77 Vulnerability Scanning Jobs

Overview Exp. - 3-6 Years Location - Hyderabad Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

As an experienced professional in Governance, Risk, and Compliance, you will be responsible for developing and maintaining information security policies in alignment with organizational goals and regulatory frameworks. Your role will involve coordinating annual reviews and obtaining executive approval to ensure policies remain relevant across various domains such as access control and secure software development. In this position, you will design and implement IT Service Management workflows and runbooks to enhance operational efficiency and promote cross-functional alignment. Additionally, you will conduct scheduled vulnerability scans and comprehensive risk assessments, leveraging AI-driven tools for automated documentation retrieval and issue tracking to support rapid response and proactive risk mitigation. Utilizing the FAIR (Factor Analysis of Information Risk) model, you will perform quantitative risk assessments and collaborate with managed advisory services to address complex governance and compliance challenges. Ensuring ongoing adherence to industry frameworks such as the NIST Cybersecurity Framework and CIS Controls will be a key aspect of your responsibilities, including implementing best practices in data encryption, business continuity, and disaster recovery planning. Furthermore, you will be involved in developing service-management metrics, continual improvement roadmaps, and establishing robust processes for production testing, release management, and lifecycle compliance. Your expertise will be crucial in advising on and implementing frameworks to strengthen corporate governance and provide effective compliance oversight across business units. To excel in this role, you should have a minimum of 10 years of experience in Governance, Risk, and Compliance roles, with proven expertise in policy development, control mapping, and executive communication. Strong cross-functional experience, especially in cybersecurity, automation, and cloud environments, will be essential. Demonstrated success in leading vulnerability scanning, enterprise risk assessments, and a deep understanding of FAIR risk management methodologies are required. You should possess in-depth knowledge of NIST CSF and CIS standards, as well as hands-on experience in data encryption, business continuity planning, and disaster recovery. Proficiency in designing service-management metrics, improvement roadmaps, and production/release processes is necessary. Excellent written and verbal communication skills, along with the ability to engage stakeholders at all organizational levels, are key qualities for this role. Please note that this position requires support in the US Eastern Time (ET) zone and does not involve rotational shifts.,

We are looking for a skilled and motivated Vulnerability Management Engineer to join our team. In this role, you will be responsible for assessing, tracking, and managing vulnerabilities in cloud and platform environments. You will play a critical role in ensuring the security posture of applications and infrastructure, using various vulnerability management tools and processes. Your responsibilities will include evaluating vulnerabilities, triaging risks, and ensuring proper remediation actions are taken to protect the organization's systems. Responsibilities: - Vulnerability Assessment: Assess the risk of CVEs (Common Vulnerabilities and Exposures) in the context of your environment and prioritize them based on risk. - Vulnerability Management Lifecycle: Triage the entire vulnerability management lifecycle, ensuring vulnerabilities are identified, tracked, and remediated in a timely manner. - Application Security & Vulnerability Management: Manage and oversee the Application Security and Vulnerability Management product, including CSPM (Cloud Security Posture Management), SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), Dependency Scans, and Secrets Scans. - Cloud Security & Container Protection: Responsible for platform vulnerability management, including Cloud Security Posture Management and Container Workload Protection using Prisma Scanner. - Change Request Analysis: Evaluate change requests for e-commerce systems, assess security implications, and provide security recommendations. - Change Tracking: Track all feature changes, bug fixes, and release changes for each platform release to ensure no vulnerabilities are introduced. - CVE Tracking: Monitor and track CVEs, ensuring timely identification, prioritization, and assessment of vulnerabilities. - Component Identification: Identify and document components and systems impacted by proposed changes and their associated vulnerabilities. - Security Assessment Planning: Develop and implement security assessment plans for changes to ensure compliance with industry standards and best practices. - Vulnerability Scanning: Conduct regular vulnerability scans of infrastructure and source code, focusing on Kubernetes containerized apps, to identify and prioritize security risks. - Documentation: Maintain detailed and accurate records of vulnerability assessments, findings, remediation actions, and reporting for compliance purposes. - Security Tools: Experience with enterprise-grade vulnerability management tools like Prisma and Wiz is a plus. Qualifications: - Solid understanding of vulnerability management life cycle and risk assessment. - Experience with vulnerability scanning tools and platforms such as Prisma/Wiz. - Familiarity with Cloud Security Posture Management (CSPM), Container Workload Protection, SAST, DAST, and Dependency Scans. - Proven experience in security assessment, vulnerability remediation, and risk management. - Strong knowledge of CVE tracking and vulnerability prioritization techniques. - Knowledge of security best practices and compliance standards. - Excellent documentation, communication, and collaboration skills. - Past experience in operating enterprise-grade security vulnerability management tools is a plus.,

As a member of the Vulnerability Management Services team at Atos Group, you will play a crucial role in executing vulnerability scanning and managing VM programs for our clients. Your responsibilities will include completing projects within budgeted efforts and agreed timelines with high-quality deliverables. You will utilize various scanning solutions such as SAINT, Nessus, Tenable.io, Tenable.sc, Qualys, etc., to perform vulnerability scanning and gain a deep understanding of client network architecture and infrastructure to be scanned. Moreover, you will be involved in threat identification, vulnerability identification, and control analysis, as well as developing customized reports and dashboards based on client expectations. Proactiveness in project planning and execution, likelihood determination, impact analysis, and risk determination are key aspects of this role. You will also prioritize risks, provide solution recommendations, and document findings, identifying the business risks posed by weaknesses identified during assessments. Collaboration with both business and technical teams within and outside the organization will be essential for project scope definition, execution, and closure. The ideal candidate for this role should have at least 5 years of experience in Vulnerability Scanning, with expertise in tools like Qualys, Tenable, Rapid7, etc. Additionally, you should possess the ability to understand and explain vulnerabilities to stakeholders, knowledge of platforms such as Windows, Linux, Unix, Mac OS, Cisco, Juniper, as well as familiarity with standards like PCIDSS, CIS Benchmarks, etc. A flexible approach to working on challenging activities, creative problem-solving skills, strong communication, and writing abilities are crucial for success in this role. Join us at Atos Group to expand the possibilities of data and technology, now and for generations to come. Let's grow together.,

