with ServiceNow SecOps or other security orchestration and response platforms. Solid understanding of TCP/IP, operating systems (Windows, Linux), and common network services. Experience with CVSS scoring and vulnerability remediation prioritization. Ability to communicate technical issues to both technical and non-technical audiences. Preferred Certifications (at least one required): CompTIA Security+ CompTIA CySA+ GIAC Enterprise Vulnerability Assessor (GEVA) Nice to Have: Knowledge of regulatory and compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS). Familiarity with scripting (Python, PowerShell) for automation of scanning and reporting tasks. Exposure to SIEM platforms and incident response procedures. Education: Bachelors degree in Information Security, Computer Science, or a related field (or equivalent practical experience). Thanks & Regards: Kanika Katiyar Associate Recruiter Email: kkatiyar@fcsltd.com FCS Software Solutions Limited https://www.fcsltd.com

As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources.

Urgent Requirement for Vulnerability Management, Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. Ensure organization's cloud infrastructure complies with industry standards Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Vice President - Cyber Security Operations Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a clients needs and budget, and external threat analysis, which provides critical intelligence, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a proven, high energy, results oriented Cybersecurity Operations Leader, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established SecOps Leader, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security posture. This is an opportunity for you to showcase your strong communication skills and experience in SOC operations, security governance & advisory, security risk management, security architecture, and cyber incident response programs. Job responsibilities: Service Delivery Management: Oversee the end-to-end delivery of Managed XDR, Attack Surface Reduction, and Advisory services to clients, ensuring high-quality outcomes and client satisfaction. SOC Operations Leadership: Lead and manage Security Operations Center (SOC) operations, ensuring effective monitoring, incident management, and response processes are in place. Incident & Escalation Management: Take responsibility for escalations arising from security event monitoring, incident management, and response. Ensure timely resolution and process improvements. SLA & Process Compliance: Ensure that service level agreements (SLAs) are met, while also driving process adherence, continuous improvements, and operational excellence. Governance & Metrics: Establish and refine operational foundations, defining key metrics and KPIs to drive governance, quality, and efficiency. Influence operational change to improve performance. Threat Management & Detection: Lead efforts in threat management, modeling, and hunting. Identify threat vectors and develop use cases and detection rules to enhance security monitoring capabilities. Team Training & Development: Ensure that the team’s skill development and training needs are adequately addressed to maintain cutting-edge security expertise. Cybersecurity Maturity & Resilience: Assist clients in identifying potential threats, vulnerabilities, and deficiencies, advising on measures to enhance their cybersecurity maturity and resilience. Solution Design & Communication: Evaluate client needs, create tailored security solutions, and effectively communicate the value proposition of complex security concepts to both technical and non-technical stakeholders. Security Assessments: Plan and execute IT security assessments of on-premise/cloud IT assets. Understand organizational objectives, policies, and regulations to identify risk areas and prepare comprehensive review programs. Stakeholder Communication: Possess strong communication skills to engage with senior management, board members, technical teams, and key client stakeholders to convey complex security concepts effectively. Sales & Proposal Support: Contribute to sales pursuits, proposals, and the development of security practice eminence. Drive business growth through strategic client relationships. Project Delivery: Lead and deliver complex security projects in a fast-paced, team-driven environment. Knowledge Sharing & Collaboration: Foster a collaborative environment by promoting and participating in forums that enhance the firm’s collective knowledge and assist clients with complex challenges. Enterprise Security Leadership: Provide leadership and strategic direction to the organization’s information security initiatives. Cybersecurity Strategy & Technology Update: Regularly update and refine the cybersecurity strategy to incorporate new technologies and emerging threat information. Client Relationship Management: Establish and maintain strong client relationships to further expand the service portfolio and ensure long-term client success. Job specifications: 1. Qualification: A bachelor’s degree in a related field (e.g., Computer Science, Cybersecurity, or Information Technology) and a minimum of 15 years of relevant work experience. Certifications Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA). Cloud security certifications from major Cloud Service Providers (AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect), or Certified Cloud Security Professional (CCSP) / Certificate of Cloud Security Knowledge (CCSK). 2. Desired Skills: Desired Skills & Experience : SOC Expertise: Strong understanding of SOC operations, design, and management. Experience with domain administration, network architecture, and change control procedures. Risk Management Knowledge: Familiarity with IT risk management standards and frameworks, including ISO 31000, NIST Cybersecurity Framework, ISO 27001/27002, GDPR, PCI DSS, SOC 1/SOC 2, COBIT, and HITRUST. Networking & Security Technologies: Knowledge of networking (TCP/IP, OSI model), operating systems (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS), and programming languages (C, Java, Perl, Shell). Threat Landscape Awareness: In-depth understanding of cyber-attacks, threat vectors, risk management, and incident response. Security Solutions Proficiency: Hands-on experience with MDR, EDR, XDR, SIEM, Vulnerability Management, IDS/IPS, NTA, UEBA, DLP, and other security technologies. Penetration Testing Tools: Familiarity with penetration testing and application security tools (Kali Linux, Metasploit, Burp Suite, Nessus, NMAP). Security Frameworks & Methodologies: Understanding of OWASP, the MITRE Attack Framework, Cyber Kill Chain, and the SDLC (Software Development Lifecycle). Cloud Security Expertise: Advanced knowledge of cloud security practices and implementations. Vendor/Partner & Client Management: Strong experience in vendor/partner management, client management, and the ability to lead client relationships effectively. Offerings Development: Ability to research and develop innovative security risk-based offerings that meet client needs. Shaping Client Expectations: Expertise in managing and shaping client expectations throughout engagement cycles.

