465 Vulnerability Management Jobs - Page 17

Site Reliability Engineer Job Description: Requirements: We are seeking a proactive and technically strong Site Reliability Engineer (SRE) to ensure the stability, performance, and scalability of our Data Engineering Platform. You will work on cutting-edge technologies including Cloudera Hadoop, Spark, Airflow, NiFi, and Kubernetesensuring high availability and driving automation to support massive-scale data workloads, especially in the telecom domain. Key Responsibilities Ensure platform uptime and application health as per SLOs/KPIs Monitor infrastructure and applications using ELK, Prometheus, Zabbix, etc. Debug and resolve complex production issues, performing root cause analysis Automate routine tasks and implement self-healing systems Design and maintain dashboards, alerts, and operational playbooks Participate in incident management, problem resolution, and RCA documentation Own and update SOPs for repeatable processes Collaborate with L3 and Product teams for deeper issue resolution Support and guide L1 operations team Conduct periodic system maintenance and performance tuning Respond to user data requests and ensure timely resolution Address and mitigate security vulnerabilities and compliance issues Technical Skillset Hands-on with Spark, Hive, Cloudera Hadoop, Kafka, Ranger Strong Linux fundamentals and scripting (Python, Shell) Experience with Apache NiFi, Airflow, Yarn, and Zookeeper Proficient in monitoring and observability tools: ELK Stack, Prometheus, Loki Working knowledge of Kubernetes, Docker, Jenkins CI/CD pipelines Strong SQL skills (Oracle/Exadata preferred) Familiarity with DataHub, DataMesh, and security best practices is a plus Strong problem-solving and debugging mindset Ability to work under pressure in a fast-paced environment. Excellent communication and collaboration skills. Ownership, customer orientation, and a bias for action

Knowledge of operating systems, system administration, and application security. Proficiency in security tools and technologies Experience with incident response methodologies. Strong knowledge of IT security protocols, data privacy standards Required Candidate profile Certified Information Systems Security Professional (CISSP) Vulnerability Scanner/Nessus, CrowdStrike, Cisco Meraki, Forcepoint One. Experience with cloud security and network security.

We are looking for a Product & Solution Security Professional Youll make a difference by: Mandatory Skills - Needs to be specialized in at least one/two of different areas: Secure Architecture & Design, Threat & Risk Analysis, Secure Project Integration. Network security firewall & network IDS, IPS PSSE will be primarily involved in the secure architecture and design, defines secure design principles, supports selection of secure suppliers and technologies and the development of secure configuration standards and security topics such as IDS, security patch management or Anti-Virus systems must be considered. Also, as part of project integration- defines, supervises, and tests the components/ subsystems with regards to system security, defines and establishes zones and conduits taking physical security concerns into account and prepares and performs security handover of complex systems to customers. Supports and consults the project leaders in implementing the required product & solution security. Supports project teams in conducting the corresponding security activities during the project execution process and / or services. Can support multiple projects and should occupy the function for the main part of is defined working time. Reports to the Project / Functional Lead and the Product & Solution Security Officer. Specification and maintenance of secure coding, secure design guidelines, configuration, and hardening guidelines Synchronize adequately with Information Security organization to ensure architecture and design, and integration IT-infrastructure is sufficiently secure. Specification and maintenance of security requirements for the project. Support for meeting international and regional security standards and regulations (like IEC62443, ISO27000, CENELEC, NIST, SANS) in the project. Planning and performing threat and risk analysis and definition of countermeasures in line with risk acceptance criteria of organization. Evaluation of third-party components regarding product & solution security. Clearance of implementation and documentation of security critical components (e.g., cryptographic functions, hidden function, firewall settings) Verification of implementation regarding security requirements (e.g., as part of system test, factory, or site acceptance test). This includes recommendation and creation of security testing tools. Validation (e.g., friendly hacking, penetration testing) to ensure that implementation fulfills security expectations. Involvement in the analysis and handling of security vulnerabilities & incidents. Sound understanding of Product and solution security topic. Hands on experience of Threat and Risk Analysis (TRA) Supporting the systems engineering for security issues. Monitoring and evaluation of vulnerabilities and security incidents Assessment of security-related requirements Proficient in MS Word, Excel (Writing Macros) and PowerPoint Management and Reporting Exhibiting excellent communication and analytical skills Desired Skills: 9+ years of experience is required. Great Communication skills. Analytical and problem-solving skills