At Honeywell, we are dedicated to creating a better future and are searching for individuals to join our global team of future shapers. When you become part of Honeywell, you enter a performance-driven culture filled with diverse leaders, innovators, and doers who are reshaping the future. Our team is committed to supporting each other and realizing our vision through various job functions. Innovation is at the core of our businesses as we strive to define the future. The opportunities for growth and recognition on a global scale are endless for those who demonstrate a passion for performance. We are currently looking for a cybersecurity engineer who possesses creativity and forward-thinking skills to develop and enhance cybersecurity solutions that address unique security challenges within critical infrastructure and industrial sectors. This role involves providing on-site cybersecurity services for Honeywell customers in industries such as Oil and Gas, Power Generation, Life Sciences, and more. Responsibilities include consulting, troubleshooting, network design, implementation, assessments, and other relevant tasks. **Key Responsibilities:** - Take the lead in assigned projects, ensuring timely delivery, staying within budget, and achieving customer satisfaction. - Stay updated on cybersecurity solutions and expand knowledge in designated network disciplines. - Maintain relevant cybersecurity certifications such as CCNA, CISSP, GICSP, or similar. - Keep abreast of industry security standards like IEC-62443, ISO 27000. - Establish strong relationships with internal and external customers by providing accurate technical support. - Diagnose issues and offer timely technical solutions in response to customer inquiries. - Handle network configuration, troubleshooting, firewall setup, and other related tasks. - Uphold industrial safety awareness by completing pertinent safety certifications. **Basic Qualifications:** - Bachelor's degree in computer-related fields or equivalent experience. - Cisco Certified Network/Design/Security Professional (at least one certification). - GICSP/CISSP Certified Information Systems Security Professional or similar certification. - 5+ years of experience in Networking, endpoint security, and IT security audits/assessments. - 3+ years of experience in Security Projects. - 2+ years of experience in Cybersecurity Vulnerability or Risk assessment. - Proficiency in Microsoft Active Directory, DNS, WSUS, and Terminal Server. - Experience in vulnerability scanning and assessments using tools like Nessus and NMAP. - Proven experience in designing or deploying projects leveraging virtualization, preferably VMware. - Network Security Experience: Firewalls, ACL, IDS, IPS, SIEM, particularly with Cisco Routers, Switches, or Firewalls. - Experience with antivirus systems, backup & restore solutions, and providing network services on customer sites. - Strong written and oral communication skills. - Willingness to travel 30-65%. **Preferred Qualifications and Experience:** - 3 years experience in Operational Technology (OT). - IEC-62443 Risk Assessment/Design/Maintenance Certification (at least one). - Knowledge of various networking protocols. - Awareness of OT cybersecurity best practices. - Proficiency in preparing design specifications. - Ability to work independently. - Excellent troubleshooting skills for resolving complex network issues. Honeywell is a trusted partner in solving complex challenges in automation, aviation, and energy transition. We offer actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments, all powered by our Honeywell Forge software, to create a smarter, safer, and more sustainable world.,

Position: Java Cloud Developer Location: Jaipur (WFO) Experience: 7+ Years Location: Jaipur , BLR , Hyderabad and Pune Quick Reach Appy directly on Form Link : https://forms.gle/2ZkjYhAcMztSnuH87 Required Parameters: 7+ years of hands-on experience in Java development and cloud-native application architecture Strong expertise in Java (8/11/17+) , with solid understanding of OOP, design patterns, and multithreading Proficiency with Spring Framework (Spring Boot, Spring MVC, Spring Cloud) and Hibernate/JPA Extensive experience with cloud platforms : AWS, Azure, or Google Cloud Platform Deep understanding of microservices architecture , API design (REST/GraphQL), and service orchestration Experience with CI/CD pipelines (Jenkins, GitLab CI/CD, GitHub Actions, or Azure DevOps) Strong exposure to Docker , Kubernetes , and containerized deployments Experience with Infrastructure as Code (Terraform, CloudFormation, or Pulumi) Familiarity with NoSQL & SQL databases : MongoDB, PostgreSQL, MySQL, DynamoDB Proficient in API integration, cloud security best practices, and modern deployment strategies Excellent troubleshooting, debugging, and performance optimization skills Key Responsibilities Cloud-Native Application Development Design and develop scalable microservices using Java (Spring Boot) deployed on AWS/Azure/GCP Build RESTful APIs and integrate third-party services to support complex business workflows Implement secure, high-performance back-end systems for web/mobile applications Cloud Engineering & Infrastructure Deploy and manage cloud resources using IaC tools like Terraform or CloudFormation Configure and monitor compute, storage, and networking services (EC2, S3, Lambda, Azure Functions, etc.) Apply cloud security best practices and ensure resiliency and high availability of applications DevOps & CI/CD Integrate code repositories with CI/CD pipelines for seamless build, test, and deploy cycles Automate unit/integration testing and container deployment using Docker and Kubernetes Monitor cloud applications using tools like Prometheus , Grafana , CloudWatch , or ELK Collaboration & Agile Delivery Collaborate with cross-functional teams including frontend, QA, DevOps, and Product Managers Participate in sprint planning, code reviews, and architectural discussions Write clean, maintainable, and well-documented code following industry best practices Monitoring & Optimization Implement logging, alerting, and application performance monitoring Continuously optimize existing services for cost, performance, and reliability Conduct root cause analysis and troubleshoot production issues with minimal downtime Nice to Have / Bonus Skills Experience with Serverless Architectures (AWS Lambda, Azure Functions) Exposure to message brokers (Kafka, RabbitMQ, SQS) Knowledge of OAuth2.0, JWT , and Spring Security Familiarity with GraphQL APIs Understanding of event-driven architecture and CQRS patterns Website : www.medhansolutions.com, HR Consulting Quick Reach Appy directly on Form Link : https://forms.gle/2ZkjYhAcMztSnuH87

