130 Vulnerability Scanning Jobs - Page 3

Oceaneerings India Center has been an integral part of Oceaneerings" global operations since 2003. The center caters to a wide range of business needs, including oil and gas field infrastructure, subsea robotics, automated material handling & logistics, and more. Our multidisciplinary team offers solutions in Subsea Engineering, Robotics, Automation, Control Systems, Software Development, Asset Integrity Management, Inspection, ROV operations, Field Network Management, Graphics Design & Animation, among others. In addition to technical functions, Oceaneering India Center also supports crucial business functions such as Finance, Supply Chain Management (SCM), Information Technology (IT), Human Resources (HR), and Health, Safety & Environment (HSE). Our infrastructure includes modern offices, industry-leading tools, equipped labs, and beautiful campuses that align with the future of work. We pride ourselves on a flexible, transparent, and collaborative work culture with great team synergy. As a Cybersecurity Technologist at Oceaneering, you will collaborate with project managers, business analysts, and contractors to implement security solutions that meet the company's requirements. Your role involves evaluating, selecting, designing, and integrating IT security systems and tools in a complex corporate environment. You will be required to travel domestically and internationally up to 10% of the time. **Duties And Responsibilities:** - Evaluate, select, design, and configure security infrastructure systems globally. - Perform security audits and assessments. - Analyze logs and identify critical events. - Analyze vulnerability scanning outputs and develop remediation tasks. - Implement complex changes to security solutions within the company network. - Generate solution design documentation. **Qualifications:** **Required:** - Proficiency in Palo Alto security products and CyberArk Endpoint Privilege Manager. - Experience with Splunk SIEM tool. - Knowledge of information security principles and practices. - Understanding of advanced security protocols and standards. - Basic knowledge of networking technologies. - Ability to pass a security background check. **Desired:** - Proficiency in Microsoft Excel, Word, PowerPoint, and Visio. - Degree in computer science or related field. - Knowledge of Active Directory configurations, Cyberark Identity Management, and CISCO networking equipment. - Familiarity with various security systems and tools. - CISSP certification. **Knowledge, Skills, Abilities, And Other Characteristics:** - Problem-solving skills in varied situations. - Ability to interpret instructions effectively. - Maintain confidentiality and security of information. - Effective team player. - Establish and maintain project priorities. Oceaneering provides equal employment opportunities. Full-time employees can apply along with external candidates. Learning and development opportunities are offered to support career growth. We prioritize internal promotion and offer long-term career advancement opportunities across countries and continents. If you are driven and ambitious, Oceaneering will support you in taking charge of your future with endless possibilities.,

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :Create asset list and prioritize assets, conduct regular vulnerability assessments based on the Tenable tool, identify security weaknesses in systems and applications, work with peer teams till closure of the Vulns, track patching as per proposed timelines. Roles & Responsibilities:- Create correct asset list-Perform Vuln assessment-Relevant request to be raised thorough SNow.-Highlighting issues with the Scanned report to Product team and resolve it immediately. If issue not getting resolved, then escalate it to right stakeholder.-Analyse scan results and generate comprehensive reports detailing vulnerabilities, potential impacts, and remediation recommendations/Action plan with dates.-Collaborate with IT, Partner, Business and Security teams to prioritize and address identified vulnerabilities based on risk assessments and business impact.-Monitor and track remediation efforts on weekly / monthly basis to ensure vulnerabilities are resolved within defined timelines.-Maintain and update documentation related to vulnerability management processes, policies, and procedures.-Stay current with industry trends, threats, and vulnerabilities to provide informed recommendations and enhancements to the policies, and procedures Professional & Technical Skills: -Familiarity with vulnerability scanning tools, particularly Tenable and Snow.-Understanding of security frameworks and standards (e.g., NIST, ISO 27001).-Strong analytical and problem-solving skills with attention to detail.-Relevant certifications (e.g., Vulnerability Management, Certified Ethical Hacker (CEH), or similar) are a plus.-To succeed in this role, you should have the following skills and experience-Experience in vulnerability management or security operations. Additional Information:- The candidate should have minimum 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Penetration testing and vulnerability assessment expertise – Active Directory, Cloud Security, Network Pentesting, Application Security Testing etc. Exploit development and advanced offensive security tactics – EDR Bypass Techniques etc.