OT Cybersecurity Engineer for Digital Industries Customer Services, India About Siemens Accelerating transformation for industries For us, it all starts and ends with our customers. Maximizing value for them is what drives us! Combining the real world of automation with the digital world of information technology opens up completely new possibilities for our customers in all industries, empowering them to make better decisions and enable them to accelerate their transformation to become a Digital Enterprise. With our unique portfolio, we can make a decisive contribution to sustainable industrial innovation transforming the everyday and creating a better tomorrow for societies and people around the world. Cybersecurity for Industry We give Cybersecurity for Industry the highest priority in successful digitalization, so we place it at the center of our development of innovative products, solutions, and services. We rely on the multilayer Defense in Depth concept strengthened by Zero Trust principles. This ensures reliable and always up-to-date protection on all levels, thanks to three pillars plant security, network security, and system integrity including Industrial Cybersecurity Services. At Digital Industries we create and implement digital manufacturing concepts for our vertical customer based on the Digital Enterprise software suite, TIA, MindSphere, Industrial Edge and Industrial cybersecurity offerings from Digital Industries. Are you passionate about safeguarding critical infrastructure and ensuring the security of industrial control systems? Join our team as a Cybersecurity Engineer and play a pivotal role in protecting our ICS and SIS systems, networks, and information. About The Role Key Responsibilities: Security MeasuresEngineer, implement, and monitor robust security measures to protect ICS and SIS systems, related networks, and sensitive information. System Security RequirementsIdentify and define system security requirements to ensure comprehensive protection. Security ArchitectureDesign and develop detailed cybersecurity architectures and designs, adhering to industry-standard blueprints and best practices. Implementing Backup Solutions and ManagementImplement and manage system backup technologies like Acronis, Veritas, Veeam and other providers, overseeing installation and deployment. Threat Detection and Vulnerability monitoringImplement solution like Claroty or Nozomi at ICS for the customers. Installing remediation to risk score for the customer. Endpoint SecurityDeploy and manage endpoint security and application control solutions from providers like McAfee, as well as SIEM solutions such as McAfee, Splunk, and Q-radar etc. Network SecurityImplement and manage network-based firewalls (e.g., Siemens, Fortinet, Palo Alto, CISCO), network troubleshooting, and intrusion detection products. Network ManagementInstall and manage network management solutions like SiNEC NMS, SolarWinds, WhatsUp Gold etc. Firmware UpdatesConduct firmware updates for various automation control systems, switches, and firewalls. Domain Controller ConfigurationConfigure and deploy domain controller settings and policies to defined computer groups as per approved list for ICS. Host-Based SecurityImplement host-based security technologies, including antivirus, data leakage prevention, host IPS, whitelisting, and anomaly detection. Installation and TestingPerform installation, configuration, and testing activities at both factory and customer sites, with experience in Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT). DocumentationPrepare comprehensive system documentation, including functional design specifications, backup systems documentation, firewall configurations, network diagrams, system architectures, asset inventory, FAT and SAT procedures, and operation & maintenance manuals. Experience 5 to 6 years of experience in working for OT Security systems design, implementation and consulting with at least some experience in industrial automation systems design. Proven experience in cybersecurity, particularly in ICS. Strong understanding of cybersecurity principles and best practices. Proficiency in managing backup technologies, endpoint security, SIEM solutions, and network-based firewalls. Hands-on experience with network management solutions and firmware updates. Ability to configure domain controllers and implement host-based security technologies. Excellent documentation skills and experience with FAT and SAT procedures. Education o Bachelor"™s degree in engineering (Electrical Engineering, Computer Engineering, or related field). A degree in Cybersecurity is preferred. o Valid certification in OT security (e.g., CISSP, GICSP, OSCP) would be additional advantage. Business Travel You will be in the delivery and implementation team and hence should be willing to travel and experience various manufacturing sites across India

Location: Hyderabad, Bangalore - India Function: HV Product Management Requisition ID: 1033000 The Company We’re Hitachi Vantara, the data foundation trusted by the world’s innovators. Our resilient, high-performance data infrastructure means that customers – from banks to theme parks – can focus on achieving the incredible with data. ?? If you’ve seen the Las Vegas Sphere, you’ve seen just one example of how we empower businesses to automate, optimize, innovate – and wow their customers. Right now, we’re laying the foundation for our next wave of growth. We’re looking for people who love being part of a diverse, global team – and who get excited about making a real-world impact with data. The Team The VSP 360 team is focused on building an intelligent, hybrid cloud platform that integrates observability, automation, protection, and data insights. As part of this mission, we are expanding platform capabilities to include rich data services integrations that enhance visibility, governance, compliance, and cyber resilience. This team works cross-functionally with engineering, partner ecosystems, and customer-facing teams to deliver seamless experiences and actionable insights from a wide range of data services and third-party platforms. The Role As the Product Manager for Data Services within the VSP 360 platform, you will lead the strategy and execution for integrating a diverse set of data services that drive data intelligence, governance, and protection. This includes managing platform-level integrations with services such as data classification, data cataloging, PII detection, cyber resilience, and third-party data protection solutions. You’ll collaborate with internal and external stakeholders to define use cases, capture integration requirements, and drive partner enablement. Your role will focus on building scalable APIs and workflows that bring context-rich insights and automation to the forefront of hybrid cloud storage management. You will be responsible for managing the backlog in Aha!, coordinating cross-functional execution, and ensuring customer-facing outcomes around security, compliance, and operational efficiency. What You’ll Bring 5+ years of product management experience in data services, storage, or enterprise software Strong understanding of data classification, cataloging, governance, and PII/security frameworks Familiarity with cyber resilience concepts and tools Experience integrating third-party solutions (e.g., Commvault, Veeam) into a platform environment Proven ability to define APIs and workflows for data services integration Agile product management experience with tools like Aha!, Jira, or equivalent Ability to balance technical requirements with customer value and usability Strong collaboration and communication skills across product, engineering, and partners Strategic mindset with experience driving partner ecosystems and joint solutions Passion for delivering customer-centric solutions with measurable business impact About us We’re a global team of innovators. Together, we harness engineering excellence and passion for insight to co-create meaningful solutions to complex challenges. We turn organizations into data-driven leaders that can a make positive impact on their industries and society. If you believe that innovation can inspire the future, this is the place to fulfil your purpose and achieve your potential. #LI-SP7 Championing diversity, equity, and inclusion