As an Attack Surface Reduction Analyst at H&M, you will play a crucial role in identifying potential security risks and vulnerabilities within the organization's systems, applications, and networks. Your responsibilities will include conducting comprehensive vulnerability assessments and penetration tests, utilizing industry-standard tools to identify weaknesses in our attack surface, and collaborating with cross-functional teams to prioritize and remediate vulnerabilities in a timely manner. Additionally, you will be involved in managing third-party penetration testing engagements, developing security policies and procedures, and staying up to date with the latest cybersecurity trends. To excel in this role, you should possess a Bachelor's degree in computer science, information security, or a related field, along with 3-5 years of experience in vulnerability scanning, vulnerability management, and penetration testing. Strong knowledge of common vulnerabilities, security best practices, and industry frameworks such as NIST, OWASP, and CIS is essential. Proficiency in using industry-standard vulnerability assessment and penetration testing tools, effective communication skills, and relevant certifications like SANS, OSCP, or CompTIA Security+ are also advantageous. At H&M, we value our employees and offer attractive benefits, extensive development opportunities, and a vibrant work culture. If you are looking to grow your career in a supportive and inclusive environment, we encourage you to join our team. Please apply by submitting your CV in English through SmartRecruiters or our career page before the 30th of June 2025. We look forward to welcoming you on board in August 2025.,

Job Description: Responsibilities Test Planning: Develop comprehensive test plans for IT infrastructure projects, including networks, servers, cloud services, and data centers. Define testing objectives, scope, resources, and timelines. Align testing goals with business objectives and technical requirements. Test Strategy Development: Create detailed test strategies covering performance, scalability, security, load, and disaster recovery testing. Plan for both manual and automated testing of IT infrastructure components. Test Execution: Oversee the execution of various tests, such as network stress testing, server load balancing, disaster recovery scenarios, and penetration testing. Coordinate with network engineers, system administrators, and other IT professionals during the testing process. Risk Management: Identify risks early in the process and create mitigation plans. Ensure that the infrastructure is resilient to failures and capable of recovering from disaster scenarios. Reporting and Documentation: Generate test reports and provide detailed documentation of findings, issues, and suggestions for improvements. Track testing progress and outcomes for stakeholders. Collaboration with Stakeholders: Work closely with infrastructure architects, system admins, network engineers, and business units to understand requirements and ensure that the infrastructure is designed for performance, security, and reliability. Act as the bridge between the development team and operations team. Continuous Improvement: Continuously evaluate test processes and tools to improve efficiency. Stay updated on the latest trends and technologies in IT infrastructure testing. Skills and Qualifications: Technical Skills: In-depth understanding of IT infrastructure (servers, networking, cloud platforms, storage, databases, etc.). Knowledge of networking protocols, security testing tools, and methodologies (e.g., penetration testing, vulnerability scanning). Experience with IT Infrastructure Tools: Familiarity with configuration management tools (e.g., Ansible, Puppet, Chef). Experience with cloud platforms like AWS, Azure, or Google Cloud. Experience with system monitoring tools (e.g., Nagios, SolarWinds, Zabbix). Soft Skills: Strong leadership and team management skills. Excellent communication skills to interact with both technical and non-technical stakeholders. Problem-solving ability, especially when diagnosing issues with complex infrastructure systems. Certifications (optional but helpful): ISTQB Certified Tester (Foundation or Advanced Level). Certified Cloud Practitioner (AWS, Azure, or Google Cloud). CompTIA Network+ or other relevant IT infrastructure certifications. Challenges in the Role: Ensuring the infrastructure is scalable and flexible enough to accommodate future growth and unforeseen workloads. Managing the complexity of diverse systems (cloud, on-premises, hybrid environments) and ensuring thorough integration testing. Staying on top of evolving security threats and ensuring infrastructure is resilient against cyber-attacks. Tools and Frameworks: Automation Tools: Jenkins , GitLab CI/CD : For automating the testing pipelines. Ansible , Chef , Puppet : For automating infrastructure configurations. Performance Testing Tools: JMeter , LoadRunner : For load and performance testing of the infrastructure. Network Testing Tools: Wireshark , iperf : For monitoring network traffic and throughput. Cloud Testing Tools: AWS CloudWatch , Azure Monitor : To monitor the health and performance of cloud resources.

