29 Fuzzing Jobs

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture DesignMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities:Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations.Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis.Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues.Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations.Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance.Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes.Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms.Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices.Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation.Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness.Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services.Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434.Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers.Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals.Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering.Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms.Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information:3+ years experience implementing and performing Automotive CybersecurityKnowledge of tools like CANoe, Wireshark, or Ghidra.Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules.This position is based at our Bengaluru officeA 15-year full-time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem. Roles & Responsibilities:Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements.Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity.Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces.Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle.Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular).Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules.Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification.Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning.Lead red team exercises and security reviews in coordination with product security and development teams.Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262.Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements. Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis.Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces.Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular.In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications.Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments.Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434.Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards.Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering.Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment.Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams.Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information:7+ years experience implementing and performing Automotive CybersecurityThis position is based at our Bengaluru officeA 15-year full time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Roles and Responsibility human resources number : 9315611995 1.Monitor computer networks for security issues. 2. Investigate security breaches and other cyber security incidents. 3. Knowledge of Infrastructure, including firewalls and data encryption programs. 4. Fix detected vulnerabilities to maintain a high-security standard. 5. Stay current on IT security trends and news. 6. Perform penetration testing 7. Hands-on practice on Kali Linux & other tools, curl, Nikto, Nmap, Metasploit, Burp, ZAP 8. Help colleagues install security software and understand information security management. 9. Research security enhancements and make recommendations to management. 10. Stay up-to-date on information technology trends and security standards. 11. Analyzing security breaches to identify the root cause 12. Network Security (multi-vendor) experience 13. Knowledge of scripting languages (Perl, Python, HTML, Java, Shell) 14. Hands-on experience in dynamic analysis, container testing, fuzzing, OWASP top 10 and vulnerability scanning 15. Knowledge of SQL Injection, XSS, Click Jacking, CSRF & SSRF 16. if have any certificate ( CEH, ethical hacking , cisco) Job Types: Full-time, Fresher Pay: ₹16,500.00 - ₹18,000.00 per month Benefits: Paid sick time Paid time off Schedule: Day shift Monday to Friday Supplemental Pay: Performance bonus Education: Master's (Required) Experience: total work: 1 year (Preferred) Location: Noida Sector 62, Noida, Uttar Pradesh (Required) Shift availability: Day Shift (Required) Work Location: In person

Company: Qualcomm India Private Limited Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: As a leading technology innovator, Qualcomm pushes the boundaries of what's possible to enable next-generation experiences and drives digital transformation to help create a smarter, connected future for all. As a Qualcomm Software Engineer, you will design, develop, create, modify, and validate embedded and cloud edge software, applications, and/or specialized utility programs that launch cutting-edge, world class products that meet and exceed customer needs. Qualcomm Software Engineers collaborate with systems, hardware, architecture, test engineers, and other teams to design system-level software solutions and obtain information on performance requirements and interfaces. Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 3+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field and 1+ year of Software Engineering or related work experience. 2+ years of academic or work experience with Programming Language such as C, C++, Java, Python, etc. Excited about positive impact you can make on the security of billions of devices powered by Qualcomm SoCs and software? Come and join Qualcomm Product Security team, one of the best product security teams in the industry. We have multiple openings with different focus. Applicants MUST have expertise or experience in the following areas 5 - 8 years of experience with C and C++: Product security incident response in automotive industry Secure code review, analysis and vulnerability assessment Security testing, e.g. fuzzing and pen-testing Operating system security Mobile platform security such as Android Automotive Security Exploit mitigation techniques Threat modeling Preferred Qualifications: The following skills/experience will be considered a plus: Experience of working with external security researchers Exposure to LLVM Compiler, Writing Passes and Clang Static Analysis checkers Knowledge of internals of any one of Klocwork, Coverity or Parasoft Experience of applying software static or dynamic analysis tools (such as Klocwork, Coverity, LLVM sanitizers and popular fuzzing tools) to large code base for vulnerability detection Knowledge of the internals of mobile or embedded operating systems In general, job function includes performing security assessment on Qualcomm products, detecting and mitigating security vulnerabilities and risks, responding to product security incidents, assisting customers and partners on product security related issues, conducting research and prototyping on advanced vulnerability detection methods, countermeasures, platform hardening techniques, and system level security improvement. Applicants : Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies : Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications. If you would like more information about this role, please contact Qualcomm Careers.

Join our team to help build the next-gen Automated IoT Security Testing Platform , focused on real-world threats and the OWASP IoT Top 10 . We’re looking for a hands-on engineer with 1–2 years of experience in embedded development or hardware security testing , excited to work on firmware analysis, test automation, and hardware interfacing . 1. What You’ll Work On • Develop automated security tests for IoT hardware and firmware • Contribute to R&D in binary fuzzing, firmware emulation, and secure boot • Collaborate in a cross-functional Agile team 2. Key Skills • Python, C/C++, embedded Linux • Familiarity with IoT protocols (MQTT, BLE, CoAP) • Exposure to tools like OpenOCD, UART, QEMU a plus

About Agoda Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more . Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world. Our Purpose – Bridging the World Through Travel We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness. We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone. Get to Know our Team: The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. Given that the security ecosystem is moving forward at tremendous speed, we like to be early adaptors of recent technology and products. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment. The Opportunity: As a Security Analyst, you will focus on identifying, analyzing, and remediating vulnerabilities across our environment. You will be hands-on with penetration testing and vulnerability management, ensuring our systems remain secure and resilient. In this Role, you’ll get to: Develop Security Automation Tools to implement solutions at scale Triage security findings from multiple tools and work with hundreds of teams to get them remediated within the right SLA Conduct security assessments through code reviews, vulnerability assessments, penetration testing and risk analysis Research on the negative effects of a vulnerability, from minimizing the impact to altering security controls for future prevention Identify potential threats so that the organization can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration Testing Be responsible for developing Security Trainings for developers Work with DevSecOps team in integration of tools into CI/CD, as well as fine-tune the rules and precision What you’ll Need to Succeed: 5+ years in the information security field 5+ years of experience with Penetration Testing (Web, Infra, Mobile, APIs etc.) and Vulnerability Management Minimum 1 year of experience running a bug bounty platform Minimum 2years of experience with any of public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience performing security testing, e.g. code review and web application security testing Familiarity with Gitlab, Defectdojo, JIRA, Confluence Proficient in one or more programming languages such as Python, Go, Node.js, Python etc. Familiar with analytics platform and databases such as GraphQL , REST APIs, Postgres, MSSQL, Kafka, Hadoop, S3 etc Strong knowledge of Security Assessment tools such as security scanners (Nessus, Acunetix and similar platforms) and fuzzers It’s great if you have: Knowledge in Container Image Security, Dependency Checking, Fuzzing and License Scanning Familiarity with security incident response processes and 0-days Security Certifications Relocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are… Hybrid Working Model WFH Set Up Allowance 30 Days of Remote Working from anywhere globally every year Employee discount for accommodation globally Global team of 90+ nationalities 40+ offices and 25+ countries Annual CSR / Volunteer Time off Benevity Subscription for employee donations Volunteering opportunities globally Free Headspace subscription Free Odilo & Udemy subscriptions Access to Employee Assistance Program (third party for personal and workplace support) Enhanced Parental Leave Life, TPD & Accident Insurance #sanfrancisco #sanjose #losangeles #sandiego #oakland #denver #miami #orlando #atlanta #chicago #boston #detroit #newyork #portland #philadelphia #dallas #houston #austin #seattle #sydney #melbourne #perth #toronto #vancouver #montreal #shanghai #beijing #shenzhen #prague #Brno #Ostrava #cairo #alexandria #giza #estonia #paris #berlin #munich #hamburg #stuttgart #cologne #frankfurt #dusseldorf #dortmund #essen #Bremen #leipzig #dresden #hanover #nuremberg #athens #hongkong #budapest #jakarta #bali #dublin #telaviv #jerusalem #milan #rome #venice #florence #naples #turin #palermo #bologna #tokyo #osaka #yokohama #nagoya #okinawa #fukuoka #sapporo #kualalumpur #malta #amsterdam #oslo #manila #warsaw #krakow #bucharest #doha #alrayyan #moscow #saintpetersburg #riyadh #jeddah #mecca #medina #singapore #capetown #johannesburg #seoul #barcelona #madrid #stockholm #zurich #taipei #tainan #taichung #kaohsiung #bangkok #Phuket #istanbul #dubai #abudhabi #sharjah #london #manchester #edinburgh #kiev #hcmc #hanoi #amsterdam #bucharest #lodz #wroclaw #poznan #katowice #rio #salvador #newdelhi #Hyderabad #bangalore #Mumbai #Bengaluru #Chennai #Kolkata #Lucknow #bandung #yokohama #nagoya #okinawa #fukuoka #IT #4 Equal Opportunity Employer At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics. We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy . Disclaimer We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