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Delivery Governance Good to have skills : NA Minimum 18 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Roles & Responsibilities: Expected to be a SME with deep knowledge and experience. Should have influencing and Advisory skills. Engage with multiple teams and responsible for team decisions. Expected to provide solutions to problems that apply across multiple teams, and provide solutions to business area problems. Lead the planning, execution, and monitoring of Security Services projects. Collaborate with cross-functional teams to ensure project success. Provide guidance and mentorship to junior team members. Develop and implement strategies to enhance Security Delivery Governance. Professional & Technical Skills: Must To Have Skills: Proficiency in Security Delivery Governance. Strong understanding of security frameworks and compliance standards. Experience in risk management and mitigation strategies. Knowledge of security technologies and tools. Good To Have Skills: Security certifications such as CISSP or CISM. Additional Information: The candidate should have a minimum of 18 years of experience in Security Delivery Governance. This position is based at our Pune office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Governance Good to have skills : Managed Cloud Security Services, Security Information and Event Management (SIEM), Identity Access Management (IAM) Minimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Roles & Responsibilities: Expected to be a SME with deep knowledge and experience. Should have Influencing and Advisory skills. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Expected to provide solutions to problems that apply across multiple teams. Lead the planning and execution of security projects. Provide guidance and expertise on security governance best practices. Collaborate with cross-functional teams to ensure security requirements are met. Professional & Technical Skills: Must To Have Skills:Proficiency in Security Governance. Good To Have Skills:Experience with Identity Access Management (IAM), Security Information and Event Management (SIEM), Managed Cloud Security Services. Strong understanding of security frameworks and compliance standards. Experience in risk assessment and mitigation strategies. Knowledge of security technologies and tools. Excellent communication and leadership skills. Additional Information: The candidate should have a minimum of 15 years of experience in Security Governance. This position is based at our Pune office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role :Security Architect Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills :ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills :Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification :15 years full time education Summary:As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and ensuring compliance with governance and risk management standards. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Design and implement security solutions to protect the organization's cloud infrastructure. Collaborate with cross-functional teams to ensure the security architecture meets business requirements. Ensure compliance with governance and risk management standards. Conduct risk assessments and develop mitigation strategies. Stay up-to-date with the latest security trends and technologies. Provide guidance and support to junior security professionals. Professional & Technical Skills: Must To Have Skills:Proficiency in ServiceNow Governance, Risk, and Compliance (GRC). Good To Have Skills:Experience with Security Architecture Design. Strong understanding of cloud security principles and best practices. Experience in designing and implementing security controls for cloud environments. Knowledge of industry standards and regulations related to cloud security. Familiarity with security frameworks such as ISO 27001 and NIST. Ability to conduct security assessments and audits. Excellent problem-solving and analytical skills. Additional Information: The candidate should have a minimum of 7.5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC). This position is based at our Bengaluru office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills:- Must To Have Skills:Proficiency in ForgeRock Access Management- Strong understanding of cloud security principles- Experience in implementing security controls in cloud environments- Knowledge of industry security standards and best practices- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in ForgeRock Access Management- This position is based at our Coimbatore office- A 15 years full-time education is required Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security policies and procedures- Conduct security assessments and audits- Stay updated on the latest security trends and technologies Professional & Technical Skills:- Must To Have Skills:Proficiency in ForgeRock Access Management- Strong understanding of cloud security principles- Experience in designing and implementing security solutions- Knowledge of security protocols and standards- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in ForgeRock Access Management- This position is based at our Bengaluru office- A 15 years full-time education is required Qualifications 15 years full time education