Diverse Lynx is looking for SOC L2 Engineer to join our dynamic team and embark on a rewarding career journey Security Monitoring: Monitor security alerts and events from various sources, including security information and event management (SIEM) systems. Analyze and respond to security incidents, threats, and vulnerabilities. Incident Response: Conduct incident investigations, document findings, and implement corrective actions. Collaborate with incident response teams to contain and mitigate security incidents. Vulnerability Management: Conduct regular vulnerability assessments and coordinate remediation efforts. Stay informed about the latest security threats, vulnerabilities, and technologies. Security Infrastructure Management: Manage and maintain security technologies, such as firewalls, intrusion detection/prevention systems, and endpoint protection. Configure and fine-tune security tools to enhance detection and prevention capabilities. Log Analysis and Correlation: Analyze logs and security events for unusual or suspicious activity. Develop and implement correlation rules to enhance detection capabilities. Security Policy Enforcement: Enforce security policies and procedures to ensure compliance with industry standards and regulations. Recommend and implement improvements to security policies. Collaboration: Collaborate with other IT and security teams to ensure a coordinated response to security incidents. Provide support during security audits and assessments.

Required Skills Behavioral | Aptitude | Communication Technology | Cybersecurity | SOC Alert Management Technology | Cybersecurity | Vulnerability Management Technology | Cybersecurity | SOC Monitoring Technology | Cybersecurity | Cloud Security Education Qualification : Any Graduate Certification Mandatory / Desirable : Technology | IT Security Certifications | EC-Council Certifications | EC-Council Certified Ethical Hacker (CEH) Details: Need to both keep an eye out for attacks in progress and try to figure out ways to beef up defenses to prevent or mitigate future attacks. To that end, you need to install security tools, investigate the suspicious activities those tools detect, support audit and compliance initiatives, and participate in developing security strategies 1. Escalate validated and confirmed incidents to designated incident response team. 2. Notify Client of incident and required mitigation works. 3. Fine-tune SIEM rules to reduce false positive and remove false negatives. 4. Collect global threat intelligence and internal threats then inject actions based on analysis and recommendation. 5. Proactively research and monitor security information to identify potential threats that may impact the organisation. 6. Develop and distribute information and alerts on required corrective actions to the organisation. 7. Learn new attack patterns, actively participate in security forums. 8. Work closely with Vulnerability Management and designated incident response team. 9. Understand the structure and the meaning of logs from different log sources. 10. Perform threat intel research. 11. Ability to run and understand Sandbox Static Analysis. 12. Analyst should know how to include details related to the logs, alarms and other indicators identified in accordance with the intervention protocol of each client and the SLA.

FS XSector Specialism Risk Management Level Senior Manager & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . & Summary Join us as a Senior Manager in our Digital Risk Services team, where youll lead the way in tackling the most pressing technology risk challenges faced by our clients. Immerse yourself in cuttingedge fields like cybersecurity, artificial intelligence, and emerging digital risks. Your technical leadership will be instrumental in crafting innovative solutions and driving transformative projects. . s Lead groundbreaking projects in digital risk, focusing on areas such as cybersecurity, AI, Cloud and SDLC, to devise forwardthinking assessment and mitigation strategies. Cultivate and maintain strong client relationships, becoming the trusted advisor for advanced digital risk management solutions. Collaborate with diverse technical teams to design, implement, and refine stateoftheart risk management frameworks using Agile, DevSecOps, and AI risk assessment protocols. Stay at the forefront of industry trends and emerging technologies to deliver profound insights and predictive risk analytics using AI/ML tools. Mentor and inspire your team, fostering an environment of technical brilliance, continuous learning, and innovation. Drive business growth by identifying new opportunities and developing detailed proposals that leverage the latest digital risk technologies. Good to have requirements As below Mandatory Skill Sets Minimum of 10 years in risk advisory with a focus on cybersecurity, AI, and digital risks. Proven track record in managing complex technical projects in a consulting setting. Expertise in regulatory frameworks and industry standards like ISO 27001, NIST, and GDPR. Outstanding technical communication and leadership skills, engaging effectively with senior stakeholders. Preferred Skill Sets AI, Cybersecurity Years of experience required 7+ Years Education Qualification Any graduation/postgraduation Education Degrees/Field of Study required Bachelor Degree, Master Degree Degrees/Field of Study preferred Required Skills Cybersecurity Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Coaching and Feedback, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Influence, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Learning Agility {+ 24 more} No