About Agoda Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more . Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world. Our Purpose – Bridging the World Through Travel We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness. We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone. Get to Know our Team: The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. Given that the security ecosystem is moving forward at tremendous speed, we like to be early adaptors of recent technology and products. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment. The Opportunity: As a Security Analyst, you will focus on identifying, analyzing, and remediating vulnerabilities across our environment. You will be hands-on with penetration testing and vulnerability management, ensuring our systems remain secure and resilient. In this Role, you’ll get to: Develop Security Automation Tools to implement solutions at scale Triage security findings from multiple tools and work with hundreds of teams to get them remediated within the right SLA Conduct security assessments through code reviews, vulnerability assessments, penetration testing and risk analysis Research on the negative effects of a vulnerability, from minimizing the impact to altering security controls for future prevention Identify potential threats so that the organization can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration Testing Be responsible for developing Security Trainings for developers Work with DevSecOps team in integration of tools into CI/CD, as well as fine-tune the rules and precision What you’ll Need to Succeed: 5+ years in the information security field 5+ years of experience with Penetration Testing (Web, Infra, Mobile, APIs etc.) and Vulnerability Management Minimum 1 year of experience running a bug bounty platform Minimum 2years of experience with any of public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience performing security testing, e.g. code review and web application security testing Familiarity with Gitlab, Defectdojo, JIRA, Confluence Proficient in one or more programming languages such as Python, Go, Node.js, Python etc. Familiar with analytics platform and databases such as GraphQL , REST APIs, Postgres, MSSQL, Kafka, Hadoop, S3 etc Strong knowledge of Security Assessment tools such as security scanners (Nessus, Acunetix and similar platforms) and fuzzers It’s great if you have: Knowledge in Container Image Security, Dependency Checking, Fuzzing and License Scanning Familiarity with security incident response processes and 0-days Security Certifications Relocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are… Hybrid Working Model WFH Set Up Allowance 30 Days of Remote Working from anywhere globally every year Employee discount for accommodation globally Global team of 90+ nationalities 40+ offices and 25+ countries Annual CSR / Volunteer Time off Benevity Subscription for employee donations Volunteering opportunities globally Free Headspace subscription Free Odilo & Udemy subscriptions Access to Employee Assistance Program (third party for personal and workplace support) Enhanced Parental Leave Life, TPD & Accident Insurance #sanfrancisco #sanjose #losangeles #sandiego #oakland #denver #miami #orlando #atlanta #chicago #boston #detroit #newyork #portland #philadelphia #dallas #houston #austin #seattle #sydney #melbourne #perth #toronto #vancouver #montreal #shanghai #beijing #shenzhen #prague #Brno #Ostrava #cairo #alexandria #giza #estonia #paris #berlin #munich #hamburg #stuttgart #cologne #frankfurt #dusseldorf #dortmund #essen #Bremen #leipzig #dresden #hanover #nuremberg #athens #hongkong #budapest #jakarta #bali #dublin #telaviv #jerusalem #milan #rome #venice #florence #naples #turin #palermo #bologna #tokyo #osaka #yokohama #nagoya #okinawa #fukuoka #sapporo #kualalumpur #malta #amsterdam #oslo #manila #warsaw #krakow #bucharest #doha #alrayyan #moscow #saintpetersburg #riyadh #jeddah #mecca #medina #singapore #capetown #johannesburg #seoul #barcelona #madrid #stockholm #zurich #taipei #tainan #taichung #kaohsiung #bangkok #Phuket #istanbul #dubai #abudhabi #sharjah #london #manchester #edinburgh #kiev #hcmc #hanoi #amsterdam #bucharest #lodz #wroclaw #poznan #katowice #rio #salvador #newdelhi #Hyderabad #bangalore #Mumbai #Bengaluru #Chennai #Kolkata #Lucknow #bandung #yokohama #nagoya #okinawa #fukuoka #IT #4 Equal Opportunity Employer At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics. We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy . Disclaimer We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

