1201 Penetration Testing Jobs - Page 46

Responsibilities: Support the deployment of robust application security testing tooling in support of the application lifecycle of PTC products. Maintain and improve the application security testing suite to reduce vulnerabilities introduced into the PTC production environment. Support the expanding bug bounty and application penetration testing efforts across PTC. Participate in activities to support the integration of security controls throughout the SDLC. Assist in the process of reviewing designs of new applications and products. Participate in the security testing efforts against our applications, including code reviews, black/white box testing of applications, and maintaining a continuous testing methodology. The qualifications below are ideal, but not all are required. We encourage candidates to apply if they satisfy some, but not all, qualifications. 3-5 years of experience in information security or equivalent experience 2-3 years of experience in hands-on application and product security disciplines or equivalent experience Experience with cloud technologies (i.e., AWS, Azure, Salesforce) Experience working with Salesforce Lighting, Salesforce Customer 360, or Salesforce field service products. Experience with threat modeling, systems analysis, and security design reviews Familiarity with SAST, DAST, SCA, and penetration testing methodologies Good written and verbal communication skills Understanding of application and product architectures, scripting-based programming languages, web application stacks, and general approaches to implementation of an SDLC Ability to prioritize security efforts to mitigate the appropriate risks Ability to identify, analyze, and explain the present or future needs for proposed security initiatives to team leads Ability to influence with empathy and compassion Bonus: Experience with CI/CD practices and platform tools (Jenkins, Travis, GitHub, etc.) Bonus: Background with containers and orchestration technologies (Docker, Kubernetes, Helm) Ideal candidates will thrive in our culture if they have a passion for: Building quality products with a mindset on safety and security Operating in a fast-moving and high-growth environment Working as a team player with an entrepreneurial work ethic Security, learning, and continuous improvement

locationsGURGAON, INDINDIA VIRTUAL, IND time typeFull time posted onPosted 4 Days Ago time left to applyEnd DateMay 23, 2025 (10 days left to apply) job requisition idR1146865 . Key Responsibilities Security Administration Design, Engineer and manage security solutions. Configure, monitor, and troubleshoot systems to ensure optimal performance and security. Plan and execute upgrades, patches, and other maintenance activities for security tooling. Collaborate with the cybersecurity team to ensure robust security measures and compliance with industry standards. Technical Support and Troubleshooting: Provide advanced technical support for AWS cloud networking issues. Mentor and guide junior engineers and IT support staff. Documentation and Reporting Create and maintain comprehensive documentation of configurations, procedures, and processes. Generate regular reports on system performance, security incidents, and maintenance activities. Qualifications Education : Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field; or equivalent work experience. Experience : At least 3 years of hands-on experience in Cyber Security. Technical Skills: Strong understanding of network protocols and services (TCP/IP, DNS, VPN, etc.).Knowledge of scripting languages (PowerShell, Python) for automation. Key Competencies Problem-Solving Skills: Strong analytical and troubleshooting abilities to diagnose and resolve complex technical issues. Communication Skills: Excellent verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders. Project Management Ability to manage multiple projects and priorities in a fast-paced environment. Offers of employment are conditional upon passage of screening criteria applicable to the job.

Experience: 4 to 7.5 years Location: Bangalore / Pune Job Type: Full-Time Key Responsibilities Conduct manual security code reviews on applications developed in Java and C# to identify and remediate security issues. Perform dynamic and static application security testing (DAST/SAST) using tools such as: AppScan Netsparker Acunetix Checkmarx Veracode Burp Suite OWASP ZAP Utilize Kali Linux and other penetration testing toolsets for application assessments. Collaborate with development and QA teams to provide guidance on secure coding practices and remediation strategies. Document security findings and provide detailed, actionable recommendations. Stay up to date on current and emerging security threats, vulnerabilities, and industry best practices. Required Skills 4 to 7.5 years of relevant experience in application security . Strong experience in manual code review , particularly in Java and C# . Proficient in using a wide range of application security tools (DAST, SAST, IAST). Knowledge of common vulnerabilities (e.g., OWASP Top 10) and secure coding principles. Experience working with DevSecOps or integrating security into the SDLC is a plus. Excellent communication and analytical skills. Preferred Certifications (optional but beneficial) OSCP , CEH , CISSP , GIAC GWAPT/GWEB , or similar certifications.

