130 Vulnerability Scanning Jobs

About The Role Job Title - Security Delivery Specialist + Team Lead + CF Management Level:09- Team Lead Location:Bangalore/Hyderabad Must have skills:- Vulnerability management/Cloud Security posture Management Proficiency with Vulnerability management/Cloud Compliance management tools (Qualys/Tenable/CSPM or equivalent) Good to have skills:- Knowledge/Certifications on Containers (AKS or EKS or GKE) Knowledge of ITIL processes Knowledge of ISO 27K processes and controls Scripting knowledge (Python/PowerShell/Bash) Job Summary : Work with cross-skilled security groups on various aspects of Security Operational functions Work and facilitate Vulnerability and Compliance queries from Business from security scans and reports Conduct security audits of internal operational process Ensure vulnerability and Compliance scans are in place as per schedule and monitor associated processes Prepare and deliver compliance reports to management, the periodic status of the process health Provide standard process advice for SecOps/SOC teams Perform vulnerability management Develop and maintain security documentation and reports Influence training plans to align with company goals Roles & Responsibilities: Prepare and deliver compliance reports to management, detailing the organizations compliance status and areas for improvement Perform vulnerability management Support Business on remediation queries on Vulnerability and Compliance Audit internal operational processes and share report to management and identify improvements Develop and maintain security documentation and reports Engage with stakeholders for various security evaluation discussions and identify improvements Review and monitor internal processes Influence training plans to align with company goals Professional & Technical Skills: Proven experience in a cyber security , with a focus on consultancy Comprehensive understanding of security principles, techniques, and technologies Experience with security frameworks and standards (e.g., ISO 27001, NIST) Deeper understanding of OS level Security Deeper understanding of Cloud and Container platform Deeper understanding of patching/ vulnerability remediation Proficiency in security tools and technologies- Vulnerability scanners, Compliance management Deeper knowledge of networking or Server Administration Relevant certifications such as CEH, CCSK, AZ500 or equivalent are highly desirable. Additional Information: About Our Company | Accenture Qualification Experience: Minimum of 8 years of Experience Educational Qualification: B.Tech/BE or equivalent

As the CISO (Chief Information Security Officer) at Digamber Capfin Limited, located in Jaipur, Rajasthan, your primary responsibility is to build the information security function of the organization from the ground up. You will play a crucial role in transforming Digamber NBFC into a tech-first financial institution. Your role is both strategic and operational, involving defining the security vision and directly implementing tools, policies, and processes in the initial stages. **Key Responsibilities:** - **Security Governance & Strategy** - Define a 2-3 year information security roadmap aligned with RBI/NBFC guidelines. - Draft and implement security policies covering endpoint security, IAM, vendor risk management, and incident response. - Establish and run the organization's Governance, Risk, and Compliance (GRC) framework. - **Regulatory & Compliance** - Lead RBI cyber security compliance, including evidence preparation and audit closure. - Coordinate with external auditors and regulators. - Ensure all security initiatives meet or exceed regulatory requirements. - **Security Operations (Hands-On)** - Set up and configure SIEM/SOC monitoring in collaboration with vendors or MSSPs. - Oversee and execute endpoint security rollout (EDR/antivirus, encryption, patching). - Manage incident detection, response, and reporting. - **Identity & Access Management (IAM)** - Implement MFA, privileged access controls, and quarterly access reviews. - Work with IT to automate user provisioning and deprovisioning. - **Vendor & Outsourced Service Security** - Evaluate and approve vendor security posture (e.g., M2P LMS, cloud services). - Integrate security clauses and SLAs into vendor contracts. - Monitor vendor performance and compliance. - **Awareness & Training** - Launch company-wide security awareness programs and phishing simulations. - Build a culture of security across 700+ employees. **Qualifications Required:** - Proven track record of building or maturing a security program from low maturity. - Hands-on experience with SIEM, Endpoint protection & patch management, IAM solutions, Vulnerability scanning & remediation. - Strong understanding of RBI regulations for NBFCs. - Experience managing outsourced SOC/MSSP and IT vendors. - Excellent communication skills - able to work with executives and train non-technical staff. Join Digamber Capfin Limited and be part of a mission-driven organization that empowers rural Indian minds with financial services. With a strong presence in 8 states and over 90 districts, you will contribute to making a positive impact on society by enabling the rural population to succeed and grow.,

As an Advanced Linux Administrator, you will have the following key responsibilities: - Expert-level hands-on experience with Red Hat Enterprise Linux (RHEL 8/9) including kernel tuning, system optimization, service configuration, and in-depth troubleshooting. - Deep knowledge of ext3, ext4, XFS. Proficient in LVM, mount strategies, partitioning, disk recovery, NFS, and multipath I/O configuration. - Strong experience in managing patching, content views, host provisioning, and lifecycle policies using Red Hat Satellite for centralized package and compliance management. - Proficient in Bash, Python, Ansible, and Terraform for automating routine operations, configuration management, and infrastructure provisioning. - Skilled in system hardening, SELinux, firewall audit logging, vulnerability scanning, and ensuring adherence to regulatory compliance standards (ISO, CIS, PCI, etc.). - Strong working knowledge of enterprise-grade monitoring solutions such as Prometheus, Grafana, Zabbix, and ELK/EFK, including custom alerting and metric integrations. - In-depth understanding of Linux networking, including routing, bonding, VLANs, DNS, DHCP, and troubleshooting L2/L3/L4 issues. Experience with firewall rules, iptables/nftables, and network namespaces. - Experience with VMware, KVM, OpenStack, and cloud platforms (AWS, Azure, GCP) for hybrid infrastructure management and VM/container orchestration. - Lead role in handling major incidents, performing root cause analysis (RCA), and implementing permanent fixes while ensuring alignment with ITIL practices. You will be working with a company that values expertise in Linux administration, automation, security, and cloud integration to maintain a robust and efficient IT infrastructure.,