Cyber Security Analyst UltraViolet Cyber is seeking a Cyber Security Analyst to add to our existing team. Primary responsibilities will require: (i) in-depth analysis of intrusions in diverse computing environments; (ii) thorough packet analyses; (iii) implementing/optimizing changes to security infrastructure; (iv) integrating threat intelligence into the operational environment; and (v) protecting systems and infrastructure from infiltration or exfiltration of data. Responsibilities: Perform analyses of network infrastructure, applications, operating systems, firewalls, proxy devices and malware detection in a fast-paced environment Proactively identify threats across a wide range of customer environments Monitor alerts using a SIEM platform to respond, triage and escalate incidents, as necessary Perform vulnerability scans, analyze results and recommend remediation actions Perform continuous monitoring of diverse security environments and analyze event log data to determine severity and prioritization of incident response efforts Contribute to the advancement of security posture Minimum Requirements: 2 years of operational experience with securing and monitoring multiple platforms, network configurations and implementations Broad knowledge of IT security General systems infrastructure experience Experience with log correlation and packet analysis tools Solid understanding of common enterprise information systems services such as Active Directory Solid understanding of TCP/IP protocol suite, security architecture and security techniques/products Experience with various security management tools (e.g., vulnerability management, configuration management and SIEM) Proven ability to analyze captured data to perform incident response and identify potential compromises Excellent written and oral communication skills Preferred Education and Certifications: B.A or B.S in computer science or related field CompTia Sec+ CompTia CySa+

Looking for someone who has strong hands-on experience on Security Incident Response,Vulnerability Management,Security tool operation, Threat and Vulnerability Identification. Must have relevant experiencewith design, implementation,management

We have Immediate Openings on Vulnerability Management Contract to Hire role for multiple clients. Job Details Skills Vulnerability Management Experience 10+Years Location Pan India Job type Contract to HIRE Primary & Secondary Skills Vulneribility Management Qualys Guard Qualys Agent Policy Compliance Vulneribilty Scanning RESPONSIBILITIES Perform vulnerability assessment using leading Vulnerability Scanning solutions like Qualys, Microsoft Defender, etc. Perform vulnerability assessments on On-prem, Cloud hosted systems, container (like Docker & Kubernetes), databases, web services and other widely deployed infrastructure components. Perform false positive validation and ensure delivery of quality reports. Act as a technical SME to analyse the vulnerability results & detection logic. Provide technical advice and support on remediation to infrastructure / application support teams. Manage & Implement approved scan exclusions based on the request from platform support teams. Review findings and identify root causes for common issues and provide recommendations for sustainable improvements. Responsible to maintain vulnerability quality assurance by building VM team technical knowledge base. Research and report on security vulnerabilities and latest advancements in the vulnerability management lifecycle. Understand security policies, procedures and guidelines to all levels of management and staff. Communicate effectively orally and in writing and establish cooperative working relationships. Provide suggestion to improve vulnerability Management service based on current trends in information technology (Network, system security software and hardware). Act as line manager in the absence of team lead. People and Talent Minimum 6 years of experience in Information security and preferably in Banking and Financial services sector Good understanding and Implementation experience on Enterprise Network Security Architecture and Enterprise Network Design. In-depth working experience on Cloud technologies, routers, switches, firewalls, load balancers and proxy will be added advantage for the role. Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent. Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, CISA, CRISC and CISM. Strong knowledge and subject matter expertise in multiple areas within Information Security. Hands on skill and expertise in performing risk / threat assessments/risk consulting. Excellent written, oral communication and reporting skills. Provides technical leadership, expertise and direction working with district and college technical staff for design and implementation of information technology security systems. Develops strategy for propagating, maintaining, and measuring compliance against security policies, standards, and guidelines district-wide. Time management and organizational skills Ability and desire to learn new skills quickly Performs other related duties as assigned. Risk Management COMPETENCIES SKILLS FRAMEWORK Grow Self Applicable for all roles. Action Oriented Taking on new opportunities and tough challenges with a sense of urgency, energy and enthusiasm. Collaborates Building partnerships and working collaboratively with others to meet shared objectives. Courage Stepping up to address difficult issues and saying what needs to be said. Customer Focus Building strong customer relationships and delivering customer-centric solutions. Instils Trust Gaining the confidence and trust of others through honesty, integrity and authenticity. Nimble Learning Actively learning through experimentation when tackling new problems. Using both successes and failures as a learning factor.

