77 Vulnerability Scanning Jobs - Page 2

You are a skilled ServiceNow IRM/GRC Developer with over 7 years of experience, including 4+ years of relevant GRC experience. Your expertise lies in Risk, Compliance, and Audit modules within the ServiceNow platform. You possess a strong understanding of Operational Risk Management, with a particular focus on IT risk as a secondary aspect. Your proficiency extends to working with IRM Workspaces, specifically the new UI and UI16. You have hands-on experience in Issue Management and are eager to explore areas such as Policy & Regulatory Management in the future. Your abilities in developing Business Rules, Notifications, and navigating the ServiceNow platform are commendable. It is essential that you comprehend the business aspects of regulatory compliance, such as from mutual funds to retail customers. Exposure to areas like BCM, Knowledge Management, and Vulnerability Scanning would be advantageous for this role. The ideal candidate is a tech-functional expert who can lead the development and maintenance of IRM/GRC systems while possessing a deep understanding of the business context. Immediate joiners are preferred for this position based in Noida, although candidates from other locations are also welcome.,

As an L2 Resident Engineer, your primary responsibility will be to manage Tanzu Kubernetes Clusters efficiently. This includes tasks such as provisioning, configuring, and overseeing the day-to-day operations of Tanzu Kubernetes Clusters. You should have a solid understanding of VMware solutions like vSphere, VMware NSX, VMware vSAN, and vRealize Operations to ensure seamless integration and operation of the Tanzu platform. A key aspect of your role will involve troubleshooting issues related to the Tanzu/Kubernetes platform and providing timely resolutions to ensure optimal performance, zero trust security, and platform stability. You will also need to grasp the concepts of microservices architecture and assist application teams in onboarding applications onto the Tanzu platform. Knowledge of CNCF tools such as Jfrog Artifactory, Harbor, and dockerhub for hosting container images will be essential. Additionally, you will be responsible for handling Vulnerability Scanning using tools like Trivy, configuring Backup and Restore for Kubernetes Clusters using Velero, and managing S3 Compatible Storage. Administering ALB L4 Load Balancer, managing and configuring Ingress controllers, and overseeing the Life Cycle Management of Tanzu Kubernetes Platform, NSX ALB, vSphere, and NSX-T will also be part of your core responsibilities. You will be required to oversee Fluent bit Application Log for storing and managing application logs, as well as implement Continuous Integration, Delivery, and Deployment using CI/CD tools like Jenkins. Moreover, you will play a crucial role in the day-to-day maintenance and evolution of the Tanzu Kubernetes Platform by utilizing Prometheus monitoring, Grafana Visualization, vROPS dashboards, and alerting infrastructure. Providing expert technical guidance and support to internal teams, collaborating with cross-functional teams, and actively participating in DR Activities during scheduled maintenance windows are also expected from you. Documenting best practices, identified risks, and fixes, as well as supporting application teams for adoption in upcoming applications, will be part of your responsibilities. Possessing certifications such as VMware VCP-DCV 7.x or higher and Kubernetes Certifications like CKA/CKD/CKS would be considered advantageous for this role. Your ability to work independently with minimal supervision and your proactive approach to planning and executing tasks will be critical for success in this position.,

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:- Expected to be an SME, collaborate, and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Develop and implement security policies and procedures.- Conduct security assessments and audits.- Monitor security incidents and respond to breaches promptly.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of security frameworks and compliance standards.- Experience in conducting risk assessments and vulnerability scans.- Knowledge of security tools and technologies.- Good To Have Skills: Experience with Security Incident Response.- Hands-on experience in implementing security controls and measures. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to assess security risks, implementing security measures, and ensuring compliance with industry standards. You will engage in proactive security assessments and work on developing strategies to mitigate potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and application security principles.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security tools and technologies for vulnerability scanning and remediation.- Knowledge of compliance frameworks and regulations related to information security. Additional Information:- The candidate should have minimum 5 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Hi, Greetings from the IDESLABS, Urgent Requirement for Vulnerability Management, Location:Bangalore Employment Type:C2H Notice Period:Immediate JD: Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Responsible for identifying, assessing, and mitigating security vulnerabilities through automated and manual penetration testing. Develops remediation plans, conducts security audits, and ensures compliance with industry standards. Expertise in vulnerability scanners, ethical hacking, and cybersecurity frameworks is required.

1. Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Job Summary Experienced Vulnerability Management and penetration testing Governance lead will manage a team to oversee the identification, assessment, and remediation of security vulnerabilities across enterprise systems. This role will focus on establishing a proactive security posture, ensuring compliance with industry standards, and driving governance initiatives to mitigate risks effectively along with strong leadership and project management skills. Vulnerability Assessment: Lead regular vulnerability scans and penetration testing across infrastructure, cloud environments and outside-In. Security Baseline: Lead development and implementation of Security Baseline using CIS Benchmarks by determining the systems, applications, and network devices to be secured (e.g., Windows, Linux, Cloud, Docker, Kubernetes). Risk Analysis & Prioritization: Evaluate identified vulnerabilities based on severity, exploitability, and potential business impact. Remediation Planning: Collaborate with IT, security, engineering and entity teams to ensure timely remediation of high-risk vulnerabilities. Governance & Compliance: Develop and enforce security governance frameworks in line with industry standards (e.g., NIST, CIS, ISO 27001, PCI-DSS). Threat Intelligence Integration Leverage global threat intelligence feeds to stay ahead of emerging security threats and vulnerabilities. Security Policy Development: Define policies and best practices for vulnerability management, reporting, and remediation. Automation & Continuous Monitoring: Implement automated vulnerability scanning tools and ensure ongoing security assessments. Incident Response Support: Provide technical guidance in vulnerability-related security incidents and audits. Reporting & Metrics: Establish key risk indicators and provide executive reports on vulnerability trends and remediation progress. Experience: 12+ years in cybersecurity, vulnerability management, or Penetration testing roles. Technical Expertise: Hands-on experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Nessus, OpenVAS), penetration testing and threat intelligence platforms. Penetration Testing & Ethical Hacking Experience with tools like Metasploit, Burp Suite, Nmap, and Wireshark for real-world security assessments. Security Framework Knowledge: Strong understanding of NIST, CIS benchmarks, OWASP Top 10, and CVSS scoring models. Compliance Awareness: Familiarity with regulatory standards affecting security risk management. Leadership & Communication: Ability to coordinate with multiple stakeholders, drive security improvements, and articulate risks effectively. Certifications such as CISSP, CISM, CEH, OSCP or equivalent. Experience in cloud vulnerability management (AWS, Azure, GCP). Knowledge of DevSecOps practices and security automation. Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Vulnerability Scanning. Experience5-8 Years.

This role involves utilizing the Qualys tool for report shared by Group team, analysis and reporting to ensure the security and compliance of our systems. KEY RESPONSIBILITIES: Conduct regular vulnerability assessments based on the Qualys tool report received by Product team to identify security weaknesses in systems and applications. Relevant request to be raised thorough silva. Highlighting issues with the Scanned report to Product team and resolve it immediately. If issue not getting resolved, then escalate it to right stakeholder. Analyze scan results and generate comprehensive reports detailing vulnerabilities, potential impacts, and remediation recommendations/Action plan with dates. Collaborate with IT, Partner, Business and Security teams to prioritize and address identified vulnerabilities based on risk assessments and business impact. Monitor and track remediation efforts on weekly / monthly basis to ensure vulnerabilities are resolved within defined timelines. Maintain and update documentation related to vulnerability management processes, policies, and procedures. Stay current with industry trends, threats, and vulnerabilities to provide informed recommendations and enhancements to the vulnerability management program. QUALIFICATIONS: Bachelors degree in information technology, Cybersecurity, or a related field. 4-7 years of experience in vulnerability management or security operations. Familiarity with vulnerability scanning tools, particularly Qualys. Understanding of security frameworks and standards (e.g., NIST, ISO 27001). Strong analytical and problem-solving skills with attention to detail. Relevant certifications (e.g., Vulnerability Management, Certified Ethical Hacker (CEH), or similar) are a plus. To succeed in this role, you should have the following skills and experience Soft Skills Exceptional communication and interpersonal skills, with the ability to collaborate effectively with stakeholders at all levels. Cross-cultural etiquette, customer centric and collaborative mindset. Good command of stakeholder management, judgement, conflict resolution, risk & mitigations. Excellent team player skills.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data ServicesMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Engineer / Associate Architect Cloud Security Operations & EngineeringWe are looking for GCP Security Engineers / Associate Architects with 5+ years of experience in cloud security engineering and automation. This role supports operational security, control configuration, and secure design practices for GCP workloads. Roles & Responsibilities:Implement GCP security controls:IAM, VPC security, VPNs, KMS, Cloud Armor, and secure networking.Manage GCP identity and access, including SSO, MFA, and federated IDP configurations.Monitor workloads using Cloud Operations Suite and escalate anomalies.Conduct basic threat modeling, vulnerability scanning, and patching processes.Automate security audits and compliance controls using Terraform and Cloud Shell scripting.Assist architects in deploying and maintaining secure-by-default infrastructure.Support audit preparation, policy enforcement, and evidence gathering.Collaborate with cross-functional teams to resolve security alerts and findings.Maintain detailed technical documentation and knowledge sharing resources. Professional & Technical Skills: Working knowledge of IAM, KMS, GCP networking, and cloud policy enforcement.Familiarity with IaC tools (Terraform), scripting, and log analytics.Strong desire to grow in the cloud security domain.Good communication skills and proactive approach to problem-solving.Thrives in a fast-paced, learning-oriented environment. Additional Information:Bachelors degree in Computer Science, IT, or Information Security.Certifications such as Google Cloud Certified Professional Cloud Security Engineer is a must; Associate Cloud Engineer is a plus.- 5+ years in security or cloud engineering, with at least 12 years in GCP.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education