About Agoda Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more . Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world. Our Purpose – Bridging the World Through Travel We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness. We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone. Get to Know our Team: The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. Given that the security ecosystem is moving forward at tremendous speed, we like to be early adaptors of recent technology and products. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment. The Opportunity: As a Security Analyst, you will focus on identifying, analyzing, and remediating vulnerabilities across our environment. You will be hands-on with penetration testing and vulnerability management, ensuring our systems remain secure and resilient. In this Role, you’ll get to: Develop Security Automation Tools to implement solutions at scale Triage security findings from multiple tools and work with hundreds of teams to get them remediated within the right SLA Conduct security assessments through code reviews, vulnerability assessments, penetration testing and risk analysis Research on the negative effects of a vulnerability, from minimizing the impact to altering security controls for future prevention Identify potential threats so that the organization can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration Testing Be responsible for developing Security Trainings for developers Work with DevSecOps team in integration of tools into CI/CD, as well as fine-tune the rules and precision What you’ll Need to Succeed: 5+ years in the information security field 5+ years of experience with Penetration Testing (Web, Infra, Mobile, APIs etc.) and Vulnerability Management Minimum 1 year of experience running a bug bounty platform Minimum 2years of experience with any of public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience performing security testing, e.g. code review and web application security testing Familiarity with Gitlab, Defectdojo, JIRA, Confluence Proficient in one or more programming languages such as Python, Go, Node.js, Python etc. Familiar with analytics platform and databases such as GraphQL , REST APIs, Postgres, MSSQL, Kafka, Hadoop, S3 etc Strong knowledge of Security Assessment tools such as security scanners (Nessus, Acunetix and similar platforms) and fuzzers It’s great if you have: Knowledge in Container Image Security, Dependency Checking, Fuzzing and License Scanning Familiarity with security incident response processes and 0-days Security Certifications Relocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are… Hybrid Working Model WFH Set Up Allowance 30 Days of Remote Working from anywhere globally every year Employee discount for accommodation globally Global team of 90+ nationalities 40+ offices and 25+ countries Annual CSR / Volunteer Time off Benevity Subscription for employee donations Volunteering opportunities globally Free Headspace subscription Free Odilo & Udemy subscriptions Access to Employee Assistance Program (third party for personal and workplace support) Enhanced Parental Leave Life, TPD & Accident Insurance #sanfrancisco #sanjose #losangeles #sandiego #oakland #denver #miami #orlando #atlanta #chicago #boston #detroit #newyork #portland #philadelphia #dallas #houston #austin #seattle #sydney #melbourne #perth #toronto #vancouver #montreal #shanghai #beijing #shenzhen #prague #Brno #Ostrava #cairo #alexandria #giza #estonia #paris #berlin #munich #hamburg #stuttgart #cologne #frankfurt #dusseldorf #dortmund #essen #Bremen #leipzig #dresden #hanover #nuremberg #athens #hongkong #budapest #jakarta #bali #dublin #telaviv #jerusalem #milan #rome #venice #florence #naples #turin #palermo #bologna #tokyo #osaka #yokohama #nagoya #okinawa #fukuoka #sapporo #kualalumpur #malta #amsterdam #oslo #manila #warsaw #krakow #bucharest #doha #alrayyan #moscow #saintpetersburg #riyadh #jeddah #mecca #medina #singapore #capetown #johannesburg #seoul #barcelona #madrid #stockholm #zurich #taipei #tainan #taichung #kaohsiung #bangkok #Phuket #istanbul #dubai #abudhabi #sharjah #london #manchester #edinburgh #kiev #hcmc #hanoi #amsterdam #bucharest #lodz #wroclaw #poznan #katowice #rio #salvador #newdelhi #Hyderabad #bangalore #Mumbai #Bengaluru #Chennai #Kolkata #Lucknow #bandung #yokohama #nagoya #okinawa #fukuoka #IT #4 Equal Opportunity Employer At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics. We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy . Disclaimer We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

Transport is at the core of modern society. Imagine using your expertise to shape sustainable transport and infrastructure solutions for the future? If you seek to make a difference on a global scale, working with next-gen technologies and the sharpest collaborative teams, then we could be a perfect match. About The Role As a Cybersecurity Engineer , you will play a key role in ensuring the cybersecurity posture of connected automotive systems and components across the vehicle lifecycle. You will work closely with system architects, software developers, and test teams to implement and verify security solutions in compliance with industry standards. Key Responsibilities Conduct threat modeling, risk assessments (TARA), and vulnerability analysis for in-vehicle systems. Develop and integrate cybersecurity requirements into vehicle ECUs and system architecture. Implement and validate security controls such as secure boot, secure communication, key management, and intrusion detection. Support secure software development life cycle (SSDLC) processes. Collaborate with cross-functional teams (software, hardware, systems, testing) for cybersecurity validation. Analyze security incidents and support root cause investigations. Ensure compliance with automotive cybersecurity standards (e.g., ISO/SAE 21434, UNECE WP.29 R155). Create and maintain technical documentation such as cybersecurity concept, cybersecurity case, and test reports. Required Skills And Qualifications 2–5 years of experience in cybersecurity in embedded or automotive domains. Strong understanding of automotive E/E architecture, ECU development, and CAN/LIN/FlexRay/Ethernet protocols. Hands-on experience with security mechanisms such as HSM (Hardware Security Modules), TPM, encryption, and authentication methods. Experience with tools such as CANalyzer, CANoe, Wireshark, Security testing tools (e.g., fuzzing, static/dynamic analysis). Familiarity with secure coding principles in C/C++, Python, or similar languages. Working knowledge of ISO/SAE 21434, ISO 26262, ASPICE is a plus. Preferred Skills Experience with penetration testing or ethical hacking Knowledge of PKI infrastructure, cryptographic algorithms, and key management protocols. Certifications such as CEH, CISSP, or Automotive SPICE Cybersecurity Assessor are advantageous. Exposure to CI/CD pipelines and DevSecOps practices. We value your data privacy and therefore do not accept applications via mail. Who We Are And What We Believe In Our focus on Inclusion, Diversity, and Equity allows each of us the opportunity to bring our full authentic self to work and thrive by providing a safe and supportive environment, free of harassment and discrimination. We are committed to removing the barriers to entry, which is why we ask that even if you feel you may not meet every qualification on the job description, please apply and let us decide. Applying to this job offers you the opportunity to join Volvo Group . Every day, across the globe, our trucks, buses, engines, construction equipment, financial services, and solutions make modern life possible. We are almost 100,000 people empowered to shape the future landscape of efficient, safe and sustainable transport solutions. Fulfilling our mission creates countless career opportunities for talents with sharp minds and passion across the group’s leading brands and entities. Group Trucks Technology are seeking talents to help design sustainable transportation solutions for the future. As part of our team, you’ll help us by engineering exciting next-gen technologies and contribute to projects that determine new, sustainable solutions. Bring your love of developing systems, working collaboratively, and your advanced skills to a place where you can make an impact. Join our design shift that leaves society in good shape for the next generation. Show more Show less

Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets. Our platform, Ubuntu, is very widely used in breakthrough enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers include the world's leading public cloud and silicon providers, and industry leaders in many sectors. The company is a pioneer of global distributed collaboration, with 1200+ colleagues in 75+ countries and very few office-based roles. Teams meet two to four times yearly in person, in interesting locations around the world, to align on strategy and execution. The company is founder-led, profitable, and growing. This is a general track for Senior+ (Senior/Staff/Principal) Engineers in any team at Canonical. After the first round of interviews we will establish which teams might be an excellent fit, and progress your application with them. At Canonical a Senior+ Engineer is not only an outstanding software architect and coder, they also demonstrate the leadership qualities needed to rally a team or department to ship outstanding products. A Senior+ Engineer partners with other Engineering leaders (Managers, Directors, VPs) to take joint responsibility for outcomes at team, department and company level. We hire based on academic results and proven execution, and we select those with a passion for open-source software, innovation, and cutting-edge technology. In this role, you will make a significant contribution in Canonical's portfolio through high-quality code, technical leadership, team motivation and direction, exceptional design, and crisp documentation. As a Senior+ Engineer you'll drive the architecture, design and evolution of high-impact open source software. Our teams work at every level of the stack. From the kernel and system software at the core of Ubuntu through to major language runtimes and the bleeding-edge of cloud automation and distributed systems, you'll have the opportunity to work on complex but highly rewarding projects. Our teams also build the services which deliver Ubuntu to the world, on cloud, devices, servers and PCs. Additionally, this role will give you the opportunity to engage with the broader open-source community. We're looking for individuals who can help build a thriving community, contribute to a broad range of technologies, and ensure seamless software operations at scale. Location: we have remote opportunities for Senior Engineers in every time zone. The role entails Leading design and architecture of an impactful open source project Coding in Golang, Rust, Python, C/C++ or Typescript / React Collaborating proactively with a globally distributed team Mentoring, developing and advising colleagues in their career progression Displaying technical leadership in Canonical and our communities Debugging issues and producing high-quality code to fix them Contributing to technical documentation with the aim to make it the best of its kind Working from home with global travel twice annually for company events What we are looking for in you An exceptional academic track record from both high school and university Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path Drive and a track record of going above-and-beyond expectations Technical leadership as well as team motivation, direction and pace Deep experience with at least one of Go, Rust, Python or C Conscientiousness and detail orientation, with a focus on performance Excellent communication skills including professional written and spoken English Excellent interpersonal skills, curiosity, flexibility, and accountability Ability to travel twice a year, for company events up to two weeks each Nice-to-have skills Depending on your eventual team, you might also bring experience with Container technologies such as LXD, Docker and Kubernetes Highly concurrent, distributed systems Performance engineering – from kernel to web – benchmarks, optimization Software security – fuzzing, tabletop threat models, analysis, audit Build systems and toolchains, including for cross-compilation Public clouds or OpenStack Debian/Ubuntu packaging Systems programming or scalable web services Deep quality and test engineering Web or Flutter front-end experience REST and gRPC API experience SQL and NoSQL data store expertise What we offer you We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognize outstanding performance. In addition to base pay, we offer a performance-driven annual bonus or commission. We provide all team members with additional benefits which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally. Distributed work environment with twice-yearly team sprints in person Personal learning and development budget of USD 2,000 per year Annual compensation review Recognition rewards Annual holiday leave Maternity and paternity leave Team Member Assistance Program & Wellness Platform Opportunity to travel to new locations to meet colleagues Priority Pass and travel upgrades for long-haul company events About Canonical Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit globally and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game. Canonical is an equal opportunity employer We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration. Show more Show less

Role Overview We are hiring a Technical Lead – AI Security to join our CISO team in Mumbai. This is a critical, hands-on role — ensuring the trustworthiness, resilience, and compliance of AI/ML systems, including large language models (LLMs). You will work at the intersection of cybersecurity and AI, shaping secure testing, understanding secure MLOps/LLMOps workflows, and leading technical implementation of defenses against emerging AI threats. This role requires both strategic vision and strong engineering depth. Key Responsibilities · Lead and operationalize the AI/ML and LLM security roadmap across training, validation, deployment, and runtime to enable AI Security Platform Approach. · Design and implement defenses against threats like adversarial attacks, data poisoning, model inversion, prompt injection, and fine-tuning exploits using industry leading open source and commercial tools. · Build hardened workflows for model security, integrity verification, and auditability in production AI environments. · Leverage AI security tools for scanning, fuzzing, and penetration testing models. · Apply best practices from OWASP Top 10 for ML/LLMs, MITRE ATLAS, NIST AI RMF, and ISO/IEC 42001 to test AI/ML assets. · Ensure AI model security testing framework aligns with internal policy, national regulatory requirements, and global best practices. · Plan and execute security tests for AI/LLM systems, including jailbreaking, RAG hardening, and bias/toxicity validation. Required Skills & Experience · 8+ years in cybersecurity, with at least 3+ years hands-on in AI/ML security or secure MLOps/LLMOps · Proficient in Python, TensorFlow/PyTorch, HuggingFace, LangChain, and common data science libraries · Deep understanding of adversarial ML/LLM, model evaluation under threat conditions, and inference/training-time attack vectors · Experience securing cloud-based AI workloads (AWS, Azure, or GCP) · Familiarity with secure DevOps and CI/CD practices · Strong understanding of AI-specific threat models (MITRE ATLAS) and security benchmarks (OWASP Top 10 for ML/LLMs) · Ability to communicate technical risk clearly to non-technical stakeholders · Ability to guide developers and data scientists to solve the AI Security risks. · Certifications: CISSP, OSCP, GCP ML Security, or relevant AI/ML certificates · Experience with AI security tools or platforms (e.g., model registries, lineage tracking, policy enforcement) · Experience with RAG, LLM-based agents, or agentic workflows · Experience in regulated sectors (finance, public sector) Show more Show less

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Windows Security Senior Engineer Company: - Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: We are looking for Security Engineer to contribute in the area of the Windows on Snapdragon products. The person will have the responsibility to perform security assessment, design & code review, develop fuzzing harness and fuzz the Windows software stack on Snapdragon products. Ideal candidate must posses security mindset and has good exposure on Security Development Life Cycle "SDLC". The ideal candidate also needs to have Strong Embedded software knowledge, Experience on Windows Internals and good driver development. Solid understanding of Operating System concepts, RTOS, FW management. Solid understanding of System level features, Processor and Power management, architecting system level features. Hands on experience in complex and multi domain large features. Windows kernel driver development experience. Understanding and experience in Designing and Implementing Windows Kernel mode drivers, Board support package, ACPI & UEFI. Strong communication and interpersonal skills. Strong problem solving and debugging skills. Ability to co-ordinate across stakeholders and Task management Handling small to large medium size technology teams. Experience on Enterprise and IHV/IBVs is a plus Minimum . Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 1+ year of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field. 2+ years of academic or work experience with Programming Language such as C, C++, Java, Python, etc. Preferred Qualifications 2+ years of Security Engineering or related work experience. Design and development of Fuzzing harness Ability to perform design and code review for vulnerability detection Strong knowledge on Windows OS internals and Windows Driver knowledge (KMDF) Windows Device driver programming and debugging with WinDbg, JTAG/other tools. ARM Processor architecture and Assembly Language. Experience with PC software - System BIOS, UEFI, ACPI, Drivers, Applications Embedded OS (Kernel architecture, OS services heap, memory, multi-core, multi-threading, and crash debugging). Knowledge of OS/system performance profiling and optimization techniques. Communication, written & interpersonal skills, motivation, the ability to learn quickly

Job Title:- Penetration Tester We are looking for Penetration Tester to join our security team & who will be responsible for Web & Mobile VAPT. Job Description : Qualysec Technologies is seeking a skilled and highly motivated Penetration Tester to join our fabulous security team in Bhubaneswar. The Penetration Tester will be mainly responsible for performing security testing of Web & Mobile applications including identifying, evaluating, and exploiting vulnerabilities in various systems, networks, and applications. Qualification :- Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. Experience :- 0 to 1 years Location :- Bhubaneswar Job Type :- Full Time Responsibilities Perform vulnerability assessments & penetration testing (VAPT) on Web, APIs and mobile applications Identify and exploit vulnerabilities in products under test prepare reports by documenting identified issues based on internal templates Collaborating with other team members to improve the overall security posture of our clients. Enhance technical skills & knowledge by Staying up-to-date with emerging threats and vulnerabilities Skills Required Knowledge in penetration testing, vulnerability assessment, and ethical hacking. Knowledge in Pentesting of various applications i.e Web, Mobile (Android & iOS), APIs, Cloud (AWS / Azur )etc. Strong knowledge of security assessment tools such as Metasploit, BurpSuite, ZAP, OWASP tools, Kali Linux tools and Fuzzing tools Hands-on experience with manual and automated penetration testing methodologies. Experience in working with Standards such as NIST, OWASP, MITRE CWE etc. Strong understanding of network protocols, operating systems, and web application technologies. Excellent written and verbal communication skills, with the ability to clearly document and communicate findings and recommendations. About Us Qualysec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services. Our tailored solutions help businesses proactively defend against evolving cyber threats. With over four years of experience, we take pride in having served more than 150 clients across 21 countries—a testament to our commitment to quality and resilience. Our dynamic work environment and employee-focused culture drive our continuous growth and success. Job Type: Full-time Schedule: Day shift Note: Preference will be given to Odisha candidates. Job Types: Full-time, Permanent Schedule: Day shift Work Location: In person