Job Description The Senior Enterprise IT Security Engineer is a pivotal role within the organizations cybersecurity efforts, focusing on implementation and managing advanced security solutions. This role involves strategic planning, team collaboration, and intermediate-level knowledge to ensure a robust and resilient security infrastructure. Key Responsibilities: 1. Security Strategy: - Development and implementation of the organizations IT security strategy, to protect the organizations IT environment. - Collaborate with stakeholders to align security initiatives with business objectives and emerging threat landscapes. - Identify security issues/risks in IT environment and develop/identify solutions to remediate the risk 2. Advanced Security Solutions Implementation: - Implement and manage advanced security solutions, including next-gen firewalls, Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Password Manager,VMDR, SSPM, CASB/DLP, CAASM solutions and systems. - Evaluate emerging security technologies and recommend solutions to address evolving threats effectively. 3. Incident Detection, Response, and Forensics: - Support incident response efforts in analyzing and responding to security incidents, ensuring appropriate measures are taken to mitigate risks and prevent future occurrences. 4. Collaboration and Stakeholder Engagement: - Collaborate with cross-functional teams to integrate security measures into IT projects, applications, and processes, ensuring security is a fundamental consideration. - Engage with senior management to communicate security risks, recommendations, and strategies, fostering a culture of security awareness and understanding. Qualifications - Bachelors degree in Computer Science, Information Security, or a related field. - 4 to 6 years experience in IT security, cybersecurity, or a related role, with a focus on enterprise-level security solutions. - In-depth understanding of cybersecurity principles, IT architecture, and network security. - Proficiency in using advanced security tools and technologies such as SIEM, IDS/IPS, firewalls, SSPM, CASB, VM, DLP and endpoint security solutions. - Relevant certifications such as SANS, CompTIA Security+, AZ-500, Vulnerability Management or equivalent certifications are highly desirable.

Notice Period: Immediate Employment: Contract Job Description: Primary Skills Patch Management, Vulnerability Management, Red Hat Enterprise Linux Secondary Skills L2 support Certifications (if any) Job Purpose: Provide technical support for the in-scope technology domains (Patch Management, Vulnerability Management and DCS Operations Support) for Red Hat Enterprise Linux Work with DCS Operations service providers, product principal vendors, Branch IT support and external vendors Job Responsibilities: a) Triage ITSM tickets and system alerts within DCS operations boundary b) Refer to procedure manuals, operational references (e.g. reference list, exception list) to diagnose / fix known issues c) Handle DCS Operations incidents at L2 level for Red Hat Enterprise Linux d) Follow established protocol for issue escalation to L3 DCS Engineers e) Plan and execute system patching- and vulnerability-related changes related to Red Hat Enterprise Linux f) Plan and execute BAU changes related to Regional DCS Operations for Red Hat Enterprise Linux g) Support asset inventory lifecycle management (build, operationalize, upgrade, refresh, decommission) for Red Hat Enterprise Linux h) Support DR drills from perspective of Red Hat Enterprise Linux i) Support L3 engineer to prepare Root Cause Analysis and improvement plan for major incidents related to Red Hat Enterprise Linux j) Coordinate with respective countries' team members for local support to resolve incidents and perform changes related to Red Hat Enterprise Linux k) Support L3 engineer to prepare technical documentation, ensuring that technical settings comply with company policy and regulatory requirements l) Responsible for end-to-end management of RHEL servers, including installing, configuring, and regularly updating systems to maintain optimal performance. m) Supports the updates to hardening standard, templates and policies changes from the Bank and local regulators. n) Diagnose and resolve hardware and software issues within the RHEL environment, applying root cause analysis to prevent future occurrences. o) Work closely with DevOps teams to support automation, orchestration, and deployment of applications, leveraging tools such as Ansible and Puppet for configuration management. Job Requirements: a) Minimum 5 years of working experience in Red Hat Enterprise Linux operations b) Must be willing to be placed on rotational on-call support and weekend activities c) Must have knowledge of Service SLAs, RTO and RPO targets d) Must have experience in infra platform monitoring tools e.g. Solarwinds e) Must have working experience in a different culture f) Must have knowledge of ITSM processes (Incident, Change, Service Request and Problem management) and ITSM tool (ServiceNow) g) Must be able to work independently and in collaboration with various stakeholders as part of an APAC team e.g. IT Infra-related planning and implementation, security teams, service management teams, application teams, country IT teams and others h) Good to have prior working experience as an IT professional in a banking or financial institution i) Advanced understanding of RHEL server management, including configuration, system optimization, and maintenance in mission-critical environments. j) Knowledge in shell scripting for automation and system management tasks, enabling the administrator to streamline complex processes and ensure operational consistency. k) Familiarity with tools such as Ansible and Puppet for configuration management, along with patching best practices to maintain up-to-date systems. l) Familiarity with virtualization technologies, such as Hyper-V, VMware or Nutanix AHV, for effective resource management and system consolidation." m) Industry-recognized certifications such as Red Hat Certified System Administrator (RHCSA) or Red Hat Certified Engineer (RHCE) are strongly preferred, as they demonstrate a solid foundation in RHEL expertise and industry-standard best practices