Critical Skills to Possess: 5–6 years of experience in IT infrastructure, cybersecurity, or systems engineering with a strong specialization in patch management . Deep technical knowledge of Windows Server/Desktop and Linux environments , including patching methods, registry/system configurations, and troubleshooting. Hands-on expertise with one or more enterprise patching tools : SCCM/MECM, Ivanti, Tanium, BigFix, WSUS, ManageEngine, etc. Strong understanding of vulnerability scanning tools like Qualys, Tenable, or Rapid7 , and how they integrate with patching workflows. Excellent command of scripting (PowerShell, Bash, Python) for automation and reporting tasks. Experience working in or alongside a Security Operations Center or IT Security team. Strong analytical skills, attention to detail, and the ability to handle high-stakes environments with minimal supervision. Excellent communication skills with the ability to interact effectively with technical and non-technical stakeholders. Preferred Qualifications: BS degree in Computer Science or Engineering or equivalent experience Roles and Responsibilities Lead the end-to-end patch management process across Windows, Linux, and third-party applications in a multi-platform environment. Act as the technical SME (Subject Matter Expert) for patching within the SOC, mentoring junior team members and defining best practices. Collaborate with vulnerability management, threat intelligence, and infrastructure teams to prioritize patching based on business risk and threat exposure. Own and optimize patching tools and platforms such as SCCM, BigFix, Ivanti, Tanium, or ManageEngine , including tool maintenance, policy creation, and automation scripts. Design and implement scalable patch deployment strategies that minimize system downtime and align with SLAs. Generate detailed patch compliance reports , conduct risk-based exception handling, and support internal/external audits. Contribute to security governance by aligning patching activities with ISO 27001, NIST, CIS , and other regulatory standards. Conduct root cause analysis on patching failures and recurring vulnerabilities, proposing long-term mitigation strategies. Coordinate and lead patch management review meetings with stakeholders and IT leadership.

Dev Ops -AWS/Azure -Terraform/Kubernetes: Hands on experience with Terraform & docker containerization. Hands on experience with AWS service like S3, API Gateway, Lambda , ECS and EKS. Hands on experience in different scripting languages like Groovy, Python, Shell Scripting etc. Implement security controls and best practices throughout the CI/CD pipeline, including vulnerability scanning, static code analysis, and dependency management using tools such as SonarQube and Software Composition Analysis (SCA). Primary Skills: AWS, Terraform, Docker, Jenkins, GitHub, Groovy Script and Python. Secondary Skills: Ansible, SonarQube , GitHub Actions

You will be joining the Vulnerability Management Services team at Atos Group, a global leader in data-driven, trusted, and sustainable digital transformation. With an annual revenue of approximately 5 billion, Atos operates as a next-generation digital business with leading positions in digital, cloud, data, advanced computing, and security across more than 47 countries. By leveraging high-end technologies and a team of 47,000 world-class talents, Atos expands the possibilities of data and technology for current and future generations. Your role will be based in Mumbai (Onsite) with a required experience of 5 to 8 years and the highest qualification of any full-time graduate. As a part of the team, you will be responsible for executing vulnerability scanning and managing VM programs for clients. It is crucial to complete projects within budgeted efforts and agreed timelines while ensuring high-quality deliverables. Key Responsibilities: - Perform vulnerability scanning using tools like SAINT, Nessus, Tenable.io, Tenable.sc, Qualys, etc. - Gain a deep understanding of client network architecture and infrastructure - Identify threats, vulnerabilities, and perform control analysis - Develop customized reports and dashboards as per client expectations - Proactively plan and execute projects - Determine likelihood, analyze impacts, and assess risks - Prioritize risks, recommend solutions, and document findings - Identify business risks associated with weaknesses identified during assessments - Collaborate with both business and technical teams for project scope definition, execution, and closure Skills Required: - 5+ years of experience in Vulnerability Scanning with expertise in tools like Qualys, Tenable, Rapid7, etc. - Ability to understand and explain vulnerabilities to stakeholders - Knowledge of various platforms such as Windows, Linux, Unix, Mac OS, Cisco, Juniper, etc. - Familiarity with standards like PCIDSS, CIS Benchmarks, etc. - Flexibility in handling challenging activities and creativity in problem-solving - Strong communication and writing skills with fluency in verbal communication If you are looking to grow and thrive in a dynamic and innovative environment, we invite you to join us on this exciting journey at Atos Group.,

