471 Vulnerability Management Jobs - Page 9

Monitoring and Incident Triage: Monitor endpoint security alerts and events generated by Crowdstrike and Trendmicro. Perform initial triage and analysis of security alerts to identify potential threats and incidents. Escalate critical incidents to Level 2 or appropriate teams for further investigation and resolution. Troubleshooting and Support: Provide first-line support for endpoint security-related inquiries and issues reported by end-users or other teams. Assist in troubleshooting endpoint security tool-related problems, including software configuration issues, policy enforcement, and detection rule tuning. Document and track support tickets/incidents in the ticketing system, ensuring timely resolution and effective communication with stakeholders. Endpoint Protection Management: Assist in the deployment, installation, and configuration of Crowdstrike and TrendMicro endpoint security solutions across the organization. Ensure endpoint security agents are properly installed, updated, and functioning correctly on all managed devices. Conduct regular health checks and maintenance tasks to ensure the integrity and effectiveness of endpoint security controls. User Education and Awareness: Collaborate with the cybersecurity awareness team to develop educational materials and resources related to endpoint security best practices. Documentation and Knowledge Sharing: Maintain up-to-date documentation of endpoint security configurations, procedures, and troubleshooting guidelines. Contribute to the knowledge base by documenting common issues, resolutions, and best practices for future reference.

Under the direction of the Security Administration Manager, the Security Administration Engineer will manage and administer security technologies and provide security management services, requirements, direction, and support. The Security Administration Engineer is responsible for the quality control within the Security infrastructure and tools. This includes building and defending scalable, secure, and robust systems; defining security requirements for operational systems and networks; helping the organization understand advanced cyber threats; and helping to create strategies to protect networks. This role will be responsible for execution of the vulnerability management program and assist the Security Administration Manager with improving processes and reducing the time remediate vulnerabilities. This leader must be current and keep current with changing technology, industry best practices, and standard security frameworks. Assign remediation tasks and assist application owners and remediation teams by providing vulnerability analysis and remediation prioritization. Maintain the vulnerability scanning infrastructure, scan schedules, and risk scoring adjustments Participates in direct support of security systems and tools, including installation, configuration, security, and maintenance. Implements upgrades, enhancements, and fixes following established change management procedures. Maintains security tool disaster recovery and DEV/Test environments. Execute and improve vulnerability management processes (vulnerability scanning, remediation, exceptions, etc.) and maintain process documentation. Participates as a technical lead in the execution of the security program roadmap across the enterprise by providing expert guidance and solutions engineering services as part of initiatives and day-to-day operations. Stays current with emerging identity technologies, solutions and best practices. Advises Security Administration Manager on related risk and security posture. Performs troubleshooting and remediation of security tool issues. Participates in scheduled and unscheduled after-hours system maintenance and support. Performs rotational on-call duty. Provides implementation assistance for onboarding new security tools and processes. Updates team training documentation, technical processes, and testing plans. Education/Certifications Preferred: CompTIA Security+ Technical/Soft skills Required: Thorough understanding of vulnerability management concepts and processes. Demonstratesstrongproblemsolving,analytical,interpersonalandownershipskills. Proficiency with cloud, hybrid cloud, and on-prem Security Administration models. Thoroughunderstandingofsecurityprotocols/methodologiesandcontrols. Preferred: Knowledge of all aspects of the software development lifecycle Knowledge of web development technologies EXPERIENCE Preferred: Microsoft Defender - Endpoint Vulnerability Management Delinea Privilege Manager 2+years of experience in an information securityrole LEADERSHIP SKILLS Required: Strong leadership skills and the ability to work effectively with business managers, Enterprise Architecture, IT engineering and IT operations staff. Ability to break down technically complex and ambiguous concepts and rationalize into simple concepts and ideas. Ability to understand and articulate business imperatives as well as the business impact of security tools, technologies and policies. Ability to mentor and provide coaching to team members.