FS XSector Specialism Risk & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisations security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . & Summary Join us as a Senior Manager in our Digital Risk Services team, where youll lead the way in tackling the most pressing technology risk challenges faced by our clients. Immerse yourself in cuttingedge fields like cybersecurity, artificial intelligence, and emerging digital risks. Your technical leadership will be instrumental in crafting innovative solutions and driving transformative projects. Lead groundbreaking projects in digital risk, focusing on areas such as cybersecurity, AI, Cloud and SDLC, to devise forwardthinking assessment and mitigation strategies. Cultivate and maintain strong client relationships, becoming the trusted advisor for advanced digital risk management solutions. Collaborate with diverse technical teams to design, implement, and refine stateoftheart risk management frameworks using Agile, DevSecOps , and AI risk assessment protocols. Stay at the forefront of industry trends and emerging technologies to deliver profound insights and predictive risk analytics using AI/ML tools. Mentor and inspire your team, fostering an environment of technical brilliance, continuous learning, and innovation. Drive business growth by identifying new opportunities and developing detailed proposals that leverage the latest digital risk technologies. Good to have requirements As below Mandatory Skill Sets Minimum of 10 years in risk advisory with a focus on cybersecurity, AI, and digital risks. Proven track record in managing complex technical projects in a consulting setting. Expertise in regulatory frameworks and industry standards like ISO 27001, NIST, and GDPR. Outstanding technical communication and leadership skills, engaging effectively with senior stakeholders. Preferred Skill Sets AI, Cybersecurity Years of Experience 7 + Years Educational Qualification Any graduation/ postgraduation Education Degrees/Field of Study required Master Degree, Bachelor Degree Degrees/Field of Study preferred Required Skills Data Security Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Analytical Thinking, Cloud Security, Coaching and Feedback, Communication, Conducting Research, Creativity, Cyber Defense, Cyber Threat Intelligence, Embracing Change, Emotional Regulation, Empathy, Encryption, Inclusion, Information Security, Intellectual Curiosity, Intelligence Analysis, Intelligence Report, Intrusion Detection, Intrusion Detection System (IDS), IT Operations, Learning Agility, Malware Analysis {+ 21 more} No

We are looking for a skilled professional with 8 to 13 years of experience to lead our Vulnerability Discovery team, responsible for revolutionizing the way we identify and mitigate digital risks. The ideal candidate will have a strong background in vulnerability management, red teaming, or purple teaming, with expertise in automating vulnerability discovery and developing risk-based metrics to enhance EY’s digital defenses. ### Roles and Responsibility Spearhead the evaluation and management of the firm's digital exposure, identifying and mitigating risks stemming from misconfigurations, vulnerabilities, and mismanaged assets. Collaborate closely with various departments to develop comprehensive strategies to protect EY's digital assets. Develop and implement innovative solutions to complex security challenges, leveraging deep technical expertise. Manage third-party risk assessments and identify assets that fail to meet stringent EY security standards. Monitor emerging threats in the digital landscape and advise on proactive measures to safeguard the firm against potential security breaches. Lead the development of a comprehensive strategy to identify and manage the risk of the firm’s digital footprint. ### Job Requirements Minimum 8 years of experience in vulnerability management, red teaming, or purple teaming. Strong understanding of cloud services, network security, and data protection principles. Expert knowledge of offensive security principles and experience in automating vulnerability discovery. Ability to develop performance metrics and risk-based assessments of digital exposure. Excellent analytical and problem-solving skills, with the ability to translate complex technical issues into clear business impacts. Demonstrated experience in managing third-party risk assessments and vendor relationships. Exceptional communication and interpersonal skills, with leadership experience and the ability to manage and develop a high-performing team. Ability to evaluate and prioritize competing priorities from varying stakeholders. OWASP training is a plus. Incident response experience is a plus.

We are looking for a skilled Senior SIEM Specialist with a strong background in Operational Technology (OT) to join our dynamic team. The ideal candidate will have proven expertise in SIEM content development, hands-on experience with OT tools, and a deep understanding of OT environments. This role requires at least 8 years of overall experience in cybersecurity, with a minimum of 4 years in OT/IOT Security solutions. ### Roles and Responsibility Design and develop impactful SIEM use cases tailored to OT environments. Onboard data into SIEM from various sources, including custom parsers for unsupported sources. Create advanced visualizations and dashboards to provide near real-time visibility into OT applications. Provide operational support for globally deployed OT network monitoring solutions like Nozomi, Claroty, and Armis. Assist clients during testing, evaluation, pilot, production, and training phases to ensure successful deployment. Offer consultative advice in security principles and best practices related to SIEM operations. ### Job Requirements At least 8 years of overall experience in cybersecurity, with a minimum of 4 years in OT/IOT Security solutions. Strong knowledge of IT/OT/IoT communication protocols and experience supporting industrial protocols. Strong oral, written, and listening skills are essential for effective consulting. Background in network administration, with the ability to work at all layers of the OSI model. Knowledge of Vulnerability Management, Windows and Linux basics, including installations, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, and Linux security and troubleshooting. Good programming or scripting skills in languages such as Python, JavaScript, Bash, PowerShell, etc. Experience in designing and implementing Splunk solutions with a focus on IT Operations, Application Analytics, User Experience, Application Performance, and Security Management. Certification in any one of the SIEM Solutions such as Splunk, IBM QRadar, Exabeam, Securonix is an added advantage. Certifications in core security-related disciplines are also advantageous.