As a Security Engineer at Datwyler, your role involves working closely with third-party suppliers and local teams to constantly search for cyber security gaps and improvements. You will be responsible for representing the security area in all projects, making decisions on possible security solutions, and designing them. Incident, problem, and change request handling will be part of your daily tasks, along with learning and improving the value of Datwyler's security tools. Key Responsibilities: - Collaborate with third-party suppliers and local teams - Continuously identify cyber security gaps and suggest improvements - Lead the security area in projects and make decisions on security solutions - Handle incidents, problems, and change requests - Learn and enhance the value of Datwyler's security tools - Conduct Proof of Concepts (PoC) for various Cyber Security tools - Prepare documentation and user manuals for team members and employees - Evaluate security risks for new applications to be implemented - Participate in penetration tests Qualifications Required: - Minimum of 5 years of hands-on experience in large-scale networks as a security engineer - Security area related certifications such as CISSP, CISM, CEH, or CompTIA Security - Proficiency with security tools and technologies (firewalls, IDS/IPS, VPNs, encryption technologies, cloud security) - Strong knowledge of network protocols, operating systems, and security frameworks - Experience with vulnerability scanning, penetration testing, and risk management - Excellent analytical and problem-solving skills - Strong communication skills to interact with various teams and explain technical security matters to non-technical stakeholders - Strong knowledge in email security At Datwyler, you will experience a diverse and global working environment that offers a broad spectrum of job profiles and career opportunities. The company values ambitious individuals who approach their tasks with dedication and enthusiasm, providing the right environment for personal growth and development. Mutual consideration, respect, trust, and loyalty are at the core of Datwyler's values, ensuring that employees play a crucial role in shaping the company's success.,

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Create asset list and prioritize assets, conduct regular vulnerability assessments based on the Tenable tool, identify security weaknesses in systems and applications, work with peer teams till closure of the Vulns, track patching as per proposed timelines. Roles & Responsibilities:-Create correct asset list-Perform Vuln assessment-Relevant request to be raised thorough SNow.-Highlighting issues with the Scanned report to Product team and resolve it immediately. If issue not getting resolved, then escalate it to right stakeholder.-Analyse scan results and generate comprehensive reports detailing vulnerabilities, potential impacts, and remediation -recommendations/Action plan with dates.-Collaborate with IT, Partner, Business and Security teams to prioritize and address identified vulnerabilities based on risk assessments and business impact.-Monitor and track remediation efforts on weekly / monthly basis to ensure vulnerabilities are resolved within defined timelines.-Maintain and update documentation related to vulnerability management processes, policies, and procedures.-Stay current with industry trends, threats, and vulnerabilities to provide informed recommendations and enhancements to the policies, and proceduresProfessional & Technical Skills: -3 years of experience in vulnerability management or security operations. -Familiarity with vulnerability scanning tools, particularly Tenable and Snow.-Understanding of security frameworks and standards (e.g., NIST, ISO 27001).-Strong analytical and problem-solving skills with attention to detail.-Relevant certifications (e.g., Vulnerability Management, Certified Ethical Hacker (CEH), or similar) are a plus.-To succeed in this role, you should have the following skills and experience Additional Information:- The candidate should have minimum 3 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a Vulnerability Management Senior Analyst with 5+ years of experience in infrastructure vulnerability identification, tracking, and remediation. The ideal candidate will be responsible for managing scheduled internal scans, tracking high-risk vulnerabilities, and supporting remediation efforts using tools like CrowdStrike Falcon Spotlight and Avia Automation.Roles & Responsibilities:-Define, configure, and schedule internal vulnerability scans in line with the vulnerability management Runbook.-Ensure timely and successful completion of internal scans and maintain regular scanning cadence.-Review scan results, validate findings, and eliminate false positives per agreed procedures.-Provide remediation recommendations to address high and critical vulnerabilities.-Track vulnerability remediation status using CrowdStrike Falcon Spotlight and Avia Automation.-Maintain and update the Runbook quarterly, incorporating changes to scanning processes or tool configurations.-Prepare and distribute scheduled vulnerability reports to defined stakeholders.-Maintain and update stakeholder lists for vulnerability reporting and notifications.-Track and report on open high and critical vulnerabilities, ensuring timely closure.-Participate in service review meetings, provide reporting insights, and recommend improvements.-Tools-CrowdStrike Falcon Spotlight, Avia Automation Professional & Technical Skills: -Experience in infrastructure vulnerability management, IT security, or related roles.-Hands-on experience with CrowdStrike Falcon Spotlight and Avia Automation (or similar tools).-Strong understanding of vulnerability scanning, remediation processes, and false-positive validation.-Experience creating and maintaining process documentation such as runbooks or SOPs.-Proficiency in generating and interpreting vulnerability reports and dashboards.-Strong collaboration and communication skills to engage with cross-functional stakeholders.-Detail-oriented with the ability to track and manage multiple remediation timelines.-Knowledge of security frameworks and standards (e.g., NIST, CIS Benchmarks) is a plus. Additional Information:- The candidate should have minimum 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Vulnerability Scanning . Experience: 5-8 Years .