You have a fantastic opportunity to join our team as a SOC/Incident Management/Incident Response /Threat Detection Engineering/ Vulnerability Management/ SOC platform management/ Automation/Asset Integration/ Threat Intel Management /Threat Hunting professional with a minimum of 2 years of relevant experience. As a part of our team, you will be responsible for conducting Vulnerability assessment & Penetration testing (VAPT) as per the bank's regulatory and operational requirements. This includes External Penetration Testing of Bank's internet-facing Web, Mobile, Web services, Network, and Infrastructure on a periodic basis as per Bank's provided schedules. Your key roles and responsibilities will also include maintaining an up-to-date inventory of IT assets, regularly scanning and assessing systems for vulnerabilities, prioritizing vulnerabilities based on the risk and potential impact, conducting Continuous breach attack simulations, SCD (Secure Configuration Document) verifications, Anti-Malware & Malicious Content Scan, near real-time detection and monitoring of emerging vulnerabilities, and defining and measuring metrics to track the effectiveness of the VM program. To excel in this role, you are required to have a Professional Qualification and a certification such as Certified SOC Analyst (ECCouncil), Computer Hacking Forensic Investigator (ECCouncil), Certified Ethical Hacker (EC-Council), CompTIA Security+, CompTIA CySA+ (Cybersecurity Analyst), GIAC Certified Incident Handler (GCIH), or equivalent. Product Certifications on SOC Security Tools such as SIEM/Vulnerability Management/ DAM/UBA/ SOAR/NBA are preferred. If you have 2 to 5 years of experience in the field and are looking for a challenging opportunity in Navi Mumbai on a Fixed-Term Contract basis with a Face-to-Face interview type, then this role is perfect for you. Join us and be a part of a dynamic team dedicated to ensuring the security and integrity of our systems and data.,

As a Head of Web Application and API Protection at HSBC, you will be responsible for defining and maintaining the global strategy for Web Application Security & Protection (WASP). You will work closely with engineers, platform owners, architects, and Control Owners to ensure business success, meet regulatory expectations, and respond to evolving threat landscapes. Your role will involve owning the investment roadmap for WASP, prioritizing a common backlog to reduce risks and meet strategic needs. You will be accountable for delivering innovative and frictionless technologies and services to navigate cyber risks effectively. Collaboration with internal and external partners to develop technical solutions that meet business needs will be a key aspect of your responsibilities. Additionally, you will define, operate, and mature business services supporting the adoption and tuning of protections. Oversight of WASP end-to-end and ensuring regulatory compliance and risk management outcomes are maintained will be crucial. You will also lead and manage a team of skilled professionals, fostering a culture of empowerment, experimentation, learning, and partnership. To succeed in this role, you should have hands-on experience in designing and implementing web application protection strategies, a robust understanding of industry cybersecurity frameworks, and expertise in web application and API security. Strong analytical skills, experience in technology leadership roles, and knowledge of risk and control management frameworks are essential for this position. Joining HSBC as the Head of Web Application and API Protection will provide you with the opportunity to make a significant impact in maintaining a secure technology and data infrastructure. If you are looking to further develop your career in cybersecurity and technology leadership, HSBC is the place for you. For more information and to explore career opportunities at HSBC, visit www.hsbc.com/careers. Please note that personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, available on our website.,

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Vulnerability Scanning. Experience: 3-5 Years. >