Senior Manager, Penetration Testing & Red Teaming What you will do Let’s do this. Let’s change the world. In this vital role has a strong focus on ensuring the organization's infrastructure, applications, and systems are secure from external and internal threats. As a senior-level position, this role involves not only hands-on penetration testing but also overseeing teams, setting testing strategies, and working closely with other security and engineering teams to implement long-term security improvements. The ideal candidate has in-depth knowledge of cybersecurity practices, experience in complex security assessment practices and strong leadership skills. Roles & Responsibilities: Develop and implement the penetration testing strategy in alignment with Amgen’s security framework. Champion a proactive security culture, integrating offensive security principles into Amgen’s broader risk management program. Lead, mentor, and develop a team of penetration testers, fostering a culture of innovation and continuous learning. Provide coaching and training to enhance the team’s technical and strategic capabilities. Build and maintain a high-performance security team, ensuring strong succession planning and career development opportunities. Oversee complex penetration testing engagements, ensuring high-quality execution and impactful reporting. Establish standard methodologies and frameworks for offensive security testing, risk assessment, and mitigation strategies. Ensure penetration testing methodologies align with industry standards (e.g., PTES, OWASP, MITRE ATT&CK). Serve as a trusted advisor to security, engineering, and executive leadership teams on cybersecurity risks and offensive security findings. Advocate for secure development practices and influence secure-by-design principles across engineering teams. Communicate technical security risks in business terms to executive collaborators and senior leadership. Define and enforce security testing policies, methodologies, and compliance requirements. Drive initiatives to enhance security automation and continuous testing frameworks. Ensure penetration testing efforts contribute to regulatory compliance (e.g., ISO 27001, NIST). What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master’s degree and 8 to 10 years of experience in Computer Science, Cybersecurity or Information Systems related field OR Bachelor’s degree and 10 to 14 years of experience in Computer Science, Cybersecurity or Information Systems related field OR Diploma and 14 to 18 years of experience in Computer Science, Cybersecurity or Information Systems related field Must-Have Skills: Proven experience in leading and managing high-performing security teams. Strong ability to influence senior collaborators and drive security adoption across an organization. Ability to translate technical security risks into business-aligned security strategies. Experience building and managing enterprise-wide penetration testing programs. Demonstrated ability to foster a culture of innovation, learning, and collaboration within security teams. Technical & Security Skills Deep knowledge of penetration testing frameworks and methodologies (e.g., OWASP, NIST, MITRE ATT&CK, PTES). Strong understanding of web application, cloud, and infrastructure security vulnerabilities. Experience with security tools such as Burp Suite, OWASP ZAP, Metasploit, Kali Linux. Familiarity with secure coding principles, threat modeling, and adversary simulation. Professional Certifications (please mention if the certification is preferred or mandatory for the role): PreferredOSCP, OSWE, OSWA, eWPTX, GWAPT, GXPN PreferredCISSP Preferred Qualifications: Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