About the Role: Minimum experience of 8 years in the field of Threats and Vulnerability management in a corporate environment This is a HANDS-ON engineering position for individuals with a passion for Vulnerability Management, managing related tools and supporting business. The role is 70% focused on providing operations support and 30% focused on new projects, enhancements. Hybrid working model is available. Role & Responsibilities: Manage Qualys console using various modules. Make sure client agent coverage is managed at a good level. Support business with Qualys and/or Vulnerability Management requests Understand the current state of the technology components in the IT stack ranging from networking, storage, compute (virtualization, containers), applications & security mgmt. Collaborate with team-mates and understand the threats, vulnerabilities, and risks to the enterprise. Establish non-production and production environments for testing and hosting the applications. Own the end-to-end technical design, unit testing and the maintenance of the hosting environment. Adhere to the Scaled Agile Framework methodologies and tools that exists in the environment. Participate in daily stand-up sessions of Compliance & Security release train and contribute to bi-weekly sprints. Learn System Engineering concepts to analyse existing environment and find more efficient ways. Identify ways of doing things with full automation, AI and ML which needs knowing/learning the concepts of these technologies. If interested please do share your updated profile to archana.r@bahwancybertek.com

As a Security leader with a background in AWS and cloud Security, you play a crucial role in defining and enforcing the security policies and procedures of the organization. With excellent written and verbal communication skills, exceptional organizational abilities, and expert-level proficiency in IT and Cloud Security, you will be responsible for architecting and implementing IT Security policies while reporting to the Director of Information Technology. In this full-time role, your essential duties and responsibilities include providing leadership and technology vision to the IT Security team, performing internal and external security audits, documenting, implementing, and monitoring adherence to IT security standards, as well as assessing and improving security metrics. You will work on enhancing security tools and operations, monitor and manage IDS, vulnerability scanning, and assessments, and serve as the Data Privacy Officer (DPO) for the company. Creating awareness within the company regarding Security, Privacy, and compliance requirements, ensuring security and privacy training for staff involved in data processing, conducting security and privacy audits, and serving as the point of contact between the company and clients for privacy controls are key aspects of your role. Additionally, you will be responsible for log aggregation and analysis, managing Anti-Virus software, addressing security and data breach-related incidents, and ensuring customer satisfaction while being accountable for individual product/project success and quality. To qualify for this position, you must hold certifications such as CISSP, Security+, or equivalent, along with having 10+ years of Cyber Security experience, 5+ years of IT management experience, 5+ years of AWS experience, and 3+ years of experience with Identity & Access Management tools. Your extensive experience with Linux & Windows Security administration, managing Cloud and Container Security, Network and Application penetration testing, vulnerability scanners, IDS, IPS deployment and monitoring, SIEM tools, security automation, incident response & management, vulnerability management, and patch management will be essential. Moreover, your role will involve ensuring organization efficiencies through continual improvement programs, representing the organization in inspections and audits, driving action plans to closure, conducting deep dive RCAs and ensuring CAPAs are closed, and maintaining a metrics-driven approach. Additional qualifications such as experience with monitoring tools like Datadog, Change Management, Configuration Management, Infrastructure as Code tools, hardening Operating Systems and Applications, endpoint security management, working in GxP environments, and familiarity with various practices will be beneficial. With no travel expectations, this role requires a dedicated and experienced professional who can effectively lead security operations and teams, prioritize security and privacy, and drive continuous improvement initiatives to enhance organizational security posture.,

As an R&D engineer in the Common Software Foundation team at Nokia, you will be responsible for contributing to the delivery of secure open-source components in various PaaS environments such as NCS, AWS, Azure, and GCP. Your role will involve enhancing security by analyzing and prioritizing vulnerabilities in Rocky and Redhat OS, conducting scans, and implementing appropriate remediation measures. You will be actively involved in the development and testing of Rocky OS, utilizing your expertise in microservices, containers, and CI/CD DevOps practices. Your proficiency in secure protocols, encryption methodologies, and vulnerability assessment tools will play a crucial role in strengthening system security. Additionally, you will be contributing to SBOM generation, security design, and threat analysis to ensure compliance with industry standards. The ideal candidate for this position should hold an Engineering Graduate or equivalent degree with 3-8 years of experience in Development and Testing. You should possess expertise in Rocky and Redhat OS, as well as proficiency in programming languages such as Python, Go, C++, or Java. Hands-on experience with Microservices, Containers (Docker, Kubernetes, Helm), and CI/CD DevOps practices is essential for this role. Moreover, you should be skilled in secure protocols (TLS, SSH), encryption methodologies, and security hardening practices. Experience in vulnerability scanning, penetration tests, and the use of tools like Anchore, Tenable, and Nmap will be beneficial for this position. It would be advantageous if you also had an understanding of Zero Trust architecture, compliance frameworks (NIST, CIS, ISO 27001), and experience with AI-driven security analytics tools. Familiarity with tools like Terraform, Ansible, and cloud-native security practices across AWS, Azure, and GCP, as well as on Tomcat, Nginx, and Ingress Controller, would be a plus. Join Nokia to be a part of a team that is committed to innovation and technology leadership, and be a driving force in building capabilities for a more productive, sustainable, and inclusive world. Enjoy continuous learning opportunities, well-being programs, and a supportive environment where diversity and inclusion thrive.,