The Security Consultant should have a strong understanding of the emerging security practices and standards. Should be able to consult, engineer and apply security best practices while designing and proposing solutions to our enterprise customers. Should be able to conduct system security, vulnerability analysis and risk assessment, identify security gaps, identify integration issues, study architecture/platform and design security architecture. A Cloud Native Security Consultant undertakes complex work of a high-risk level, often working on several projects. Qualifications/Experience: Bachelors degree in any stream. Minimum 3 years of working experience in Cyber Security Consulting or Advisory. Successfully delivered at-least 2 (two) Cyber Security consulting and implementation projects as consultant in recent years (2 years). Responsibilities Below will be the scope of the role Collaborate with teams to build & deliver solutions implementing serverless, microservices based, IaaS, PaaS and containerized architecture of multi cloud environment Develop rule base and parameterized IaC templates for automated deployment using Terraform Build CI/CD Pipeline using AWS (CodeBuild, CodeDeploy, CodePipeline), Google (Cloud Build), Azure (DevOps, Pipelines) Integrate 3rd party tool with CICD Process (e.g. SonarQube, CheckMarx, Embold) Config Manage environment using industry standard DevOps tools (Ansible) Implement scripting to extend build\deployment\monitoring process (PowerShell, Bash, Python) Ability to develop IaC with Terraform Strong understanding on Cloud Networking Container, Microservices, Docker, Kubernetes security. Network Security Orchestration on Microservices environment Secure Microservice Communication, Secure Authentication to Common DB without API/password/sharing keys Technical documentation, Product evaluation, POC. Implementation, Migration and Architect of Security Technology and Solution DevOps, DevSecOps and SRE (site reliability Engineering) mindset Knowledge and Skills Candidate should have experience in the below domains Hands on experience with Cloud Native Application protection CNAPP Tools (Prisma Cloud by Palo Alto, Checkpoint Cloud Guard, Aqua Security) Hands on experience with Automation Tools (e.g., Ansible, Chef, Puppet) Experienced with Application migration from Monolithic to Microservices Architecture Web Application Firewall implementation experience at Kubernetes and API Gateway Experience with implementation of Vulnerability scanner and Container Image repository hardening Well depth understanding on AWS, AZURE, GCP offered services (EKS, AKS, GKE) Understanding and review of Infrastructure as Code (IaC), Compliance as Code (CaC) Updated with trends and participation of industry recognized forum (e.g., Cloud Native Computing Foundation) Experienced with deliverables on Cloud Security Posture Management, Cloud Workload Protection, Cloud Infra Entitle Management, Serverless Security Application Security testing for Web and Mobile as SAST/DAST/IAST approach (Fortify, Veracode, Burp Suite) Secure Code review, Open-Source validation (Gitlab, Coverity, SonarQube, Black Duck) Well versed with OWASP Top10 and SANS top 25 Vulnerabilities and remediation Well understanding on PTES (Penetration Testing Execution Standard) and Testing. Well understanding Software Security Framework (e.g., BSIMM, SAMM)

As a highly skilled Azure Security Analyst at Global Power Components, you will be responsible for safeguarding our Azure cloud infrastructure. This role requires you to be onsite 100% of the time. Your main responsibilities will include monitoring and threat analysis, vulnerability assessments, policy development, compliance, incident response, continuous improvement, and training. In terms of monitoring and threat analysis, you will be expected to analyze security events, detect anomalies, respond to threats in real-time, generate detailed incident reports, and provide recommendations for mitigation. You will also need to continuously monitor Azure cloud environments using advanced security tools and dashboards. For vulnerability assessments, you will conduct regular security audits and risk assessments of Azure-based systems, identify vulnerabilities and gaps in the infrastructure, and implement corrective measures to ensure a secure environment. In terms of policy development, compliance, and incident response, you will develop, implement, and enforce Azure-specific security policies and best practices. You will lead the investigation and remediation of security incidents within Azure services and establish an incident response plan for Azure workloads. Continuous improvement and training are essential aspects of this role. You will need to stay updated on the latest Azure security tools, features, and threats, evaluate and recommend enhancements to the organization's Azure security architecture, and conduct security awareness training for employees on Azure-specific risks and preventive measures. To qualify for this position, you should have a Bachelor's degree in Computer Science, Information Technology, or a related field, along with 2+ years of experience in Azure security, cloud security, or a related field. A strong understanding of Azure Active Directory (Azure AD), Azure Security Center, and Azure Sentinel is required, as well as experience with identity and access management, including role-based access control (RBAC), and familiarity with vulnerability scanning tools and network security protocols. Global Power Components is an Equal Opportunity Employer committed to diversity and inclusion in the workplace.,

