465 Vulnerability Management Jobs - Page 6

Cyber Security Analyst UltraViolet Cyber is seeking a Cyber Security Analyst to add to our existing team. Primary responsibilities will require: (i) in-depth analysis of intrusions in diverse computing environments; (ii) thorough packet analyses; (iii) implementing/optimizing changes to security infrastructure; (iv) integrating threat intelligence into the operational environment; and (v) protecting systems and infrastructure from infiltration or exfiltration of data. Responsibilities: Perform analyses of network infrastructure, applications, operating systems, firewalls, proxy devices and malware detection in a fast-paced environment Proactively identify threats across a wide range of customer environments Monitor alerts using a SIEM platform to respond, triage and escalate incidents, as necessary Perform vulnerability scans, analyze results and recommend remediation actions Perform continuous monitoring of diverse security environments and analyze event log data to determine severity and prioritization of incident response efforts Contribute to the advancement of security posture Minimum Requirements: 2 years of operational experience with securing and monitoring multiple platforms, network configurations and implementations Broad knowledge of IT security General systems infrastructure experience Experience with log correlation and packet analysis tools Solid understanding of common enterprise information systems services such as Active Directory Solid understanding of TCP/IP protocol suite, security architecture and security techniques/products Experience with various security management tools (e.g., vulnerability management, configuration management and SIEM) Proven ability to analyze captured data to perform incident response and identify potential compromises Excellent written and oral communication skills Preferred Education and Certifications: B.A or B.S in computer science or related field CompTia Sec+ CompTia CySa+

Position: Cyber Security Engineer Experience: 3 to 4 Yrs Location: Noida Education: B.E./ B.Tech. MCA Mandatory Skills Candidate Profile Must have experience in Governance - Security Operational Tasks support & governance. Compliance and Risk Management. Vulnerability Management - vulnerability (infra and app) scans and remediation plans SMP (Security Management Plan) - preparing, reviewing and managing Authorisation management - should have managed the accounts & controls in the Infra scope Security Patch management - end-to-end coordination and implementation Security product management - Antivirus Management, like TrendMicro, Defender, etc... Security incident management - Managing the end-to-end security incident lifecycle with corrective measures Audit support - support auditors' mandate on the security system and artefacts Mitigation - thinking analytically and executing efficiently. Analyse and optimise orchestration and automation between security tools Vendor Management, Collaboration, Facilitation - Excellent customer-facing skills and significant experience building strong client relationships Communication Skills - Communicate security and technology needs effectively Security Reporting, Meetings & Communication - Prepare and develop security report as contractually required, attend client and Sopra Steria meetings to provide security expertise and advice Certification: CISM & ISO 27001 certification is a must

Skills Required : Secure Architecture and Design, Application & API Security, Cloud & Container Security, Infrastructure & Network Security, Cryptography, Stakeholder Engagement, Mentorship Posted On : Secure Architecture and Design, Application & API Security, Cloud & Container Security, Infrastructure & Network Security, Cryptography, Stakeholder Engagement, Mentorship Education/Qualification : Bachelors or Masters Desirable Skills : cyber security, Cloud Security, Cryptography

We are looking for a skilled and motivated Vulnerability Management Engineer to join our team In this role, you will be responsible for assessing, tracking, and managing vulnerabilities in cloud and platform environments You will play a critical role in ensuring the security posture of applications and infrastructure, using various vulnerability management tools and processes Your responsibilities will include evaluating vulnerabilities, triaging risks, and ensuring proper remediation actions are taken to protect the organization's systems Responsibilities: Vulnerability Assessment: Assess the risk of CVEs (Common Vulnerabilities and Exposures) in the context of your environment and prioritize them based on risk Vulnerability Management Lifecycle: Triage the entire vulnerability management lifecycle, ensuring vulnerabilities are identified, tracked, and remediated in a timely manner Application Security Vulnerability Management: Manage and oversee the Application Security and Vulnerability Management product, including CSPM (Cloud Security Posture Management), SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), Dependency Scans, and Secrets Scans Cloud Security Container Protection: Responsible for platform vulnerability management, including Cloud Security Posture Management and Container Workload Protection using Prisma Scanner Change Request Analysis: Evaluate change requests for e-commerce systems, assess security implications, and provide security recommendations Change Tracking: Track all feature changes, bug fixes, and release changes for each platform release to ensure no vulnerabilities are introduced CVE Tracking: Monitor and track CVEs, ensuring timely identification, prioritization, and assessment of vulnerabilities Component Identification: Identify and document components and systems impacted by proposed changes and their associated vulnerabilities Security Assessment Planning: Develop and implement security assessment plans for changes to ensure compliance with industry standards and best practices Vulnerability Scanning: Conduct regular vulnerability scans of infrastructure and source code, focusing on Kubernetes containerized apps, to identify and prioritize security risks Documentation: Maintain detailed and accurate records of vulnerability assessments, findings, remediation actions, and reporting for compliance purposes Security Tools: Experience with enterprise-grade vulnerability management tools like Prisma and Wiz is a plus Qualifications: Solid understanding of vulnerability management life cycle and risk assessment Experience with vulnerability scanning tools and platforms such as Prisma/Wiz Familiarity with Cloud Security Posture Management (CSPM), Container Workload Protection, SAST, DAST, and Dependency Scans Proven experience in security assessment, vulnerability remediation, and risk management Strong knowledge of CVE tracking and vulnerability prioritization techniques Knowledge of security best practices and compliance standards Excellent documentation, communication, and collaboration skills Past experience in operating enterprise-grade security vulnerability management tools is a plus