As the leader in cloud-managed IT, Cisco connects passionate people to their mission by simplifying the digital workplace. Our impact is driven by the innovative, purposeful, and vibrant people who make up our inclusive community. When technology is intuitive, our customers can focus on what matters! As a member of the Device Trust Assurance team, you will have a substantial impact on the security of millions of Cisco devices all around the world. We are looking for people who are passionate about security and eager to learn the ropes of vulnerability management (reporting, triaging, and driving remediation). The Vulnerability Management Engineer plays a critical role in ensuring the security of our systems by managing and mitigating vulnerabilities. Key responsibilities include reviewing vulnerability scanning reports, assessing severity, and triaging vulnerabilities, along with efficiently managing Jira tickets to facilitate timely remediation or mitigation. This role requires utilizing tools such as Vigiles, yocto CVE scanner to conduct vulnerability scanning and analysis, and implementing a risk-based prioritization method for effective management. Leading process optimization efforts by identifying gaps in the vulnerability management workflow and enhancing program efficiency is also essential. Collaboration with an international security organization as well as engineering teams is necessary to provide guidance on mitigating and remediating vulnerabilities, identify and report automation bugs, and contribute to solutions that reduce manual workload in the vulnerability management lifecycle. The role involves investigating vulnerability alerts, assessing their impact, and calculating severity scores based on attack complexity. Additional duties include maintaining scanning tools, reviewing CVEs for potential risk exceptions, and guiding teams on security best practices and patch management standards. Flexibility to work across different time zones is crucial for effective global collaboration and system security. Qualifications: - 4+ years in vulnerability management or network security with a strong focus on Cisco technologies - Experiences in Cisco IOS-XE architecture, including kernel components and security mechanisms - In-depth knowledge of common Security vulnerabilities (OWASP Top 10, CWE Top 25) - Proficiency with vulnerability scanning tools (Semgrep, blackduck, vigiles, yocto cve scanner) and firmware analysis - Ability to trace through Linux kernel configuration systems (KCONFIG) and interpret Makefiles - Strong C programming skills and understanding of conditional code compilation - Experience with scripting languages (Python, Bash) and network analysis tools (Wireshark) - Proven ability to collaborate effectively across global teams and multiple time zones - Consistent track record to ship in a dynamic environment - Experience using Jira and other Atlassian software - Strong documentation skills and ability to present complex technical findings clearly Bonus points for: - Cisco security certifications (CCNA/CCNP Security) and cybersecurity credentials (CISSP, CEH) preferred - Knowledge of networking protocols and security frameworks (NIST, ISO 27001) - Bachelor's degree in Computer Science, IT, or related field Does this sound like you We would love to hear from you. We encourage you to drop us a line even if you don't have all the points above. That's a lot of different areas of responsibility! We will help you pick them up because we believe that great leaders come from a diverse set of backgrounds. At Cisco Meraki, we're challenging the status quo with the power of diversity, inclusion, and collaboration. When we connect different perspectives, we can imagine new possibilities, inspire innovation, and release the full potential of our people. We're building an employee experience that includes appreciation, belonging, growth, and purpose for everyone.,

Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals (CISSP); Certified Information Systems Auditor (CISA); Certified Information Security Manager (CISM) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST , aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills to Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firms service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable.

About The team As a member of the Device Trust Assurance team, you will have a substantial impact on the security of millions of Cisco devices all around the world. We are looking for people who are passionate about security and eager to learn the ropes of vulnerability management (reporting, triaging and driving remediation). About The Role The Vulnerability Management Engineer plays a critical role in ensuring the security of our systems by managing and mitigating vulnerabilities. Key responsibilities include reviewing vulnerability scanning reports, assessing severity, and triaging vulnerabilities, along with efficiently managing Jira tickets to facilitate timely remediation or mitigation. This role requires utilizing tools such as Vigiles, yocto CVE scanner to conduct vulnerability scanning and analysis, and implementing a risk-based prioritization method for effective management. Leading process optimization efforts by identifying gaps in the vulnerability management workflow and enhancing program efficiency is also essential. Collaboration with international security organizations as well as engineering teams is necessary to provide guidance on mitigating and remediating vulnerabilities, identify and report automation bugs, and contribute to solutions that reduce manual workload in the vulnerability management lifecycle. The role involves investigating vulnerability alerts, assessing their impact, and calculating severity scores based on attack complexity. Additional duties include maintaining scanning tools, reviewing CVEs for potential risk exceptions, and guiding teams on security best practices and patch management standards. Flexibility to work across different time zones is crucial for effective global collaboration and system security focusing on vulnerability management across Cisco's core platforms including but not limited to IOS-XE network operating systems SD-WAN infrastructure and controllers Meraki cloud-managed devices IIoT/Industrial IoT solutions Qualifications 7+ years in vulnerability management or network security with strong focus on Cisco technologies Experiences in Cisco IOS-XE architecture, including kernel components and security mechanisms In-depth knowledge of common Security vulnerabilities (OWASP Top 10, CWE Top 25) Proficiency with vulnerability scanning tools (Semgrep, blackduck, vigiles, yocto cve scanner) and firmware analysis Experience with SBOM (Software Bill of Materials) analysis Ability to trace through Linux kernel configuration systems (KCONFIG) and interpret Makefiles Strong C programming skills and understanding of conditional code compilation Experience with scripting languages (Python, Bash) and network analysis tools (Wireshark) Proven ability to collaborate effectively across global teams and multiple time zones Consistent track record to ship in a dynamic environment Experience using Jira and other Atlassian software Bonus points Cisco security certifications (CCNA/CCNP Security) and cybersecurity credentials (CISSP, CEH) preferred Experience with industrial/OT security standards (IEC 62443, NIST Cybersecurity Framework) Bachelor's degree in Computer Science, IT, or related field