IS Specialist OT Security What you will do Let’s do this. Let’s change the world. In this vital role you will [responsible for developing and implementing security strategies that protect industrial control systems (ICS), SCADA networks, and other manufacturing infrastructure components. This role ensures the integrity, availability, and confidentiality of OT environments by integrating security monitoring, risk management, and compliance efforts into industrial operations. The OT Security Engineer works closely with Security Operations, Engineering and Infrastructure, and Operations to safeguard systems against cyber threats. Key responsibilities include implementing security best practices for OT, managing vulnerabilities, and collaborating with stakeholders to enhance the security posture of OT environments. . Roles & Responsibilities: Define, lead, and implement security strategies for OT environments, focusing on Industrial Control Systems (ICS) and SCADA. Implement and manage OT-specific security monitoring tools, ensuring real-time detection and response to cyber threats. Collaborate with engineering and operational teams to integrate security measures into OT network architectures. Assess and mitigate vulnerabilities in OT environments, ensuring compliance with industry standards (e.g., NIST 800-82, IEC 62443). Support security incident response efforts, including forensic analysis and remediation of threats in industrial environments. Coordinate with vendors, partners, and government agencies to address OT cybersecurity challenges. Develop security policies, procedures, and guidelines tailored to OT environments. Provide training and awareness programs to operational teams regarding OT cybersecurity best practices. Maintain relationships with vendors and strategic partners to enhance security capabilities. What we expect of you We are all different, yet we all use our unique contributions to serve patients. The [vital attribute] professional we seek is a [type of person] with these qualifications. Basic Qualifications: Master’s degree with 4- 6years of experience in Information Systems or related field OR Bachelor’s degree with 6- 8years of experience Information Systems or related field OR Diploma with 10– 12years of experience in Information Systems or related field Preferred Qualifications: Must-Have Skills: Solid understanding of ICS, SCADA, and OT security principles Experience with network segmentation, firewalls, and intrusion detection systems in OT environments Knowledge of industrial protocols (e.g., Modbus, DNP3, BACnet, OPC, CIP) and their security implications Understanding of risk management frameworks (e.g., NIST 800-82, IEC 62443, NERC CIP) Experience with security monitoring and detection in OT environments Good-to-Have Skills: Experience with security assessments and penetration testing for OT networks Proficiency in security tools (e.g., Nozomi Networks, Dragos, Claroty, Armis) Knowledge of cloud security and how it integrates with OT environments Scripting and automation skills (e.g., Python, PowerShell) Familiarity with compliance and regulatory requirements for critical infrastructure Professional Certifications (please mention if the certification is preferred or required for the role): GICSP (Global Industrial Cyber Security Professional) – Preferred CISSP (Certified Information Systems Security Professional) – Preferred ISA/IEC 62443 Cybersecurity Certificate – Preferred CompTIA Security+ – Preferred Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now for a career that defies imagination Objects in your future are closer than they appear. Join us. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Project Role : Quality Engineer (Tester) Project Role Description : Enables full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Performs continuous testing for security, API, and regression suite. Creates automation strategy, automated scripts and supports data and environment configuration. Participates in code reviews, monitors, and reports defects to support continuous improvement activities for the end-to-end testing process. Must have skills : Infrastructure Penetration Testing Good to have skills : Automated Testing, Agile Testing, Test Automation Strategy Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Quality Engineer, you will enable full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Your typical day will involve performing continuous testing for security, API, and regression suites, creating automation strategies, and supporting data and environment configurations. You will also participate in code reviews and monitor defects to support continuous improvement activities for the end-to-end testing process, ensuring that the highest standards of quality are maintained throughout the project lifecycle. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Collaborate with cross-functional teams to ensure seamless integration of testing processes. Develop and maintain automated testing scripts to enhance testing efficiency. Design, develop, and maintain automated test scripts for Terraform and Sentinel policies Implement and manage test automation frameworks for DevSecOps toolchain orchestration Collaborate with development, operations, and security teams to ensure comprehensive test coverage and adherence to best practices Perform continuous integration and continuous deployment (CI/CD) pipeline testing to ensure seamless integration of security measures Identify, document, and track defects, and work with developers to resolve issues Conduct performance and security testing to validate the robustness and resilience of infrastructure as code (IaC) implementations Professional & Technical Skills: Must To Have Skills: Proficiency in Infrastructure Penetration Testing. Good To Have Skills: Experience with Automated Testing, Agile Testing, Test Automation Strategy. Strong understanding of security testing methodologies and tools. Experience in creating and executing test plans and test cases. Familiarity with continuous integration and continuous deployment practices. Proven experience (min. 3 years) in test automation, particularly with Terraform and Sentinel or similar role Strong expertise in DevSecOps and infrastructure as code (IaC) principles Experience with CI/CD tools such as GitHub, GitHub Actions, Jenkins, and JFrog Platform Solid understanding of cloud platforms, specifically Google Cloud Platform (GCP) and Microsoft Azure Knowledge of containerization technologies (Docker, Kubernetes) and orchestration. Experience with security testing tools and methodologies Certifications in Terraform or other relevant technologies Proficiency with scripting languages (e.g., Python, JavaScript, Ruby). Additional Information: The candidate should have minimum 3 years of experience in Infrastructure Penetration Testing. This position is based at our Hyderabad office. A 15 years full time education is required. Qualification 15 years full time education

Security Architecture Design Design and implement security frameworks for blockchain applications Ensure secure interactions between the blockchain platform and external systems Data Protection and Encryption Required Candidate profile Experience in securing blockchain-based applications. Familiarity with decentralized identity solutions Security certifications such as CISSP, CEH, CISM, or Blockchain Security Professional (CBSP)

Description: Work with multiple medical customers in the areas of - - Threat modelling, security requirements and architecture - Drive security lifecycle for multiple customer projects - Drive pen testing requirements across projects - Take part in customer discussions for new business development activities - Setup security practice for MedTech in India Requirements: - Must have 15+ years of experience in cyber security areas - Must be efficient in medical domain security - Must have experience with medical device security: threat modelling, pen testing, SAST, DAST - Must be hands on with pen testing of medical devices, application and cloud Job Responsibilities: Work with multiple medical customers in the areas of - - Threat modelling, security requirements and architecture - Drive security lifecycle for multiple customer projects - Drive pen testing requirements across projects - Take part in customer discussions for new business development activities - Setup security practice for MedTech in India What We Offer: Exciting Projects: We focus on industries like High-Tech, communication, media, healthcare, retail and telecom. Our customer list is full of fantastic global brands and leaders who love what we build for them. Collaborative Environment: You Can expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment — or even abroad in one of our global centers or client facilities! Work-Life Balance: GlobalLogic prioritizes work-life balance, which is why we offer flexible work schedules, opportunities to work from home, and paid time off and holidays. Professional Development: Our dedicated Learning & Development team regularly organizes Communication skills training(GL Vantage, Toast Master),Stress Management program, professional certifications, and technical and soft skill trainings. Excellent Benefits: We provide our employees with competitive salaries, family medical insurance, Group Term Life Insurance, Group Personal Accident Insurance , NPS(National Pension Scheme ), Periodic health awareness program, extended maternity leave, annual performance bonuses, and referral bonuses. Fun Perks: We want you to love where you work, which is why we host sports events, cultural activities, offer food on subsidies rates, Corporate parties. Our vibrant offices also include dedicated GL Zones, rooftop decks and GL Club where you can drink coffee or tea with your colleagues over a game of table and offer discounts for popular stores and restaurants!