The candidate will have expertise in penetration testing, cloud security, compliance frameworks (HIPAA, PCI DSS), security documentation, and security tools such as Qualys, Burp Suite, and other industry-standard solutions Strong communication skills and the ability to document security processes effectively are essential for this role Key Responsibilities Penetration Testing Vulnerability Management Perform penetration testing on web applications, networks, and cloud environments to identify security vulnerabilities Utilize tools like Burp Suite, Qualys, Nessus, Metasploit, and other scanning tools to detect threats Work with development and operations teams to remediate vulnerabilities and strengthen security posture Cloud SecurityEnsure cloud security best practices for AWS, Azure, and other cloud platforms Implement security controls for cloud-hosted applications and workloads Conduct security assessments and recommend security enhancements Compliance Regulatory Security Ensure compliance with HIPAA, PCI DSS, ISO 27001, NIST, and other security frameworks Conduct audits, risk assessments, and compliance gap analysis Assist in developing policies, procedures, and security documentation to meet regulatory requirements Security Operations Incident Response Monitor security logs and alerts for threat detection and response Work with security teams to investigate and mitigate security incidents Conduct forensic analysis in the event of security breaches Documentation Communication Develop and maintain security policies, procedures, and technical documentation Create security reports and communicate findings effectively to stakeholders Provide security training and awareness programs for employees Location - Bengaluru, Noida, Pune, Mumbai, Hyderabad, Mohali, Panchkula, Chennai.

Solid understanding of operating systems (primarily Windows). Basic working knowledge of Microsoft Intune. Experience with PowerShell OS troubleshoot skills - MacOS support is a plus Experience with Azure Active Directory and Microsoft 365 support level Understanding of domain environments (Active Directory, GPO, etc.). Familiarity with patch management and vulnerability assessment. Experience with any antivirus or endpoint protection tool is a plus.

HCL Tech uses Qualys tools for various roles, including those in security, infrastructure management, and penetration testing. Job descriptions often specify experience with Qualys tools, such as vulnerability scanning and configuration management , and may also require proficiency in other security technologies and certifications like CEH. 1. Security Roles: Vulnerability Assessment and Penetration Testing (VAPT): HCL Tech uses Qualys tools for identifying vulnerabilities in systems and applications. VAPT Testers need experience with Qualys and other penetration testing tools. Security Operations Engineer: This role involves implementing and managing security measures, including those related to vulnerability management and cloud security posture management (CSPM) using Qualys. Tools/Qualys: This role involves administering and operating Qualys, potentially alongside other PKI solutions like ADCS or AppViewX. 2. Infrastructure Management: Administration and Operations of PKI: Qualys is sometimes used in conjunction with PKI solutions to manage certificates and related configurations, including CSR creation, certificate push, and secure connections. 3. General Requirements: Security Domain Experience: Many roles require experience in managing security infrastructure, including vulnerability management and configuration management, where Qualys is often utilized. In summary, HCL Tech utilizes Qualys tools for various security-related tasks, including vulnerability assessment, infrastructure management, and cloud security posture management. Specific requirements vary depending on the role, but experience with Qualys is often a valuable asset

Duration : 12 Months Notice Period : Immediate Joiners Only Experience Required: 6-9 Years (Minimum 5+ Years Relevant in ServiceNow SecOps) Job Role: ServiceNow SecOps - Vulnerability Response SME We are looking for an experienced ServiceNow SecOps professional with deep expertise in Vulnerability Response modules to join our dynamic team. The ideal candidate must have hands-on experience with ServiceNow implementations and integrations in a SecOps environment. Key Responsibilities: - Implement and customize ServiceNow Security Operations modules, especially Vulnerability Response and Configuration Compliance - Develop catalog items, record producers, workflows, and service requests - Configure integrations with vulnerability scanning tools and external systems - Automate processes using scripting and ServiceNow Orchestration - Maintain and manipulate data between ServiceNow and other systems - Monitor application health, compliance, and usage - Perform system/integration testing and lead troubleshooting efforts - Collaborate with clients to analyze their environment and propose optimal solutions Required Skills & Experience : - 5+ years relevant experience in ServiceNow SecOps (Vulnerability Response) - Expertise in ServiceNow ITSM modules (Incident, Problem, Change, CMDB, Asset) - Strong knowledge in CMDB, Discovery, and external integrations - Proficient in Glide, Jelly Scripting, JavaScript, HTML, XML, AJAX - Experience with REST/SOAP integrations, web UI development, and relational databases - Agile methodology experience is a must - Ability to handle client discussions and provide recommendations - ServiceNow Certified Application Developer (preferred) Important Notes : - BGV is Mandatory - No JNTU Candidates