As a cybersecurity professional specializing in automotive systems, your primary responsibility will be to implement and maintain security controls for various components such as electronic control units (ECUs), communication networks, and connected devices. You will need to conduct risk assessments, identify potential cybersecurity risks, and develop strategies to mitigate these risks while ensuring safety, privacy, and compliance requirements are met. In case of security incidents, you will be expected to prepare incident response plans, coordinate responses, and analyze breaches to contain them effectively. It is essential to stay updated with industry trends, cybersecurity threats, standards, and regulations specific to the automotive sector to ensure the security measures are in line with the latest developments. To excel in this role, you should have a strong understanding of secure coding practices, secure software design, and development methodologies. Familiarity with automotive-specific security standards like ISO/SAE 21434 and EURO REGULATIONS R155, R156 is crucial. Additionally, you should possess knowledge of network protocols, firewalls, intrusion detection/prevention systems, and secure communication channels. Your ability to identify potential threats, assess risks, and prioritize security measures will be vital in ensuring the security of automotive systems. Understanding secure over-the-air (OTA) update mechanisms for automotive ECUs and effectively communicating security concepts and recommendations to both technical and non-technical stakeholders are key aspects of this role. Collaborating effectively with cross-functional teams, including developers, engineers, and management, will be essential in implementing robust security measures. Hands-on experience with security assessment tools, cybersecurity management systems (CSMS), and software update management system (SUMS) requirements is essential, while knowledge of penetration testing, vulnerability scanning, and fuzz testing is considered beneficial for this position.,

Your role and responsibilities Create/contribute to the Test plan/Test Strategy by creating new use cases based on new requirements Setup and configure the server and related infrastructure as per customer environment and report any issues to ensure the quality of releases Automate new use cases (CLI, REST & UI) or make changes to existing code based on new feature additions for CLI/REST/UI Good knowledge on CI/CT process and perform Continuous Test execution Understand various system dependencies and Run Load/stress tool, different workloads, perform Defect triaging and provide the details in defect and consolidating team issues Timely verification of defect fixes and perform regression tests around the fixes. Collaborate with the development and system test teams to maintain product quality, usability and serviceability Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 1 to 3 yrs of Server Virtualization testing experience with System level product knowledge, defect characterization, Product integration testing and ability to create test cases and test plan Good Knowledge on Virtualization – PowerVM / VMware, STORAGE, NETWORKING Backend – Python, CLI, RESTful API, CI/CD pipelines UI – Cypress DevOps – GitHub, Terraform, Ansible (Optional) Experience in Server Architecture of various Hypervisors, Storage Domain (SAN, NAS, NVMe, SAS, SATA), Networking ( FC, FCoE, ISCSI, TCP/IP) and Hardware knowledge. Good knowledge of one or more Server operating systems (Ubuntu, RHELor Suse, ESXi ) and Virtualization technologies Knowledge and experience on Automation languages using Python/Perl and Cypress Good understanding on Jenkins and DevOps Strong logical, debugging and creative problem-solving skills, good oral and written communication skills, and excellent analytical skills Have knowledge on Vulnerability scanning and experience in use of tools to check a network or website for known vulnerabilities

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a skilled Vulnerability Management Analyst with hands-on experience using Rapid7 InsightVM (Nexpose) to help manage, monitor, and improve our vulnerability management lifecycle. This role will be responsible for identifying, assessing, and coordinating remediation of security vulnerabilities across our systems, networks, and applicationsRoles & Responsibilities:-Operate and manage the Rapid7 InsightVM platform for continuous vulnerability scanning and reporting.-Perform regular vulnerability scans on endpoints, servers, cloud infrastructure, and network devices.-Analyze scan results, assess risk levels, and prioritize remediation efforts based on business impact and threat intelligence.-Develop and maintain dashboards and reports to track vulnerability metrics and remediation progress.-Work with the patch management team to ensure timely patching and system updates.-Conduct validation and retesting after remediation to ensure vulnerabilities are resolved.-Assist in vulnerability disclosure and response processes.-Provide input on improving scanning accuracy, asset inventory, and security configurations.-Stay current with emerging vulnerabilities, exploits, and security threats.Professional & Technical Skills: -Experience in vulnerability management or information security.-Hands-on experience with Rapid7 InsightVM or Nexpose is required.-Strong analytical, communication, and documentation skills.-Ability to interpret technical vulnerabilities and communicate their impact to non-technical stakeholders. Additional Information:- The candidate should have minimum 3 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