Atlas Energy - Cybersecurity Analyst Security Analyst - Threat Management and Vulnerability Assessment Seeking a skilled Security Analyst (4-6 years) specializing in threatmanagement and vulnerability assessments. The ideal candidate will haveexperience with Defender for Cloud (migration from L1 to L2), Rapid7, andIntune, and a foundational understanding of Operational Technology (OT)systems, particularly the Dragos platform. This role involves advanced threatdetection and remediation, vulnerability assessments, patching, and hardeningtasks. Qualifications: - Experience with Defender for Cloud and Rapid7. - Proficiency in vulnerability assessments, patch management, and systemhardening. - Familiarity with Intune and Rapid7 agent deployment issues. - Basic understanding of OT systems and security, particularly the Dragosplatform. - NIST controls implementation. - Excellent communication and documentation abilities. Shift Timing - US CST hours

Dedicated lead to work with the Happiest Minds Shared SOC team and ITteam to enhance the overall Incident response processes Run any critical incident response along with SOC and IT team Review and update the use caserepository as applicable to Happiest Minds Environment Work on root causeanalysis and remediations for alerts/incidents raised by customers Review andupdate existing automation playbooks Continuous updates of detectiontechniques Periodic threat hunting Use cases to prioritize based on thefindings from the threat and vulnerability management program

Windows, Linux OS We are looking for a skilled and proactive Security Analyst to join our Server and Vulnerability Management team The ideal candidate will possess expertise in identifying, assessing, and mitigating vulnerabilities across operating and non-operating systems The role requires proficiency in BigFix and Qualys, along with experience in providing solutions for vulnerabilities A strong background in scripting and the ability to conduct impact analysis for critical non-OS vulnerabilities is essential

Implementation and Deployment: - Design and deploy IDS (ARMIS)solutions tailored to OT environments. - Develop comprehensive deploymentarchitectures, ensuring seamless integration with existing systems. - Configure and optimize network andfirewall settings to support IDS deployments. Data Network Security - IDS, Cybersecurity.

Aqua, Vulnerability Assessment, Vulnerability Mitigation - Applicants should possess 7+ years of demonstrated experience in cybersecurity, network engineering, and/or infrastructure engineering 5 of the years must include hands on experience in one or many of the following areas - threat intelligence, server vulnerability management and container vulnerability management - 3 plus years experience administering cloud container vulnerability solutions like Aqua or Wix is required Candidates without this experience will not be considered - 3+ years working with container technologies and container vulnerabilities is required Candidates without this experience will not be considered - Experience with scanning solutions such as Rapid7, Qualys, or Tenable scanning is desired - Understanding of MITRE ATTCK and OWASP frameworks is desired - Understanding of malware and common attack types is desired

This will be an Individual Contributor role to start and can evolve over time based on how this function matures. You will play a critical role in the companys tech infrastructure, processes which will be fully aligned with regulatory, security and business continuity standards. Key Responsibilities Draft, coordinate monitor IT processes policies to ensure compliance as per IT Act, regulatory bodies (e.g. RBI, SEBI, GDPR, UIDAI etc.), info security (ISM) guidelines and other applicable laws with respect to Technology, in coordination with internal external stakeholders Prepare update business-wise IT infra details required by the Compliance/Legal teams for regulatory filings and 3rd party audits Conduct vendor risk assessment audits ensure identified gaps are proactively filled Introduce new processes policies by conducting market studies surveys relevant to our business Plan, formulate, coordinate, implement monitor the cyber crisis management plan (CCMP) Incident Management and resolution Interface with external auditors and set up processes to ensure all Infosec audits go smoothly Formulate, implement, review monitor BCP Requirements 4-6 years of experience, including being SPOC for Infosec audits In-depth knowledge of technology, security, risk, and compliance best practices Strong capability in interfacing with both technology and business teams Detailed understanding of security monitoring, threat intelligence vulnerability management A self-driven attitude with a strong sense of ownership Experience with RBI and/or SEBI (preferred) audits is a big plus Assisting the team to conduct Technology Committee Assisting the Risk Officer to conduct independent assessments of the business functions Provide timely data for Risk Management Committee

Need overall AppSec skills (SAST, DAST, Penetration testing) +Mobile app testing skills (Android, ioS). We should look for a candidate who has deep and diverse hands on exp in above skills. Also, The professional is expected to perform the application security activities - Static code assessment/ manual testing including mobile application testing for android and iOS apps.