You are a talented ServiceNow IRM/GRC Developer Lead with over 8 years of experience working specifically with ServiceNow. Your expertise in GRC ServiceNow spans over 4 years, making you a valuable asset to the team. You are open to working in locations such as Noida, Bangalore, Pune, Hyderabad, Chennai, or others as needed. Immediate joiners are preferred for this role. Your key responsibilities include demonstrating a strong hands-on experience in ServiceNow IRM/GRC modules focusing on Risk, Compliance, and Audit. You possess expertise in Operational Risk Management with a secondary focus on IT risk. Your knowledge extends to IRM Workspaces with familiarity in the new UI and UI16. You have experience in Issue Management and are prepared for future enhancements related to Policy & Regulatory Management. As a ServiceNow IRM/GRC Developer Lead, you should excel in developing Business Rules, Notifications, and overall platform functionalities within ServiceNow. You are expected to have a comprehensive understanding of the business side of regulatory compliance, ranging from mutual funds to retail customers. Exposure to areas such as BCM, Knowledge Management, and Vulnerability Scanning would be advantageous for this role. The ideal candidate for this position is a tech-functional professional who can provide leadership in the development and maintenance of IRM/GRC solutions while possessing a deep understanding of the business context.,

We are looking for an experienced DevOps Architect to spearhead the design, implementation, and management of scalable, secure, and highly available infrastructure. As the ideal candidate, you should possess in-depth expertise in DevOps practices, CI/CD pipelines, cloud platforms, and infrastructure automation across various cloud environments. This role requires strong leadership skills and the ability to mentor team members effectively. Your responsibilities will include leading and overseeing the DevOps team to ensure the reliability of infrastructure and automated deployment processes. You will be tasked with designing, implementing, and maintaining highly available, scalable, and secure cloud infrastructure on platforms such as AWS, Azure, and GCP. Developing and optimizing CI/CD pipelines for multiple applications and environments will be a key focus, along with driving Infrastructure as Code (IaC) practices using tools like Terraform, CloudFormation, or Ansible. Monitoring, logging, and alerting solutions will fall under your purview to ensure system health and performance. Collaboration with Development, QA, and Security teams to integrate DevOps best practices throughout the SDLC is essential. You will also lead incident management and root cause analysis for production issues, ensuring robust security practices for infrastructure and pipelines. Guiding and mentoring team members to foster a culture of continuous improvement and technical excellence will be crucial. Additionally, evaluating and recommending new tools, technologies, and processes to enhance operational efficiency will be part of your role. Qualifications: - Bachelor's degree in Computer Science, IT, or a related field; Master's degree preferred. - At least two current cloud certifications (e.g., AWS Solutions Architect, Azure Administrator, GCP DevOps Engineer, CKA). - 10+ years of relevant experience in DevOps, Infrastructure, or Cloud Operations. - 5+ years of experience in a technical leadership or team lead role. Skills & Abilities: - Expertise in at least two major cloud platforms: AWS, Azure, or GCP. - Strong experience with CI/CD tools such as Jenkins, GitLab CI, Azure DevOps, or similar. - Hands-on experience with Infrastructure as Code (IaC) tools like Terraform, Ansible, or CloudFormation. - Proficiency in containerization and orchestration using Docker and Kubernetes. - Strong knowledge of monitoring, logging, and alerting tools (e.g., Prometheus, Grafana, ELK, CloudWatch). - Scripting knowledge in languages like Python, Bash, or Go. - Solid understanding of networking, security, and system administration. - Experience in implementing security best practices across DevOps pipelines. - Proven ability to mentor, coach, and lead technical teams. Conditions: Work Arrangement: An occasionally hybrid opportunity based out of our Trivandrum office. Travel Requirements: Occasional travel may be required for team meetings, user research, or conferences. On-Call Requirements: Light on-call rotation may be required depending on operational needs. Hours of Work: Monday to Friday, 40 hours per week, with overlap with PST required. Values: Our values at AOT guide how we work, collaborate, and grow as a team. Every role is expected to embody and promote values such as innovation, integrity, ownership, agility, collaboration, and empowerment.,