The job responsibilities include setting up Google Chrome Managed Browser settings to ensure secure and compliant internet usage, configuring and deploying policies for extensions, updates, and security settings. You will also assist in designing and implementing Active Directory structures, managing group policies, deploying and monitoring Sophos endpoint protection, and managing 1Password for secure password storage. Additionally, you will implement role-based access controls, conduct cybersecurity awareness training, ensure data encryption, and maintain regular software updates and patch management. Furthermore, you will deploy firewalls, implement intrusion detection and prevention systems for network security, regularly back up critical data, conduct due diligence on third-party vendors, perform security audits and assessments, develop incident response plans, and ensure compliance with regulatory standards. The qualifications for this role include a Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field, basic understanding of cybersecurity principles, familiarity with various tools, strong problem-solving skills, and effective communication and teamwork abilities. Key competencies required for this position include technical proficiency, analytical thinking, attention to detail, effective communication, and proactive learning. Interested candidates can apply by submitting their resume and cover letter to Dharan@unreconciled.io. unreconciled is an equal opportunity employer that celebrates diversity and is committed to creating an inclusive environment for all employees. Please note that this job description provides a general overview of the position and may not encompass all tasks or responsibilities that may be required.,

What does a successful Security Operations Advisor do at Fiserv: The ideal candidate will be responsible for identifying, assessing, and mitigating security vulnerabilities in the organization's IT environment while managing and tracking enterprise assets. Will work closely with various teams to enhance our security posture and ensure compliance with industry standards. What will you do: Vulnerability Management: - Lead the vulnerability assessment program, including the scheduling and execution of regular vulnerability scans and assessments. - Analyze scan results to identify vulnerabilities, evaluate their severity, and prioritize remediation efforts based on risk assessments. - Collaborate with IT, development, and operations teams to coordinate vulnerability remediation and mitigation efforts. - Develop, maintain, and report on metrics related to vulnerability management, including time to remediate vulnerabilities and compliance levels. - Conduct vulnerability assessments on IT and physical infrastructure. - Analyze risks related to networks, servers, facilities, and utilities. - Collaborate with cybersecurity and engineering teams to implement mitigation strategies. - Monitor threat intelligence and emerging risks. - Prepare reports and support incident response efforts. Enhanced Application Monitoring (EAM) - Act as a liaison with the Global team on the implementation framework. Collaborate with the Global team to address issues related to the clarity and integrity of requirements, procedures, and reports. Assume responsibility for generating and distributing bi-weekly reports on non-compliant applications to application owners, alongside tracking the remediation status. - Review reports and take timely action to remediate any open issues. Deliver EAM solutions in accordance with established coding practices and logging requirements. Work closely with cross-functional teams, including development, DevOps, and IT security, to integrate security controls into application development processes and CI/CD pipelines. Maintain comprehensive documentation of application security policies, procedures, and frameworks. Create and update security architecture diagrams and models. What You Will Need to Know: We are looking for a dedicated Security Operations Advisor with a focus on Vulnerability Management and Enterprise Asset Management (EAM) to join our cyber security team. The ideal candidate must have 11 to 13 years of cybersecurity and technology risk experience in a large MNC. Possesses progressive experience in leading multiple projects in a complex international financial services organization, preferably Financial Technology. Excellent written and verbal communication skills with the ability to negotiate and influence multiple stakeholders, driving positive changes through awareness, understanding, acceptance and commitment to relevant information security topics. Excellent customer management skills with min 8 years of experience with managing large enterprise customers, preferably from the financial services industry. Technical Skills: Experience with application security testing tools (e.g., SAST, DAST) and vulnerability management tools. Familiarity with cloud security principles and securing cloud-based applications. Knowledge of IT infrastructure, networking, and system administration. Understanding of threat modeling and risk assessment methodologies. Excellent verbal and written communication abilities to effectively convey security concepts to technical and non-technical stakeholders. What Would Be Great to Have: Bachelors degree in computer science, Information Security, or related field; Master’s degree preferred. Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Application Security Engineer (CASE) are highly desirable. We welcome and encourage diversity in our workforce. Fiserv is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protector veteran. Explore the possibilities of a career with Fiserv and Find your Forward with us !