Overview Exp. - 3-6 Years Location - Hyderabad, Bangalore, Gurgaon, Mumbai Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

Lead/Manage/Perform Security Reviews which includes Cloud Security and Data Security , Threat and Vulnerability Management , Identity and access management , Technology controls, process controls, and governance, risk and compliance elements , IT General Controls. Responsibilities Should manage/ oversee/execute engagements around Cyber Risk and Maturity Assessments, Cyber Strategy, Cloud Security, Data Protection, Third Party Risk Management, Enterprise Architecture reviews. Knowledge on NIST CSF, ISO 27001, ISO 27701, ISO 27017, DPDP Act Experience in financial sector companies like banks, NBFCs and FinTechs Mandatory Skill Strategy and Governance Preferred Skill Cyber Strategy Years of Experience Required 7 10 years Education Qualification Minimum Qualification BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Certifications CISA/CISM/ISO will be added advantage Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred Required Skills Strategy Plan Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Professional Courage

We re seeking a Container Security Engineer to join our EPEO - Security Services team and lead efforts to secure our containerized environments. You will be responsible for designing, implementing, and maintaining security controls across our Docker, Kubernetes, and other container-orchestration platforms. Your expertise will help ensure our development pipelines and production workloads remain resilient against emerging threats in the cloud-native landscape. Bachelor s degree in Computer Science, Information Security, or related field (or equivalent experience). 3+ years of hands-on experience securing containerized applications in production. Deep understanding of Docker and Kubernetes security primitives (Pod Security Policies, RBAC, Network Policies, etc.). Proficiency with container-security tooling and vulnerability scanners. Familiarity with CI/CD systems (Jenkins, GitLab CI, Tekton, etc.) and Infrastructure-as-Code (Terraform, Ansible, CloudFormation). Strong Linux administration skills and knowledge of host hardening best practices. Experience with cloud platforms (AWS, Azure, GCP) and their container services (EKS, AKS, GKE). Solid scripting skills (Bash, Python, Go, etc.) to automate security checks and integrations. Preferred Skills & Certifications Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), or equivalent. Cloud security certification (CCSP, AWS Security Specialty, Azure Security Engineer). Experience with service meshes (Istio, Linkerd) and container networking security. Knowledge of container registry management and image signing (Cosign, Binary Authorization). Familiarity with Linux seccomp, AppArmor, SELinux, and other kernel-level security controls. Prior experience in threat hunting, incident response, or forensics within container environments. Develop and maintain security policies, standards, and best practices for container images, registries, and orchestration platforms (Docker, Kubernetes, OpenShift, etc.). Integrate security scanning and vulnerability management tools into CI/CD pipelines (e.g., Cycode, Mondoo, etc.,). Harden container runtimes, host operating systems, network policies, and cluster configurations against misconfigurations and attacks. Perform threat modelling and risk assessments specific to containerized workloads (e.g., privilege escalations, supply chain risks). Monitor container runtime and orchestration logs for suspicious activities; respond to and investigate security incidents. Collaborate with DevOps, Cloud, and Application teams to embed shift-left security practices and provide training on secure container development. Lead periodic penetration tests, red-team exercises, and configuration reviews of cluster environments. Evaluate and recommend emerging container-security solutions, keeping abreast of CNCF projects and industry trends. Document security architecture, runbooks, and remediation guidelines for engineering teams.

Our Purpose Title and Summary Director, Software Engineering Overview Payment Resiliency develops customer-facing products designed to prevent disruption of payments and ensure uninterrupted commerce for Mastercard cardholders and business partners. A member of the Security Solutions Organization, Payment Resiliency empowers customers with self-service tools to manage on-behalf transaction processing, transaction blocking, and reporting. As Director of Software Engineering, you will play a critical role in the coordination and development of new functionality within the product portfolio. Role Formally lead multiple engineering teams to build, enhance, and support our products Work with business owners while ideating, developing and delivering new services Continuously build a strong network across the company for collaboration on technical and business solutions Recruit and hire the right talent, always bringing in the best individuals available for the role Provide and facilitate timely feedback, coaching in the moment, and mentoring for staff at all levels Emulate and drive Mastercard Way behaviors through their behavior, recognitions, coaching, and employee engagement Provide strategic thinking and leadership related to a wide range of applications and systems, or software-development methodologies Benchmark and drive engineering productivity, quality, and technology policy compliance in the areas of ownership Proactively share and seek knowledge within Guilds/Programs to drive reuse of practices and enhance productivity All About You Substantial IT experience with successful track record in managing a development organization with demonstrated thought-leadership and cross-aisle influence Progressively grown career with proven design and development experiences in modern programming languages, secure coding standards, and vulnerability management Experience with best practices and engineering usage of AI assisted code development leveraging tooling such as Copilot and CodeWhisperer Superior knowledge of automation test development, test suite management, and quality gating to ensure quality code and releases Refined skills in building applications using open frameworks to achieve reuse and reduce development times such as Spring Boot, Steeltoe, React, and DXP Possesses ability to document and coach team on the development practices and coding guidelines such as branching, peer reviews, library use, logging, scanning rules, test-driven development, and error handling Understands and elaborates technical debt and operational issues to drive prioritization discussions with stakeholders to improve the run experience Understands system architecture to plan for platform and infrastructure capacity (database, compute, network, storage) and drives the dependency prioritization to reduce the delivery lead time Understands customer journeys and ensure good customer experience by continuously reducing mean time to mitigate for incidents and ensuring high availability with 99.95% as a starting point Can define, organize, and report on test runs for major, minor, and hotfix releases including unit, component level, system level, customer journeys, past customer issues, and regulatory controls