Position Overview: We are seeking a highly skilled and motivated IoT / Embedded Security Engineer to join our team. The ideal candidate must have a strong background in IoT / embedded systems security, with a proven track record in identifying vulnerabilities and implementing robust security measures. Roles and Responsibilities: Conduct security assessments and risk analysis of embedded medical devices. Develop and implement security protocols and solutions for medical devices. Design and execute penetration testing and vulnerability assessments. Research and stay updated on emerging threats, vulnerabilities, and security trends in IoT and embedded systems. Collaborate with cross-functional teams to integrate security measures into the development lifecycle of products. Provide technical guidance and support to internal teams on security best practices. Participate in the design and architecture of secure IoT and embedded systems. Mandatory Skills: Bachelor's or Master's degree in Electrical Engineering, Computer Science or Electronic field. Proven experience (5 years) in IoT and embedded systems security. Strong knowledge of IoT protocols (e.g., UART, I2C, JTAG, MQTT, CoAP, HTTP) and embedded system architecture Experience with reverse engineering ARM/MIPS/x86 code architecture. Hands on with hardware attacks such as PCB reversing, Component identification,Side channel attacks,memory extraction methods. Knowledge of radio frequency (RF) protocols and related security implications such as BLE, WIFI, LoRa,DSP, SDR, etc. Understanding of industrial IoT (IIoT) security considerations. Experience with various hardware security assessment tools/frameworks. Familiarity with hardware security concepts such as secure boot, encryption, and secure firmware updates. Proficiency in programming languages commonly used in embedded systems (C/C++, Python). Proactive, problem-solver and the ability to work independently and within a team. Good to Have: Understanding of cryptographic algorithms and protocols. Knowledge of exploit development techniques, buffer overflows, and other memory corruption vulnerabilities applicable to embedded systems. Knowledge of secure coding practices and principles specific to embedded systems, including memory management and input validation. Familiarity with regulatory compliance and standards in IoT security. Any certification in IoT security, Embedded device security or similar, is a plus

Role & responsibilities Conduct vulnerability assessment and penetration testing for network, web applications, mobile applications and thick-client application Conduct configuration reviews for OS, DB, Firewall, Routers, Switches and other infrastructure components Conduct red-team assessments using social engineering, physical security compromise and other techniques Be well-versed with internal privilege escalation techniques Conduct source-code review using automated and manual approaches Prepare detailed reports as per NII format Ensure timely delivery of status updates and final reports to clients Handle client queries Keep oneself updated on the latest IT Security news, exploits, hacks Contribute technical content chapter meetings, blogposts Conduct internal and external trainings on various topics related to security assessment

Karthika Consulting & Solutions Pvt Ltd is looking for Information Technology Professional to join our dynamic team and embark on a rewarding career journey Manage and adapt forecasting tools to effectively monitor inventory, consolidate financial and operational KPI's (SharePoint). Design for new LAN cabling including patch panels, UTP, switches, router. Work on many different customer migrations including IIS, email, DNS, SQL and others programs. Assist in collection, maintenance, and management of employee records, biweekly payroll processing, and benefits submissions. Install and troubleshoot company wireless internet. Migrate Linux DNS servers into Microsoft environment. Possess administrative access to install and troubleshoot software. Utilize Kali Linux to test for vulnerabilities against internal and external infrastructure. Install and configure secured environments, VPN Internet connectivity of virtualize server environment and clients. Implement network services including data backups/restores, security, wireless connectivity, VPN and terminal servers. Maintain ERP system including troubleshooting, relationship management, contract negotiation, and new system proposal and comparison. Develop user/reader-friendly company intranet (SharePoint) to promote better collaboration, and ensure crisp succinct communications across all corporate channels.

