15 Vulnerability Mitigation Jobs

As a Security-focused Code Reviewer, your primary responsibility will be conducting thorough security assessments by reviewing source code utilizing the Checkmarx Platform. Your tasks will involve performing static application security testing (SAST) and software composition analysis (SCA) across various programming languages and frameworks. It will be essential for you to identify, document, and communicate vulnerabilities discovered during the code review process, ensuring comprehensive reports and analysis are provided. In terms of Customer Support for Vulnerability Mitigation, you will directly collaborate with customers" Application Security (AppSec) and Development teams to offer actionable advice on remediating vulnerabilities. Your role will also include providing hands-on guidance on secure coding practices, assisting in understanding the root cause of vulnerabilities, and applying best practices for remediation. Additionally, you will support customers in prioritizing security fixes based on severity and potential impact. You will be expected to develop and present proof-of-concept (PoC) attacks to illustrate how identified vulnerabilities can be exploited in real-world scenarios. Providing technical demonstrations to help customers understand the risk level of specific vulnerabilities and the importance of remediation will be crucial aspects of your responsibilities. Collaboration with AppSec and Dev teams for Application Architecture Analysis will also be part of your role. You will collaborate to analyze the security aspects of application architecture, provide recommendations to secure the architecture at the design stage, and conduct threat modeling to identify potential attack vectors, embedding security into the development lifecycle. Furthermore, you will play a key role in mentoring junior engineers and security analysts, conducting internal training sessions, and staying updated on the latest security vulnerabilities, exploit techniques, and industry trends to contribute to continuous improvement. Act as a trusted advisor to clients, provide security consulting services, and collaborate with internal teams to ensure that security tools and platforms remain at the cutting edge of technology. Your skills should include a Bachelor's degree in computer science or a related technical discipline, 8+ years of experience in high-level programming languages, 5+ years of experience in security-focused code review, a deep understanding of enterprise-grade systems and architectures, and a proactive approach to problem-solving. Proficiency in English and security-related certifications are highly desirable. Please note that the role involves a hybrid work model with international travel occasionally required.,

About the Role: Minimum experience of 8 years in the field of Threats and Vulnerability management in a corporate environment This is a HANDS-ON engineering position for individuals with a passion for Vulnerability Management, managing related tools and supporting business. The role is 70% focused on providing operations support and 30% focused on new projects, enhancements. Hybrid working model is available. Role & Responsibilities: Manage Qualys console using various modules. Make sure client agent coverage is managed at a good level. Support business with Qualys and/or Vulnerability Management requests Understand the current state of the technology components in the IT stack ranging from networking, storage, compute (virtualization, containers), applications & security mgmt. Collaborate with team-mates and understand the threats, vulnerabilities, and risks to the enterprise. Establish non-production and production environments for testing and hosting the applications. Own the end-to-end technical design, unit testing and the maintenance of the hosting environment. Adhere to the Scaled Agile Framework methodologies and tools that exists in the environment. Participate in daily stand-up sessions of Compliance & Security release train and contribute to bi-weekly sprints. Learn System Engineering concepts to analyse existing environment and find more efficient ways. Identify ways of doing things with full automation, AI and ML which needs knowing/learning the concepts of these technologies. If interested please do share your updated profile to archana.r@bahwancybertek.com