The Opportunity "This is an opportunity to define, build, and shape the future of FICOs Cybersecurity and Risk Posture. As part of the Threat & Vulnerability Management team, you will collaborate across the business, IT, and client environments to secure our cloud and data center infrastructure. Your contributions will be key to strengthening FICO's defense mechanisms and enhancing our compliance posture. We're looking for a cybersecurity expert passionate about continuous improvement, cloud security, and vulnerability risk reduction. If you're someone who thrives in a fast-paced environment and wants to work on high-impact global security initiatives, this role is for you" - VP, Software Engineering. What Youll Contribute Collaborate with the Cyber Security Team, business stakeholders, IT partners, and clients to manage and reduce cybersecurity risk. Act as a subject matter expert in vulnerability scanning, compliance monitoring, and risk reporting. Operate and optimize tools such as Wiz, Qualys, or similar for vulnerability scanning across cloud and on-prem environments. Validate, triage, and risk-rank vulnerabilities based on severity, exposure, and potential business impact. Drive remediation planning with Product and IT teams, and oversee patch management cycles. Contribute to threat & vulnerability management strategy, policy, and continuous process improvement. Conduct periodic risk assessments and develop mitigation strategies in line with compliance requirements. Monitor the evolving threat landscapeincluding zero-day exploits, vendor patches, EOL systemsand proactively update mitigation plans. Lead initiatives to improve configuration, cloud asset management, vulnerability and patch management practices. Provide documentation, reporting, and cross-functional collaboration support. What Were Seeking Bachelors degree in Computer Science, Information Security, or a related field (or equivalent work experience). 36 years of hands-on experience with cloud security tools such as Wiz, Qualys, or similar vulnerability scanning platforms. Strong understanding of AWS infrastructure and cloud security principles. Working knowledge of operating system and application-level vulnerabilities and how they relate. Familiarity with risk-based vulnerability management and compliance frameworks. CISSP, CISM or equivalent certifications preferred (or willingness to obtain). Ability to multitask, manage complex data sets, and collaborate with diverse teams. Knowledge of scripting languages (e.g., Python, Bash) is a plus. Demonstrated experience in cloud (especially AWS) patch and configuration management. Familiarity with malware behavior, indicators of compromise, and modern threat vectors. Strong documentation, analytical, and communication skills. Our Offer to You An inclusive culture strongly reflecting our core valuesAct Like an Owner, Delight Our Customers and Earn the Respect of Others. The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences. Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so. An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie. Why Make a Move to FICO At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today Big Data analytics. Youll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more. FICO makes a real difference in the way businesses operate worldwide Credit Scoring FICO Scores are used by 90 of the top 100 US lenders. Fraud Detection and Security 4 billion payment cards globally are protected by FICO fraud systems. Lending 3/4 of US mortgages are approved using the FICO Score. Learn more about how you can fulfil your potential at