Key Skills: Web Application Security, Penetration Testing Roles and Responsibilities: Conduct in-depth security assessments of medical device software using SAST and DAST tools, identifying and reporting vulnerabilities Analyze software bills of materials (SBOMs) to identify and mitigate supply chain risks Develop and maintain comprehensive security testing strategies and procedures Collaborate with software development teams to integrate security best practices into the development lifecycle Investigate and respond to security incidents and vulnerabilities Stay up-to-date on the latest security threats and trends in the medical device industry Assess Security Issue Findings: Assess the findings from SAST and DAST security issue reports to determine true/false positives Create custom rules for Veracode to enable the scanning tool to accurately identify custom security modules and libraries used by development teams, thereby reducing false positive findings Work with software developers and architects to determine appropriate mitigations for security issues Perform Manual Penetration Testing: Use Burp Suite, browser, or other tools to find security issues such as business logic-related issues and issues not usually found by automated security scanning tools Validate the implementation of security mitigations in addressing security issues using manual penetration testing techniques and tools Create and Execute Security Test Cases: Create and execute detailed security testing scripts using manual or automated approaches Create reusable test scripts for common security requirements In the process of creating security test cases, evaluate security requirements for gaps and research best practices for security issue remediation Consolidate testing results into standard templates for inclusion in regulatory documentation systems Map security requirements and functional or system requirements to show traceability Security Tools: Create and execute plans to evaluate new security tools Curate standard approaches in tools such as threat modeling tools to enable reuse Skills Required: Minimum of 5 years of experience in application security testing, with a focus on SAST, DAST, and SBOM analysis Minimum of 3 years of software development or practical automation using Python, Java, C#, or JavaScript Strong understanding of software development methodologies and programming languages Experience with security tools such as Fortify, AppScan, Veracode, or similar Knowledge of industry standards and regulations (e.g., FDA, IEC 62443) Excellent problem-solving, analytical, and communication skills Ability to work independently and as part of a team Preferred Qualifications: CISSP, CISM, or other relevant security certifications Experience in the medical device industry Knowledge of cloud security and DevOps practices Education: Bachelor's degree in Computer Science, Information Security, or a related field and Master's degree in Computer Science, Information Security, or a related field

Responsibilities Manage a team of senior Networking and Security personnel. Serves as the subject matter expert (SME) on Cloud networking and security, having previously worked in a senior technical network or security role. Help deliver and manage projects that apply the companys security policies and standards for use in cloud environments. Communicate security concepts to different audiences ranging from business leaders to engineers, as well as customers. Serve as a key subject matter expect in security and networking topics and support delivery of core services from a network security perspective. Mentor and influence team members in implementing and delivering projects and performing ongoing security and network monitoring. Help design security frameworks and effective solutions for vulnerability remediation. Develops standards, policies, and procedures as well as best practices documentation. Able to translate technical requirements into business requirements. Assist team members to update their security and networking skills and knowledge. Collaborate with other IT teams, developers, and business stakeholders to ensure alignment on network and security requirements. Stay up-to-date with the latest cloud networking and security trends and technologies. Develop and execute security roadmaps and initiatives. Drive change and improvements in security delivery of our Cloud security services. Education / Qualifications A university qualification of Bachelor's degree level in Engineering/IT, or a related field. Skills Required: Strong experience in a Security and networking leadership role (5 years+ in a management role combined with previous experience working at a senior technical level for 5 years+ in network/security role). Extensive security management experience in an environment leveraging Azure and/or AWS public cloud platforms. Strong Application, Networking, Cloud Security knowledge and experience. Previous experience working in environments that leverage public Cloud. Extremely knowledgeable in security and networking technical matters. Experience of compliance standards, including ISO27001 and/or SOC2. Familiarity with directives such as GDPR and NIS2/DORA. Experience of team management and interview protocols. Strong understanding of penetration testing and vulnerability assessments. Experience with project management and security project delivery. Solid understanding of application development and SDLC. Security certifications a strong plus (eg CISSP). Fluent English speaker. Desired technical skills or knowledge areas: Expertise in Azure and AWS networking and security services. Proficiency in network protocols and technologies (e.g., TCP/IP, DNS, VPN, routing). Knowledge of security frameworks and standards (e.g., NIST, CIS). Experience with SIEM, IDS/IPS, and vulnerability management tools. Strong practical experience with Fortinet security solutions (FortiGate, FortiAnalyzer, etc.). Proficiency in using Rapid7 security tools (Insight IDR VM) for vulnerability management and forensic investigation. Experience with tooling used for malware analysis and threat prevention. Experience with ManageEngine suite of products, especially PAM360 and Patch Manager Plus. Scripting and automation knowledge (e.g., Python, PowerShell, Terraform).