We are looking for a skilled Senior (Endpoint Detection and Response) professional with 6 to 12 years of experience. The ideal candidate will have excellent teamwork skills, passion, and drive to succeed in combatting cyber threats. ### Roles and Responsibility Collaborate with team members to find creative and practical solutions to customers' challenges and needs. Design, implement, and operate EDR solutions such as Carbon Black, Tanium, Crowdstrike, Cortes XDR, Microsoft Defender ATP, MacAfee, Symantec, and similar technologies. Provide consulting services during testing, evaluation, pilot, production, and training phases to ensure successful deployment. Perform remote and on-site gap assessments, customization, installation, and integration of EDR solutions. Develop expertise in EDR use cases, including automated security event monitoring and alerting processes. Lead teams through various project phases and adapt to market trends. ### Job Requirements Minimum 6 to 12 years of experience in network administration or a related field. Strong oral, written, and listening skills are essential for effective consulting. Experience in cybersecurity operations, network security monitoring, host security monitoring, malware analysis, adversary hunting, modern adversary methodologies, all-source intelligence analysis, analytical methodologies, confidence-based assessments, and writing analytical reports is required. Working knowledge of Cuckoo, CAPE, or other sandbox platforms is necessary. Experience with security orchestration automation and response tools (Phantom, Resilient, XSOAR) and incident response platforms/DFIR toolsets is expected. Ability to lead teams and adapt to market trends. Certification in EDR or SIEM Solution is mandatory. Certifications in core security-related disciplines are an added advantage. A strong background in network administration is needed, with the ability to work at all layers of the OSI model and explain communication at any level. Knowledge of Vulnerability Management, basic Windows setup, Windows Domains, trusts, GPOs, server roles, Windows security policies, basic Linux setup, user administration, Linux security, and troubleshooting is required. Good understanding of programming/scripting languages such as Python, JavaScript, Bash, PowerShell, Ruby, Perl, etc. A degree in computer science, mathematics, engineering, or a similar field is preferred. At least 4 years of working in a security operations center.

We are looking for a Program Leader, IT Security within Identity and Access Management. The Program Manager will use their hands-on technical skills, strong leadership ability and eagerness to design solutions to complex problems as a leader within a larger global team. The Program Manager must be comfortable with communicating to stakeholders, performing security assessments, and prioritizing security risks, as well as creating/presenting high quality deliverables. The position will have a team of direct reports and align under the Director of IAM, Client Identity and Access. Responsibilities : Operate as a People Leader responsible for a team of 30+ global resources, including 2 supervisors Build, lead, and execute IAM strategies to enhance the productivity of R1 operational workforce while also enhancing security posturing. Act as a leader with extensive subject matter expertise to shape the Client Identity and Access team. Work collaboratively with peers and stakeholders to influence technical and business projects to enhance IAM strategies. This included but is not limited to transitional work, integrations, and stead state organization initiatives. This role will identify and execute on strategies core to internal business processes as well as partnering with external providers and business partners to securely enable R1 user access. Complete unbiases analysis of technology options and develop a practice to determine, approve and manager preferred technologies; maintain a list of approved technologies; create communication strategies that will guide the organization to standard technologies or create new standards as development needs arise. Communicate access management security goals and new programs effectively with other department managers within the organization. Ensure fulfillment of legal and contractual IT security, compliance, and privacy mandates. Partner with internal cross-function teams and external customers on technology improvement opportunities. Skills and Experience: 10 years of experience, or combined 5 years in Senior Management and 5 years in IAM or adjacent IT Security framework(s) Experience with inventory management, ticketing workflows, and production and quality oversight Excellent interpersonal and communication skills to work with all levels of management, employees, peers, and vendors Excellent analytical and problem-solving skills to solve/manage complex technical problems Ability to maintain enterprise relationships with internal, external stakeholders, and teams Experience in developing and running multiyear, complex technology initiatives and teams Tenacity, grit, and ability to perform under pressure to achieve deliverables Education Bachelors Degree in Computer Science, Information Technology, Information Security, Healthcare Science, or Business Management Preferred - Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or similar industry recognized certification.

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Expands skills within an analytical or operational process. Maintains appropriate licenses, training, and certifications. Applies experience and skills to complete assigned work. Works within established procedures and practices. Works with a moderate degree of supervision. Functional Knowledge Has developed skillset in a range of processes, procedures, and systems. Business Expertise Understanding of how teams integrate and work best together to support the achievement of company goals. Impact Impacts a team, by example, through the quality service and information provided. Follows standardized procedures and receives moderate supervision and guidance. Leadership Has no supervisory responsibilities. Manages own workload. Problem Solving Uses existing procedures to solve standard problems without supervisory approval. Interpersonal Skills Exchanges information and ideas effectively. Responsibility Statements Manages client employee data for recruitment records of potential employees, online tests, and travel expenses. Coordinates logistics for recruiting events with vendors and prepares event reports. Administers pre-employment screening checks in collaboration with other departments and vendors. Ensures proper paperwork for new candidates, including medical and fit reports. Ensures new hires have required information and instruction in preparation for their first day of work. Performs other duties as assigned. Complies with all policies and standards. .