Principal Security Engineering Manager Hyderabad, Telangana, India Date posted May 12, 2025 Job number 1823324 Work site Microsoft on-site only Travel 0-25 % Role type People Manager Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. As a manager in the Continuous Security Validation & Assurance (CSVA) security engineering team, you will have an opportunity to contribute your deep technical leadership and problem-solving skills to lead a team of engineers working on the security of the underlying platform, code and infrastructure of many Microsoft products used by millions of customers. We build and manage services to manage continuous security posture of cloud scale services. The team is customer-focused with an emphasis on security, great user experience and reliability. You would drive solutions to challenging technical problems involving security for large scale systems and lead critical design initiatives, be accountable for delivery and take part in strategic and tactical decisions in the context of mission-critical services. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Qualifications 8-10 years of overall industry experience in software development and building world class solutions with at least 3-5 years of that as SWE manager. A Bachelor’s degree in Computer Science or equivalent experience Experience in designing, coding, debugging and testing production grade cloud services with a high emphasis on security. Experience/understanding of addressing security issues in distributed cloud-based environments and across the dev ops ecosystem. Experience in technical leadership in driving engineering roadmaps, leading v-teams, mentoring and helping others grow technically. Knowledge of common security vulnerabilities/mitigations Excellent communication, cross-team collaboration/influence, presentation skills. Passion to grow and develop other engineers and leads. Preferred Proficient with a cloud computing environment like Azure (preferred), GCP or AWS. Experience with CICD pipelines/automation, agile/scrum processes Experience building and operating scalable microservices using Docker + Kubernetes. Ability to reason about security challenges and propose practical solutions Knowledge of Security Development Lifecycle, security standards and frameworks like NIST, OWASP, etc. Experience implementing security features/automated mitigations for common security issues. Ability to define, design and implement telemetry and proactive monitoring for the services to run the operations efficiently in production environments. Experience with security tools/techniques such as SAST, DAST, fuzzing, pen-testing, etc. Exposure to security protocols and infrastructure components such as OAuth, OIDC, PKI, IRM, A/AD, etc. Experience with reporting technologies/frameworks such as PowerBI. Experience with Kusto or other big data stores Responsibilities Lead the architecture, design and implementation of security engineering and security automation projects in the context of large scale services, working with a variety of stakeholders. Lead your team while also collaborating with stakeholders in peer teams and organizations to deliver production-grade solutions for security challenges that scale and work across multiple products while meeting standards of service quality, availability, scale and performance. Influence and align product vision by collaborating with customers, partners, product management and engineering teams. Have a hands-on approach to technical leadership in setting the engineering direction for the team with sound design and development best practices. Drive engineering roadmaps, leading teams, mentoring, and helping others grow. Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills To Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firm’s service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com. Show more Show less

Description As an IT/OT Vulnerability Assessment and Penetration Testing (VAPT) Engineer, you will be engaged in identifying and mitigating security vulnerabilities across IT systems, Industrial Control Systems (ICS), and Industrial Internet of Things (IIoT) environments. Your work will involve rigorous security assessments of critical infrastructure, SCADA systems, PLCs, field devices, gateways, and cloud-connected IIoT platforms. You will simulate advanced adversary tactics to expose vulnerabilities and provide strategic remediation guidance. The role is suited for professionals with a deep understanding of both enterprise IT security and industrial/embedded system ecosystems. Responsibilities 1-Vulnerability Assessment & Penetration Testing (IT + ICS/IIoT): Perform black-box, grey-box, and white-box VAPT on: Enterprise IT assets (servers, databases, web/mobile apps, Active Directory, cloud) OT/ICS assets (PLCs, RTUs, HMIs, engineering workstations, protocol gateways) IIoT platforms (MQTT/CoAP-based telemetry, edge gateways, cloud dashboards) Emulate APT-level attacks across air-gapped, segmented, or hybrid IT-OT architectures. Execute Red Team scenarios to simulate insider threats or supply chain compromise. 2- ICS Protocol & Field Device Security Testing: Analyze and exploit vulnerabilities in ICS protocols: Modbus TCP, DNP3, IEC 104, OPC-UA, S7comm, Profinet, BACnet, CIP (EtherNet/IP), MQTT, CoAP Perform live traffic analysis, packet manipulation, and protocol fuzzing to test resilience. Evaluate control logic vulnerabilities in ladder logic, structured text, and function blocks. 3- Firmware & Hardware Exploitation (IIoT/ICS Devices): Extract and analyze firmware from industrial devices using JTAG, UART, SPI interfaces. Perform static and dynamic analysis using Ghidra, Binwalk, Radare2, or IDA Pro. Reverse engineer file systems (e.g., squashfs, cramfs) and analyze web interfaces or CLI backdoors. Exploit misconfigured bootloaders, insecure firmware upgrade mechanisms, or exposed debug ports. 4- Network Architecture & Segmentation Testing: Review and test IT-OT segmentation via firewall ACLs, VLANs, DMZ configurations. Assess trust relationships, weak credential policies, and insecure remote access (e.g., exposed VNC, Telnet, RDP). Identify unauthorized bridging of air-gapped networks or misconfigured routing/switching. 5- Cloud & IIoT Platform Security: Evaluate MQTT brokers, edge-to-cloud telemetry, and analytics pipelines. Test REST APIs, insecure mobile app integrations, and cloud misconfigurations (S3, IAM, IoT Core). Identify insecure certificate handling, default API tokens, and lack of encryption at rest/in transit. Reporting & Mitigation Develop technical and executive-level reports with CVSS scoring, attack paths, and exploitation evidence. Recommend hardening measures for both IT (patches, SIEM, EDR) and OT (control policy tuning, physical zoning, least privilege for operators). Coordinate with ICS engineers, IT admins, and SOC teams for patch validation and monitoring upgrades. Compliance & Framework Alignment Ensure assessments comply with industry and regulatory frameworks: NIST SP 800-82, ISA/IEC 62443, ISO 27001, NERC CIP, SANS ICS Top 20 Map findings to MITRE ATT&CK for ICS and monitor emerging CVEs relevant to industrial products. Eligibility Educational Background: Bachelor’s or Master’s in Cybersecurity, Computer Science, Industrial Automation, Electronics, or a related field. Technical Skills: Deep knowledge of ICS/SCADA systems, embedded architectures, and real-time OS (VxWorks, QNX, FreeRTOS). Hands-on experience with tools: VAPT Tools: Nessus, Burp Suite, Metasploit, Nmap, Nikto, SQLMap ICS Tools: Wireshark, Scapy, PLCScan, ICSFuzz, S7comm Tools, Conpot, ModScan Firmware Tools: Binwalk, Ghidra, Radare2, OpenOCD, Logic Analyzers IIoT Security: Shodan, Censys, MQTTX, Postman, OWASP ZAP Certifications (Preferred): OSCP, GRID, GICSP, CRT, CRTP, CEH, CISSP, or equivalent. Participation in ICS/IoT-focused CTFs or open-source contributions is a plus. Travel As and when required, across the country for project execution and monitoring as well as for coordination with geographically distributed teams. Communication Submit a cover letter summarising your experience in relevant technologies and software along with a resume and the Latest passport-size photograph. Show more Show less