Serko is a cutting-edge tech platform in global business travel & expense technology. When you join Serko, you become part of a team of passionate travellers and technologists bringing people together, using the world’s leading business travel marketplace. We are proud to be an equal opportunity employer, we embrace the richness of diversity, showing up authentically to create a positive impact. There's an exciting road ahead of us, where travel needs real, impactful change. With offices in New Zealand, Australia, North America, and China, we are thrilled to be expanding our global footprint, landing our new hub in Bengaluru, India. With rapid a growth plan in place for India, we’re hiring people from different backgrounds, experiences, abilities, and perspectives to help us build a world-class team and product. We're seeking a visionary Head of Engineering to lead our dynamic engineering team and drive technological excellence. Requirements Your leadership will bridge the gap between technical execution and business objectives, ensuring that our engineering efforts align with our company's goals. In this pivotal role, you will be instrumental in scaling high-performing teams, aligning technical execution with business objectives, and fostering a culture of innovation. What you'll do Champion the long-term technical vision for the organization, ensuring it aligns with company strategy while encouraging innovation through emerging technologies. Support and grow engineering leaders by mentoring Senior Engineering Managers and Senior Principal Engineers—empowering them to lead with confidence, make impactful decisions, and drive execution. Facilitate cross-functional collaboration by aligning priorities, navigating complexity, and simplifying technical direction for executive and business stakeholders. Translate strategy into outcomes by defining clear OKRs and KPIs for team performance, delivery reliability, and engineering excellence. Guide architecture for critical systems, finding the right balance between innovation, technical sustainability, and business value. Continuously improve engineering practices across Agile workflows, code reviews, and CI/CD pipelines—enhancing productivity and quality at scale. Steward budgets and resourcing thoughtfully, ensuring teams have what they need to succeed while maintaining responsible investment across people, tools, and initiatives. Nurture a thriving engineering culture —one that supports career growth, celebrates diversity, and promotes inclusive, global collaboration across teams. What you'll bring to the team Technical Leadership: Experience leading engineering teams of various sizes, ideally in high-growth or product-led environments. You’ve delivered complex solutions and supported the development of other leaders. Strategic Execution: A strong ability to align engineering direction with business goals—balancing technical depth with pragmatic decision-making. Collaborative Mindset: You work effectively across functions, building trusted relationships with peers in Product, Design, Operations, and beyond. Operational Rigor: Familiarity with Agile delivery, continuous improvement, and using data to guide and improve engineering processes. Clear Communication: You can translate technical ideas into clear priorities, decisions, and updates for both technical and non-technical audiences. Team Growth & Culture: A commitment to building inclusive, engaged, and high-performing teams. You may have experience designing org structures, defining career paths, or nurturing a strong engineering culture across geographies. Benefits At Serko we aim to create a place where people can come and do their best work. This means you’ll be operating in an environment with great tools and support to enable you to perform at the highest level of your abilities, producing high-quality, and delivering innovative and efficient results. Our people are fully engaged, continuously improving, and encouraged to make an impact. Some of the benefits of working at Serko are: A competitive base pay Medical Benefits Discretionary incentive plan based on individual and company performance Focus on development: Access to a learning & development platform and opportunity for you to own your career pathways Flexible work policy. Apply Hit the ‘apply’ button now, or explore more about what it’s like to work at Serko and all our global opportunities at www.Serko.com .

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of cloud security controls and transitioning to cloud security-managed operations. You will play a crucial role in safeguarding the organization's data and infrastructure. Roles & Responsibilities: Expected to be an SME in Security Architecture Design. Collaborate and manage the team to perform effectively. Responsible for team decisions and ensuring adherence to security best practices. Engage with multiple teams and contribute to key decisions. Expected to provide solutions to problems that apply across multiple teams. Ensure the implementation of robust security controls. Conduct risk assessments and vulnerability testing. Develop and maintain security policies and procedures. Professional & Technical Skills: Must To Have Skills:Proficiency in Security Architecture Design. Strong understanding of cloud security principles and best practices. Experience in designing and implementing security controls for cloud environments. In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST). Hands-on experience with security tools and technologies. Good To Have Skills:Experience with cloud platforms such as AWS or Azure. Additional Information: The candidate should have a minimum of 12 years of experience in Security Architecture Design. This position is based in Mumbai. A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Develop and implement security architecture solutions. Conduct security assessments and provide recommendations. Stay updated on the latest security trends and technologies. Lead security architecture design reviews. Professional & Technical Skills: Must To Have Skills: Proficiency in Security Architecture Design. Strong understanding of cloud security principles. Experience with security tools and technologies. Knowledge of risk management and compliance. Good To Have Skills: Experience with cloud security platforms. Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Architecture Design. This position is based at our Chennai office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Lead security architecture design discussions Develop security architecture solutions Conduct security assessments and audits Professional & Technical Skills: Must To Have Skills: Proficiency in Security Architecture Design Strong understanding of cloud security principles Experience with security tools and technologies Knowledge of security compliance standards Hands-on experience in implementing security controls Additional Information: The candidate should have a minimum of 5 years of experience in Security Architecture Design This position is based at our Noida office A 15 years full time education is required Qualifications 15 years full time education