Responsibilities: * Manage patches & vulnerabilities using BigFix * Strong expertise with BigFix administration * Ensure timely remediation of issues * Collaborate with IT team on risk mitigation strategies * Monitor system health & report incidents Health insurance Provident fund

SUMMARY Our client is IT MNC part of one of the major insurance groups based out of Germany and Europe. The Group is represented in around 30 countries worldwide, with Over 40,000 people worldwide, focusing mainly on Europe and Asia. Our client offers a comprehensive range of insurances, pensions, investments and services by focusing on all cutting edge technologies majorly on Could, Digital, Robotics Automation, IoT, Voice Recognition, Big Data science, advanced mobile solutions and much more to accommodate the customers future needs around the globe thru supporting millions of internal and external customers with state of-the-art IT solutions to everyday problems & dedicated to bringing digital innovations to every aspect of the landscape of insurance. Job Location: Hiranandani Gardens, Powai, Mumbai Mode: Work from Office Requirements Roles & Responsibilities: Define project scope, objectives, and deliverables in collaboration with stakeholders. Develop comprehensive project plans, including timelines, budgets, and resource allocation. Manage and coordinate project teams, including security engineers, analysts, and other technical resources. Track project progress, identify and manage risks and issues, and implement effective mitigation strategies. Ensure adherence to project management methodologies and best practices. Stay up-to-date with the latest cyber security trends and technologies. Skill & Competencies: Strong track record of delivering IT projects in a large, complex environment. (7 years), especially experience in the implementation of financial and regulatory requirements in the CFO context in Group-wide systems and their integration Proven 5+ years experience as a PM Bachelor's degree in Computer Science, Information Technology, or a related field. Proven experience (typically 5+ years) managing IT projects, with a significant focus on cyber security initiatives.

Must have skills : - 3+ years of experience focusing on operational vulnerability management work, specifically for processing vulnerabilities from Tenable in that Tenable IO and Tenable SC. - Experience in vulnerability management lifecycle, less on the scanning side, the rest for more on the life cycle, prioritization, remediation, analysis, tracking, reporting and driving through. - Emphasis on the remediation assistance process, create tickets or distributing vulnerabilities - Experience with JIRA Ticketing tool and experience in handling the Vulnerability Management process for large scale enterprises. - Shift Timings general but the candidate should be available to take calls at 5am IST scheduled across different location which includes Singapore, US and Arizona . Responsibilities : - Interpret vulnerability scan results and hand off to IT operations/product teams for remediation (primarily infrastructure vulns from Tenable; may also include container runtime or container registry vulnerabilities) - Provide remediation assistance to remediation owners (e.g technical steps to apply patches, investigate work arounds) - Track and report on overall remediation progress - Facilitation extension requests - Excellent collaboration and organization skills - Experience with Fortune 250 vulnerability management programs (large scale enterprises) - Familiarity with JIRA ticketing, JIRA dashboard creation.

Must have skills : - 3+ years of experience focusing on operational vulnerability management work, specifically for processing vulnerabilities from Tenable in that Tenable IO and Tenable SC. - Experience in vulnerability management lifecycle, less on the scanning side, the rest for more on the life cycle, prioritization, remediation, analysis, tracking, reporting and driving through. - Emphasis on the remediation assistance process, create tickets or distributing vulnerabilities - Experience with JIRA Ticketing tool and experience in handling the Vulnerability Management process for large scale enterprises. - Shift Timings general but the candidate should be available to take calls at 5am IST scheduled across different location which includes Singapore, US and Arizona . Responsibilities : - Interpret vulnerability scan results and hand off to IT operations/product teams for remediation (primarily infrastructure vulns from Tenable; may also include container runtime or container registry vulnerabilities) - Provide remediation assistance to remediation owners (e.g technical steps to apply patches, investigate work arounds) - Track and report on overall remediation progress - Facilitation extension requests - Excellent collaboration and organization skills - Experience with Fortune 250 vulnerability management programs (large scale enterprises) - Familiarity with JIRA ticketing, JIRA dashboard creation.

Must have skills : - 3+ years of experience focusing on operational vulnerability management work, specifically for processing vulnerabilities from Tenable in that Tenable IO and Tenable SC. - Experience in vulnerability management lifecycle, less on the scanning side, the rest for more on the life cycle, prioritization, remediation, analysis, tracking, reporting and driving through. - Emphasis on the remediation assistance process, create tickets or distributing vulnerabilities - Experience with JIRA Ticketing tool and experience in handling the Vulnerability Management process for large scale enterprises. - Shift Timings general but the candidate should be available to take calls at 5am IST scheduled across different location which includes Singapore, US and Arizona . Responsibilities : - Interpret vulnerability scan results and hand off to IT operations/product teams for remediation (primarily infrastructure vulns from Tenable; may also include container runtime or container registry vulnerabilities) - Provide remediation assistance to remediation owners (e.g technical steps to apply patches, investigate work arounds) - Track and report on overall remediation progress - Facilitation extension requests - Excellent collaboration and organization skills - Experience with Fortune 250 vulnerability management programs (large scale enterprises) - Familiarity with JIRA ticketing, JIRA dashboard creation.