Information Security Engineer Vulnerability Management Analyst What you will do In this vital role is focused on identifying, assessing, prioritizing, and tracking the remediation of vulnerabilities across the organizations technology stack. The Vulnerability Management Analyst plays a key role in the security operations team by ensuring known vulnerabilities are managed through their lifecycle using structured processes and tools. The individual will analyze vulnerability scan data, correlate threat intelligence (e.g., KEV, EPSS), and work closely with infrastructure, application, and business teams to drive risk-based remediation. Roles & Responsibilities: Analyze vulnerability scan results from tools like Tenable, Qualys, or Rapid7 to identify security weaknesses across infrastructure and applications. Prioritize vulnerabilities using multiple criteria, including CVSS, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), asset criticality, and business context. Partner with IT and DevOps teams to track remediation progress and provide technical guidance on mitigation strategies. Monitor threat intelligence feeds to correlate vulnerabilities with current exploit activity. Create and maintain vulnerability metrics, dashboards, and reports for leadership and compliance teams. Support vulnerability assessment activities in cloud environments (AWS, Azure, etc.). Maintain documentation related to the vulnerability management lifecycle. Assist in policy and process development related to vulnerability and patch management. Participate in audits and compliance efforts (e.g., SOX, ISO, NIST, PCI). What we expect of you We are all different, yet we all use our unique contributions to serve patients. Masters degree and 1 to 3 years of experience in Cybersecurity, vulnerability management or information security operations OR Bachelors degree and 3 to 5 years of experience in Cybersecurity, vulnerability management or information security operations OR Diploma and 7 to 9 years of experience in Cybersecurity, vulnerability management or information security operations Must-Have Skills: Familiarity with vulnerability management tools (e.g., Tenable, Qualys, Rapid7). Understanding of CVSS scoring, vulnerability lifecycle, and remediation workflows. Basic knowledge of threat intelligence and how it applies to vulnerability prioritization. Working knowledge of network, operating system, and application-level security. Ability to analyze scan data and correlate it with business context and threat intelligence. Preferred Qualifications: Good-to-Have Skills: Experience with KEV, EPSS, and other threat-based scoring systems. Familiarity with patch management processes and tools. Exposure to cloud security and related scanning tools (e.g., Prisma Cloud, AWS Inspector). CompTIA Security+ GIAC GSEC / GCIH Qualys Vulnerability Management Specialist (QVMS) Tenable Certified Nessus Auditor (TCNA) Soft Skills: Analytical Thinking Ability to interpret complex data sets and assess risk effectively Attention to Detail Precision in identifying and tracking vulnerabilities and remediation status Communication Skills Ability to communicate technical findings to both technical and non-technical audiences Collaboration & Teamwork Able to work across IT, DevOps, and security teams to drive resolution Curiosity & Continuous Learning Willingness to know the latest with evolving threats and technologies Problem-Solving Approach Capability to identify solutions to security weaknesses in diverse environments