Responsible for planning and designing new software and web applications. Analyzes, tests and assists with the integration of new applications. Documents all development activity. Assists with training non-technical personnel. Has in-depth experience, knowledge and skills in own discipline. Usually determines own work priorities. Acts as a resource for colleagues with less experience. Core Responsibilities Work with Application owners to collect information and scope out assessments. Perform software security testing and code analysis using static source code analyzers Analyze attack chains and recommend efficient methods for mitigation Help advance the goal of building-in security to all Comcast products Work with platforms that identify indicators of compromise (IOC) and act on the results Employees at all levels are expected to: Familiarity with penetration testing techniques and tools, including identifying attack surfaces of interest, loop-back proxies, fuzzing, disassembling, and reverse-engineering Knowledge of common errors in programming, cryptographic implementations, network/service configurations Understanding of vulnerability scanning, cataloging, and remediation strategies Understanding of embedded software, middleware, and application architectures Able to understand and explain vulnerabilities listed in CVE databases and the OWASP top 10 Passion for cybersecurity, an entrepreneurial spirit, persistence, and resourcefulness A cool and casual work environment with chances to showcase your skills A team-centric culture of collaboration, innovation, and continuous learning Training, support, and mentoring to expand and evolve your expertise Opportunity to impact the security of Comcast products in millions of homes and businesses Disclaimer: This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications. Education Bachelors Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.

locationsIndia, Bangalore time typeFull time posted onPosted 30+ Days Ago time left to applyEnd DateJune 10, 2025 (30+ days left to apply) job requisition idJR0035385 Job Title: Product Manager - Data Platform(Cyber security ) About Trellix: Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: Senior Product Manager II - Data platform About the role Lead the strategy, design, and development of the shared data platform to meet company objectives founded on a thorough understanding of business unit strategies and objectives, the competitive landscape, and current and potential future business challenges. Use a data-focused approach to ensure each initiative on our product roadmap delivers a meaningful impact to our business and users. Voice of Customer Partner with pre and post sales teams as well as Trellix partners to understand the customer pain points and translate that into product strategy and bring clarity to engineering teams for execution of that strategy. Develop deep and trusted relationships with key customers, partners, and other key stakeholders. Drive Results - Attack everything with drive and energy with an eye on both the bottom line and customer success Create a talent plan designed to develop, motivate/coach, and retain top product management talent. Influence others, with strong attention to detail, excellent organization skills, and ability to manage multiple projects and responsibility. About you You bring 7+ years of cybersecurity experience (SIEM, XDR, EDR, NDR, SOC Analyst, Threat Research) and a track record of success at leading technology and product organizations while being both a strategist and executor. A customer-centric software product leader and domain expert with a history of developing a product strategy that aligns with the corporate strategy and delivering results in a fast-paced, dynamic environment. You bring years of product management experience in a product led company, developing, and executing against a product roadmap that delivers revenue growth. You bring experience building and evangelizing products that cater to security operations centers and clearly understands the day-to-day workflows that take place in those organizations such as event ingestion, enrichment, detection, analysis and response. You bring a high level of technical understanding in the areas of virtual infrastructure, container architecture, event processing, normalization and parsing, database architecture, detection engines, event transfer protocols and mechanisms and UX. You have highly effective communication & data presentation skills, enabling you to influence both business and technical teams, from executive leadership to the company. Ability to prioritize & handle multiple requests concurrently and consistently deliver superior results in a timely fashion. Effective change agent, can lead change, think out of the box, & make new ideas happen. Ability to communicate vision and strategy. You are collaborative, diplomatic, and humble. You have no problem rolling up your sleeves to help when needed. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