Your Impact Youll be responsible for engaging with senior customer representatives including CISO and other C-suite stakeholders to engage on topics around CyberSecurity, adjacent technical areas, and application of technology and programs in the business. Provides trusted support, advice and guidance on the latest trends and developments in CyberSecurity and how these can be used to provide lasting business value and impact for our customers. Applying your wide and deep experience in solving these challenges elsewhere youll help our customers with their journey, articulating Ciscos unique value proposition and architecture for CyberSecurity and how Cisco can help our customers succeed with their CyberSecurity goals. By establishing yourself as a trusted advisor and building lasting relationships, youll help bridge the communications gap between customer needs and what Cisco can offer. Identifies opportunities for Cisco to provide additional products and services that are aligned to achieving the customers CyberSecurity goals. Results and Outcomes Youll proactively strengthen and expand Ciscos presence and technology leadership in the CyberSecurity domain through externally visible activities such as blog posts, social media posts, papers, external speaking engagements and serving on external forums and boards. Youll continually acquire the knowledge and expertise necessary to pioneer new thinking and approaches. Youll contribute new materials and innovative articles rather than solely parroting existing materials or campaigns. Youll have a strongly accretive impact on Ciscos CyberSecurity business as evidenced by pipeline generation and supporting sales of products. Youll actively contribute to talent development, ensuring the principals of improving inclusion and diversity are honoured and promoted. Minimum Qualifications: * Bachelor or Masters degree in a relevant area, an MBA is preferred * CertificationsCISSP, CRISC, CISA and CISMand advantage. * Telco expertise and hands on implementation * 15+ years relevant experience with at least five (5 )years as: a CISO, Head of Risk or equivalent in a major organization; Partner or Associate, Principal, or Managing Director in a big 4+1 company or other leading consulting organization; or a combination thereof. * Proven experience and recognized as a thought leader in CyberSecurity in one or more industry verticals such as Financial Services; Service Provider; Manufacturing, Mining, Transportation, Oil and Gas, or Utilities; or Technology. * A proven record of business leadership in a technical domain and experience in transformational or strategic programs, with evidence of where past contributions have a significant impact on business. * Proven track record of C-suite engagement with an extensive personal contact base. * Published author, conference speaker and social media presence. Preferred Skills * Proven experience and recognized as a thought leader in CyberSecurity in Service Provider is highly desired * Proven experience in delivering security solutions, knowing cisco security solution is a plus.

We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you'll do: Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities Perform proactive threat hunting to identify and mitigate advanced threats Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership Continuously improve SOC processes and playbooks to streamline operations and response efforts Mentor junior SOC analysts and provide guidance on security best practices This role requires participation in a rotational shift Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed What you'll bring: Strong analytical and problem-solving abilities Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams Proven ability to remain calm and efficient under a high-pressure environment Proficient in using SIEM tools, such as Microsoft Sentinel Experience with data migration strategies across SIEM platforms Experience on Cloud Security Operations and Incident Response platforms such as Wiz In-depth understanding of cyber threats, vulnerabilities, and attack vectors Proficient in creating KQL queries and custom alerts within Microsoft Sentinel Expertise in developing SIEM use cases and detection rules Skilled in incident response and management procedures Experienced in conducting deep-dive investigations and root cause analysis for incidents Adept at collaborating with stakeholders to resolve complex cybersecurity challenges Ability to automate routine SOC processes to enhance operational efficiency Experienced in mentoring and guiding junior analysts in security operations Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools Good to have skills and abilities: Excellent interpersonal (self-motivational, organizational, personal project management) skills Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System Ability to analyze cyber threats to develop actionable intelligence Skill in using data visualization tools to convey complex security information Academic Qualifications: Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience) 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks Experience with SIEM migration Expertise in incident response, threat detection, and security monitoring Solid understanding of Windows, Linux, and cloud security concepts Relevant certifications (eg, CompTIA Security+, Microsoft Certified: Security Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred Preferred Security Cloud Certifications: AWS Security Specialty