Career Category Information Systems Job Description Join Amgen s Mission of Serving Patients At Amgen, if you feel like you re part of something bigger, it s because you are. Our shared mission to serve patients living with serious illnesses drives all that we do. Since 1980, we ve helped pioneer the world of biotech in our fight against the world s toughest diseases. With our focus on four therapeutic areas -Oncology, Inflammation, General Medicine, and Rare Disease- we reach millions of patients each year. As a member of the Amgen team, you ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. Junior Vulnerability Management Analyst What you will do Let s do this. Let s change the world. In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organization s IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e. g. , KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organization s security posture through structured vulnerability management processes. Roles Responsibilities: Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7. Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality. Collaborate with IT and security teams to track remediation status and escalate high-risk findings. Monitor public threat intelligence sources to understand the context of vulnerabilities. Contribute to the development of dashboards and reports for tracking vulnerabilities and trends. Assist in documenting vulnerability management processes and remediation workflows. Support compliance and audit requests by providing vulnerability data as needed. Learn and follow policies related to patch management and secure configurations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelor s degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools Must-Have Skills: Basic familiarity with vulnerability management platforms (e. g. , Tenable, Qualys, or Rapid7) Understanding of basic CVSS scoring and vulnerability classification Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment Foundational knowledge of networking and common IT systems Willingness to learn and grow in the field of vulnerability management Preferred Qualifications: Good-to-Have Skills: Exposure to KEV, EPSS, or similar threat-based scoring frameworks Basic experience with scripting languages (e. g. , Python, PowerShell) Awareness of cloud security tools (e. g. , AWS Inspector, Azure Defender) Familiarity with compliance standards such as NIST, ISO, or PCI-DSS CompTIA Security+ (preferred) Tenable Certified Nessus Auditor (Preferred) Qualys Vulnerability Management Specialist (Preferred) Soft Skills: Analytical Thinking - Comfortable working with data and identifying patterns Attention to Detail - Careful review and tracking of vulnerabilities Communication Skills - Able to clearly document and explain findings Collaboration Teamwork - Works well with cross-functional teams Curiosity Continuous Learning - Strong interest in cybersecurity and professional growth Problem-Solving Mindset - Seeks practical solutions to real-world security issues What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers. amgen. com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. .