Required qualifications : Demonstrated experience with multiple items listed in the strengths & capabilities section of the Job Summary Ideal candidate will be self-motivated, demonstrate adherence to in-place corporate protocol and policies, and work within established parameters while constantly striving to increase efficiency, enforce standardization and improve overall security posture Must be able to communicate effectively (verbally, in writing, in person/in remote meetings, etc.) with all levels of management & IT staff Security Industry Training (SANS, Offensive Sec, DOJ, etc.) Product/platform-specific vendor training (Tenable, Qualys, Rapid7, Cisco, etc.) Bachelors Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering Experience supporting the development and update of healthcare industry compliance/audit operations & documentation Must have advanced trouble shooting skills and possess the ability to identify the severity of an issue, ability to resolve issues quickly to customer satisfaction and prepare RCA or postmortem reports to stakeholders & management upon request Expert knowledge/understanding of Threat Analysis Must demonstrate expertise with handling major malware outbreaks/major incident response workflows in a large/distributed enterprise environment Possess excellent customer handling skills along with extensive hands-on skills in defining and creating operational/procedure documents Possess knowledge of ITIL processes like Incident Management, Problem Management, Configuration Management and Change Management Possess demonstrated excellence in verbal & written communication skills with a bias toward constant communication with all stakeholders; updating all parties regularly & escalating appropriately to management, without being prompted, to ensure superior customer service delivery Preferred qualifications: One or more certifications for vulnerability assessment analysts: GPEN, GWAPT, GSNA, GMON, GISF, GAWN, GWEB, GXPN, CEH, GNFA, OSCP, OSEE, OSCE, OSWP, CISSP, GSEC Responsibilities: Directly contributes to the implementation of Primes Security technology roadmap & TRO security controls; generates regular metrics from all supported VA product platforms and reports status and challenges on a weekly basis Actively monitors all ServiceDesk ticketing queues for the Vulnerability Assessment function to ensure quality of customer service, quick response & reliable solutions within established Service Level Agreements Serves as an expert engineer in product architecture, configuration, development, transition to operations and sustainment Works with the Governance Risk & Compliance (GRC) team to draft, update or improve applicable departmental policies, procedures, standards and configuration guidance in a timely manner Works with SOC, Incident response and Security Assessment & Penetration testing teams for cross functional collaboration Coordinate team activities during the patch cycles, Zero-day vulnerability events, and security incidents Validate scan findings, prioritize based on risk metrics (CVSS, EPSS, VPR) and provide actionable recommendations and familiarity with NVD, MITRE ATT&CK, and threat intelligence integration Ensure compliance with regulatory requirements (HIPAA, NIST etc.) related to vulnerability Management Champions agile and effective change management & actively utilizes change management system to convey impact & timing of changes, updates change requests (CRs) in timely manner and provides all relevant information to communicate change effectively, updates CRs before, during and after changes, regularly attends Change Advisory Board (CAB) meetings and provides required feedback to all stakeholders Manages one or more projects, initiatives and work efforts simultaneously without requiring direct supervision or prompting, regularly updates management with regard to status, updates project management portals/operational task tracking and other reporting tools in a timely and consistent manner Directly manages vendors and vendor support staff to ensure that all Vulnerability Assessment products, platforms & solutions are kept up-to-date, configured for maximum value, adhere to best practices, deliver required results and meet the needs of the organization (this will require regular meetings with all major vendors & VARs) Coordinates with IT & TRO stakeholders to develop follow-up action plans which address reportable issues and communicate with other relevant technologists to determine strategies to remediate security threats and vulnerabilities Configures, launches, troubleshoots, reviews and assesses successful enterprise-wide scanning operations, analyzes trends, and provides contextual reporting to senior management and system owners on a regular basis Assists in the preparation of program planning, engineering work breakdown structure, task estimation and scheduling in support of internal and PMO projects Serves as the highest point of escalation/Subject Matter Expert (SME) for VA product platforms and other technical solutions Creates technical documents, drawings, how-to guides and other deliverables as needed and continually updates operational information in a consolidated department file-share (MS Teams/SharePoint) document repository Contributes actively to the mentoring, training and development of other team members Complies with all Prime training and compliance educational mandates Performs escalation of critical issues or challenges to management in a timely and consistent manner Maintains/updates/consolidates internal documentation and diagrams for security configuration, point-products and solutions, data-flow-diagrams, and other relevant information regularly as changes occur As Team Lead, analyze and approve Security Exception Request (SER) tickets on behalf of the VA function to ensure that all critical security controls are implemented with minimal policy exceptions; ensure that any SERs provisioned uphold the principle of least privilege (PoLP), are centrally documented/tracked, reviewed periodically, and are understood by all IT & TRO stakeholders As Team Lead, work with the Cyber Defense Manager to set the technical direction for the VA team and take point on reporting team metrics on a weekly basis As Team Lead, develop, enrich and continuously improve VA reporting metrics As Team Lead, take ownership of coordinating/planning all VA projects Performs other duties as assigned or required

Dev Ops -AWS/Azure -Terraform/Kubernetes: Hands on experience with Terraform & docker containerization. Hands on experience with AWS service like S3, API Gateway, Lambda , ECS and EKS. Hands on experience in different scripting languages like Groovy, Python, Shell Scripting etc. Implement security controls and best practices throughout the CI/CD pipeline, including vulnerability scanning, static code analysis, and dependency management using tools such as SonarQube and Software Composition Analysis (SCA). Primary Skills: AWS, Terraform, Docker, Jenkins, GitHub, Groovy Script and Python. Secondary Skills: Ansible, SonarQube , GitHub Actions

Develop, implement, maintain security to protect an organization's (& customers) digital assets & data Security Design & Implementation Create & implement security policy, protocol & measure Monitor systems for threats & perform forensic analysis Required Candidate profile Security supports the organization's long-term goals Plan capacity, disaster recovery & business continuity Documentation Troubleshoot Network Training Expertise in cloud infra solution KVM, OpenStack

In our always on world, it is essential to have a genuine connection with the work you do. If you are excited by a challenge and driven by learning and growth, then joining CommScope's cybersecurity team in Hyderabad may be the right next step for you. As a Cyber Security Engineer at CommScope, you will serve as a key individual contributor on the Security Architecture and Engineering team. Your responsibilities will include designing, implementing, maintaining, monitoring, and managing key technical security systems/controls that protect the business. Success in this role will require a foundational understanding of technology stacks, security tooling, and securing cloud environments such as Azure, GCP, and AWS. Ideal candidates will be willing to enhance their technical skills by working on a broad range of security technical controls in an environment where their contribution will make a difference. Your work will play a critical role in our organization's cyber security success. CommScope's security team takes pride in protecting the people, processes, and technologies that serve our customers, ensuring billions of connections each day. Join us and pursue your personal best! As a Cyber Security Engineer at CommScope, you will: - Implement, maintain, monitor, and manage cyber security systems and controls. - Deliver projects on time, within budget, and in accordance with service level agreements (SLAs). - Collaborate with various teams including architects, senior engineers, the security operations center (SOC), incident responders, and technology infrastructure and development team members. - Participate in change management meetings and conduct performance and efficacy testing of security solutions. - Collaborate with team members to develop technical security standards and best practices. - Articulate common practices and tactics used by malicious software and threat actors to other IT teams. - Assist the Governance, Risk, and Compliance team in answering technical questions from auditors and clients. Required Qualifications: - A bachelor's degree with preferably 4+ years of cyber security experience. - Hands-on experience in implementing and supporting at least 2 security capabilities. - Previous professional experience in other IT/technical domains and strong communication skills. - Analytical and critical thinking skills. - Strong interpersonal, written, and oral communication skills. - Customer service and solution-focused orientation. - Ambitious, disciplined, and self-starter. Desired Skills: - Hands-on experience with a major public cloud provider like Azure, AWS, or GCP. - Significant familiarity with Azure security controls and services. - Familiarity with Netskope and Palo Alto Networks firewalls. Join CommScope on a quest to deliver connectivity that empowers how we live, work, and learn. Push the boundaries of communications technology with us and be ready for the needs of tomorrow. Grow your career alongside bright, passionate, and caring individuals who strive to create what's next. Come connect to your future at CommScope.,