Must have skills : - 3+ years of experience focusing on operational vulnerability management work, specifically for processing vulnerabilities from Tenable in that Tenable IO and Tenable SC. - Experience in vulnerability management lifecycle, less on the scanning side, the rest for more on the life cycle, prioritization, remediation, analysis, tracking, reporting and driving through. - Emphasis on the remediation assistance process, create tickets or distributing vulnerabilities - Experience with JIRA Ticketing tool and experience in handling the Vulnerability Management process for large scale enterprises. - Shift Timings general but the candidate should be available to take calls at 5am IST scheduled across different location which includes Singapore, US and Arizona . Responsibilities : - Interpret vulnerability scan results and hand off to IT operations/product teams for remediation (primarily infrastructure vulns from Tenable; may also include container runtime or container registry vulnerabilities) - Provide remediation assistance to remediation owners (e.g technical steps to apply patches, investigate work arounds) - Track and report on overall remediation progress - Facilitation extension requests - Excellent collaboration and organization skills - Experience with Fortune 250 vulnerability management programs (large scale enterprises) - Familiarity with JIRA ticketing, JIRA dashboard creation

Must have skills : - 3+ years of experience focusing on operational vulnerability management work, specifically for processing vulnerabilities from Tenable in that Tenable IO and Tenable SC. - Experience in vulnerability management lifecycle, less on the scanning side, the rest for more on the life cycle, prioritization, remediation, analysis, tracking, reporting and driving through. - Emphasis on the remediation assistance process, create tickets or distributing vulnerabilities - Experience with JIRA Ticketing tool and experience in handling the Vulnerability Management process for large scale enterprises. - Shift Timings general but the candidate should be available to take calls at 5am IST scheduled across different location which includes Singapore, US and Arizona . Responsibilities : - Interpret vulnerability scan results and hand off to IT operations/product teams for remediation (primarily infrastructure vulns from Tenable; may also include container runtime or container registry vulnerabilities) - Provide remediation assistance to remediation owners (e.g technical steps to apply patches, investigate work arounds) - Track and report on overall remediation progress - Facilitation extension requests - Excellent collaboration and organization skills - Experience with Fortune 250 vulnerability management programs (large scale enterprises) - Familiarity with JIRA ticketing, JIRA dashboard creation

Must have skills : - 3+ years of experience focusing on operational vulnerability management work, specifically for processing vulnerabilities from Tenable in that Tenable IO and Tenable SC. - Experience in vulnerability management lifecycle, less on the scanning side, the rest for more on the life cycle, prioritization, remediation, analysis, tracking, reporting and driving through. - Emphasis on the remediation assistance process, create tickets or distributing vulnerabilities - Experience with JIRA Ticketing tool and experience in handling the Vulnerability Management process for large scale enterprises. - Shift Timings general but the candidate should be available to take calls at 5am IST scheduled across different location which includes Singapore, US and Arizona . Responsibilities : - Interpret vulnerability scan results and hand off to IT operations/product teams for remediation (primarily infrastructure vulns from Tenable; may also include container runtime or container registry vulnerabilities) - Provide remediation assistance to remediation owners (e.g technical steps to apply patches, investigate work arounds) - Track and report on overall remediation progress - Facilitation extension requests - Excellent collaboration and organization skills - Experience with Fortune 250 vulnerability management programs (large scale enterprises) - Familiarity with JIRA ticketing, JIRA dashboard creation

AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation. AtAHEAD, we prioritize creating a culture of belonging,where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD. We are an equal opportunity employer,anddo not discriminatebased onan individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, maritalstatus,or any other protected characteristic under applicable law, whether actual or perceived. SOC Analysts at AHEAD monitor customer environments and perform Incident Detection, Validation, and Incident Reporting. SOC Analysts are the frontline of SOC and are customer-facing representatives. SOC Analysts are responsible for triaging events, incidents, and reporting validated incidents to the customer for incident response. Incumbents will possess strong technical and analytical skills while providing accurate analysis of security related problems. They have a well-rounded networking background and are responsible for performing troubleshooting of customer issues. This individual is user focused and works to resolve client needs in a timely manner. These needs may involve resolving hardware/software failures, investigating, and responding to security threats, and making change request to the security policy of company devices. The SOC Analystis expected to monitor security feeds streaming from client servers, network devices, and end user workstations, operate and maintain network security equipmentat client locations. The Analystis expected to be familiar with a wide range of security tools and understand basic security fundamentals. TheAnalystwill perform information security event analysis and must possess knowledge of operating systems, TCP/IP networking, network attacks, attack signatures, defense countermeasures, vulnerability management, and log analysis. Roles & Responsibilities: Monitor and analyze network traffic and alerts Investigate intrusion attempts and perform in-depth analysis of exploits Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident Conduct proactive threat research Review security events that are populated in a Security Information and Event Management (SIEM) system Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility Data mining of log sources to uncover and investigate anomalous activity, along with related items of interest Independently follow procedures to contain, analyze, and eradicate malicious activity Document all activities during an incident and provide leadership with status updates during the life cycle of the incident Incident management, response, and reporting Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client Track trends, statistics, and key figures for each assigned client Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions Reporting Incident reports Security status reports Client-facing security meetings Position : Incident handling/response experience Working knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles Understanding ofanda strong desire to learn common security technologies (IDS, Firewall, SIEM, etc.) The ability to think creatively to find elegant solutions to complex problems Excellent verbal and written communication skills The desire to work both independently and collaboratively with a larger team A willingness to be challenged along with a strong appetite for learning 8-10years of experience in Information Security, Incident Response, etc. (or related field) Hands-on experience with common security technologies (IDS, Firewall, SIEM, etc.) Knowledge of common security analysis tools & techniques Understanding of common security threats, attack vectors, vulnerabilities and exploits Knowledge of regular expressions Education: BachelorsDegree in Computer Science, Information Security or related/equivalent educational or work experience One or more of the following certificationsCISSP, GCIA, Security+, CEH, ACSE

