21 Vulnerability Mitigation Jobs

As an Information System Security Engineer (ISSE) at SAP, your role will be crucial in maintaining the system security posture and protecting customer data from unauthorized use. Your responsibilities will include risk management to safeguard systems, identifying threats and vulnerabilities, and mitigating and remediating vulnerabilities to ensure security compliance. Key Responsibilities: - Maintain system security posture - Protect customer data from unauthorized use - Identify threats and vulnerabilities - Mitigate and remediate vulnerabilities - Ensure security compliance Qualifications Required: - Experience in information system security - Knowledge of risk management practices - Understanding of security compliance requirements SAP Sovereign Cloud Delivery India unit is dedicated to providing SAP's Sovereign Cloud Services in India. The team focuses on cloud landscape architecture design, build, maintain and operate to deliver stable, secure, and resilient cloud services compliant with local laws, regulations, and unique security requirements of India. You will collaborate closely with central Architecture team, Security Office, Engineering teams, and Regulatory and Governance teams in India to ensure the delivery of secure cloud services. At SAP, innovation drives our mission to help customers worldwide work more efficiently and effectively. With a market-leading presence in enterprise application software, database, analytics, intelligent technologies, and experience management, we are committed to a purpose-driven and future-focused approach. Our inclusive culture, focus on health and well-being, and flexible working models ensure that every individual, regardless of background, can thrive and contribute their best. We believe in unleashing all talent to create a more equitable world. SAP is an equal opportunity workplace and values diversity. We provide accessibility accommodations to applicants with disabilities and believe in empowering our employees to reach their full potential. If you are interested in joining SAP and require accommodation, please reach out to the Recruiting Operations Team at Careers@sap.com. (Note: Additional details of the company were omitted as they were not present in the provided job description),

Identify & capitalize on new opportunities, expanding the service portfolio & client base. Lead presales activities, crafting compelling proposals & securing new deals. Develop & implement effective sales strategies & GTM plans. Lead the presales process, identifying client needs & presenting customized TVM solutions. Manage key client relationships, ensuring their satisfaction & driving long-term loyalty. Manage relationships with key 3rd parties, ensuring they support practice goals & build new opportunities. Collaborate with internal teams to ensure seamless service delivery & client satisfaction. Contribute to Blogs, Whitepapers, POV. 10-15 years of experience in Application Security Presales. Desirable: Security certifications Extensive knowledge of Red Teaming, DevSecOps, VM, DAST, SAST, IST, IAST, CST, IoTST, & Social Engineering. Strong communication & interpersonal skills. Excellent strategic thinking & business acumen. Passion for client success & service excellence.

Role Overview: You will be responsible for implementing and managing security controls, conducting vulnerability assessments, responding to security incidents, managing cybersecurity risks, providing training on cybersecurity best practices, contributing to disaster recovery and business continuity plans, and ensuring compliance with cybersecurity regulations and standards. Additionally, you will be involved in reporting security status to management, managing vendor relationships, collaborating with other departments, providing technical support and advice, staying up to date on cybersecurity trends, and problem-solving. Key Responsibilities: - Implementing and maintaining security controls such as firewalls, intrusion detection systems, and data encryption. - Hands-on experience in Fortigate & Checkpoint Firewalls. - Expert knowledge of FW clustering, HA, Traffic Filtering, Network & Security policies, Network Segmentations (VLAN), IDS/IPS, NGFW Concepts. - Log Management & Forwarding over Syslog. - Identifying and addressing potential vulnerabilities in systems and networks. - Practical knowledge of VAPT tools like NESSUS Professional. - Investigating and responding to security incidents, including breaches and attacks. - Assessing and mitigating cybersecurity risks to the organization. - Providing training and education to project customers on cybersecurity best practices. - Contributing to the development and maintenance of disaster recovery and business continuity plans. - Preparing reports and communicating security status to management and stakeholders. - Managing relationships with IT service providers and vendors to ensure security standards are met. - Collaborating with other departments and teams to ensure security policies are followed. - Providing technical support and advice on security-related issues. - Documenting security processes, policies, and procedures. - Keeping abreast of the latest cybersecurity trends, threats, and technologies. - Identifying and resolving security-related issues and problems. - Ensuring the organization complies with relevant cybersecurity regulations and standards. Qualifications Required: - Hands-on experience in implementing security controls and managing security incidents. - Knowledge of Fortigate & Checkpoint Firewalls. - Expertise in FW clustering, HA, Traffic Filtering, Network & Security policies, Network Segmentations (VLAN), IDS/IPS, NGFW Concepts. - Practical experience with VAPT tools like NESSUS Professional. - Strong communication skills for reporting and collaborating with stakeholders. - Ability to provide technical support and advice on security-related matters. - Understanding of disaster recovery and business continuity planning. - Familiarity with cybersecurity regulations and standards.,