So, what’s t he r ole all about? As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NICE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it to anyone who asks for it. Experience with Governance, Risk and Compliance (GRC) is a big plus! How will you make an impact? You will directly impact the success of the NICE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you got what it takes? 1-2 years of experience with Information Security & Compliance or GRC University-level degree in InfoSec, Computer Science or other related field. knowledge with major compliance frameworks such as PCI, ISO 27001/17, SOC 2, HITRUST, GDPR. A burning curiosity to learn as much as you can about the NICE cloud environment and the services and products we offer our customers as well as the existing security infrastructure we have in place today; Excellent communications skills along to work collaboratively with security team members and operations and development teams or independently to achieve tactical and strategic security goals; Strong organization and prioritization skills; Education, training or experience with security and compliance fundamentals; Experience working with work tracking tools such as JIRA, Service Now or others. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr! Enjoy NICE-FLEX! At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 7117 Reporting into: Technical Manager Role Type: Individual Contributor

Sr. Security Automation Engineering Lead The Dell Security Resiliency organization manages the security risk across all aspects of Dell s business. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career. We are currently seeking a Sr. Security Automation Engineering Lead to drive the design and implementation of scalable, automated security solutions across our technology landscape. This role will play a pivotal part in transforming how we detect, respond to, and prevent security risks by embedding automation into every layer of our security and engineering processes. Join us to do the best work of your career and make a profound social impact as a Sr. Security Automation Engineering Lead on our Team in Bangalore . What you ll achieve As a senior technical leader, you will work closely with cross-functional teams including product security, DevOps, IT, and AI engineering to build intelligent and resilient automation pipelines. This position requires deep hands-on experience with programming, security infrastructure, and modern AI technologies. If you re passionate about proactive security, enjoy solving complex problems at scale, and want to shape the future of secure automation, we d love to hear from you. You will: Design, implement, and maintain scalable systems and tools to automate complex security tasks across cloud and on-prem environments. Build and optimize security workflows, pipelines, and orchestration processes to improve operational efficiency and reduce manual effort. Collaborate with cross-functional teams (DevOps, SecOps, IT, and Developers) to gather requirements and embed security capabilities into core business and engineering workflows. Advocate for security best practices and automation across the organization, serving as a thought leader and mentor within the engineering team. Maintain comprehensive documentation including architecture diagrams, runbooks, playbooks, and automation logic. Take the first step towards your dream career Every Dell Technologies team member brings something unique to the table. Here s what we are looking for with this role: Essential Requirements Excellent communication skills, with the ability to lead and influence cross-functional teams in technical discussions. Deep understanding of security domains including identity access management, vulnerability management, secrets management, and threat detection. Demonstrated ability to design and maintain CI/CD-integrated security automation, leveraging tools such as Ansible, Terraform, Jenkins, and GitHub Actions. Hands-on experience with scripting and programming languages, including Python, PowerShell, Bash, and TypeScript/Node.js. Familiarity with RESTful APIs, webhooks, and integration of third-party security tools and services via automation Desirable Requirements AI Agentic Technologies: Hands-on experience with Agentic AI frameworks, LLMs, and orchestration libraries like LangChain, Semantic Kernel, or RAG-based architectures Experience building AI-powered security tools, chatbots, and agent-driven automation pipelines Application closing date: 30 - May - 2025

Number of Openings 1 ECMS ID in sourcing stage 527090 Assignment Duration 6 months Total Yrs. of Experience 8-10 Yrs Relevant Yrs. of experience 8+ Detailed JD (Roles and Responsibilities) Manage VM tool (Tenable.io) and on-premises VA scanners. Perform regular health check to ensure scanner are up and running with latest plugins. Ensure scans scopes are updated and proper scans are performed on assets as per desired frequency. Troubleshoot and fix scanning issues like authentication failure observed in scheduled scans. Perform risk assessments on vulnerabilities identified by infrastructure scans to determine real risk and prioritizing vulnerabilities. Report findings to teams / individual owners of assets and follow up to get the remediation completed within defined SLA. Develop hardening configuration standards (CIS) document for windows and Linux operating systems and get them implemented with help of stakeholders. Ensure compliance scans are performed to validate hardening configuration as per desired frequency. Report EC2 instances and lambda functions vulnerability findings from aws inspector to individual resource owners and follow up to get the remediation completed within defined SLA. You should be good at performing vulnerability assessment and articulate the findings in an easily consumable manner to the asset owners. Hence it is expected to have good reporting skills as well. Configuration and maintenance of regular and ad-hoc vulnerability scans against internal and external IT infrastructure including Cloud Assessment, reporting and remediation tracking of identified vulnerabilities. Collaboration with Tribe/ Product owners and cross-functional stakeholders related to vulnerability management. Mandatory skills Perform vulnerability assessment and articulate the findings in an easily consumable manner to the asset owners and good reporting skills. Configuration and maintenance of regular and ad-hoc vulnerability scans against internal and external IT infrastructure including Cloud Assessment, reporting and remediation tracking of identified vulnerabilities. Collaboration with Tribe/ Product owners and cross-functional stakeholders related to vulnerability management. Desired/ Secondary skills Knowledge on scripting (e.g. PowerShell) to write automation scripts. Solid understanding of the Cloud terminology, windows platform, Active Directory, and networking protocols Sound knowledge of ITIL standards. Working experience of ITSM tool such as ServiceNow. Domain Cyber Security Max Vendor Rate in Per Day (Currency in relevance to work location) INR 12000 Work Location given in ECMS ID Hyderabad WFO/WFH/Hybrid WFO Hybrid BG Check (Before OR After onboarding) Pre onboarding Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO General shift - 5 days a week (as required)