Job Description Objective LabVantage Solutions is an industry leading provider of laboratory software products. Our products enable scientists and analysts across the globe to develop novel solutions, work effectively, and meet regulatory compliance. LabVantage solution is an OLTP system based on RDBMS platforms, including Oracle, SQL Server, and EDB (Postgres managed DB for our SaaS solution). This position plays a key role in the development and security of LabVantage Solutions software. The individual will be responsible for monitoring and analyzing security vulnerabilities, conducting risk assessments, and implementing security measures. They will ensure secure coding practices, perform security testing, and collaborate with DevOps to integrate security into the development lifecycle. The Security Engineer must have a solid understanding of core Java concepts such as imports, inheritance, and class conflicts, and should be capable of making necessary code changes. They will be responsible for identifying potential risks to LabVantage and recommending appropriate mitigation strategies, including suppression, smoke testing, soak testing, or limited regression. Role Responsibility Review and Monitor CVEs: Continuously monitor Common Vulnerabilities and Exposures (CVEs) to identify potential threats and vulnerabilities. Penetration Test Analysis: Analyze penetration test reports to understand vulnerabilities and recommend remediation steps. Dependency and Third-Party Software Management: Assess and manage dependencies and third-party software for security risks. Risk Assessment and Mitigation: Conduct risk assessments and develop mitigation strategies to address identified vulnerabilities. Static and Dynamic Analysis: Use tools for static and dynamic code analysis to detect vulnerabilities and ensure code quality. Integration with DevOps: Work closely with DevOps teams to integrate security into the CI/CD pipeline, ensuring automated and continuous security checks. Threat Modeling: Perform threat modeling to identify potential security threats and design countermeasures during the product design phase. Security Testing: Conduct various types of security testing, such as penetration testing, to identify and address vulnerabilities in the product. Security Requirements: Define and enforce security requirements for new features and products to ensure they meet the organization's security standards. Job Qualifications 5+ years of experience in information security, including roles as a Security Analyst and/or Security Engineer. Experience with secure coding practices, code reviews, and security testing. Experience with static and dynamic code analysis tools. Experience with CI/CD pipelines and integrating security into DevOps processes. Certifications: Relevant certifications such as CISSP, CEH, OSCP, or similar. Skills Strong understanding of security principles, protocols, and best practices. Proficiency in security tools and technologies (e.g., Wiz, SonarQube, vulnerability scanners). Knowledge of regulatory requirements and industry standards (e.g., GDPR, ISO 27001, SOC2). Familiarity with the OWASP Top 10 vulnerabilities and mitigation strategies Understanding of NIST cybersecurity standards and frameworks (e.g., NIST CSF, NIST SP 800-53) Strong communication and collaboration skills. Interested candidates apply!

Project description Security is a global organization within Group Technology Infrastructure and Security Engineering. Our services focus on preventing and detecting cyber threats and securing our IT systems. We provide consolidated and reliable security services that implement secure design principles and create best-fit solutions. You will be working in the Cyber Technology service team, providing security products and services for the Cyber Hygiene space - specifically for Infrastructure Scanning and vulnerability assessment. We provide consolidated and reliable security hygiene controls to our clients using the latest technology. As a Cyber Security Engineer, you will play a vital role in creating Infrastructure Scanning and Security Remediation capabilities, determining required IT business solutions, and assisting in implementing them. We offer flexibility in the workplace and equal opportunities to all our team members. Responsibilities Perform vulnerability scanning to discover and analyze vulnerabilities and characterize risks to networks, OS, application, databases etc. (to meet scan coverage targets) Stakeholder engagement to recommend appropriate remedial actions to mitigate risks and validate remedial actions and ensure compliance with regulatory requirements. Perform vulnerability management system administration functions, as required Maintain proficiency in vulnerability management best practices Onboarding new attack surface to vulnerability scanning process Documentation management and continuous service improvement Skills Must have - 5-10 years relevant experience Degree in related discipline or qualified by experience Well-developed oral and written English communication skills Team player with ability to work collaboratively with others and aptitude for self-development Experience using commercial vulnerability scanning solutions such as Rapid7, Qualys, Tenable etc. Expertise with administration of networks, windows and or Linux operating systems An understanding of IT Security Risk, attack vector Nice to have N/A Other Languages EnglishC1 Advanced Seniority Regular