Job Track Description: Performs tasks based on established procedures. Uses data organizing and coordination skills to perform business support or technical work. Requires vocational training, certifications, licensures, or equivalent experience. General Profile Expands skills within an analytical or operational process. Maintains appropriate licenses, training, and certifications. Applies experience and skills to complete assigned work. Works within established procedures and practices. Works with a moderate degree of supervision. Functional Knowledge Has developed skillset in a range of processes, procedures, and systems. Business Expertise Understanding of how teams integrate and work best together to support the achievement of company goals. Impact Impacts a team, by example, through the quality service and information provided. Follows standardized procedures and receives moderate supervision and guidance. Leadership Has no supervisory responsibilities. Manages own workload. Problem Solving Uses existing procedures to solve standard problems without supervisory approval. Interpersonal Skills Exchanges information and ideas effectively. Responsibility Statements Manages client employee data for recruitment records of potential employees, online tests, and travel expenses. Coordinates logistics for recruiting events with vendors and prepares event reports. Administers pre-employment screening checks in collaboration with other departments and vendors. Ensures proper paperwork for new candidates, including medical and fit reports. Ensures new hires have required information and instruction in preparation for their first day of work. Performs other duties as assigned. Complies with all policies and standards. .

Vulnerability Analyst I Overview The Vulnerability Management team is a dedicated collection of self-organizing, interdependent, co-located individuals representing different functional roles with all the necessary skills to conduct security testing of Mastercard applications and networks. Team members are network and application security and penetration testing professionals with various levels of expertise and experience in security testing of web application, mobile applications, APIs, Cloud hosted application, Containers and on-prem data centers. The Vulnerability Analyst I is a hands-on professional in application security testing and delivers on individual assignments as well as work within a multi-location team environment. Role Ensuring that all web and mobile applications security tests are conducted within the framework set at Mastercard. Ensure that all test cases and tools are used appropriately for testing of various application types. Ensuring that all help and guidance is provided to development teams on the vulnerabilities identified in their applications while performing of security testing. Identify improvement areas in the security testing domain and implement learnings for the Globally located team. Coordinate with application development teams on their demands for security testing and provide a seamless experience with testing and reporting of penetration tests. Ready to work with a global team spread across time-zones and geographies. All About You A record of successful delivery of application security testing projects as an individual and team leader. Excellent communicator and collaborator Problem solver and solution-seeking approach Ability to build rapport and relationships Understands the full scope of S-SDLC Preferably a certified OSCP or SANS GMOB, ESCA or equivalent certification is a must. Experience in Cloud based application testing or Bug Bounty programs will be an added benefit.

Define and drive the cybersecurity tools and technology roadmap aligned with organizational security objectives Evaluate, select, and lead the deployment of cybersecurity tools (SIEM, SOAR, EDR, DLP, CASB, IAM, vulnerability management, etc) Manage the lifecycle of cybersecurity tools including onboarding, configuration, optimization, upgrades, and decommissioning Collaborate with SOC, Threat Intelligence, Incident Response, and IT teams to understand needs and implement appropriate solutions Lead PoC (Proof of Concept) and pilot programs for emerging cybersecurity technologies Optimize tool integration, automation, and orchestration across the cybersecurity ecosystem Work with vendors and partners to ensure product support, licensing, and issue resolution Manage cybersecurity tools budget, vendor negotiations, and renewal processes Establish metrics and reporting to measure the effectiveness and ROI of cybersecurity tools Mentor and guide engineering and operations teams on best practices for tool usage Ensure cybersecurity tool architecture adheres to security compliance frameworks (ISO 27001, NIST, GDPR, etc) Stay updated on market trends and emerging cybersecurity technologies Qualifications:Bachelor s or Master s degree in Cybersecurity, Information Technology, Computer Science, or a related field