We re seeking a Container Security Engineer to join our EPEO - Security Services team and lead efforts to secure our containerized environments. You will be responsible for designing, implementing, and maintaining security controls across our Docker, Kubernetes, and other container-orchestration platforms. Your expertise will help ensure our development pipelines and production workloads remain resilient against emerging threats in the cloud-native landscape. Bachelor s degree in Computer Science, Information Security, or related field (or equivalent experience). 3+ years of hands-on experience securing containerized applications in production. Deep understanding of Docker and Kubernetes security primitives (Pod Security Policies, RBAC, Network Policies, etc. ). Proficiency with container-security tooling and vulnerability scanners. Familiarity with CI/CD systems (Jenkins, GitLab CI, Tekton, etc. ) and Infrastructure-as-Code (Terraform, Ansible, CloudFormation). Strong Linux administration skills and knowledge of host hardening best practices. Experience with cloud platforms (AWS, Azure, GCP) and their container services (EKS, AKS, GKE). Solid scripting skills (Bash, Python, Go, etc. ) to automate security checks and integrations. Preferred Skills Certifications Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), or equivalent. Cloud security certification (CCSP, AWS Security Specialty, Azure Security Engineer). Experience with service meshes (Istio, Linkerd) and container networking security. Knowledge of container registry management and image signing (Cosign, Binary Authorization). Familiarity with Linux seccomp, AppArmor, SELinux, and other kernel-level security controls. Prior experience in threat hunting, incident response, or forensics within container environments. Develop and maintain security policies, standards, and best practices for container images, registries, and orchestration platforms (Docker, Kubernetes, OpenShift, etc. ). Integrate security scanning and vulnerability management tools into CI/CD pipelines (e. g. , Cycode, Mondoo, etc. , ). Harden container runtimes, host operating systems, network policies, and cluster configurations against misconfigurations and attacks. Perform threat modelling and risk assessments specific to containerized workloads (e. g. , privilege escalations, supply chain risks). Monitor container runtime and orchestration logs for suspicious activities; respond to and investigate security incidents. Collaborate with DevOps, Cloud, and Application teams to embed shift-left security practices and provide training on secure container development. Lead periodic penetration tests, red-team exercises, and configuration reviews of cluster environments. Evaluate and recommend emerging container-security solutions, keeping abreast of CNCF projects and industry trends. Document security architecture, runbooks, and remediation guidelines for engineering teams.

Job Title: Information Security Analyst (InfoSec Analyst) Location: Remote Job Type: Fulltime YoE: 12+ years relevant experience Shift: 2 to 11 pm IST Description: The Information Security Analyst is responsible for the defining, planning, and monitoring of security measures for the protection of computer networks and information. This individual will also be responsible for monitoring and analyzing network security hardware and software and assist in the development and enforcement of network security policies. This position will work within the legal department and report to the Director, Head of the Security, Compliance, & Risk (SCR) department. Duties and Responsibilities: The following duties are normal for this job. These are not to be construed as exclusive or all-inclusive. Other duties may be required and assigned. Defines, maintains, and reports on overall computer network security strategies (Best Practices/Common Practices) with all information assets connected to the Vaco network. Must have the ability to communicate security policies and strategies to people of varying technical ability both verbally and in written format. Monitors operation of, and provides reports on, perimeter security systems such as firewalls, routers, proxy servers, intrusion detection and protection systems. Monitors operation of, and provides reports on, end point security systems such as anti-virus, patch management and vulnerability assessment tools. Monitors operation of, and provides reports on, security information and event management (SIEM) systems. Must have the ability to examine a variety of data sources to correlate events and determine courses of action. Participates in the incident response process when network anomalies are discovered and drives the incident process to completion. Manages relationships and coordinates operational activities between Vaco and external security services providers (e.g., Managed Security Services Providers, Penetration Testers, Solution providers, etc.). Coordinates vulnerability remediation activities and works with the IT operations section to mature the patch management lifecycle based on vulnerability management Service Level Agreements (SLAs) defined by the SCR function. Creates and publishes daily/weekly/monthly/quarterly/annual incident management reports as requested/required. Desired Competencies and Skills: Knowledge of SIEM systems Knowledge of Intrusion Detection Systems/Intrusion Protection Systems Knowledge of networking and firewall appliances Knowledge of Information Security standards (International Organization for Standardization 27000 series, National Institute of Standards and Technology, HITRUST) Knowledge of a variety of vulnerability management solutions Strong verbal and written communication skills. Project management and organizational skills Educational Requirements: Bachelor’s degree in Computer Science, Information Technology, Information Security or Electrical Engineering preferred, with at least two (2) years of experience of Information Security experience. One of the following certifications is required: Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM); GIAC certifications and/or Certified Ethical Hacker (CEH); CompTIA Security+. Any equivalent combination of education, training, and experience which provides the requisite knowledge, skills, and abilities for this job may be considered. Travel Requirements: 10% -Occasional travel to onsite offices or vendor conferences may occur