As an experienced DevOps Architect at our company, you will be responsible for driving the design, implementation, and management of scalable, secure, and highly available infrastructure. Your deep expertise in DevOps practices, CI/CD pipelines, cloud platforms, and infrastructure automation across multiple cloud environments will be essential. Additionally, your strong leadership and mentoring capabilities will play a key role in leading the DevOps team. Your primary duties and responsibilities will include leading and managing the DevOps team to ensure reliable infrastructure and automated deployment processes. You will design, implement, and maintain highly available, scalable, and secure cloud infrastructure across platforms such as AWS, Azure, and GCP. Developing and optimizing CI/CD pipelines for multiple applications and environments will be a crucial part of your role, along with driving Infrastructure as Code (IaC) practices using tools like Terraform, CloudFormation, or Ansible. Furthermore, you will oversee monitoring, logging, and alerting solutions to ensure system health and performance, collaborating with Development, QA, and Security teams to integrate DevOps best practices across the SDLC. Leading incident management and root cause analysis for production issues, ensuring robust security practices for infrastructure and pipelines, and guiding and mentoring team members will also be among your responsibilities. You will evaluate and recommend new tools, technologies, and processes to improve operational efficiency. To qualify for this role, you should possess a Bachelor's degree in Computer Science, IT, or a related field, with a Master's degree preferred. Additionally, you should have at least two current cloud certifications and 10+ years of relevant experience in DevOps, Infrastructure, or Cloud Operations, including 5+ years in a technical leadership or team lead role. Your expertise in major cloud platforms, strong experience with CI/CD tools, hands-on experience with IaC tools, proficiency in containerization and orchestration, and solid understanding of monitoring, logging, and alerting tools will be invaluable. Scripting knowledge in languages like Python, Bash, or Go, along with experience in implementing security best practices across DevOps pipelines, is required. Preferred skills include experience with serverless architecture, microservices deployment, security tools and best practices, exposure to hybrid cloud or multi-cloud environments, and knowledge of cost optimization and cloud governance strategies. Experience working in Agile teams and managing infrastructure in production-grade environments will be beneficial. This role offers an occasionally hybrid work arrangement based out of our Trivandrum office, with occasional travel requirements and light on-call rotation based on operational needs. Your adherence to our company's values of Innovation, Integrity, Ownership, Agility, Collaboration, and Empowerment will be crucial in embodying and promoting these values within the team.,

You are a skilled ServiceNow IRM/GRC Developer with over 7 years of experience, including 4+ years of relevant GRC experience. Your expertise lies in Risk, Compliance, and Audit modules within the ServiceNow platform. You possess a strong understanding of Operational Risk Management, with a particular focus on IT risk as a secondary aspect. Your proficiency extends to working with IRM Workspaces, specifically the new UI and UI16. You have hands-on experience in Issue Management and are eager to explore areas such as Policy & Regulatory Management in the future. Your abilities in developing Business Rules, Notifications, and navigating the ServiceNow platform are commendable. It is essential that you comprehend the business aspects of regulatory compliance, such as from mutual funds to retail customers. Exposure to areas like BCM, Knowledge Management, and Vulnerability Scanning would be advantageous for this role. The ideal candidate is a tech-functional expert who can lead the development and maintenance of IRM/GRC systems while possessing a deep understanding of the business context. Immediate joiners are preferred for this position based in Noida, although candidates from other locations are also welcome.,