IT Operations Group is looking for Business Systems Analyst with exposure to application/BAU support. Job Details Position Title: Lead Systems Analyst Career Level: P3 Job Category: Manager Role Type: Hybrid Job Location: Bangalore About the Team: We are part of Technology Operations vertical of the Corporate Technology business unit. We closely work with Accounting and Recon, Financial Planning and Analysis, Regulatory Reporting, Procurement, Treasury and Risk functions of Business. Impact You will be responsible for partnering with application owners within the business unit to facilitate completion of non-project work. This ensures application owners can focus on completing objectives on project-work in a timely manner. Your specific focus areas of non-project work will be in Vulnerability Management and IT/IS Standard Management Key Deliverables (Duties and Responsibilities Review and analyze weekly vulnerability reports published to application teams to be able to: Ensure timely remediation plans are created and followed. Coordinate conversations with support teams to understand individual vulnerabilities and actions to be completed for successful remediation. Partner with application teams to alleviate any blockers experienced during remediation efforts. Partner with application teams to raise and track reassignment requests, exceptions, or self-identified issues as needed. Explore, understand, visualize, and explain complex process flows pertaining to various IT/IS Standards. Drive and track our business unit s participation in compliance initiatives from start to finish. Create and present visualizations and high-level presentations for our senior leaders to consume and cascade to their reports. Recommend and drive the implementation of process improvements, whether that be writing an automation script, suggesting a more efficient tool to use for processes, or recommending elimination of redundant actions. Skills and Qualification A bachelor s degree in business or a related field or an MBA A minimum of 3-5 years of vulnerability management experience Strong spoken and written communicator Excellent documentation skills Advanced technical analysis skills Excellent planning, organization, and time management skills Exceptional analytical and conceptual thinking skills Experience working in an Agile framework Able to write and implement scripts to automate processes, preferably in: Powershell Python Batch Processing Strong experience in using the below applications: MS Office applications (i.e.: MS Excel, MS Word, MS Teams, MS Outlook, MS SharePoint) Visualization software (i.e.: Tableau and/or MS Power BI) MS Visio Accessibility Needs We are committed to providing an inclusive and accessible hiring process. If you require accommodations at any stage (e.g. application, interviews, onboarding) please let us know, and we will work with you to ensure a seamless experience.

Serve as the primary point of contact and collaborate closely with our Infosec team to identify and prioritize vulnerabilities. Work with Engineering, Infrastructure, and IT teams to address vulnerabilities, provide guidance, and ensure timely remediation. Execute and enhance vulnerability management strategy, implementation, and operationalization. Establish policies, procedures, and standards for vulnerability identification, assessment, and remediation. Facilitate focus group meetings to discuss vulnerability remediation strategies and hold weekly steering committee meetings with leadership to review remediation progress. Collaborating with support teams to compile evidence and measure service level agreement (SLA) performance using analytical tools. Creating and sharing intuitive dashboards with clients to enhance transparency and exceed SLA compliance goals. Accumulate, monitor, and report on vendor performance metrics (SLAs & KPIs) to internal stakeholders. Partner with the Security Operations Center (SOC) to examine and communicate data loss prevention (DLP) incidents involving confidential or personal data to relevant business units and senior management. Define program controls, processes, procedures, reporting cadence, decision governance structures and ways of working with key stakeholders. Monitor the execution of defined task through tracking of program milestones and their statuses, developing program plans and measuring progress against ongoing key performance indicators. Analyze, evaluate, and overcome program, risks, and produce program reports for leadership and stakeholders. Sets stakeholder and program team expectations and ensures that the deliverables are aligned with business goals. Establishes the program KPIs measurements and quality control points and align reporting to track progress against the measurements. Proactively anticipates and mitigates issues through validations. 10+ years of total experience with 3+ years in project/ program management Candidate should have familiarity with Information Security and Vulnerability concepts. Any related certification in Information Security will be