Understanding of network defence principles, common attack vectors, and attacker techniques. Technical baseline skills and the ability to acquire in-depth knowledge of network and host security technologies Basic Linux/Windows OS knowledge, firewall rules and policy fundamentals. Excellent analytical and problem-solving skills. Strong work ethic and commitment to accomplish assigned tasks with a sense of urgency. Windows, Linux, Network Security, Phishing, Splunk, Malware

Role/ Department: The Purple Team Analyst will work as part of the wider Global Threat Management team in the continuous development of the cyber operations program. The purple team will work very closely with The Global Threat Management Team. The Global Threat Management Team is responsible for vulnerability management, threat technology management and security monitoring. The key responsibilities of the role include: Working with the wider technology teams to improve technology hygiene and reduce the attack surface. Design and run exercise campaigns based on industry specific threat intelligence and vulnerabilities. Provide continuous learning and training opportunities for the Global Threat Management team as a result of continuous exercise campaigns. Act as an integral driver of the cyber operations development programme, benchmarking results against industry standard frameworks including MITRE and NIST. Configure and safely utilize attack tools, tactics, and procedures against a simulation lap. Develop scripts, tools, or methodologies to enhance purple teaming capabilities. Help to execute the Purple Team strategy to further enhance the security posture of the firm. Effectively communicate findings and strategy to stakeholders including technical staff, executive leadership. Skills/ Qualifications: Relevant experience in information security and adversary simulation. Detailed knowledge of global cyber threats, threat actors, and the tactics, techniques and procedures used by cyber adversaries, specifically those targeting the financial services sector. Experience in large scale information technology implementations and operations preferred. Industry certifications such as OSCP, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN. Proficient in exploitation and post exploitation frameworks such as Cobalt Strike, Metasploit Framework, Empire. Proficient in one or more of the following scripting languages (Python, PowerShell, Bash, Ruby) Advanced knowledge of Windows Operating System architecture and internals. Strong knowledge of core Information Technology concepts such as TCP/IP networking, Windows & Active Directory, Unix/Linux, Mainframe, Cloud Service Providers, Relational Databases, Data Warehouses, and filesystems.

Firewall Engineer- Total Yrs. of Experience >=5 Years Relevant Yrs. of experience >=5 Years Detailed JD (Roles and Responsibilities) Firewall Engineer Setting up and managing Fortigate firewall devices to ensure optimal security. Continuously monitoring network traffic. Diagnosing and resolving firewall-related security issues. Develop and review firewall rule sets Work with network teams to review and approve firewall rule changes Ensure firewall and OS are up to date and compliant with vulnerability management patches Work with associated tools to monitor firewall health Implement firewall rule changes after required approved Monitor firewall logs and alerts Assist with day-to-day management of FortiGate firewall infrastructure Help troubleshoot security policy issues Mandatory skills Firewall Engineer Desired/ Secondary skills Setting up and managing Fortigate firewall devices to ensure optimal security. Continuously monitoring network traffic. Diagnosing and resolving firewall-related security issues. Develop and review firewall rule sets Work with network teams to review and approve firewall rule changes Ensure firewall and OS are up to date and compliant with vulnerability management patches Work with associated tools to monitor firewall health Implement firewall rule changes after required approved Monitor firewall logs and alerts Assist with day-to-day management of FortiGate firewall infrastructure Help troubleshoot security policy issues Domain Firewall Engineer WFO/WFH/Hybrid WFO Hybrid Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO 3.30 am to 12.30 pm EDT. 2:00 PM to 11:00 PM IST (depends on daylight saving time)