As a Cyber Security Specialist at Thoucentric, you will play a crucial role in ensuring the security and efficiency of our systems. Your responsibilities will include conducting periodic audits to identify security violations and inefficiencies, installing and operating firewalls and encryption programs, upgrading network and infrastructure systems, implementing and maintaining security controls, as well as identifying and solving potential security problems. You will also be responsible for fixing vulnerabilities, conducting threat research, and monitoring network traffic for security incidents and events. In addition, you will investigate security incidents in real time, write detailed incident response reports, and develop best practices for information security. Your role will contribute to the team effort by accomplishing related results as needed and maintaining quality service by following organization standards. To be successful in this role, you should have proven work experience as a Cyber Security Specialist or in a similar role, hands-on experience analysing high volumes of logs and network data, experience with vulnerability scanning solutions, and proficiency with antivirus and security software. A Bachelor's degree in Computer Science, Information Systems, or equivalent education or work experience is required, along with 5+ years of experience. Certifications such as CompTIA Security+, CISSP, CISA, CISM, or CEH are preferred. Working at Thoucentric will offer you the opportunity to define your career path, work with Fortune 500 companies and startups, and be part of a dynamic yet supportive working environment that encourages personal development. You will also have the chance to bond beyond work with sports, get-togethers, and other common interests, and be part of an enriching environment with an open culture, flat organization, and excellent peer group. Join us and be part of the exciting growth story of Thoucentric! Practice Name: Finance Date Opened: 05/11/2023 Work Mode: Hybrid Job Type: Full time Industry: Consulting Corporate Office: Thoucentric, The Hive, Mahadevapura, Mumbai, Maharashtra, India - 560048,

As a Cyber Security Engineer at our global organization within Group Technology Infrastructure and Security Engineering, you will be a crucial part of the Cyber Technology service team. Your primary focus will be on providing security products and services for the Cyber Hygiene space, particularly in Infrastructure Scanning and vulnerability assessment. By leveraging the latest technology, our team delivers reliable security hygiene controls to our clients. Your responsibilities will include conducting vulnerability scanning to identify and assess vulnerabilities across networks, operating systems, applications, and databases to meet scan coverage targets. You will engage with stakeholders to recommend appropriate remedial actions, validate these actions, and ensure compliance with regulatory requirements. Additionally, you will be involved in vulnerability management system administration, maintaining proficiency in best practices, onboarding new attack surfaces to the scanning process, and driving documentation management along with continuous service improvement efforts. To excel in this role, you should possess 5-10 years of relevant experience and hold a degree in a related discipline or have equivalent experience. Strong oral and written communication skills in English are essential, along with the ability to collaborate effectively with team members and a dedication to self-development. Experience with commercial vulnerability scanning solutions like Rapid7, Qualys, or Tenable, as well as expertise in network and operating system administration, are required. Furthermore, a solid understanding of IT Security Risk and attack vectors will be beneficial to your success in this position. Join our team and contribute to the creation of robust Infrastructure Scanning and Security Remediation capabilities while supporting the implementation of necessary IT business solutions. Embrace the flexibility and equal opportunities we offer to all our team members, and be part of a dynamic environment focused on preventing and detecting cyber threats to secure our IT systems effectively.,

As a Senior Engineer in Cybersecurity at Fluidech IT Services Private Limited, you will have the opportunity to join a leading technology consulting and managed services firm specializing in cybersecurity. Founded in 2014 and headquartered in Gurugram, Fluidech has established itself as a trusted technology partner for over 100 organizations worldwide. As a born-in-the-cloud company, Fluidech offers IT solutions aligned with business objectives, focusing on cloud, infrastructure, DevOps, and cybersecurity services across various industry verticals. In this role, you will be responsible for designing, deploying, and optimizing cybersecurity solutions tailored to client environments and business needs. Your expertise will be crucial in areas such as infrastructure security, endpoint protection, cloud security, threat detection, and GRC support. You will collaborate with internal teams and clients to develop robust security strategies, troubleshoot complex security issues, and stay informed about the latest threat intelligence and security trends. To be successful in this role, you should have a Bachelor's degree in Information Security, Computer Science, or a related field, along with 10+ years of hands-on experience in cybersecurity engineering, solution design, or security architecture. Proficiency in tools such as SIEM, EDR/XDR, firewalls, cloud security platforms, IAM, and compliance scanning tools is essential. Industry certifications like CISSP, CISM, CEH, OSCP, CISA, or AZ-500 are highly desirable, along with experience in supporting security audits and compliance assessments. Joining Fluidech means being part of an award-winning company known for its excellence in cybersecurity. You will work with a passionate and innovative team on cutting-edge technologies, leading high-impact cybersecurity projects across diverse sectors. Additionally, you will have access to competitive compensation, health insurance, learning and development opportunities, cross-functional exposure, and a supportive workplace culture that values transparency, trust, and continuous growth.,