Network Security Engineer Join our team to help secure network infrastructure and protect data from cyber threats. Responsibilities: - Monitor network traffic for suspicious activity. - Assist in configuring firewalls, VPNs, and intrusion detection systems. - Conduct vulnerability assessments and penetration testing. - Document security incidents and responses. Requirements: - Bachelor's degree in Information Security, Computer Science, or related field. - Basic understanding of network protocols and security principles. - Familiarity with cybersecurity tools and practices. - Strong attention to detail and analytical thinking.

As a Tech Engineer - SD at Mphasis, you will be based in Hyderabad and expected to have 4 to 5 years of experience in Help Desk support with Mac Laptops. The role requires you to be comfortable with 24*7 rotational shifts and have an immediate notice period. A minimum graduate degree is required, with preference given to B-Tech/BE graduates. Your responsibilities will include working with Mac laptops, possessing basic networking knowledge (VPN, DNS), managing and administering within AD Users and Computers, familiarity with vSphere services, including vCenter and virtual machines, and Jamf administration for device management and packaging. You will be responsible for providing Help Desk support in person and remotely, troubleshooting workstation issues, managing tasks using Jira ticketing, and assisting with various support requests such as access management and vulnerability mitigation. Additionally, you will contribute to improving documentation within the Confluence space. If you meet the qualifications and are interested in this position, please share your updated resume with apoorva.kapale@mphasis.com.,

As a Security-focused Code Reviewer, your primary responsibility will be conducting thorough security assessments by reviewing source code utilizing the Checkmarx Platform. Your tasks will involve performing static application security testing (SAST) and software composition analysis (SCA) across various programming languages and frameworks. It will be essential for you to identify, document, and communicate vulnerabilities discovered during the code review process, ensuring comprehensive reports and analysis are provided. In terms of Customer Support for Vulnerability Mitigation, you will directly collaborate with customers" Application Security (AppSec) and Development teams to offer actionable advice on remediating vulnerabilities. Your role will also include providing hands-on guidance on secure coding practices, assisting in understanding the root cause of vulnerabilities, and applying best practices for remediation. Additionally, you will support customers in prioritizing security fixes based on severity and potential impact. You will be expected to develop and present proof-of-concept (PoC) attacks to illustrate how identified vulnerabilities can be exploited in real-world scenarios. Providing technical demonstrations to help customers understand the risk level of specific vulnerabilities and the importance of remediation will be crucial aspects of your responsibilities. Collaboration with AppSec and Dev teams for Application Architecture Analysis will also be part of your role. You will collaborate to analyze the security aspects of application architecture, provide recommendations to secure the architecture at the design stage, and conduct threat modeling to identify potential attack vectors, embedding security into the development lifecycle. Furthermore, you will play a key role in mentoring junior engineers and security analysts, conducting internal training sessions, and staying updated on the latest security vulnerabilities, exploit techniques, and industry trends to contribute to continuous improvement. Act as a trusted advisor to clients, provide security consulting services, and collaborate with internal teams to ensure that security tools and platforms remain at the cutting edge of technology. Your skills should include a Bachelor's degree in computer science or a related technical discipline, 8+ years of experience in high-level programming languages, 5+ years of experience in security-focused code review, a deep understanding of enterprise-grade systems and architectures, and a proactive approach to problem-solving. Proficiency in English and security-related certifications are highly desirable. Please note that the role involves a hybrid work model with international travel occasionally required.,