Oceaneerings India Center has been an integral part of Oceaneerings" global operations since 2003. The center caters to a wide range of business needs, including oil and gas field infrastructure, subsea robotics, automated material handling & logistics, and more. Our multidisciplinary team offers solutions in Subsea Engineering, Robotics, Automation, Control Systems, Software Development, Asset Integrity Management, Inspection, ROV operations, Field Network Management, Graphics Design & Animation, among others. In addition to technical functions, Oceaneering India Center also supports crucial business functions such as Finance, Supply Chain Management (SCM), Information Technology (IT), Human Resources (HR), and Health, Safety & Environment (HSE). Our infrastructure includes modern offices, industry-leading tools, equipped labs, and beautiful campuses that align with the future of work. We pride ourselves on a flexible, transparent, and collaborative work culture with great team synergy. As a Cybersecurity Technologist at Oceaneering, you will collaborate with project managers, business analysts, and contractors to implement security solutions that meet the company's requirements. Your role involves evaluating, selecting, designing, and integrating IT security systems and tools in a complex corporate environment. You will be required to travel domestically and internationally up to 10% of the time. **Duties And Responsibilities:** - Evaluate, select, design, and configure security infrastructure systems globally. - Perform security audits and assessments. - Analyze logs and identify critical events. - Analyze vulnerability scanning outputs and develop remediation tasks. - Implement complex changes to security solutions within the company network. - Generate solution design documentation. **Qualifications:** **Required:** - Proficiency in Palo Alto security products and CyberArk Endpoint Privilege Manager. - Experience with Splunk SIEM tool. - Knowledge of information security principles and practices. - Understanding of advanced security protocols and standards. - Basic knowledge of networking technologies. - Ability to pass a security background check. **Desired:** - Proficiency in Microsoft Excel, Word, PowerPoint, and Visio. - Degree in computer science or related field. - Knowledge of Active Directory configurations, Cyberark Identity Management, and CISCO networking equipment. - Familiarity with various security systems and tools. - CISSP certification. **Knowledge, Skills, Abilities, And Other Characteristics:** - Problem-solving skills in varied situations. - Ability to interpret instructions effectively. - Maintain confidentiality and security of information. - Effective team player. - Establish and maintain project priorities. Oceaneering provides equal employment opportunities. Full-time employees can apply along with external candidates. Learning and development opportunities are offered to support career growth. We prioritize internal promotion and offer long-term career advancement opportunities across countries and continents. If you are driven and ambitious, Oceaneering will support you in taking charge of your future with endless possibilities.,

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Create asset list and prioritize assets, conduct regular vulnerability assessments based on the Tenable tool, identify security weaknesses in systems and applications, work with peer teams till closure of the Vulns, track patching as per proposed timelines. Roles & Responsibilities:- Create correct asset list-Perform Vuln assessment-Relevant request to be raised thorough SNow.-Highlighting issues with the Scanned report to Product team and resolve it immediately. If issue not getting resolved, then escalate it to right stakeholder.-Analyse scan results and generate comprehensive reports detailing vulnerabilities, potential impacts, and remediation recommendations/Action plan with dates.-Collaborate with IT, Partner, Business and Security teams to prioritize and address identified vulnerabilities based on risk assessments and business impact.-Monitor and track remediation efforts on weekly / monthly basis to ensure vulnerabilities are resolved within defined timelines.-Maintain and update documentation related to vulnerability management processes, policies, and procedures.-Stay current with industry trends, threats, and vulnerabilities to provide informed recommendations and enhancements to the policies, and procedures Professional & Technical Skills: -Familiarity with vulnerability scanning tools, particularly Tenable and Snow.-Understanding of security frameworks and standards (e.g., NIST, ISO 27001).-Strong analytical and problem-solving skills with attention to detail.-Relevant certifications (e.g., Vulnerability Management, Certified Ethical Hacker (CEH), or similar) are a plus.-To succeed in this role, you should have the following skills and experience-Experience in vulnerability management or security operations. Additional Information:- The candidate should have minimum 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Penetration testing and vulnerability assessment expertise – Active Directory, Cloud Security, Network Pentesting, Application Security Testing etc. Exploit development and advanced offensive security tactics – EDR Bypass Techniques etc.

Critical Skills to Possess: 5–6 years of experience in IT infrastructure, cybersecurity, or systems engineering with a strong specialization in patch management . Deep technical knowledge of Windows Server/Desktop and Linux environments , including patching methods, registry/system configurations, and troubleshooting. Hands-on expertise with one or more enterprise patching tools : SCCM/MECM, Ivanti, Tanium, BigFix, WSUS, ManageEngine, etc. Strong understanding of vulnerability scanning tools like Qualys, Tenable, or Rapid7 , and how they integrate with patching workflows. Excellent command of scripting (PowerShell, Bash, Python) for automation and reporting tasks. Experience working in or alongside a Security Operations Center or IT Security team. Strong analytical skills, attention to detail, and the ability to handle high-stakes environments with minimal supervision. Excellent communication skills with the ability to interact effectively with technical and non-technical stakeholders. Preferred Qualifications: BS degree in Computer Science or Engineering or equivalent experience Roles and Responsibilities Lead the end-to-end patch management process across Windows, Linux, and third-party applications in a multi-platform environment. Act as the technical SME (Subject Matter Expert) for patching within the SOC, mentoring junior team members and defining best practices. Collaborate with vulnerability management, threat intelligence, and infrastructure teams to prioritize patching based on business risk and threat exposure. Own and optimize patching tools and platforms such as SCCM, BigFix, Ivanti, Tanium, or ManageEngine , including tool maintenance, policy creation, and automation scripts. Design and implement scalable patch deployment strategies that minimize system downtime and align with SLAs. Generate detailed patch compliance reports , conduct risk-based exception handling, and support internal/external audits. Contribute to security governance by aligning patching activities with ISO 27001, NIST, CIS , and other regulatory standards. Conduct root cause analysis on patching failures and recurring vulnerabilities, proposing long-term mitigation strategies. Coordinate and lead patch management review meetings with stakeholders and IT leadership.