Project description Security is a global organization within Group Technology Infrastructure and Security Engineering. Our services focus on preventing and detecting cyber threats and securing our IT systems. We provide consolidated and reliable security services that implement secure design principles and create best-fit solutions. You will be working in the Cyber Technology service team, providing security products and services for the Cyber Hygiene space - specifically for Infrastructure Scanning and vulnerability assessment. We provide consolidated and reliable security hygiene controls to our clients using the latest technology. As a Cyber Security Engineer, you will play a vital role in creating Infrastructure Scanning and Security Remediation capabilities, determining required IT business solutions, and assisting in implementing them. We offer flexibility in the workplace and equal opportunities to all our team members. Responsibilities Sound cloud security knowledge, specialized in Azure. Hands on experience on cloud security tools like Wiz.io. Evaluate & assess vulnerabilities/ threats published on internet's cyber space and analysis the relevance to organization. Emergency vulnerability management process. Analysis Zero days, vulnerabilities exploited in the wild to safeguard organization IT landscape. Collaborate with technology, platform, and security teams to mitigate the emerging threats. Conduct assessment on security advisories and support vulnerability advisory process. Maintain & improve existing severity risk rating mechanism and provide sustainable ways for risk mitigation. Skills Must have Ideally up to eight years of hands-on experience with vulnerability scanning tools. Certifications like CEH, OSCP etc will be additional advantage. Good knowledge of CVE's, EPSS, vulnerabilities and exploits. Proven experience in vulnerability management and in depth understanding of vulnerability management lifecycle. Potentially, experience with other security processes e.g. vulnerability scanning or configuration management Prioritisation of complex technical tasks Good at communicating and documenting technical information (MS Teams, Confluence, Gitlab) Skills to collaborate & manage technology partners and other security counterparts. Technical communication and documentation skills Nice to have N/A Other Languages EnglishC1 Advanced Seniority Senior

We are looking for a skilled and motivated Vulnerability Management Engineer to join our team In this role, you will be responsible for assessing, tracking, and managing vulnerabilities in cloud and platform environments You will play a critical role in ensuring the security posture of applications and infrastructure, using various vulnerability management tools and processes Your responsibilities will include evaluating vulnerabilities, triaging risks, and ensuring proper remediation actions are taken to protect the organization's systems Responsibilities: Vulnerability Assessment: Assess the risk of CVEs (Common Vulnerabilities and Exposures) in the context of your environment and prioritize them based on risk Vulnerability Management Lifecycle: Triage the entire vulnerability management lifecycle, ensuring vulnerabilities are identified, tracked, and remediated in a timely manner Application Security Vulnerability Management: Manage and oversee the Application Security and Vulnerability Management product, including CSPM (Cloud Security Posture Management), SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), Dependency Scans, and Secrets Scans Cloud Security Container Protection: Responsible for platform vulnerability management, including Cloud Security Posture Management and Container Workload Protection using Prisma Scanner Change Request Analysis: Evaluate change requests for e-commerce systems, assess security implications, and provide security recommendations Change Tracking: Track all feature changes, bug fixes, and release changes for each platform release to ensure no vulnerabilities are introduced CVE Tracking: Monitor and track CVEs, ensuring timely identification, prioritization, and assessment of vulnerabilities Component Identification: Identify and document components and systems impacted by proposed changes and their associated vulnerabilities Security Assessment Planning: Develop and implement security assessment plans for changes to ensure compliance with industry standards and best practices Vulnerability Scanning: Conduct regular vulnerability scans of infrastructure and source code, focusing on Kubernetes containerized apps, to identify and prioritize security risks Documentation: Maintain detailed and accurate records of vulnerability assessments, findings, remediation actions, and reporting for compliance purposes Security Tools: Experience with enterprise-grade vulnerability management tools like Prisma and Wiz is a plus Qualifications: Solid understanding of vulnerability management life cycle and risk assessment Experience with vulnerability scanning tools and platforms such as Prisma/Wiz Familiarity with Cloud Security Posture Management (CSPM), Container Workload Protection, SAST, DAST, and Dependency Scans Proven experience in security assessment, vulnerability remediation, and risk management Strong knowledge of CVE tracking and vulnerability prioritization techniques Knowledge of security best practices and compliance standards Excellent documentation, communication, and collaboration skills Past experience in operating enterprise-grade security vulnerability management tools is a plus