About the Role: Minimum experience of 8 years in the field of Threats and Vulnerability management in a corporate environment This is a HANDS-ON engineering position for individuals with a passion for Vulnerability Management, managing related tools and supporting business. The role is 70% focused on providing operations support and 30% focused on new projects, enhancements. Hybrid working model is available. Role & Responsibilities: Manage Qualys console using various modules. Make sure client agent coverage is managed at a good level. Support business with Qualys and/or Vulnerability Management requests Understand the current state of the technology components in the IT stack ranging from networking, storage, compute (virtualization, containers), applications & security mgmt. Collaborate with team-mates and understand the threats, vulnerabilities, and risks to the enterprise. Establish non-production and production environments for testing and hosting the applications. Own the end-to-end technical design, unit testing and the maintenance of the hosting environment. Adhere to the Scaled Agile Framework methodologies and tools that exists in the environment. Participate in daily stand-up sessions of Compliance & Security release train and contribute to bi-weekly sprints. Learn System Engineering concepts to analyse existing environment and find more efficient ways. Identify ways of doing things with full automation, AI and ML which needs knowing/learning the concepts of these technologies. If interested please do share your updated profile to archana.r@bahwancybertek.com

As an Information System Security Engineer (ISSE) at SAP, you will play a vital role in maintaining our system security posture and safeguarding our customer's data from unauthorized use. Your primary responsibility will involve risk management to ensure the protection of our systems, identification of threats and vulnerabilities, as well as the mitigation and remediation of vulnerabilities to uphold security compliance standards. In this role, you will collaborate with a dedicated team at SAP Sovereign Cloud Delivery India unit, which is responsible for providing SAP's Sovereign Cloud Services in India. Together, you will work on cloud landscape architecture design, construction, maintenance, and operation to deliver stable, secure, and resilient cloud services that are fully compliant with local laws, regulations, and the specific security, secrecy, and digital sovereignty requirements of India. Your team will closely collaborate with the central Architecture team, Security Office, Engineering teams, and Regulatory and Governance teams in India. At SAP, we are committed to fostering a culture of inclusion, prioritizing health and well-being, and offering flexible working models to ensure that everyone, regardless of their background, feels included and empowered to perform at their best. Our belief in diversity and inclusion drives us to invest in our employees, helping them unlock their full potential and contribute to creating a better and more equitable world. SAP is dedicated to being an equal opportunity workplace and an affirmative action employer, upholding the principles of Equal Employment Opportunity. We provide accessibility accommodations for applicants with physical and/or mental disabilities, ensuring a fair and inclusive recruitment process. If you require accommodation or special assistance to navigate our website or complete your application, please reach out to our Recruiting Operations Team at Careers@sap.com. As part of our team at SAP, you will have the opportunity to work with cutting-edge innovations that enable over four hundred thousand customers worldwide to collaborate more efficiently and leverage business insights more effectively. While SAP is renowned for its leadership in enterprise resource planning (ERP) software, we have evolved into a market leader in end-to-end business application software and services, spanning database management, analytics, intelligent technologies, and experience management. With a global workforce of over one hundred thousand employees and two hundred million users, we are driven by purpose and future-focused, fostering a collaborative team spirit and a commitment to personal development. In this dynamic and inclusive environment, every individual at SAP plays a crucial role in connecting global industries, people, and platforms to ensure that every challenge finds a deserving solution. Join us at SAP to bring out your best and be part of a team that values diversity, inclusion, and personal growth. Successful candidates for this role may be subject to a background verification process conducted by an external vendor. If you are a SAP employee, please note that only permanent roles are eligible for the SAP Employee Referral Program, subject to the eligibility criteria outlined in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training. Requisition ID: 431375 | Work Area: Software-Development Operations | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: #LI-Hybrid. Job Segment: Cyber Security, ERP, Cloud, Information Security, Compliance, Security, Technology, Legal,

JD:- Application Security Lead Education Criteria (Must): B.Sc (IT/CS) / B.Tech in any Engineering background, BCA, MCA & M.Sc. Information Technology, or related field. CEH, CISSP, CISA, CISM, CRISC (If any security related certification) 11-15 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Client and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application & Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management Skill-Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation.