Dev Ops -AWS/Azure -Terraform/Kubernetes: Hands on experience with Terraform & docker containerization. Hands on experience with AWS service like S3, API Gateway, Lambda , ECS and EKS. Hands on experience in different scripting languages like Groovy, Python, Shell Scripting etc. Implement security controls and best practices throughout the CI/CD pipeline, including vulnerability scanning, static code analysis, and dependency management using tools such as SonarQube and Software Composition Analysis (SCA). Primary Skills: AWS, Terraform, Docker, Jenkins, GitHub, Groovy Script and Python. Secondary Skills: Ansible, SonarQube , GitHub Actions

You will be joining the Vulnerability Management Services team at Atos Group, a global leader in data-driven, trusted, and sustainable digital transformation. With an annual revenue of approximately 5 billion, Atos operates as a next-generation digital business with leading positions in digital, cloud, data, advanced computing, and security across more than 47 countries. By leveraging high-end technologies and a team of 47,000 world-class talents, Atos expands the possibilities of data and technology for current and future generations. Your role will be based in Mumbai (Onsite) with a required experience of 5 to 8 years and the highest qualification of any full-time graduate. As a part of the team, you will be responsible for executing vulnerability scanning and managing VM programs for clients. It is crucial to complete projects within budgeted efforts and agreed timelines while ensuring high-quality deliverables. Key Responsibilities: - Perform vulnerability scanning using tools like SAINT, Nessus, Tenable.io, Tenable.sc, Qualys, etc. - Gain a deep understanding of client network architecture and infrastructure - Identify threats, vulnerabilities, and perform control analysis - Develop customized reports and dashboards as per client expectations - Proactively plan and execute projects - Determine likelihood, analyze impacts, and assess risks - Prioritize risks, recommend solutions, and document findings - Identify business risks associated with weaknesses identified during assessments - Collaborate with both business and technical teams for project scope definition, execution, and closure Skills Required: - 5+ years of experience in Vulnerability Scanning with expertise in tools like Qualys, Tenable, Rapid7, etc. - Ability to understand and explain vulnerabilities to stakeholders - Knowledge of various platforms such as Windows, Linux, Unix, Mac OS, Cisco, Juniper, etc. - Familiarity with standards like PCIDSS, CIS Benchmarks, etc. - Flexibility in handling challenging activities and creativity in problem-solving - Strong communication and writing skills with fluency in verbal communication If you are looking to grow and thrive in a dynamic and innovative environment, we invite you to join us on this exciting journey at Atos Group.,

You have a fantastic opportunity to join our team as a SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting professional with a minimum of 2 years of relevant experience. As a part of our team, you will be responsible for conducting Vulnerability assessment & Penetration testing (VAPT) as per the bank's regulatory and operational requirements. This includes External Penetration Testing of Bank's internet-facing Web, Mobile, Web services, Network, and Infrastructure on a periodic basis as per Bank's provided schedules. Your key roles and responsibilities will also include maintaining an up-to-date inventory of IT assets, regularly scanning and assessing systems for vulnerabilities, prioritizing vulnerabilities based on the risk and potential impact, conducting Continuous breach attack simulations, SCD (Secure Configuration Document) verifications, Anti-Malware & Malicious Content Scan, near real-time detection and monitoring of emerging vulnerabilities, and defining and measuring metrics to track the effectiveness of the VM program. To excel in this role, you are required to have a Professional Qualification and a certification such as Certified SOC Analyst (ECCouncil), Computer Hacking Forensic Investigator (ECCouncil), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH), or equivalent. Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA are preferred. If you have 2 to 5 years of experience in the field and are looking for a challenging opportunity in Navi Mumbai on a Fixed-Term Contract basis with a Face-to-Face interview type, then this role is perfect for you. Join us and be a part of a dynamic team dedicated to ensuring the security and integrity of our systems and data.,

As a Head of Web Application and API Protection at HSBC, you will be responsible for defining and maintaining the global strategy for Web Application Security & Protection (WASP). You will work closely with engineers, platform owners, architects, and Control Owners to ensure business success, meet regulatory expectations, and respond to evolving threat landscapes. Your role will involve owning the investment roadmap for WASP, prioritizing a common backlog to reduce risks and meet strategic needs. You will be accountable for delivering innovative and frictionless technologies and services to navigate cyber risks effectively. Collaboration with internal and external partners to develop technical solutions that meet business needs will be a key aspect of your responsibilities. Additionally, you will define, operate, and mature business services supporting the adoption and tuning of protections. Oversight of WASP end-to-end and ensuring regulatory compliance and risk management outcomes are maintained will be crucial. You will also lead and manage a team of skilled professionals, fostering a culture of empowerment, experimentation, learning, and partnership. To succeed in this role, you should have hands-on experience in designing and implementing web application protection strategies, a robust understanding of industry cybersecurity frameworks, and expertise in web application and API security. Strong analytical skills, experience in technology leadership roles, and knowledge of risk and control management frameworks are essential for this position. Joining HSBC as the Head of Web Application and API Protection will provide you with the opportunity to make a significant impact in maintaining a secure technology and data infrastructure. If you are looking to further develop your career in cybersecurity and technology leadership, HSBC is the place for you. For more information and to explore career opportunities at HSBC, visit www.hsbc.com/careers. Please note that personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, available on our website.,

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Vulnerability Scanning. Experience: 3-5 Years. >