Summary We are looking for a Security Engineer on our Vulnerability Management Team. What we are looking for is someone who can navigate complex threat scenarios and remain committed to decreasing the overall attack surface of the company. Vulnerability Management remains a top priority at Guidewire, and you will be responsible for implementing and managing infrastructure vulnerability tools and processes in a cloud environment. This includes identifying and evaluating vulnerabilities, cloud misconfigurations and supporting remediation activities. Job Description Responsibilities Ensure vulnerability scans / assessments are run periodically in line with policies and standards across Guidewire Infrastructure Review vulnerability assessments and security audits to identify security risks and drive improvements necessary to mitigate those risks Provide security guidance to Cloud Engineering teams encompassing perimeter, misconfigurations, asset visibility, policies, container, patching cadence, and vulnerability scanning. Provide technical expertise to the vulnerability assessment team responsible for the testing, validating, and the security of the companys applications, servers, and networks Improve and mature vulnerability reporting to key stakeholders, and drive remediation efforts by communicating, clearly articulating, and prioritizing risk and impact to all stakeholders to convey the urgency and need to remediate a vulnerability/cloud misconfiguration. Support incident response activities and reporting Ensure security leadership is aware of current and emerging threats and vulnerabilities Supports the end-to-end vulnerability process, including reporting of vulnerabilities and escalation of critical vulnerabilities Document security guidance, process and policy around the vulnerability management program Requirements 5 years of relevant experience Prior experience with managing and configuring any vulnerability management tool such as Rapid 7, Qualys, Orca, Prisma, Wiz, etc. Persuasive mindset with strong relationship management skills to work with various stakeholders proactively on vulnerability assessment and remediation Ability to automate solutions to repetitive problems/tasks using scripting languages Good understanding of enterprise security controls, network protocols and operating system (Windows/Linux environments) Hands on experience handling vulnerability management operations for cloud workloads at scale in AWS/Azure Ability to conduct thorough analysis and recommend data driven actions Results-oriented, high energy, self-motivated and love for a team environment. Nice to have: Certifications from SANS, Offensive Security, ISC2, AWS is a plus.

IS Specialist OT Security What you will do Let’s do this. Let’s change the world. In this vital role you will [responsible for developing and implementing security strategies that protect industrial control systems (ICS), SCADA networks, and other manufacturing infrastructure components. This role ensures the integrity, availability, and confidentiality of OT environments by integrating security monitoring, risk management, and compliance efforts into industrial operations. The OT Security Engineer works closely with Security Operations, Engineering and Infrastructure, and Operations to safeguard systems against cyber threats. Key responsibilities include implementing security best practices for OT, managing vulnerabilities, and collaborating with stakeholders to enhance the security posture of OT environments. . Roles & Responsibilities: Define, lead, and implement security strategies for OT environments, focusing on Industrial Control Systems (ICS) and SCADA. Implement and manage OT-specific security monitoring tools, ensuring real-time detection and response to cyber threats. Collaborate with engineering and operational teams to integrate security measures into OT network architectures. Assess and mitigate vulnerabilities in OT environments, ensuring compliance with industry standards (e.g., NIST 800-82, IEC 62443). Support security incident response efforts, including forensic analysis and remediation of threats in industrial environments. Coordinate with vendors, partners, and government agencies to address OT cybersecurity challenges. Develop security policies, procedures, and guidelines tailored to OT environments. Provide training and awareness programs to operational teams regarding OT cybersecurity best practices. Maintain relationships with vendors and strategic partners to enhance security capabilities. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications: Master’s degree with 4- 6years of experience in Information Systems or related field OR Bachelor’s degree with 6- 8years of experience Information Systems or related field OR Diploma with 10– 12years of experience in Information Systems or related field Preferred Qualifications: Must-Have Skills: Solid understanding of ICS, SCADA, and OT security principles Experience with network segmentation, firewalls, and intrusion detection systems in OT environments Knowledge of industrial protocols (e.g., Modbus, DNP3, BACnet, OPC, CIP) and their security implications Understanding of risk management frameworks (e.g., NIST 800-82, IEC 62443, NERC CIP) Experience with security monitoring and detection in OT environments Good-to-Have Skills: Experience with security assessments and penetration testing for OT networks Proficiency in security tools (e.g., Nozomi Networks, Dragos, Claroty, Armis) Knowledge of cloud security and how it integrates with OT environments Scripting and automation skills (e.g., Python, PowerShell) Familiarity with compliance and regulatory requirements for critical infrastructure Professional Certifications (please mention if the certification is preferred or required for the role): GICSP (Global Industrial Cyber Security Professional) – Preferred CISSP (Certified Information Systems Security Professional) – Preferred ISA/IEC 62443 Cybersecurity Certificate – Preferred CompTIA Security+ – Preferred Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

The Opportunity "This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering. What Youll Contribute Collaborate with the Cyber Security Team, business stakeholders, IT partners, and clients to manage and reduce cybersecurity risk. Act as a subject matter expert in vulnerability scanning, compliance monitoring, and risk reporting. Operate and optimize tools such as Wiz, Qualys, or similar for vulnerability scanning across cloud and on-prem environments. Validate, triage, and risk-rank vulnerabilities based on severity, exposure, and potential business impact. Drive remediation planning with Product and IT teams, and oversee patch management cycles. Contribute to threat & vulnerability management strategy, policy, and continuous process improvement. Conduct periodic risk assessments and develop mitigation strategies in line with compliance requirements. Monitor the evolving threat landscapeincluding zero-day exploits, vendor patches, EOL systemsand proactively update mitigation plans. Lead initiatives to improve configuration, cloud asset management, vulnerability and patch management practices. Provide documentation, reporting, and cross-functional collaboration support. What Were Seeking Bachelors degree in Computer Science, Information Security, or a related field (or equivalent work experience). 3 6 years of hands-on experience with cloud security tools such as Wiz, Qualys, or similar vulnerability scanning platforms. Strong understanding of AWS infrastructure and cloud security principles. Working knowledge of operating system and application-level vulnerabilities and how they relate. Familiarity with risk-based vulnerability management and compliance frameworks. CISSP, CISM or equivalent certifications preferred (or willingness to obtain). Ability to multitask, manage complex data sets, and collaborate with diverse teams. Knowledge of scripting languages (e.g., Python, Bash) is a plus. Demonstrated experience in cloud (especially AWS) patch and configuration management. Familiarity with malware behavior, indicators of compromise, and modern threat vectors. Strong documentation, analytical, and communication skills.