Role: Systems Analyst I / II Skill: SCCM/Intune Experience: 2 - 5 years Shifts: 5.30pm to 2.30am Job profile: Server management for remote client infrastructure. Responsibilities displayed in the job posting : Windows server administration, Patch management, Vulnerability mitigation on servers, Antivirus, Server monitoring and On-call rotation

Please find the Key skills for AppSec Lead - 10-18 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. skill: Vulnerability Assessment,Manual Penetration Testing using OWASP checklists,Penetration Testing,OWASP Top 10,OWASP ZAP,Ethical Hacking,Static/dynamic testing of mobile applications,Vulnerability Mitigation, any Certificates like CISSP, CISA, CISM, CRISC. Educational criteria: B.Sc (IT/CS/Security) / B.Tech/BE in Computer Science,BCA/MCA/MS/MSC/M TECH,ME Those who have relevant experience and Skills, as mentioned above please revert back soon. It's a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us.

Third Party Payroll: BCT Service : BCT Consulting Pvt Ltd.https://www.bct-consulting.com/ Role & responsibilities Client : UBER Total: 2-5 Years Location : BNG/HYD -work from office Notice period : Immediate to 15 Days Rounds of Interviews : 2 Role & responsibilities About the Role: Uber's Security Response and Investigations (SRI) team is the cybersecurity incident response body at Uber. SRI responds to security incidents and mitigates security threats across the company. The SRI team is made of three teams: vSOC (virtual Security Operations Center), Investigations and Automation, and Incident Command. You will be joining the vSOC team. As a Security Analyst on the vSOC team, You will be on the front-line of defense for the Uber Security Incident Response program. You will be handling triage for all security alerts for Uber globally across all environments (cloud, prod, corp). You will build Standard Operating Procedures (SOP) and help improve the incident response program. You will serve as an incident coordinator during high and critical severity incidents. Expect to work weekend shift (Saturday / Sunday) Basic Qualifications: Good understanding of cybersecurity fundamentals. This includes but is not limited to network protocols (e.g. TCP/IP stack) and security, system security, email security, etc. 2+ years of hands-on experience in a cybersecurity role. 1+ year of hands-on experience with security monitoring and response in a SOC environment. Strong problem-solving skills. Good communication skills. Preferred Qualifications: Experience with cybersecurity forensic methodologies and software. Experience driving complex incidents or leading investigations end-to-end. Threat hunting and Automation experience(SOAR/Python). Applied knowledge of cyber intel frameworks such as ATT&CK framework and kill-chain model. Experience working crisis events for a global company. Ability to work across geographically distributed teams. Certifications in Security is a plus.

Hi , As per response to your profile which is uploaded in Job portals. We have an excellent job openings for Application Security-Techno Manager -Mumbai Location in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates.(Apply for only Immediate to 30 days joiners) Job Description: Please find the Key skills for AppSec Lead - 10-18 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. skill: Vulnerability Assessment,Manual Penetration Testing using OWASP checklists,Penetration Testing,OWASP Top 10,OWASP ZAP,Ethical Hacking,Static/dynamic testing of mobile applications,Vulnerability Mitigation, any Certificates like CISSP, CISA, CISM, CRISC. Educational criteria: B.Sc (IT/CS/Security) / B.Tech/BE in Computer Science,BCA/MCA/MS/MSC/M TECH,ME Those who have relevant experience and Skills, as mentioned above please revert back soon. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Mumbai Only Notice Period: Apply only for Immediate to 30 days NP. DOB: Degree: Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

Ability to understand the technical implications and impact of various types of vulnerabilities on servers and applications including remote code execution, elevation of privilege, information disclosure. Ability to assess the risk associated with vulnerabilities, including impact and exploitability Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 3 plus years of experience Experience in vulnerability management, security operations, or a related field with a proven track record of identifying and mitigating vulnerabilities. Practical experience with vulnerability scanning, risk assessment, and patch management processes. Proficiency with vulnerability scanning tools such as Nessus, Qualys, Rapid7 Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Hands-on experience withTenable.SC (or an equivalent VM platform) including administration of Nessus remote and agent-based scans, profile creation and maintenance Skills in prioritizing vulnerabilities based on their severity, potential impact, and the organization’s risk profile, experience with ASM solution