The Security Consultant should have a strong understanding of the emerging security practices and standards. Should be able to consult, engineer and apply security best practices while designing and proposing solutions to our enterprise customers. Should be able to conduct system security, vulnerability analysis and risk assessment, identify security gaps, identify integration issues, study architecture/platform and design security architecture. A Cloud Native Security Consultant undertakes complex work of a high-risk level, often working on several projects. Qualifications/Experience: Bachelors degree in any stream. Minimum 3 years of working experience in Cyber Security Consulting or Advisory. Successfully delivered at-least 2 (two) Cyber Security consulting and implementation projects as consultant in recent years (2 years). Responsibilities Below will be the scope of the role Collaborate with teams to build & deliver solutions implementing serverless, microservices based, IaaS, PaaS and containerized architecture of multi cloud environment Develop rule base and parameterized IaC templates for automated deployment using Terraform Build CI/CD Pipeline using AWS (CodeBuild, CodeDeploy, CodePipeline), Google (Cloud Build), Azure (DevOps, Pipelines) Integrate 3rd party tool with CICD Process (e.g. SonarQube, CheckMarx, Embold) Config Manage environment using industry standard DevOps tools (Ansible) Implement scripting to extend build\deployment\monitoring process (PowerShell, Bash, Python) Ability to develop IaC with Terraform Strong understanding on Cloud Networking Container, Microservices, Docker, Kubernetes security. Network Security Orchestration on Microservices environment Secure Microservice Communication, Secure Authentication to Common DB without API/password/sharing keys Technical documentation, Product evaluation, POC. Implementation, Migration and Architect of Security Technology and Solution DevOps, DevSecOps and SRE (site reliability Engineering) mindset Knowledge and Skills Candidate should have experience in the below domains Hands on experience with Cloud Native Application protection CNAPP Tools (Prisma Cloud by Palo Alto, Checkpoint Cloud Guard, Aqua Security) Hands on experience with Automation Tools (e.g., Ansible, Chef, Puppet) Experienced with Application migration from Monolithic to Microservices Architecture Web Application Firewall implementation experience at Kubernetes and API Gateway Experience with implementation of Vulnerability scanner and Container Image repository hardening Well depth understanding on AWS, AZURE, GCP offered services (EKS, AKS, GKE) Understanding and review of Infrastructure as Code (IaC), Compliance as Code (CaC) Updated with trends and participation of industry recognized forum (e.g., Cloud Native Computing Foundation) Experienced with deliverables on Cloud Security Posture Management, Cloud Workload Protection, Cloud Infra Entitle Management, Serverless Security Application Security testing for Web and Mobile as SAST/DAST/IAST approach (Fortify, Veracode, Burp Suite) Secure Code review, Open-Source validation (Gitlab, Coverity, SonarQube, Black Duck) Well versed with OWASP Top10 and SANS top 25 Vulnerabilities and remediation Well understanding on PTES (Penetration Testing Execution Standard) and Testing. Well understanding Software Security Framework (e.g., BSIMM, SAMM)

As a highly skilled Azure Security Analyst at Global Power Components, you will be responsible for safeguarding our Azure cloud infrastructure. This role requires you to be onsite 100% of the time. Your main responsibilities will include monitoring and threat analysis, vulnerability assessments, policy development, compliance, incident response, continuous improvement, and training. In terms of monitoring and threat analysis, you will be expected to analyze security events, detect anomalies, respond to threats in real-time, generate detailed incident reports, and provide recommendations for mitigation. You will also need to continuously monitor Azure cloud environments using advanced security tools and dashboards. For vulnerability assessments, you will conduct regular security audits and risk assessments of Azure-based systems, identify vulnerabilities and gaps in the infrastructure, and implement corrective measures to ensure a secure environment. In terms of policy development, compliance, and incident response, you will develop, implement, and enforce Azure-specific security policies and best practices. You will lead the investigation and remediation of security incidents within Azure services and establish an incident response plan for Azure workloads. Continuous improvement and training are essential aspects of this role. You will need to stay updated on the latest Azure security tools, features, and threats, evaluate and recommend enhancements to the organization's Azure security architecture, and conduct security awareness training for employees on Azure-specific risks and preventive measures. To qualify for this position, you should have a Bachelor's degree in Computer Science, Information Technology, or a related field, along with 2+ years of experience in Azure security, cloud security, or a related field. A strong understanding of Azure Active Directory (Azure AD), Azure Security Center, and Azure Sentinel is required, as well as experience with identity and access management, including role-based access control (RBAC), and familiarity with vulnerability scanning tools and network security protocols. Global Power Components is an Equal Opportunity Employer committed to diversity and inclusion in the workplace.,

You are a talented ServiceNow IRM/GRC Developer Lead with over 8 years of experience working specifically with ServiceNow. Your expertise in GRC ServiceNow spans over 4 years, making you a valuable asset to the team. You are open to working in locations such as Noida, Bangalore, Pune, Hyderabad, Chennai, or others as needed. Immediate joiners are preferred for this role. Your key responsibilities include demonstrating a strong hands-on experience in ServiceNow IRM/GRC modules focusing on Risk, Compliance, and Audit. You possess expertise in Operational Risk Management with a secondary focus on IT risk. Your knowledge extends to IRM Workspaces with familiarity in the new UI and UI16. You have experience in Issue Management and are prepared for future enhancements related to Policy & Regulatory Management. As a ServiceNow IRM/GRC Developer Lead, you should excel in developing Business Rules, Notifications, and overall platform functionalities within ServiceNow. You are expected to have a comprehensive understanding of the business side of regulatory compliance, ranging from mutual funds to retail customers. Exposure to areas such as BCM, Knowledge Management, and Vulnerability Scanning would be advantageous for this role. The ideal candidate for this position is a tech-functional professional who can provide leadership in the development and maintenance of IRM/GRC solutions while possessing a deep understanding of the business context.,