As an Information System Security Engineer (ISSE) at SAP, you will play a vital role in maintaining our system security posture and safeguarding our customer's data from unauthorized use. Your primary responsibility will involve risk management to ensure the protection of our systems, identification of threats and vulnerabilities, as well as the mitigation and remediation of vulnerabilities to uphold security compliance standards. In this role, you will collaborate with a dedicated team at SAP Sovereign Cloud Delivery India unit, which is responsible for providing SAP's Sovereign Cloud Services in India. Together, you will work on cloud landscape architecture design, construction, maintenance, and operation to deliver stable, secure, and resilient cloud services that are fully compliant with local laws, regulations, and the specific security, secrecy, and digital sovereignty requirements of India. Your team will closely collaborate with the central Architecture team, Security Office, Engineering teams, and Regulatory and Governance teams in India. At SAP, we are committed to fostering a culture of inclusion, prioritizing health and well-being, and offering flexible working models to ensure that everyone, regardless of their background, feels included and empowered to perform at their best. Our belief in diversity and inclusion drives us to invest in our employees, helping them unlock their full potential and contribute to creating a better and more equitable world. SAP is dedicated to being an equal opportunity workplace and an affirmative action employer, upholding the principles of Equal Employment Opportunity. We provide accessibility accommodations for applicants with physical and/or mental disabilities, ensuring a fair and inclusive recruitment process. If you require accommodation or special assistance to navigate our website or complete your application, please reach out to our Recruiting Operations Team at Careers@sap.com. As part of our team at SAP, you will have the opportunity to work with cutting-edge innovations that enable over four hundred thousand customers worldwide to collaborate more efficiently and leverage business insights more effectively. While SAP is renowned for its leadership in enterprise resource planning (ERP) software, we have evolved into a market leader in end-to-end business application software and services, spanning database management, analytics, intelligent technologies, and experience management. With a global workforce of over one hundred thousand employees and two hundred million users, we are driven by purpose and future-focused, fostering a collaborative team spirit and a commitment to personal development. In this dynamic and inclusive environment, every individual at SAP plays a crucial role in connecting global industries, people, and platforms to ensure that every challenge finds a deserving solution. Join us at SAP to bring out your best and be part of a team that values diversity, inclusion, and personal growth. Successful candidates for this role may be subject to a background verification process conducted by an external vendor. If you are a SAP employee, please note that only permanent roles are eligible for the SAP Employee Referral Program, subject to the eligibility criteria outlined in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training. Requisition ID: 431375 | Work Area: Software-Development Operations | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: #LI-Hybrid. Job Segment: Cyber Security, ERP, Cloud, Information Security, Compliance, Security, Technology, Legal,

JD:- Application Security Lead Education Criteria (Must): B.Sc (IT/CS) / B.Tech in any Engineering background, BCA, MCA & M.Sc. Information Technology, or related field. CEH, CISSP, CISA, CISM, CRISC (If any security related certification) 11-15 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Client and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application & Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management Skill-Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation.

Role: Systems Analyst I / II Skill: SCCM/Intune Experience: 2 - 5 years Shifts: 5.30pm to 2.30am Job profile: Server management for remote client infrastructure. Responsibilities displayed in the job posting : Windows server administration, Patch management, Vulnerability mitigation on servers, Antivirus, Server monitoring and On-call rotation

Please find the Key skills for AppSec Lead - 10-18 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. skill: Vulnerability Assessment,Manual Penetration Testing using OWASP checklists,Penetration Testing,OWASP Top 10,OWASP ZAP,Ethical Hacking,Static/dynamic testing of mobile applications,Vulnerability Mitigation, any Certificates like CISSP, CISA, CISM, CRISC. Educational criteria: B.Sc (IT/CS/Security) / B.Tech/BE in Computer Science,BCA/MCA/MS/MSC/M TECH,ME Those who have relevant experience and Skills, as mentioned above please revert back soon. It's a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us.

Third Party Payroll: BCT Service : BCT Consulting Pvt Ltd.https://www.bct-consulting.com/ Role & responsibilities Client : UBER Total: 2-5 Years Location : BNG/HYD -work from office Notice period : Immediate to 15 Days Rounds of Interviews : 2 Role & responsibilities About the Role: Uber's Security Response and Investigations (SRI) team is the cybersecurity incident response body at Uber. SRI responds to security incidents and mitigates security threats across the company. The SRI team is made of three teams: vSOC (virtual Security Operations Center), Investigations and Automation, and Incident Command. You will be joining the vSOC team. As a Security Analyst on the vSOC team, You will be on the front-line of defense for the Uber Security Incident Response program. You will be handling triage for all security alerts for Uber globally across all environments (cloud, prod, corp). You will build Standard Operating Procedures (SOP) and help improve the incident response program. You will serve as an incident coordinator during high and critical severity incidents. Expect to work weekend shift (Saturday / Sunday) Basic Qualifications: Good understanding of cybersecurity fundamentals. This includes but is not limited to network protocols (e.g. TCP/IP stack) and security, system security, email security, etc. 2+ years of hands-on experience in a cybersecurity role. 1+ year of hands-on experience with security monitoring and response in a SOC environment. Strong problem-solving skills. Good communication skills. Preferred Qualifications: Experience with cybersecurity forensic methodologies and software. Experience driving complex incidents or leading investigations end-to-end. Threat hunting and Automation experience(SOAR/Python). Applied knowledge of cyber intel frameworks such as ATT&CK framework and kill-chain model. Experience working crisis events for a global company. Ability to work across geographically distributed teams. Certifications in Security is a plus.