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Information Security Project Specialist ZS’s India Capability & Expertise Center (CEC) houses more than 60% of ZS people across three offices in New Delhi, Pune and Bengaluru. Our teams work with colleagues across North America, Europe and East Asia to create and deliver real world solutions to the clients who drive our business. The CEC maintains standards of analytical, operational and technological excellence across our capability groups. Together, our collective knowledge enables each ZS team to deliver superior results to our clients. What You’ll Do Executes the end-to-end management of security projectsincluding resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You’ll Bring Bachelor’s Degree required. 7 - 10 years of relevant work experience, including Information Security, project management (5+ years), and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. (CISM- Certified Information Security Manager, CompTIA Security+, Etc ) Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (Vulnerability Management, Identity and access management, Cloud Strategy & Governance, Data Security, Enterprise Risk Management, Asset Management, Security awareness & training) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk. Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

Daily assessment of vulnerabilities identified by infrastructure scan Evaluate rate and perform risk assessments on assets Prioritizing vulnerabilities discovered along with remediation timeline s Work with associated teams to explain vulnerabilities and remediation steps as required Maintain knowledge of the threat landscape Create reports and provide analysis on vulnerabilities for technical teams and leadership Skill Required Knowledge of application network and operating system security Experience with vulnerability and patch assessment Linux and windows experience Good understanding of Windows and Linux patching Knowledge of vulnerability scoring systems CVSS CMSS Experience on vulnerability scanning tools Excellent writing and presentation skills are required in order to communicate findings and status Primary Skills VMDR Policy Compliance Qualys Tenable Nessus Rapid7 Secondary Skills Excellent writing and presentation skills are required in order to communicate findings and statusCleary communicate priorities and escalation points procedures to other team members Detail oriented organized methodical follow up skills with an analytical thought process Experience performing dynamic scans static scans and penetration testing Development experienceProject management experience Innovative and efficiency focused Track trends and configure systems as required to reduce false positives from true events

General Summary: The Information Security Lead is responsible for leading the development, support, and administration of information security applications and processes including implementations, configuration changes, updates, upgrades, development of reporting, and documentation by proactively planning for and recognizing new and emerging threats to Clients information security. Essential Job Functions and Responsibilities: Provide team leadership for information security functions Implement security tools and best practices to secure Clients information security Administer information security applications applying configuration changes and updates as needed to protect Clients Information security Research known and emerging email threats and update and configure email applications as needed to prevent threats and reduce risk Research known and emerging PC and Server threats and update and configure end-point protection as needed to prevent threats and reduce risk Research known and emerging network vulnerabilities and threats and recommend changes to firewalls, switches, wireless access points, Directory as needed to prevent threats and reduce risk Oversee security incident and event detection and behavioral analysis mechanisms ensuring Clients is protected from active threats and risks to information security Develop reports and alerts and analyze data for consistency and completeness and pinpoint exceptions and/or anomalies and recommend plans of action Recommend information security policies and process changes and updates and review with management Administrator security awareness training program, executing campaigns, and reviewing reports, exceptions, and remediations with management Assist in identification of opportunities for improvement in processes and efficiency Assist in identification of opportunities for improvement of Clients information security processes Assist in identification of opportunities to improve associate training and security awareness Effectively communicate results and/or process to associates constructively and supportively Other duties as assigned by management Level of education required: College degree (4-year) -OR- Equivalent Experience: Degree in Management Information Systems, Computer Science or related major, or equivalent experience required. Equivalent years of experience are defined as one year of professional experience for each year of college requested. 2-5 years experience in information security, systems support or systems engineering Previous experience in Information Security, Active Directory, Cloud Directories, industry leading security applications is required; compliance or technology auditing experience is preferred. Information Security certification from CompTIA, ISC 2, ISACA, etc. Level of experience required: 3 years to 5 years relevant experience. Knowledge/Skills/Abilities: Results-driven, self-motivated person with the drive to maximize personal contribution to the organization Good project management skills with an ability to multi-task and manage competing priorities to meet deadlines Deals successfully with ambiguity, managing multiple priorities, and is able to lead the organization through complex changes Analytical mindset with demonstrated ability to critically evaluate end-to-end business processes Flexibility and ability to adapt to a fast-paced culture, changes in the environment, and changes in work priorities Excellent written and verbal communication skills Proficiency in Microsoft Office Suite and web-based project management applications

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Vulnerability Management. Experience: 3-5 Years.