Sound cloud security knowledge, specialized in Azure. Hands on experience on cloud security tools like Wiz.io. Evaluate & assess vulnerabilities/ threats published on internets cyber space and analysis the relevance to organization. Emergency vulnerability management process. Analysis Zero days, vulnerabilities exploited in the wild to safeguard organization IT landscape. Collaborate with technology, platform, and security teams to mitigate the emerging threats. Conduct assessment on security advisories and support vulnerability advisory process. Maintain & improve existing severity risk rating mechanism and provide sustainable ways for risk mitigation. Skills Must have Ideally up to eight years of hands-on experience with vulnerability scanning tools. Certifications like CEH, OSCP etc will be additional advantage. Good knowledge of CVEs, EPSS, vulnerabilities and exploits. Proven experience in vulnerability management and in depth understanding of vulnerability management lifecycle. Potentially, experience with other security processes e.g. vulnerability scanning or configuration management Prioritisation of complex technical tasks Good at communicating and documenting technical information (MS Teams, Confluence, Gitlab) Skills to collaborate & manage technology partners and other security counterparts. Technical communication and documentation skills Nice to have N/A Other Languages English: C1 Advanced Seniority Senior Refer a Friend Positive work environments and stellar reputations attract and retain top talent. Find out why Luxoft stands apart from the rest. Recommend a friend Related jobs View all vacancies Pune, India Req. VR-114914 Cybersecurity BCM Industry 06/06/2025 Req. VR-114914 Apply for Cyber Security Systems Engineer in Pune *

Experience: 4 to 6 yrs Location: BLR Engineering Graduate - preferably B.E. /B tech in I.T or Computer Engineering. The Cloud Digital Security Ops Specialist is responsible for: Driving IM wide improvements, while ensuring that its overall strategy remains aligned with corporate security policies and IM security priorities. Ensuring conformity with respect to Organisation/customers Enterprise Security Protection Baselines (ESPB) guidelines. Job Description: Requires knowledge of compliance and a commitment to acting with integrity and will be part of the Cloud Compliance team (Cloud Security Controls & Procedures), Remediation enablement: Analyse critical (false and true positive) alerts and security findings Identify systemic issues, perform root cause analysis and launch remediation action plan Support application team in understanding security alerts, and prioritising remediation actions Provide guidance for improving overall security scoring over time Audit: Perform adhoc cyber audits on the overall public cloud infrastructure for all implemented security controls (security guardrails, security hardening, logging infrastructure, vulnerability management, obsolescence management, etc.) Awareness and communication: Raise awareness on cyber security for cloud to application owners Communicate on security capabilities Blind spot coverage thanks to the deployment of missing security capabilities: Identify, assess cyber security blind spots Run project management activities to deploy missing security capabilities Perform entry into service, and transfer L1/L2 support to concerned PSL team Ensure the maintenance and lifecycle management of the security capabilities Define the required security controls to make the usage of the cloud services compliant. Ensure a good quality of the description of the security control taking into account the company context. To be able to contribute towards agile transformation activities across the organisation Skills: Excellent English communication and problem solving skills, Ability to understand complex systems processes, programs and accustomed to dealing with all levels from operational staff to senior management inside as well as outside IM Passion for emerging technology and excited at the prospect of building upon your existing technical knowledge and learning new skills Strong analytical problem solving ability, Technical capability and maturity to assist and collaborate and conduct workshops with other teams Knowledge of cyber security best practices Cloud Security compliance or more generic Cyber Security Standards, Cloud Security Engineer Cloud Technical knowledge, AWS and/or GCP is mandatory, Knowledge of Azure would be a plus Cloud SecOps skills like vulnerability management, obsolescence management is mandatory Total Experience Expected: 04-06 years Qualification & Certifications Engineering graduate - preferably B.E. /B tech in I.T or Computer Engineering At least one Certification Preferred:- AWS Cloud Certification

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by diversity and inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health equity on a global scale. Join us to start Caring. Connecting. Growing together. Cloud Senior Information Security Engineer (Subject Matter Expert) - GL28 Position Overview The Cloud Senior Information Security Engineer (Subject Matter Expert) is responsible for architecting, building, supporting, and enhancing the organization's public cloud security strategy. This role serves as a critical partner between the Enterprise Security Risk Organization (ESRO) and the Enterprise Technology Infrastructure and Platform Services (ETIPS) to ensure robust and effective cloud security measures. Primary Responsibilities Security StrategyCollaborate with ESRO and ETIPS to develop and implement a comprehensive public cloud security strategy Security ArchitectureDesign and maintain secure cloud architectures, ensuring compliance with industry standards and best practices Risk ManagementIdentify, assess, and mitigate security risks associated with public cloud environments Incident ResponseLead incident response efforts for cloud security breaches, including investigation, containment, and remediation ComplianceEnsure compliance with relevant regulations and standards specific to public cloud environments Security MonitoringImplement and manage security monitoring tools to detect and respond to threats in real-time CollaborationPartner with ESRO and ETIPS teams to integrate security measures into cloud services and applications Policy DevelopmentDevelop and enforce security policies and procedures specific to public cloud environments Audit and AssessmentConduct regular security audits and assessments to ensure the effectiveness of security measures Vulnerability ManagementTest and identify network and system vulnerabilities, developing strategies to mitigate them DocumentationPrepare and document standard operating procedures and protocols for security operations Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so Required Qualifications Experience in conducting security audits and assessments Public Cloud Security ExperienceDemonstrated experience with public cloud security in AWS, Azure, or both Proven experience in cloud security strategy and architecture Solid knowledge of risk management and incident response Familiarity with compliance regulations and security monitoring tools Proven excellent collaboration and communication skills, with experience partnering between security and IT organizations Demonstrated ability to conduct training and develop security policies Demonstrated ability to build and maintain relationships with business leaders and stakeholders