Must have skills : - 3+ years of experience focusing on operational vulnerability management work, specifically for processing vulnerabilities from Tenable in that Tenable IO and Tenable SC. - Experience in vulnerability management lifecycle, less on the scanning side, the rest for more on the life cycle, prioritization, remediation, analysis, tracking, reporting and driving through. - Emphasis on the remediation assistance process, create tickets or distributing vulnerabilities - Experience with JIRA Ticketing tool and experience in handling the Vulnerability Management process for large scale enterprises. - Shift Timings general but the candidate should be available to take calls at 5am IST scheduled across different location which includes Singapore, US and Arizona . Responsibilities : - Interpret vulnerability scan results and hand off to IT operations/product teams for remediation (primarily infrastructure vulns from Tenable; may also include container runtime or container registry vulnerabilities) - Provide remediation assistance to remediation owners (e.g technical steps to apply patches, investigate work arounds) - Track and report on overall remediation progress - Facilitation extension requests - Excellent collaboration and organization skills - Experience with Fortune 250 vulnerability management programs (large scale enterprises) - Familiarity with JIRA ticketing, JIRA dashboard creation.

Must have skills : - 3+ years of experience focusing on operational vulnerability management work, specifically for processing vulnerabilities from Tenable in that Tenable IO and Tenable SC. - Experience in vulnerability management lifecycle, less on the scanning side, the rest for more on the life cycle, prioritization, remediation, analysis, tracking, reporting and driving through. - Emphasis on the remediation assistance process, create tickets or distributing vulnerabilities - Experience with JIRA Ticketing tool and experience in handling the Vulnerability Management process for large scale enterprises. - Shift Timings general but the candidate should be available to take calls at 5am IST scheduled across different location which includes Singapore, US and Arizona . Responsibilities : - Interpret vulnerability scan results and hand off to IT operations/product teams for remediation (primarily infrastructure vulns from Tenable; may also include container runtime or container registry vulnerabilities) - Provide remediation assistance to remediation owners (e.g technical steps to apply patches, investigate work arounds) - Track and report on overall remediation progress - Facilitation extension requests - Excellent collaboration and organization skills - Experience with Fortune 250 vulnerability management programs (large scale enterprises) - Familiarity with JIRA ticketing, JIRA dashboard creation.

Must have skills : - 3+ years of experience focusing on operational vulnerability management work, specifically for processing vulnerabilities from Tenable in that Tenable IO and Tenable SC. - Experience in vulnerability management lifecycle, less on the scanning side, the rest for more on the life cycle, prioritization, remediation, analysis, tracking, reporting and driving through. - Emphasis on the remediation assistance process, create tickets or distributing vulnerabilities - Experience with JIRA Ticketing tool and experience in handling the Vulnerability Management process for large scale enterprises. - Shift Timings general but the candidate should be available to take calls at 5am IST scheduled across different location which includes Singapore, US and Arizona . Responsibilities : - Interpret vulnerability scan results and hand off to IT operations/product teams for remediation (primarily infrastructure vulns from Tenable; may also include container runtime or container registry vulnerabilities) - Provide remediation assistance to remediation owners (e.g technical steps to apply patches, investigate work arounds) - Track and report on overall remediation progress - Facilitation extension requests - Excellent collaboration and organization skills - Experience with Fortune 250 vulnerability management programs (large scale enterprises) - Familiarity with JIRA ticketing, JIRA dashboard creation.