We are looking for an experienced DevOps Architect to spearhead the design, implementation, and management of scalable, secure, and highly available infrastructure. As the ideal candidate, you should possess in-depth expertise in DevOps practices, CI/CD pipelines, cloud platforms, and infrastructure automation across various cloud environments. This role requires strong leadership skills and the ability to mentor team members effectively. Your responsibilities will include leading and overseeing the DevOps team to ensure the reliability of infrastructure and automated deployment processes. You will be tasked with designing, implementing, and maintaining highly available, scalable, and secure cloud infrastructure on platforms such as AWS, Azure, and GCP. Developing and optimizing CI/CD pipelines for multiple applications and environments will be a key focus, along with driving Infrastructure as Code (IaC) practices using tools like Terraform, CloudFormation, or Ansible. Monitoring, logging, and alerting solutions will fall under your purview to ensure system health and performance. Collaboration with Development, QA, and Security teams to integrate DevOps best practices throughout the SDLC is essential. You will also lead incident management and root cause analysis for production issues, ensuring robust security practices for infrastructure and pipelines. Guiding and mentoring team members to foster a culture of continuous improvement and technical excellence will be crucial. Additionally, evaluating and recommending new tools, technologies, and processes to enhance operational efficiency will be part of your role. Qualifications: - Bachelor's degree in Computer Science, IT, or a related field; Master's degree preferred. - At least two current cloud certifications (e.g., AWS Solutions Architect, Azure Administrator, GCP DevOps Engineer, CKA). - 10+ years of relevant experience in DevOps, Infrastructure, or Cloud Operations. - 5+ years of experience in a technical leadership or team lead role. Skills & Abilities: - Expertise in at least two major cloud platforms: AWS, Azure, or GCP. - Strong experience with CI/CD tools such as Jenkins, GitLab CI, Azure DevOps, or similar. - Hands-on experience with Infrastructure as Code (IaC) tools like Terraform, Ansible, or CloudFormation. - Proficiency in containerization and orchestration using Docker and Kubernetes. - Strong knowledge of monitoring, logging, and alerting tools (e.g., Prometheus, Grafana, ELK, CloudWatch). - Scripting knowledge in languages like Python, Bash, or Go. - Solid understanding of networking, security, and system administration. - Experience in implementing security best practices across DevOps pipelines. - Proven ability to mentor, coach, and lead technical teams. Conditions: Work Arrangement: An occasionally hybrid opportunity based out of our Trivandrum office. Travel Requirements: Occasional travel may be required for team meetings, user research, or conferences. On-Call Requirements: Light on-call rotation may be required depending on operational needs. Hours of Work: Monday to Friday, 40 hours per week, with overlap with PST required. Values: Our values at AOT guide how we work, collaborate, and grow as a team. Every role is expected to embody and promote values such as innovation, integrity, ownership, agility, collaboration, and empowerment.,

As an experienced DevOps Architect at our company, you will be responsible for driving the design, implementation, and management of scalable, secure, and highly available infrastructure. Your deep expertise in DevOps practices, CI/CD pipelines, cloud platforms, and infrastructure automation across multiple cloud environments will be essential. Additionally, your strong leadership and mentoring capabilities will play a key role in leading the DevOps team. Your primary duties and responsibilities will include leading and managing the DevOps team to ensure reliable infrastructure and automated deployment processes. You will design, implement, and maintain highly available, scalable, and secure cloud infrastructure across platforms such as AWS, Azure, and GCP. Developing and optimizing CI/CD pipelines for multiple applications and environments will be a crucial part of your role, along with driving Infrastructure as Code (IaC) practices using tools like Terraform, CloudFormation, or Ansible. Furthermore, you will oversee monitoring, logging, and alerting solutions to ensure system health and performance, collaborating with Development, QA, and Security teams to integrate DevOps best practices across the SDLC. Leading incident management and root cause analysis for production issues, ensuring robust security practices for infrastructure and pipelines, and guiding and mentoring team members will also be among your responsibilities. You will evaluate and recommend new tools, technologies, and processes to improve operational efficiency. To qualify for this role, you should possess a Bachelor's degree in Computer Science, IT, or a related field, with a Master's degree preferred. Additionally, you should have at least two current cloud certifications and 10+ years of relevant experience in DevOps, Infrastructure, or Cloud Operations, including 5+ years in a technical leadership or team lead role. Your expertise in major cloud platforms, strong experience with CI/CD tools, hands-on experience with IaC tools, proficiency in containerization and orchestration, and solid understanding of monitoring, logging, and alerting tools will be invaluable. Scripting knowledge in languages like Python, Bash, or Go, along with experience in implementing security best practices across DevOps pipelines, is required. Preferred skills include experience with serverless architecture, microservices deployment, security tools and best practices, exposure to hybrid cloud or multi-cloud environments, and knowledge of cost optimization and cloud governance strategies. Experience working in Agile teams and managing infrastructure in production-grade environments will be beneficial. This role offers an occasionally hybrid work arrangement based out of our Trivandrum office, with occasional travel requirements and light on-call rotation based on operational needs. Your adherence to our company's values of Innovation, Integrity, Ownership, Agility, Collaboration, and Empowerment will be crucial in embodying and promoting these values within the team.,