As an L2 Resident Engineer, your primary responsibility will be to manage Tanzu Kubernetes Clusters efficiently. This includes tasks such as provisioning, configuring, and overseeing the day-to-day operations of Tanzu Kubernetes Clusters. You should have a solid understanding of VMware solutions like vSphere, VMware NSX, VMware vSAN, and vRealize Operations to ensure seamless integration and operation of the Tanzu platform. A key aspect of your role will involve troubleshooting issues related to the Tanzu/Kubernetes platform and providing timely resolutions to ensure optimal performance, zero trust security, and platform stability. You will also need to grasp the concepts of microservices architecture and assist application teams in onboarding applications onto the Tanzu platform. Knowledge of CNCF tools such as Jfrog Artifactory, Harbor, and dockerhub for hosting container images will be essential. Additionally, you will be responsible for handling Vulnerability Scanning using tools like Trivy, configuring Backup and Restore for Kubernetes Clusters using Velero, and managing S3 Compatible Storage. Administering ALB L4 Load Balancer, managing and configuring Ingress controllers, and overseeing the Life Cycle Management of Tanzu Kubernetes Platform, NSX ALB, vSphere, and NSX-T will also be part of your core responsibilities. You will be required to oversee Fluent bit Application Log for storing and managing application logs, as well as implement Continuous Integration, Delivery, and Deployment using CI/CD tools like Jenkins. Moreover, you will play a crucial role in the day-to-day maintenance and evolution of the Tanzu Kubernetes Platform by utilizing Prometheus monitoring, Grafana Visualization, vROPS dashboards, and alerting infrastructure. Providing expert technical guidance and support to internal teams, collaborating with cross-functional teams, and actively participating in DR Activities during scheduled maintenance windows are also expected from you. Documenting best practices, identified risks, and fixes, as well as supporting application teams for adoption in upcoming applications, will be part of your responsibilities. Possessing certifications such as VMware VCP-DCV 7.x or higher and Kubernetes Certifications like CKA/CKD/CKS would be considered advantageous for this role. Your ability to work independently with minimal supervision and your proactive approach to planning and executing tasks will be critical for success in this position.,

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Delivery Governance Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:- Expected to be an SME, collaborate, and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Develop and implement security policies and procedures.- Conduct security assessments and audits.- Monitor security incidents and respond to breaches promptly.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Delivery Governance.- Strong understanding of security frameworks and compliance standards.- Experience in conducting risk assessments and vulnerability scans.- Knowledge of security tools and technologies.- Good To Have Skills: Experience with Security Incident Response.- Hands-on experience in implementing security controls and measures. Additional Information:- The candidate should have a minimum of 12 years of experience in Security Delivery Governance.- This position is based at our Gurugram office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to assess security risks, implementing security measures, and ensuring compliance with industry standards. You will engage in proactive security assessments and work on developing strategies to mitigate potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and application security principles.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security tools and technologies for vulnerability scanning and remediation.- Knowledge of compliance frameworks and regulations related to information security. Additional Information:- The candidate should have minimum 5 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Hi, Greetings from the IDESLABS, Urgent Requirement for Vulnerability Management, Location:Bangalore Employment Type:C2H Notice Period:Immediate JD: Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Responsible for identifying, assessing, and mitigating security vulnerabilities through automated and manual penetration testing. Develops remediation plans, conducts security audits, and ensures compliance with industry standards. Expertise in vulnerability scanners, ethical hacking, and cybersecurity frameworks is required.

1. Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Job Summary Experienced Vulnerability Management and penetration testing Governance lead will manage a team to oversee the identification, assessment, and remediation of security vulnerabilities across enterprise systems. This role will focus on establishing a proactive security posture, ensuring compliance with industry standards, and driving governance initiatives to mitigate risks effectively along with strong leadership and project management skills. Vulnerability Assessment: Lead regular vulnerability scans and penetration testing across infrastructure, cloud environments and outside-In. Security Baseline: Lead development and implementation of Security Baseline using CIS Benchmarks by determining the systems, applications, and network devices to be secured (e.g., Windows, Linux, Cloud, Docker, Kubernetes). Risk Analysis & Prioritization: Evaluate identified vulnerabilities based on severity, exploitability, and potential business impact. Remediation Planning: Collaborate with IT, security, engineering and entity teams to ensure timely remediation of high-risk vulnerabilities. Governance & Compliance: Develop and enforce security governance frameworks in line with industry standards (e.g., NIST, CIS, ISO 27001, PCI-DSS). Threat Intelligence Integration Leverage global threat intelligence feeds to stay ahead of emerging security threats and vulnerabilities. Security Policy Development: Define policies and best practices for vulnerability management, reporting, and remediation. Automation & Continuous Monitoring: Implement automated vulnerability scanning tools and ensure ongoing security assessments. Incident Response Support: Provide technical guidance in vulnerability-related security incidents and audits. Reporting & Metrics: Establish key risk indicators and provide executive reports on vulnerability trends and remediation progress. Experience: 12+ years in cybersecurity, vulnerability management, or Penetration testing roles. Technical Expertise: Hands-on experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Nessus, OpenVAS), penetration testing and threat intelligence platforms. Penetration Testing & Ethical Hacking Experience with tools like Metasploit, Burp Suite, Nmap, and Wireshark for real-world security assessments. Security Framework Knowledge: Strong understanding of NIST, CIS benchmarks, OWASP Top 10, and CVSS scoring models. Compliance Awareness: Familiarity with regulatory standards affecting security risk management. Leadership & Communication: Ability to coordinate with multiple stakeholders, drive security improvements, and articulate risks effectively. Certifications such as CISSP, CISM, CEH, OSCP or equivalent. Experience in cloud vulnerability management (AWS, Azure, GCP). Knowledge of DevSecOps practices and security automation. Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Vulnerability Scanning. Experience5-8 Years.