Vulnerability Assessment, Vulnerability Mitigation, Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cyber Security Assessment Consulting, Cybersecurity, Cyber Security Perform comprehensive penetration testing and vulnerability assessments on enterprise networks, firewalls, routers, switches other infrastructure components Identify and exploit vulnerabilities to assess the security posture of network components Provide detailed reports with risk ratings, remediation steps, and security recommendations Work with IT DevOps teams to ensure timely resolution of vulnerabilities Utilize industry-standard tools such as Nessus, Nmap, Metasploit, Burp Suite, Wireshark, Open VAS Implement and manage vulnerability scanning solutions across the organization Collaborate with IT, DevOps security teams to ensure patches and mitigations are applied effectively Conduct security assessments for cloud environments (AWS, Azure, GCP) including configuration audits Identify misconfigurations, privilege escalations security risks in cloud infrastructure Implement continuous monitoring logging solutions for cloud security visibility

Aqua, Vulnerability Assessment, Vulnerability Mitigation - Applicants should possess 7+ years of demonstrated experience in cybersecurity, network engineering, and/or infrastructure engineering 5 of the years must include hands on experience in one or many of the following areas - threat intelligence, server vulnerability management and container vulnerability management - 3 plus years experience administering cloud container vulnerability solutions like Aqua or Wix is required Candidates without this experience will not be considered - 3+ years working with container technologies and container vulnerabilities is required Candidates without this experience will not be considered - Experience with scanning solutions such as Rapid7, Qualys, or Tenable scanning is desired - Understanding of MITRE ATTCK and OWASP frameworks is desired - Understanding of malware and common attack types is desired

Penetration Testing, Manual Penetration Testing using OWASP checklists, Cloud Security Assessment, Security Configuration Review, Vulnerability Assessment, Vulnerability Mitigation, Cyber Security 4 to 6 years of experience conducting Application Security assessments Experienced in conducting Manual and Automated DAST for Web, API Thick client covering OWASP Top 10 Experienced in conducting Manual code review Experienced in Mobile VAPT (Both static and Dynamic) Knowledge of Infra VAPT or at least VA and configuration review Knowledge in Container / Docker security / Cloud Audit is a plus Certifications suck as CEH, CRTP, OSCP is preferred Good communication skills, ability to explain vulnerabilities to business users in simple terms

Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Bank and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application & Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management B.Sc (IT/CS) / B.Tech in Computer Science, Information Technology, or related field. CISSP, CISA, CISM, CRISC 10-15 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Skills Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation Education - BE/B Tech, BCA,BSC IT/Since, M Tech/ME/MS/MSC/MCA

Hiring for IT MNC Company Vulnerability assessment on ISEC servers, VA report generation, dashboard publishing with daily updates, follow-up with respective stakeholders for closure of open points and update the same to ISEC ISG team Required Candidate profile Experience: 4 +Years Location: Ghansoli/Turbhe Notice Period: 30 Days snehapawar@peshr.com/7021769496

Role Overview: We are seeking an experienced Senior Container Security & Quality Assurance Engineer. The successful candidate will establish comprehensive testing methodologies for security-hardened, minimal container images .

We are looking for Vulnerability Remediation Engineer for our inhouse project who can work hybrid Designation: Vulnerability Remediation Engineer Experience: 8 +Years Location: Gurgaon/Mumbai Mode of work / Remote Role & responsibilities Job Description: Vulnerability Remediation Engineer We are seeking a highly skilled and experienced V ulnerability Remediation Engineer to join our team. The ideal candidate will have over 8 years of experience with a strong background in vulnerability management, infrastructure management, cloud platforms, and web applications . Key Responsibilities and Requirements: Proven experience in vulnerability and infrastructure management. Strong knowledge of cloud platforms such as AWS or Azure. Analytical and problem-solving abilities to address sophisticated security challenges at scale. Strong communication and teamwork abilities. Proven track record to work effectively in cross-functional teams to implement security practices. Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tooling. Prepare detailed reports and dashboards for various audiences, from technical teams to executive leadership. Experience with risk management tools such as Wiz and Brinqa. Proficiency in patching tools. Knowledge of virtualization technologies. Expertise in server operating systems, particularly Windows. Knowledge of web applications and Windows services such as IIS, DNS, etc. Hands on working experience of Windows administration, including group policies, DHCP, DNS, AD replication, and patch management. Experience with PowerShell automation for task automation and scripting. Preferred candidate profile We are looking for Strong vulnerability Management candidates who can join immediate to 15 days