Cyber security - Automotive REQUIRED EXPERIENCE /SKILLS 8+ years of experience in automotive embedded software development. Develop and execute cybersecurity test plans for vehicle ECUs, communication networks (CAN, LIN, Ethernet), and connected systems. Perform threat and risk analysis (TARA) and validate mitigation measures. Conduct vulnerability assessments and penetration testing of automotive systems. Utilize tools like CANoe, Vector tools, and fuzzing frameworks to validate network security. Perform security regression testing on firmware/software releases. Validate compliance with ISO/SAE 21434, UNECE WP.29 (R155/R156) standards. Prepare technical documentation including test reports, risk assessments, and validation results Show more Show less

Company Description Checkmate Security is a specialized IT Security firm focusing on Fuzzing, Penetration Testing, Audits, and Security assessments. With expertise in finding flaws in applications and real attacker simulation, we provide comprehensive security solutions to our clients. Role Description This is a full-time hybrid role for an Emergency Response Officer at Checkmate Security. The role is located in Hyderabad with the flexibility to work from home. The Emergency Response Officer will be responsible for emergency services, physical security, training, security protocols, and firefighting procedures. Qualifications Emergency Services and Firefighting skills Physical Security and Security training expertise Experience in security protocols and emergency response Strong problem-solving and decision-making abilities Excellent communication and teamwork skills Ability to work in a fast-paced and high-pressure environment Experience in IT security or related field is a plus Certifications in emergency response or security management are beneficial Show more Show less

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are looking for a reliable and diligent security engineer with excellent judgment and a strong track record in security and software engineering, who can bring his or her experience to help drive solutions for the most challenging security problems in Azure through a data-driven, product-driven lens In this role, you will advance security by working with other Security Engineers, Program and Product Managers, and Developers, as well as business leaders throughout Microsoft to turn individual findings and vulnerabilities into patterns and insights that can be measured and managed through engineering, automation, and other appropriate mitigations. You will provide technical security leadership, inside and outside of Microsoft and stay on top of current developments for the benefit of Microsoft products and services. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Responsibilities Vulnerability discovery and variant hunting: Using the best available and most appropriate methodologies, including threat modeling, penetration testing, security design analysis, fuzzing, SAST and DAST, etc., you will examine chosen target systems in detail, looking for vulnerabilities and weaknesses, perform variant hunting looking for larger patterns, conduct qualitative and quantitative analysis over those patterns, and drive solutions upstream in a data-driven, shift-left fashion. Solution design and delivery: You will help design solutions for security problems, partner with service teams and other security stakeholders to ensure rapid adoption of solutions and mitigation of threats from beginning to end. Threat modeling / Architecture reviews: You will review the design of services from a security perspective to identify vulnerabilities and weaknesses in the architecture, make appropriate recommendations, and guide teams to implement those recommendations. Software Development – You will prototype and create tools and scanners to automate the discovery and prevention of vulnerabilities across Azure services Follow through and closure. You will partner with engineers, product and program managers, and leaders around the company to ensure the successful completion of work to address your findings. Qualifications Strong leadership, empathy, and interpersonal skills. Bachelor of Science in Computer Science, Mathematics, Engineering or equivalent experience or education 8+ years’ experience in a hands-on security role, with demonstrable software engineering skills Expert level knowledge regarding multiple classes of vulnerabilities, including cross-site scripting, buffer overflows, SQL injection, TOCTOU (Time of Check Time of Use) vulnerabilities, cryptographic weaknesses, insecure direct object references, and others, and the ability to communicate about them to technical and non-technical audiences Demonstrated coding skills in one or more popular languages and platforms, including C#, Java, C++, JavaScript/Typescript, SQL, assembly, Ruby, Python, GoLang, and others, and the ability to pick up new languages, platforms, and frameworks platforms quickly Demonstrated knowledge and understanding of Microsoft Azure or competing cloud services. Preferred Qualifications Experience in technical disciplines outside the security space, including general software development, networking, database management, big data and full-stack development is a strong plus Masters of Science in Computer Science, Mathematics or Engineering is a strong plus #AzureSecurity #VariantHunting #MSFTSecurity Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations. Show more Show less

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are looking for a reliable and diligent security engineer with excellent judgment and a strong track record in security and software engineering, who can bring his or her experience to help drive solutions for the most challenging security problems in Azure through a data-driven, product-driven lens In this role, you will advance security by working with other Security Engineers, Program and Product Managers, and Developers, as well as business leaders throughout Microsoft to turn individual findings and vulnerabilities into patterns and insights that can be measured and managed through engineering, automation, and other appropriate mitigations. You will provide technical security leadership, inside and outside of Microsoft and stay on top of current developments for the benefit of Microsoft products and services. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Responsibilities Vulnerability discovery and variant hunting: Using the best available and most appropriate methodologies, including threat modeling, penetration testing, security design analysis, fuzzing, SAST and DAST, etc., you will examine chosen target systems in detail, looking for vulnerabilities and weaknesses, perform variant hunting looking for larger patterns, conduct qualitative and quantitative analysis over those patterns, and drive solutions upstream in a data-driven, shift-left fashion. Solution design and delivery: You will help design solutions for security problems, partner with service teams and other security stakeholders to ensure rapid adoption of solutions and mitigation of threats from beginning to end. Threat modeling / Architecture reviews: You will review the design of services from a security perspective to identify vulnerabilities and weaknesses in the architecture, make appropriate recommendations, and guide teams to implement those recommendations. Software Development – You will prototype and create tools and scanners to automate the discovery and prevention of vulnerabilities across Azure services Follow through and closure. You will partner with engineers, product and program managers, and leaders around the company to ensure the successful completion of work to address your findings. Qualifications Strong leadership, empathy, and interpersonal skills. Bachelor of Science in Computer Science, Mathematics, Engineering or equivalent experience or education 8+ years’ experience in a hands-on security role, with demonstrable software engineering skills Expert level knowledge regarding multiple classes of vulnerabilities, including cross-site scripting, buffer overflows, SQL injection, TOCTOU (Time of Check Time of Use) vulnerabilities, cryptographic weaknesses, insecure direct object references, and others, and the ability to communicate about them to technical and non-technical audiences Demonstrated coding skills in one or more popular languages and platforms, including C#, Java, C++, JavaScript/Typescript, SQL, assembly, Ruby, Python, GoLang, and others, and the ability to pick up new languages, platforms, and frameworks platforms quickly Demonstrated knowledge and understanding of Microsoft Azure or competing cloud services. Preferred Qualifications Experience in technical disciplines outside the security space, including general software development, networking, database management, big data and full-stack development is a strong plus Masters of Science in Computer Science, Mathematics or Engineering is a strong plus #AzureSecurity #VariantHunting #MSFTSecurity Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations. Show more Show less