This role involves utilizing the Qualys tool for report shared by Group team, analysis and reporting to ensure the security and compliance of our systems. KEY RESPONSIBILITIES: Conduct regular vulnerability assessments based on the Qualys tool report received by Product team to identify security weaknesses in systems and applications. Relevant request to be raised thorough silva. Highlighting issues with the Scanned report to Product team and resolve it immediately. If issue not getting resolved, then escalate it to right stakeholder. Analyze scan results and generate comprehensive reports detailing vulnerabilities, potential impacts, and remediation recommendations/Action plan with dates. Collaborate with IT, Partner, Business and Security teams to prioritize and address identified vulnerabilities based on risk assessments and business impact. Monitor and track remediation efforts on weekly / monthly basis to ensure vulnerabilities are resolved within defined timelines. Maintain and update documentation related to vulnerability management processes, policies, and procedures. Stay current with industry trends, threats, and vulnerabilities to provide informed recommendations and enhancements to the vulnerability management program. QUALIFICATIONS: Bachelors degree in information technology, Cybersecurity, or a related field. 4-7 years of experience in vulnerability management or security operations. Familiarity with vulnerability scanning tools, particularly Qualys. Understanding of security frameworks and standards (e.g., NIST, ISO 27001). Strong analytical and problem-solving skills with attention to detail. Relevant certifications (e.g., Vulnerability Management, Certified Ethical Hacker (CEH), or similar) are a plus. To succeed in this role, you should have the following skills and experience Soft Skills Exceptional communication and interpersonal skills, with the ability to collaborate effectively with stakeholders at all levels. Cross-cultural etiquette, customer centric and collaborative mindset. Good command of stakeholder management, judgement, conflict resolution, risk & mitigations. Excellent team player skills.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data ServicesMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Engineer / Associate Architect Cloud Security Operations & EngineeringWe are looking for GCP Security Engineers / Associate Architects with 5+ years of experience in cloud security engineering and automation. This role supports operational security, control configuration, and secure design practices for GCP workloads. Roles & Responsibilities:Implement GCP security controls:IAM, VPC security, VPNs, KMS, Cloud Armor, and secure networking.Manage GCP identity and access, including SSO, MFA, and federated IDP configurations.Monitor workloads using Cloud Operations Suite and escalate anomalies.Conduct basic threat modeling, vulnerability scanning, and patching processes.Automate security audits and compliance controls using Terraform and Cloud Shell scripting.Assist architects in deploying and maintaining secure-by-default infrastructure.Support audit preparation, policy enforcement, and evidence gathering.Collaborate with cross-functional teams to resolve security alerts and findings.Maintain detailed technical documentation and knowledge sharing resources. Professional & Technical Skills: Working knowledge of IAM, KMS, GCP networking, and cloud policy enforcement.Familiarity with IaC tools (Terraform), scripting, and log analytics.Strong desire to grow in the cloud security domain.Good communication skills and proactive approach to problem-solving.Thrives in a fast-paced, learning-oriented environment. Additional Information:Bachelors degree in Computer Science, IT, or Information Security.Certifications such as Google Cloud Certified Professional Cloud Security Engineer is a must; Associate Cloud Engineer is a plus.- 5+ years in security or cloud engineering, with at least 12 years in GCP.- This position is based at our Bengaluru office- A 15 years full time education is required. Qualification 15 years full time education