Job ID: 197283 Required Travel :Minimal Managerial - Yes Location: :India- Pune (Amdocs Site) Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our approximately 30,000 employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $4.89 billion in fiscal 2023. In one sentence The Information Security Lead develops, maintains, and publishes required information security standards, procedures, and guidelines per domain of responsibility. Responsible for conceiving and executing forward-looking security systems or processes design, implements programs for user awareness, compliance monitoring, security controls design and implementation. What will your job look like You will maintain the organization's information security effectiveness and efficiency by defining and leading the implementation of security approaches, standards and procedures supporting strategic plans and directions You will lead teams to resolve Information Security challenges. Provide the information security requirements for cross-organization projects and accompany the implementation of the requirements. Utilize deep information security understanding to support internal and external business-related activities, formulate IS solutions based on technical and business requirements. Maintain a detailed knowledge of IS solutions and present them to our customers. You will lead unit level initiatives and ensure competency to meet the needs of the team/ Amdocs /Customers. You will design solutions and formulate response to RFx, create POC/demos, and present IS solutions to customers/corporate stakeholders. Utilize deep technical knowledge of IS products and services to align appropriate solutions based on client need. You will lead and manage Information Security Projects, including (as required) budget and resources, customer relationships, timelines, deliverables, quality and overall management. You will recommend information technology strategies, policies, and procedures by evaluating the organization's outcomes, identifying problems, evaluating trends, and anticipating requirements. You will keep updated with emerging security threats and alerts; conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts; collaborate with other cyber threat researchers. You will be accountable for meeting quality objectives, adherence to best practices, quality processes, and methodologies; lead continuous improvement via Root Cause Analysis, Lessons Learned, and Prevention processes; Track quality KPIs and continuously improve quality and measurements. You will promote clarity and alignment with ongoing, effective communication to the project team regarding the unit s goals and status, project matters, companywide changes, special initiative status, etc.; Strive for strong and healthy working relationships within the team. You will provide technical guidance and training to information owners, other security managers, and IT associates. Information Security Manager functions include: You will lead, manage and mentor teams in specific domains such as risk assessment, cyber technologies, corporate security, PMI, SOC, Penetration testing, security operations, etc. You will attract, develop and retain talent to build and maintain strong, effective and competent teams, and ensure the enhancement of their knowledge. Coach and empower the team and foster an environment that encourages teamwork based on motivation and inspiration. Responsible for HR processes such as recruitment, onboarding, definition of clear goals and objectives, ongoing performance management and feedback, career development, and growth of the team and its members. Manage day to day employee relations. 12. Information Security Expert functions include: You will be the technical expert and leader of certain domains such as IT, Application and GRC. All you need is... 1. 6-7 years of experience in the information security management ecosystem 2. Familiarity with industry standards and frameworks, such as NIST, CIS, ISO 27001, and GDPR. 3. Strong understanding of security best practices, including, vulnerability management, system hardening, patch management, and secure coding. 4. Proven experience working with security tools such as CrowdStrike, InsightVM, Tripwire, WIZ etc. 5. Experience with cloud security platforms (AWS, Azure) and native security services 6. Knowledge of network security principles & solutions, including IAM, firewalls, IDS/IPS, and secure network design. 7. Good team player - an advantage 8. Ability to scale up - for cross-domain security tools Why you will love this job: You will have the influence on many of the security teams in Amdocs and therefor the whole company You will bring the innovation into security teams in Amdocs You will have the independence to design the role as you think and like Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

Skills: Cyber Threat,Threat Detection, Incident Response, Vulnerability Management, Infrastructure Security, Risk-based security, Network Security, Cloud Security

What you will do In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organizations IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e.g., KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organizations security posture through structured vulnerability management processes. Roles & Responsibilities: Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7. Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality. Collaborate with IT and security teams to track remediation status and escalate high-risk findings. Monitor public threat intelligence sources to understand the context of vulnerabilities. Contribute to the development of dashboards and reports for tracking vulnerabilities and trends. Assist in documenting vulnerability management processes and remediation workflows. Support compliance and audit requests by providing vulnerability data as needed. Learn and follow policies related to patch management and secure configurations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelors degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools Must-Have Skills: Basic familiarity with vulnerability management platforms (e.g., Tenable, Qualys, or Rapid7) Understanding of basic CVSS scoring and vulnerability classification Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment Foundational knowledge of networking and common IT systems Willingness to learn and grow in the field of vulnerability management Preferred Qualifications: Good-to-Have Skills: Exposure to KEV, EPSS, or similar threat-based scoring frameworks Basic experience with scripting languages (e.g., Python, PowerShell) Awareness of cloud security tools (e.g., AWS Inspector, Azure Defender) Familiarity with compliance standards such as NIST, ISO, or PCI-DSS CompTIA Security+ (preferred) Tenable Certified Nessus Auditor (Preferred) Qualys Vulnerability Management Specialist (Preferred) Soft Skills: Analytical Thinking Comfortable working with data and identifying patterns Attention to Detail Careful review and tracking of vulnerabilities Communication Skills Able to clearly document and explain findings Collaboration & Teamwork Works well with cross-functional teams Curiosity & Continuous Learning Strong interest in cybersecurity and professional growth Problem-Solving Mindset Seeks practical solutions to real-world security issues