The Security Analyst will support the project by analyzing security data, identifying vulnerabilities, and assisting in the implementation of remediation measures. The analyst will work closely with the security team to monitor threats and ensure the effectiveness of security controls. Key Responsibilities: Leverage log data available in Azure Log Analytics and audit existing configurations to understand the current landscape with regards to lateral movement and areas where risks can be reduced. Monitor and analyze network traffic to identify potential security threats and lateral movement activities. Conduct vulnerability assessments and penetration testing to identify weaknesses in the network. Assist in the development and implementation of security controls to mitigate risks associated with lateral movement protocols. Collaborate with the security team to investigate and respond to security incidents. Maintain and update security documentation, including policies, procedures, and incident reports. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Qualifications: Bachelor's degree in Cybersecurity, Information Technology, or a related field. At least 3 years of experience in information security, with a focus on network security and analysis. Strong knowledge of malicious lateral movement techniques and mitigation strategies. Experience with security tools and technologies (e.g., SIEM, IDS/IPS, vulnerability scanners, host-based firewalls). Excellent analytical and problem-solving skills. Relevant certifications such as CEH, CompTIA Security+, or GIAC are highly desirable. Previous job roles that may indicate success include Network Security Analyst, SOC Analyst, and Penetration Tester.

You are a skilled Senior Cybersecurity Engineer with a strong background in embedded systems and Linux-based environments. Your primary responsibility will be to lead the design, development, and maintenance of secure software solutions, focusing on automotive and embedded security. Your key responsibilities include designing, developing, and maintaining secure software solutions for Linux-based embedded and automotive systems. You will implement and manage security controls such as Secure Boot, secure unlock, secure reprogramming, and message authentication. Additionally, you will configure and manage AppArmor profiles to enforce security policies and reduce risks in Linux environments. Your role will also involve developing and integrating Trusted Execution Environment (TEE) solutions, applying your strong knowledge of cryptography and key management principles, and collaborating effectively with hardware and software teams. As a Senior Cybersecurity Engineer, you will integrate secure coding practices into DevSecOps pipelines, conduct security assessments, code reviews, and enforce practices like Static Application Security Testing (SAST), Open Source Software vulnerability scanning, and License compliance analysis. You will be responsible for maintaining and updating the Software Bill of Materials (SBOM) and contributing to version control repositories. Furthermore, you will actively participate in PI Planning, provide effort estimation, and contribute to Feature Rollout Plans (FROP) for security-related features. To qualify for this role, you should have at least 6 years of experience in Cybersecurity Engineering with a focus on embedded systems. You must be proficient in Linux security, embedded development, and cryptographic protocols, with a strong understanding of the secure software development life cycle (SSDLC). Experience working in an Agile environment with cross-functional teams will be beneficial. The work location for this position is Ahmedabad or Pune, and it is a full-time, permanent job with a day shift schedule. You should be able to commute or relocate to Ahmedabad, Gujarat, with an employer-provided relocation package. If you meet the qualifications and are interested in this position, please contact the employer at +91 9552993672.,

As a skilled and security-focused DevSecOps Engineer, you will join our growing engineering team working at the intersection of development, security, and operations. Your primary responsibility will be ensuring the security, scalability, and compliance of our infrastructure and applications across various cloud environments. You will play a crucial role in automating security practices within CI/CD pipelines, hardening cloud environments, and managing firewall and access control policies. Your key responsibilities will include implementing and maintaining security controls across AWS, Azure, and GCP environments, integrating DevSecOps tools and practices into CI/CD pipelines for automated security testing, managing and monitoring cloud-based infrastructure with a focus on compliance and security, configuring and monitoring firewalls, WAFs, and other security solutions, conducting threat modeling, vulnerability assessments, and implementing mitigation strategies. Collaboration with DevOps, SRE, and Security teams will be essential to align infrastructure and application security best practices. Additionally, you will ensure secure configuration management, respond to security incidents, and contribute to documentation and internal knowledge base for security practices and systems. To excel in this role, you should have at least 4 years of hands-on experience in DevOps/DevSecOps roles, a strong understanding of cloud platforms (especially AWS, Azure, and GCP), familiarity with cloud-native security tools and services, solid knowledge of firewall management, network security, and access control systems, experience with CI/CD tools and infrastructure as code tools, a strong grasp of container security and vulnerability scanning tools, as well as scripting skills for automation and monitoring. Preferred certifications such as AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer, Certified Kubernetes Security Specialist (CKS), CEH, CISSP, or other security-focused certifications are a plus. In return, you will have the opportunity to work with cutting-edge cloud and security technologies, enjoy a collaborative and inclusive work culture, benefit from career development opportunities, upskilling support, flexible work options, competitive compensation, food provided, work from home, and performance bonuses. The job type is full-time, and the work schedule includes Monday to Friday with night shift and rotational shift options. Join us in person and be part of our dynamic team where your skills and expertise will be valued and rewarded.,