Hi , As per response to your profile which is uploaded in Job portals. We have an excellent job openings for Application Security-Techno Manager -Mumbai Location in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates.(Apply for only Immediate to 30 days joiners) Job Description: Please find the Key skills for AppSec Lead - 10-18 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. skill: Vulnerability Assessment,Manual Penetration Testing using OWASP checklists,Penetration Testing,OWASP Top 10,OWASP ZAP,Ethical Hacking,Static/dynamic testing of mobile applications,Vulnerability Mitigation, any Certificates like CISSP, CISA, CISM, CRISC. Educational criteria: B.Sc (IT/CS/Security) / B.Tech/BE in Computer Science,BCA/MCA/MS/MSC/M TECH,ME Those who have relevant experience and Skills, as mentioned above please revert back soon. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Mumbai Only Notice Period: Apply only for Immediate to 30 days NP. DOB: Degree: Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

Ability to understand the technical implications and impact of various types of vulnerabilities on servers and applications including remote code execution, elevation of privilege, information disclosure. Ability to assess the risk associated with vulnerabilities, including impact and exploitability Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 3 plus years of experience Experience in vulnerability management, security operations, or a related field with a proven track record of identifying and mitigating vulnerabilities. Practical experience with vulnerability scanning, risk assessment, and patch management processes. Proficiency with vulnerability scanning tools such as Nessus, Qualys, Rapid7 Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Hands-on experience withTenable.SC (or an equivalent VM platform) including administration of Nessus remote and agent-based scans, profile creation and maintenance Skills in prioritizing vulnerabilities based on their severity, potential impact, and the organization’s risk profile, experience with ASM solution

Vulnerability Assessment, Vulnerability Mitigation, Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cyber Security Assessment Consulting, Cybersecurity, Cyber Security Perform comprehensive penetration testing and vulnerability assessments on enterprise networks, firewalls, routers, switches other infrastructure components Identify and exploit vulnerabilities to assess the security posture of network components Provide detailed reports with risk ratings, remediation steps, and security recommendations Work with IT DevOps teams to ensure timely resolution of vulnerabilities Utilize industry-standard tools such as Nessus, Nmap, Metasploit, Burp Suite, Wireshark, Open VAS Implement and manage vulnerability scanning solutions across the organization Collaborate with IT, DevOps security teams to ensure patches and mitigations are applied effectively Conduct security assessments for cloud environments (AWS, Azure, GCP) including configuration audits Identify misconfigurations, privilege escalations security risks in cloud infrastructure Implement continuous monitoring logging solutions for cloud security visibility

Aqua, Vulnerability Assessment, Vulnerability Mitigation - Applicants should possess 7+ years of demonstrated experience in cybersecurity, network engineering, and/or infrastructure engineering 5 of the years must include hands on experience in one or many of the following areas - threat intelligence, server vulnerability management and container vulnerability management - 3 plus years experience administering cloud container vulnerability solutions like Aqua or Wix is required Candidates without this experience will not be considered - 3+ years working with container technologies and container vulnerabilities is required Candidates without this experience will not be considered - Experience with scanning solutions such as Rapid7, Qualys, or Tenable scanning is desired - Understanding of MITRE ATTCK and OWASP frameworks is desired - Understanding of malware and common attack types is desired

Penetration Testing, Manual Penetration Testing using OWASP checklists, Cloud Security Assessment, Security Configuration Review, Vulnerability Assessment, Vulnerability Mitigation, Cyber Security 4 to 6 years of experience conducting Application Security assessments Experienced in conducting Manual and Automated DAST for Web, API Thick client covering OWASP Top 10 Experienced in conducting Manual code review Experienced in Mobile VAPT (Both static and Dynamic) Knowledge of Infra VAPT or at least VA and configuration review Knowledge in Container / Docker security / Cloud Audit is a plus Certifications suck as CEH, CRTP, OSCP is preferred Good communication skills, ability to explain vulnerabilities to business users in simple terms

Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Bank and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application & Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management B.Sc (IT/CS) / B.Tech in Computer Science, Information Technology, or related field. CISSP, CISA, CISM, CRISC 10-15 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Skills Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation Education - BE/B Tech, BCA,BSC IT/Since, M Tech/ME/MS/MSC/MCA

Hiring for IT MNC Company Vulnerability assessment on ISEC servers, VA report generation, dashboard publishing with daily updates, follow-up with respective stakeholders for closure of open points and update the same to ISEC ISG team Required Candidate profile Experience: 4 +Years Location: Ghansoli/Turbhe Notice Period: 30 Days snehapawar@peshr.com/7021769496

Role Overview: We are seeking an experienced Senior Container Security & Quality Assurance Engineer. The successful candidate will establish comprehensive testing methodologies for security-hardened, minimal container images .