Total Yrs. of Experience 8 10 Years Relevant Yrs. of experience 8+ years of experience Detailed JD (Roles and Responsibilities) JAMF Administrator Support including Server Management and Upgrades., Very good at handling clients, has the experience of working in large engagements, very good in ITIL processes of service management. Deep understanding of MacOS Ventura, Excellent analytical and troubleshooting skills Creation, Support, Implementation, and distribution of Mac OSX Image. Knowledge in Packaging for Mac using BASH Script, Shell Script Pearl Script & JAMF Admin Tools. Hardware & Platform Independent Images using Mac Technology. JAMF Policy & Configuration Profile Creation, Support & Implementation for Mac Imaging. JAMF PPPC Utility ( Privacy Preferences Policy Control (PPPC). Replication of Distribution Points/SMB Shares. Running Reports using Custom Queries, Should have advanced understanding of Policy Management and Policy creation. Developed Custom Mac policies as per the clients requirement. Recommend driver management best practices. ITSM process and tools knowledge (service now) Incident Management, Tracking & Solution for any issues related to the Engineered Solution. Designing & Implementing Enterprise Solutions for Enterprise Customers with Server Support. Provide recommendations for automation and modern endpoint management approaches. Mac OSX vulnerability management (Patch Management) Automatic DEP Enrolment Profile via Script. New / Upgrade / Update OS - Beta / Developer OS Testing. Application Deployment / Application Patches & Met Compliance. Comfortable working in rotation US shifts JAMF 100/200 certified Mandatory skills JAMF, MAC OS

Key Responsibilities: SCCM Administration & Maintenance: Manage and maintain SCCM/MECM infrastructure, including servers, management point, distribution points, and clients. Perform health checks and routine maintenance of SCCM components. Monitor SCCM logs and troubleshoot issues related to deployments, updates, and configurations. Software & Patch Management: Deploy Windows updates, security patches, and third-party application patches using SCCM. Create and manage deployment packages for applications, drivers, and OS images. Ensure compliance with patching policies and update schedules. OS Deployment & Imaging: Configure and manage Windows OS deployment (OSD) using SCCM Task Sequences. Troubleshoot PXE boot, driver injection, and imaging related issues. Client Health & Troubleshooting: Ensure SCCM client health and remediate issues affecting deployments. Troubleshoot application installation failures, patching issues, and SCCM agent problems. Reporting & Compliance: Generate SCCM reports for software deployments, patch compliance, and inventory. Work with security teams to ensure endpoint compliance and vulnerability management. Technical Skills: Strong experience with SCCM/MECM (Current Branch ,2012, or later versions) administration. Handson experience with Software Deployment, Patch Management, and OSD. Good understanding of Windows Server (2016/2019/2022) and Active Directory. Familiarity with Intune, Azure AD, and Modern Endpoint Management. Shifts: 24*7 rotational shifts Qualifications Bachelor s degree in Computer Science, Information Technology, or a related field.

Management Level Senior Manager & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC At PwC , you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC , we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. JOB DESCRIPTION Purpose of the Job /Role Lead/Manage/Perform Security Reviews which includes Cloud Security and Data Security , Threat and Vulnerability Management , Identity and access management , Technology controls, process controls, and governance, risk and compliance elements , IT General Controls. Roles and Responsibilities Should manage/ oversee/execute engagements around Cyber Risk and Maturity Assessments, Cyber Strategy, Cloud Security, Data Protection, Third Party Risk Management, Enterprise Architecture reviews. Knowledge on NIST CSF, ISO 27001, ISO 27701, ISO 27017, DPDP Act Experience in financial sector companies like banks, NBFCs and FinTechs Certifications CISA/CISM/ISO will be added advantage Mandatory Skill Sets Strategy and Governance Preferred Skill Sets Cyber Strategy Years of experience required 10 years Education Qualification Minimum Qualification BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred Required Skills Cyber Risks Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance {+ 16 more} Travel Requirements Government Clearance Required?