Job Summary Proven hands on experience in Cloud Security technology and suites with Platforms GCP Azure OCI GCP and Kubernetes is a must Hands on experience and expertise with Prisma Cloud suite with CSPM and Compute modules CI or CD pipeline integration and security tooling SAST DAST OSS scanning Strong understanding of Kubernetes architecture clusters workloads RBAC networking auto scaling deployment Familiarity with cloud native DevOps environments Azure OCI and GCP Responsibilities Hands on experience working with various Cloud platforms GCP Azure and OCI GCP is a must with an understanding of native controls suite part of Google. Drive Cloud security initiatives around particularly around Prisma Cloud controls into CI or CD workflows runtime and CSPM. Define and enforce policies for secure build and deploy processes across cloud and various enforcement points CI or CD CSPM Runtime Gatekeep policies Azure tenant policies Assess and monitor Kubernetes environments for misconfigurations and risks Respond to security alerts and recommend remediation strategies Partner with DevOps and engineering to strengthen security posture across SDLC Strong understanding of cloud-native security concepts including network security identity and access management IAM container security vulnerability scanning threat management and incident response.

CyberShelter is seeking a Senior Offensive Security Tester to perform and oversee advanced security testing across applications, infrastructure, and cloud environments. As a senior member of the offensive security team, this role requires strong hands-on expertise in VAPT, red teaming exercises, and security assessments, along with leadership in task execution and mentorship of the testers. Key Responsibilities Conduct advanced vulnerability assessments and penetration tests on: Web applications, Mobile Apps (iOS/Android), APIs Network and infrastructure (on-prem and cloud) Thick client Execute red team exercises simulating real-world attack scenarios and lateral movement techniques. Perform source code reviews, threat modeling, and architecture review as required. Document findings with clear PoCs and detailed impact analysis for business stakeholders. Support the Offensive Security Lead in managing technical execution and ensuring adherence to methodology. Mentor and guide junior testers and analysts in tool usage, attack simulation, and reporting standards. Stay updated on emerging threats, exploits, and offensive tooling enhancements. Participate in client walkthroughs, support remediation discussions, and align assessments with business context. Qualifications Experience: 57 years of experience in offensive security testing, VAPT, or red teaming roles. Technical Skills: Strong understanding of OWASP Top 10, SANS/CWE, MITRE ATT&CK Familiarity with source code analysis and scripting (Python, Bash, PowerShell) Certifications: OSCP preferred; other certifications like eCPPT, CRTP, OSEP, or CREST Practitioner are a plus. Soft Skills: Good reporting skills, team collaboration, and attention to detail. Preferred Attributes Passionate about ethical hacking and continuous skill development Able to work independently on assigned tasks and manage priorities effectively Comfortable operating in a fast-paced, customer-facing environment Role & responsibilities

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources.Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD,PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis.Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities.Identify log sources and examine system logs to reconstruct event histories using forensic techniques.Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging.Maintain and support the operational integrity of SOC toolsets.Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans.Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively.Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive.Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Workplace type : On-site Working

Your day at NTT DATA The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests. The Security Managed Services Engineer (L1) may also contribute to / support on project work as and when required. What youll be doing Key Responsibilities: Configure and maintain the SIEM system, ensuring that its properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the systems reliability and effectiveness. Maintain thorough documentation of the SIEM systems configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Academic Qualifications and Certifications: Bachelors degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). CEH certification is Must.

Your day at NTT DATA The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational. Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients. The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity. The Security Managed Services Engineer (L2) may also contribute to support on project work as and when required. What you'll be doing Key Responsibilities: Min 4+ Years exp in Soc along with SIEM (Splunk). Min 2 years Hands on exp in Splunk. Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources. Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD, PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis. Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities. Identify log sources and examine system logs to reconstruct event histories using forensic techniques. Align SIEM rules and alerts with the LICs security policies and compliance requirements. Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging. Maintain and support the operational integrity of SOC toolsets. Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness. Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans. Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner. Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively. Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits. Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive. Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency. Knowledge and Attributes: Ability to communicate and work across different cultures and social groups. Ability to plan activities and projects well in advance, and takes into account possible changing circumstances. Ability to maintain a positive outlook at work. Ability to work well in a pressurized environment. Ability to work hard and put in longer hours when it is necessary. Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting. Ability to adapt to changing circumstances. Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey. Academic Qualifications and Certifications: Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience). Active CEH certification is Must. Required Experience: Moderate level of relevant managed services experience handling Security Infrastructure. Moderate level of knowledge in ticketing tools preferably Service Now. Moderate level of working knowledge of ITIL processes. Moderate level of experience working with vendors and/or 3rd parties. Workplace type : On-site Working