Application Security Analyst Bangalore/ Gurgaon, India A security analyst role within the Global Technology Transversal Application Services (TAS) function, supporting the provision of a robust and consistent security scanning, remediation, and guidance service within the TAS Application Operations team The team provides a global, centralized Operations, Governance, Audit, Risk & Security service across Application Delivery What you ll be DOING What will your essential responsibilities include? Support the Application Operations (Security) team in all security related activities, forums and discussions Perform application scanning across the Application Delivery estate using tools such as SonarQube, Checkmarx, JFrog Xray, CAST Highlight, Defender and Qualys Assist in setting up Jenkins pipeline integration to CI/CD lifecycle Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA), including analysis of components in applications to detect vulnerabilities and compliance issues Work with Application Delivery teams to communicate the outcome of scanning and analysis, and agree remediation actions including target dates for completion, in alignment with Information Security Policy requirements Assist in Risk Assessments, evaluating the severity of identified vulnerabilities and prioritizing remediation efforts based on potential impact to the organization Assist in Policy development, contributing to the development and implementation of vulnerability management policies and procedures Manage the production of reporting and metrics to both internal and external stakeholders You will report to the Operations Lead What you will BRING We re looking for someone who has these abilities and skills: Required Skills and Abilities: Security First mindset Understanding of vulnerability analysis, scanning and remediation processes Understanding of CVEs, CVSS Understanding of security industry compliancy benchmarks and standards i e CIS Understanding of security best practices/standards i e OWASP, NIST Preferable experience with at least 2 coding languages i e Java, Dot Net, C++, Python etc Desired Skills and Abilities: Outstanding analytical, critical thinking and organizational skills, ability to multitask and work to deadlines Proficiency in Power BI, MS Work and MS Excel: We maintain and continually develop a number of Power BI Dashboards to support provision of critical data and use Excel to support our data capture and analysis and reporting Excellent communication, interpersonal and relationship building skills (verbal and written) Who WE are AXA XL, the P&C and specialty risk division of AXA, is known for solving complex risks For mid-sized companies, multinationals and even some inspirational individuals we don t just provide re/insurance, we reinvent it How? By combining a comprehensive and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business property, casualty, professional, financial lines and specialty With an innovative and flexible approach to risk solutions, we partner with those who move the world forward Learn more at axaxl com What we OFFER Inclusion AXA XL is committed to equal employment opportunity and will consider applicants regardless of gender, sexual orientation, age, ethnicity and origins, marital status, religion, disability, or any other protected characteristic At AXA XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success That s why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, and create an inclusive culture where everyone can bring their full selves to work and can reach their highest potential It s about helping one another and our business to move forward and succeed Five Business Resource Groups focused on gender, LGBTQ+, ethnicity and origins, disability and inclusion with 20 Chapters around the globe Robust support for Flexible Working Arrangements Enhanced family friendly leave benefits Named to the Diversity Best Practices Index Signatory to the UK Women in Finance Charter Learn more at axaxl com / about-us / inclusion-and-diversity AXA XL is an Equal Opportunity Employer Total Rewards AXA XL s Reward program is designed to take care of what matters most to you, covering the full picture of your health, wellbeing, lifestyle and financial security It provides competitive compensation and personalized, inclusive benefits that evolve as you do We re committed to rewarding your contribution for the long term, so you can be your best self today and look forward to the future with confidence Sustainability At AXA XL, Sustainability is integral to our business strategy In an ever-changing world, AXA XL protects what matters most for our clients and communities We know that sustainability is at the root of a more resilient future Our 2023-26 Sustainability strategy, called Roots of resilience , focuses on protecting natural ecosystems, addressing climate change, and embedding sustainable practices across our operations Our Pillars: Valuing nature: How we impact nature affects how nature impacts us Resilient ecosystems - the foundation of a sustainable planet and society - are essential to our future We re committed to protecting and restoring nature - from mangrove forests to the bees in our backyard - by increasing biodiversity awareness and inspiring clients and colleagues to put nature at the heart of their plans Addressing climate change: The effects of a changing climate are far reaching and significant Unpredictable weather, increasing temperatures, and rising sea levels cause both social inequalities and environmental disruption Were building a net zero strategy, developing insurance products and services, and mobilizing to advance thought leadership and investment in societal-led solutions Integrating ESG: All companies have a role to play in building a more resilient future Incorporating ESG considerations into our internal processes and practices builds resilience from the roots of our business We re training our colleagues, engaging our external partners, and evolving our sustainability governance and reporting AXA Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as AXA XL s Hearts in Action programs These include our Matching Gifts program, Volunteering Leave, and our annual volunteering day - the Global Day of Giving For more information, please see axaxl com/sustainability