Role Responsibilities: A day in the life of an Infoscion • As part of the Infosys consulting team, your primary role would be to actively aid the consulting team in different phases of the project including problem definition, effort estimation, diagnosis, solution generation and design and deployment • You will explore the alternatives to the recommended solutions based on research that includes literature surveys, information available in public domains, vendor evaluation information, etc. and build POCs • You will create requirement specifications from the business needs, define the to-be-processes and detailed functional designs based on requirements. • You will support configuring solution requirements on the products; understand if any issues, diagnose the root-cause of such issues, seek clarifications, and then identify and shortlist solution alternatives • You will also contribute to unit-level and organizational initiatives with an objective of providing high quality value adding solutions to customers. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Work Experience: 2 - 9 years of experience Educational Requirements: Master of Computer Science,MCA,Bachelor Of Computer Science,Bachelor of Engineering,BCA,BTech Additional Responsibilities: Ability to work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data • Awareness of latest technologies and trends • Logical thinking and problem solving skills along with an ability to collaborate • Ability to assess the current processes, identify improvement areas and suggest the technology solutions • One or two industry domain knowledge Technical and Professional Requirements: Technical Requirements: • Primary skills:Domain->Network->Network Security Firewall & Policies,IDAM,IDAM->Cyberark,IDAM->Forgerock,IDAM->Microsoft Identity manager,IDAM->Okta,IDAM->Oracle Access Manager(OAM),IDAM->Oracle Identity Manager(OIM),IDAM->Ping/Federate,IDAM->Sailpoint,IDAM->Saviyant,Technology->Application Security->Application Security - ALL,Technology->Enterprise Mobility Solution->MS Azure AD, MS Azure RMS, MS Intune,Technology->Finacle-Core-Payments->Faster Payment Service->Advance,Technology->Infrastructure Security->Security Incident and Event Management (SIEM),Technology->Network->CISCO technologies,Technology->Network-Firewall_and_Media->Palo Alto Preferred Skills: IDAM,IDAM->Oracle Identity Manager(OIM),IDAM->Oracle Access Manager(OAM),IDAM->Sailpoint,IDAM->Cyberark,IDAM->Ping/Federate,IDAM->Forgerock,IDAM->Microsoft Identity manager,IDAM->Okta,IDAM->Saviyant,Domain->Network->Network Security Firewall & Policies,Technology->Application Security->Application Security - ALL,Technology->Infrastructure Security->Security Incident and Event Management (SIEM)->Splunk,Technology->Network->CISCO technologies,Technology->Enterprise Mobility Solution->MS Azure AD, MS Azure RMS, MS Intune,Technology->Network-Firewall_and_Media->Palo Alto,Technology->Cloud Security->AWS - GRC & responsibilities Preferred candidate profile for HUBLI

Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Primary Skills Expertise in conducting and managing Security baseline scans, including familiarity with tools like Rapid7Nessus/Qualys etc. Strong knowledge of SBC processes and standards such as CIS benchmarks. Experience in reviewing and interpreting SBC results and providing actionable recommendations for Windows or Unix/Linux environments. In-depth knowledge of security configurations, hardening techniques for Windows or Unix/Linux environments. Ability to understand and assess group policies, permissions, patches, and security settings for windows or Unix/Linux platforms. Proficiency in performing risk assessments and understanding the criticality of identified vulnerabilities. Ability to work and collaborate with technical teams to prioritize remediation based on business risk, asset criticality, and exposure to ensure vulnerabilities/SBC controls are remediated promptly and in line with organizational security policies. Strong ability to present scan findings and SBC review results clearly to technical and non-technical stakeholders. Secondary Skills Familiarity with key industry compliance frameworks (e.g., ISO 27001, PCI DSS, HIPAA) and how security baselines relate to compliance requirements. Experience in reviewing and coordinating patch management processes, ensuring that patches are applied in a timely manner while minimizing business disruption. Understanding of the relationship between vulnerabilities and potential incidents, with knowledge of how to collaborate with incident response teams to mitigate threats. Familiarity with network security concepts (e.g., firewalls, IDS/IPS, network segmentation) and how these relate to system vulnerabilities. Understanding of cloud and hybrid environments, and how baseline compliance scans are performed in cloud infrastructures like AWS, Azure etc. Familiarity with ticketing systems (e.g., Jira, ServiceNow) to streamline remediation workflows.