Job Summary : We are seeking a highly skilled and curious Security Researcher to join our cybersecurity team. As a Security Researcher, you will investigate vulnerabilities, analyze malware, and uncover emerging threats to protect our infrastructure and products. This role is ideal for someone passionate about offensive and defensive security, reverse engineering, and continuous learning. Key Responsibilities : Research and discover new vulnerabilities in software, systems, and protocols (zero-day and known CVEs) Analyze malware samples, APT techniques, and exploit kits to understand their behavior and implications Monitor threat intelligence sources to identify trends, TTPs (tactics, techniques, and procedures), and threat actors Develop and refine detection signatures, proof-of-concepts (PoCs), and mitigation strategies Contribute to open-source tools, whitepapers, or technical blogs on cybersecurity topics Participate in bug bounty programs and responsible disclosure initiatives Stay up to date with the latest security technologies, exploits, and research trends Cloud security best practices and CIS benchmark Required Skills & Qualifications: Solid understanding of operating system internals (Windows, Linux, macOS) 5+ years in cybersecurity or related field . Strong knowledge of network protocols, encryption standards, and web/app security Experience with scripting/programming languages (e.g., Python, C/C++, Go, Bash) Familiarity with vulnerability research, fuzzing, and exploit development Comfortable with tools such as Wireshark, Burp Suite, Metasploit, and custom scripts Understanding of MITRE ATT&CK, threat modeling, and IOC analysis Experience with static and dynamic analysis of malware Experience with AWS, Azure, GCP Preferred Qualifications: Contributions to security research communities (e.g., CVEs, open-source tools, DEF CON/Black Hat presentations) Familiarity with cloud security (AWS, Azure, GCP) Exploitation Kubernetes cluster security best practices Experience with binary exploitation, ROP chains, and sandbox evasion techniques Offensive Security certifications (e.g., OSCP, OSCE, OSEP) or GIAC (e.g., GREM, GXPN) Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field or equivalent practical experience Show more Show less

Location Hinjewadi, Pune - Maharashtra, India FORVIA HELLA is a listed, international automotive supplier. Coming together with Faurecia in the FORVIA Group, we build the world's seventh largest supplier of automotive technologies. As a global market leader in high-growth areas, FORVIA employs 157,000 people worldwide. FORVIA HELLA therein stands for high-performance lighting technology and automotive electronics. At the same time, we cover a broad service and product portfolio for the spare parts and workshop business as well as for manufacturers of special vehicles with our Business Group Lifecycle Solutions. With around 37,500 employees at over 125 locations, the Company is active worldwide and generated adjusted sales of € 8.1 billion on a preliminary basis in the fiscal year 2023. YOUR TASKS Responsibility: Oversee product cyber security in high-complexity development projects from acquisition to start of production (SOP) according to ISO/SAE 21434 or UNECE R-155. Planning & Development: Develop security activities and evaluate development efforts. Evaluation & Approval: Approve security concepts and strategies throughout development phases. QCT Targets: Achieve Quality, Cost, and Time targets related to cyber security work products. Tasks / Areas of Responsibility Planning & Guidance: Independently plan necessary cyber security activities and provide guidance to colleagues. Risk Analysis: Analyze product scope for cyber security risks, considering known weaknesses and vulnerabilities. Coordination Define a holistic product cyber security concept. Coordinate with customers, suppliers, and subcontractors. Report to customers and obtain information from subcontractors. Support: Assist the development team in selecting security-compliant technologies and cryptographic procedures. Verification Methods: Define verification methods like fuzzing, vulnerability scanning, and penetration testing. Assessments & Training: Prepare cyber security assessments and implement training measures. Communication: Facilitate communication within the global HELLA cyber security network to improve processes. Your Qualifications Bachelor's OR master's degree in engineering ISO-21434 certification OR working experience CISSP certification is preferred Location - Hinjewadi Phase - 1. Hybrid Working. Even if you do not meet all our requirements, do not hesitate to apply to us, because the further development of our employees is very important to us and opens up a wide range of opportunities for you in our company. FORVIA HELLA stands for the variety of all employees. Inclusion and diversity are firmly anchored in our company culture. We are continuously looking for new team players and welcome applications from all interested parties, regardless of their ethical and social background, age, religion, gender, disability, sexual orientation or identity. HELLA India Automotive Pvt Ltd. Rimsha Shaikh Show more Show less

Automotive Product Cyber Security Manager Location Hinjewadi, Pune - Maharashtra, India FORVIA HELLA is a listed, international automotive supplier. Coming together with Faurecia in the FORVIA Group, we build the world's seventh largest supplier of automotive technologies. As a global market leader in high-growth areas, FORVIA employs 157,000 people worldwide. FORVIA HELLA therein stands for high-performance lighting technology and automotive electronics. At the same time, we cover a broad service and product portfolio for the spare parts and workshop business as well as for manufacturers of special vehicles with our Business Group Lifecycle Solutions. With around 37,500 employees at over 125 locations, the Company is active worldwide and generated adjusted sales of € 8.1 billion on a preliminary basis in the fiscal year 2023. YOUR TASKS Responsibility: Oversee product cyber security in high-complexity development projects from acquisition to start of production (SOP) according to ISO/SAE 21434 or UNECE R-155. Planning & Development: Develop security activities and evaluate development efforts. Evaluation & Approval: Approve security concepts and strategies throughout development phases. QCT Targets: Achieve Quality, Cost, and Time targets related to cyber security work products. Tasks / Areas of Responsibility Planning & Guidance: Independently plan necessary cyber security activities and provide guidance to colleagues. Risk Analysis: Analyze product scope for cyber security risks, considering known weaknesses and vulnerabilities. Coordination: Define a holistic product cyber security concept. Coordinate with customers, suppliers, and subcontractors. Report to customers and obtain information from subcontractors. Support: Assist the development team in selecting security-compliant technologies and cryptographic procedures. Verification Methods: Define verification methods like fuzzing, vulnerability scanning, and penetration testing. Assessments & Training: Prepare cyber security assessments and implement training measures. Communication: Facilitate communication within the global HELLA cyber security network to improve processes. YOUR QUALIFICATIONS Bachelor's OR master's degree in engineering ISO-21434 certification OR working experience CISSP certification is preferred Location - Hinjewadi Phase - 1. Hybrid Working. Even if you do not meet all our requirements, do not hesitate to apply to us, because the further development of our employees is very important to us and opens up a wide range of opportunities for you in our company. FORVIA HELLA stands for the variety of all employees. Inclusion and diversity are firmly anchored in our company culture. We are continuously looking for new team players and welcome applications from all interested parties, regardless of their ethical and social background, age, religion, gender, disability, sexual orientation or identity. HELLA India Automotive Pvt Ltd. Rimsha Shaikh