Hybrid and Cloud Solutions Development in Edge based environment. Cloud Strategy Integration Network and Compute/Storage Technologies Security and Data Privacy Compliance Performance Monitoring and Optimization Infrastructure Vulnerability Management.

Hi, Greetings from Peoplefy Infosolutions !!! We are hiring for one of our reputed MNC client based in Pune . We are looking for candidates with 8+ years of experience in DevOps + cloud security (AWS/ GCP). Job Description: Strong expertise in DevOps +Cloud Security (50-50%). Experience in Application Security, Secure Coding and Vulnerability Management Experience in application security & vulnerability management. Worked in secure coding Vulnerability Scanning- good to have. Interested candidates for above position kindly share your CVs on varsha.si@peoplefy.com with below details - Experience : CTC : Expected CTC : Notice Period : Location : NOTE: Immediate joiners to max 30 days are preferred.

Role & responsibilities Primary Skills (All mandate) -Qualys, VMDR, Policy Compliance, Cloud Agent Location: Chennai/Bangalore Preferred candidate profile

Project Role : IT Service Management Representative Project Role Description : Manage delivery for IT production systems and services. Support the infrastructure service management lifecycle, ensuring client satisfaction and management of risk to services. Provide operational support, ensuring production systems and devices are online and available. Must have skills : Infrastructure Service Management Good to have skills : Network Infrastructures Minimum 7.5 year(s) of experience is required Educational Qualification : BE / B Tech / B. Sc or Diploma (8/ 9 years) in IT / Computer Science / Electronics & Telecommunications / Electronics Summary :As an IT Service Management Representative, you will be responsible for managing the delivery of IT production systems and services, supporting the infrastructure service management lifecycle, ensuring client satisfaction, and managing risk to services. Your typical day will involve providing operational support, ensuring production systems and devices are online and available, and managing the delivery of IT services. Roles & Responsibilities: - Responsible for Infrastructure Security Vulnerability management Responsible for conducting security and standards audits in the Global network infrastructure. Being custodian of the main Compliance metrics, carrying out proactive tasks to mitigate recurring risks / issues that may impact them. Lead the delivery of IT production systems and services, ensuring client satisfaction and management of risk to services. Conduct thorough analysis of current security measures in place and audit information security protocols to ensure compliance with external/internal policies and procedures Perform compliance assessments, gap analysis based on industry standards and report on progress to senior management. Collaborate with cross-functional teams to ensure the delivery of IT services meets client requirements and expectations. Communicate effectively with stakeholders, including clients, vendors, and internal teams, to ensure the successful delivery of IT services. Professional & Technical Skills: Must To Have Skills:Experience in Infrastructure Service Management. Good To Have Skills:Experience in Network Infrastructures. Strong understanding of IT service management principles and best practices. Experience in incident management, problem management, change management, and service level management. Experience in managing the delivery of IT services, including managing risk and ensuring client satisfaction. Solid grasp of IT infrastructure, including network infrastructures, servers, storage, and databases. Additional Information: The candidate should have a minimum of 7.5 years of experience in Infrastructure Service Management. The ideal candidate will possess a strong educational background in information technology, computer science, or a related field, along with a proven track record of delivering impactful IT services. This position is based at our Bengaluru office. Working experience in network environments, CCNA certificate is a plus Qualification BE / B Tech / B. Sc or Diploma (8/ 9 years) in IT / Computer Science / Electronics & Telecommunications / Electronics

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of cloud security controls and transitioning to cloud security-managed operations. You will play a crucial role in safeguarding the organization's data and infrastructure. Roles & Responsibilities: Expected to be an SME in Security Architecture Design. Collaborate and manage the team to perform effectively. Responsible for team decisions and ensuring adherence to security best practices. Engage with multiple teams and contribute to key decisions. Expected to provide solutions to problems that apply across multiple teams. Ensure the implementation of robust security controls. Conduct risk assessments and vulnerability testing. Develop and maintain security policies and procedures. Professional & Technical Skills: Must To Have Skills:Proficiency in Security Architecture Design. Strong understanding of cloud security principles and best practices. Experience in designing and implementing security controls for cloud environments. In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST). Hands-on experience with security tools and technologies. Good To Have Skills:Experience with cloud platforms such as AWS or Azure. Additional Information: The candidate should have a minimum of 12 years of experience in Security Architecture Design. This position is based in Mumbai. A 15 years full-time education is required. Qualification 15 years full time education