The Company PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We operate a global, two-sided network at scale that connects hundreds of millions of merchants and consumers. We help merchants and consumers connect, transact, and complete payments, whether they are online or in person. PayPal is more than a connection to third-party payment networks. We provide proprietary payment solutions accepted by merchants that enable the completion of payments on our platform on behalf of our customers. We offer our customers the flexibility to use their accounts to purchase and receive payments for goods and services, as well as the ability to transfer and withdraw funds. We enable consumers to exchange funds more safely with merchants using a variety of funding sources, which may include a bank account, a PayPal or Venmo account balance, PayPal and Venmo branded credit products, a credit card, a debit card, certain cryptocurrencies, or other stored value products such as gift cards, and eligible credit card rewards. Our PayPal, Venmo, and Xoom products also make it safer and simpler for friends and family to transfer funds to each other. We offer merchants an end-to-end payments solution that provides authorization and settlement capabilities, as well as instant access to funds and payouts. We also help merchants connect with their customers, process exchanges and returns, and manage risk. We enable consumers to engage in cross-border shopping and merchants to extend their global reach while reducing the complexity and friction involved in enabling cross-border trade. Our beliefs are the foundation for how we conduct business every day. We live each day guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Together, our values ensure that we work together as one global team with our customers at the center of everything we do – and they push us to ensure we take care of ourselves, each other, and our communities. Job Description Summary: What you need to know about the role This role requires a deep understanding of modern application security principles, methodologies, and tools. The ideal candidate will have a proven track record of designing, implementing, and managing comprehensive application security programs within large-scale enterprises. Meet our team The Application Security Architect at PayPal is a seasoned AppSec expert and will be responsible for Security Architecture functions within the enterprise (ECS Security Architecture). This position involves collaborating with development teams, security engineers, and other stakeholders to identify, assess, and mitigate application security risks throughout the software development lifecycle (SDLC). Job Description: Your way to Impact You will be responsible for developing and maintaining a robust application security strategy and architecture that aligns with industry best practices and regulatory requirements. The ideal candidate will possess a deep understanding of both AppSec and general cybersecurity principles. Your Day to Day Develop and maintain a robust application security strategy, standards and target state architectures which aligns with industry best practices and regulatory requirements. Be the application security advocate across the organization. Lead discussions and reviews around new technologies, framework enhancements and product reviews. Define and improve application security in the SDLC, ensuring security is prioritized from inception to deployment. Conduct regular security architecture risk assessments and threat modelling to implement effective risk mitigation strategies. Ensure compliance with relevant security standards, regulations, and industry frameworks (e.g., PCI DSS, GDPR). Maintain awareness on latest DevSecOps approaches and how they fit into large enterprise organization’s AppSec program. Collaborate with software engineers and leadership teams as well and cybersecurity teams to integrate security controls throughout the software development lifecycle. Be comfortable interfacing and providing guidance to senior and technical leadership on application security issues/approaches, to achieve the deployment of effective security solutions. What do you need to bring Degree in Computer Science, Cybersecurity, Mathematics, or a related field. 15+ years' experience in AppSec, Software/Systems Engineering, and/or Architecture. Expert level understanding of NodeJS, Java, modern web development frameworks and Service Oriented Architecture (SOA). Familiarity with iOS, Android and browser SDK development. Expert level understanding of AppSec scanning tools across SAST/SCA/DAST/IAST/Container Security/API Security/Secret Scanning/Fuzzing in large enterprise environments. In depth knowledge of SDLC, and CI/CD pipelines best practices. Good understanding of SLSA and supply chain security. Expert level understanding of containerized platforms and security best practices. In depth understanding of cybersecurity principles, including cryptography, authentication, web security, vulnerability assessments and threat detection. Desired expertise in various security testing activities, including penetration testing, vulnerability scanning, and code reviews. Working knowledge of major cloud platforms such as AWS, Azure, Google Cloud. Industry certifications (e.g., CISSP, CISM, CCSP, or equivalent) are a plus. **We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply. For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: At PayPal, we’re committed to building an equitable and inclusive global economy. And we can’t do this without our most important asset—you. That’s why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you. We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit https://www.paypalbenefits.com Who We Are: To learn more about our culture and community visit https://about.pypl.com/who-we-are/default.aspx Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at paypalglobaltalentacquisition@paypal.com. Belonging at PayPal: Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal. Any general requests for consideration of your skills, please Join our Talent Community. We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don’t hesitate to apply.

Principal Security Engineering Manager Hyderabad, Telangana, India Date posted May 12, 2025 Job number 1823324 Work site Microsoft on-site only Travel 0-25 % Role type People Manager Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. As a manager in the Continuous Security Validation & Assurance (CSVA) security engineering team, you will have an opportunity to contribute your deep technical leadership and problem-solving skills to lead a team of engineers working on the security of the underlying platform, code and infrastructure of many Microsoft products used by millions of customers. We build and manage services to manage continuous security posture of cloud scale services. The team is customer-focused with an emphasis on security, great user experience and reliability. You would drive solutions to challenging technical problems involving security for large scale systems and lead critical design initiatives, be accountable for delivery and take part in strategic and tactical decisions in the context of mission-critical services. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Qualifications 8-10 years of overall industry experience in software development and building world class solutions with at least 3-5 years of that as SWE manager. A Bachelor’s degree in Computer Science or equivalent experience Experience in designing, coding, debugging and testing production grade cloud services with a high emphasis on security. Experience/understanding of addressing security issues in distributed cloud-based environments and across the dev ops ecosystem. Experience in technical leadership in driving engineering roadmaps, leading v-teams, mentoring and helping others grow technically. Knowledge of common security vulnerabilities/mitigations Excellent communication, cross-team collaboration/influence, presentation skills. Passion to grow and develop other engineers and leads. Preferred Proficient with a cloud computing environment like Azure (preferred), GCP or AWS. Experience with CICD pipelines/automation, agile/scrum processes Experience building and operating scalable microservices using Docker + Kubernetes. Ability to reason about security challenges and propose practical solutions Knowledge of Security Development Lifecycle, security standards and frameworks like NIST, OWASP, etc. Experience implementing security features/automated mitigations for common security issues. Ability to define, design and implement telemetry and proactive monitoring for the services to run the operations efficiently in production environments. Experience with security tools/techniques such as SAST, DAST, fuzzing, pen-testing, etc. Exposure to security protocols and infrastructure components such as OAuth, OIDC, PKI, IRM, A/AD, etc. Experience with reporting technologies/frameworks such as PowerBI. Experience with Kusto or other big data stores Responsibilities Lead the architecture, design and implementation of security engineering and security automation projects in the context of large scale services, working with a variety of stakeholders. Lead your team while also collaborating with stakeholders in peer teams and organizations to deliver production-grade solutions for security challenges that scale and work across multiple products while meeting standards of service quality, availability, scale and performance. Influence and align product vision by collaborating with customers, partners, product management and engineering teams. Have a hands-on approach to technical leadership in setting the engineering direction for the team with sound design and development best practices. Drive engineering roadmaps, leading teams, mentoring, and helping others grow. Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.