locationsIndia, Bangalore time typeFull time posted onPosted 30+ Days Ago job requisition idJR0034151 Job Title: Security Researcher - EDR About Trellix: Trellix, the trusted CISO ally, is redefining the future of cybersecurity and soulful work. Our comprehensive, GenAI-powered platform helps organizations confronted by todays most advanced threats gain confidence in the protection and resilience of their operations. Along with an extensive partner ecosystem, we accelerate technology innovation through artificial intelligence, automation, and analytics to empower over 53,000 customers with responsibly architected security solutions. We also recognize the importance of closing the 4-million-person cybersecurity talent gap. We aim to create a home for anyone seeking a meaningful future in cybersecurity and look for candidates across industries to join us in soulful work. More at . Role Overview: We are looking for a skilled EDR Security Researcher. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities by identifying detection coverage gaps and developing signatures to address these gaps effectively. About the role Reverse engineer malware to identify malicious code, obfuscation techniques, and communication protocols. Author detection rules for behavior-based detection engines. Conduct deep research on attacker campaigns and techniques to support detection investments and improve customer experience. Write generic threat detections based on static and dynamic detection engines. Demonstrate a strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework. Conduct proactive and reactive threat hunting and identify detection issues such as misses or misclassifications from a large-scale dataset. Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives). Engage and collaborate with diverse partner teams to drive great customer experiences and ensure holistic protection. Develop alerting, reporting, and automated detection solutions. Build tools and automation to improve productivity. About you 3+ years of experience writing detection using Snort, Yara, Sandbox, or proprietary detection engines. 2+ years of experience performing threat hunting or deep familiarity with incident response procedures, processes, and tools. 2+ years of experience querying and analyzing (for malware/TTPs) large datasets. Experience in programming or scripting languages (e.g., Python, PowerShell). Experience in utilizing various malware analysis tools and frameworks (e.g., IDA Pro). Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS. Excellent verbal and written communication skills in English. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Job Description We are looking to hire a Cyber Security Engineer with strong analytical skills and a comprehensive understanding of cybersecurity principles. The ideal candidate will have hands-on experience in web application and network security, with the ability to identify vulnerabilities, execute penetration tests, and recommend effective mitigations. The role requires an individual who is detail-oriented, able to work under pressure, and capable of delivering results within tight deadlines. Responsibilities: Conduct web application penetration testing using established methodologies (e.g., OWASP). Perform network penetration testing and identify system-level vulnerabilities. Analyse existing security measures and recommend improvements. Document findings, provide detailed risk assessments, and deliver remediation strategies. Advise on and implement security best practices across applications and infrastructure. Collaborate with development and infrastructure teams to ensure secure design and implementation. Stay current with evolving threats, vulnerabilities, and mitigation techniques. If experienced, conduct mobile application penetration testing (preferred, not mandatory). Requirements: A degree in computer science, IT, systems engineering, or related qualification. Core experience and profound knowledge in application and infrastructure security testing. Strong understanding and hands on experience on application and infrastructure vulnerabilities, automated/manual testing, auditing and remediation techniques Strong understanding of OWASP Threats classification Experience with standard security tools such as Metasploit, SQLMap, Nmap, OWASP ZAP, Burp Suite etc. Experience with network/infrastructure vulnerability assessment tools such as Nessus, Qualys etc. Experience with establishing penetration testing procedures and processes. Proficiency in any one of the scripting languages like Python, C++, Java, Ruby, Node, Go, and/or Power Shell Ability to work under pressure in a fast-paced environment. Strong attention to detail with an analytical mind and outstanding problem-solving skills. Great awareness of cybersecurity trends and hacking techniques. Good to have: Understanding of server and client-side application development. Experience with performing code review, wireless and firewall assessments. Experience in evasion techniques to bypass firewalls and intrusion detection systems. Experience with Mobile Application Penetration testing, APIs etc. Knowledge in Application Architecture Review, Threat Modelling concepts Security Certifications: OSCP, OSEE, OSCE etc.

As a R&D engineer in the Common Software Foundation team, you will contribute to delivering secure open-source components across various PaaS environments, including NCS, AWS, Azure, and GCP. In this role, you will enhance security by analyzing and prioritizing vulnerabilities in Rocky and Redhat OS, conducting scans, and implementing appropriate remediation. You will also work on developing and testing Rocky OS, leveraging expertise in microservices, containers, and CI/CD DevOps practices. Your proficiency in secure protocols, encryption methodologies, and vulnerability assessment tools will help strengthen system security. Additionally, you will contribute to SBOM generation, security design, and threat analysis, ensuring compliance with industry standards. You Have: Engineering Graduate or equivalent degree with 3-8 years of experience in Development and Testing, with expertise in Rocky and Redhat OS, and Python programming. Hands-on experience with Microservices, Containers (Docker, Kubernetes, Helm), and CI/CD DevOps practices. Proficient in secure protocols (TLS, SSH), encryption methodologies, and security hardening practices. Skilled in vulnerability scanning, penetration tests, and using tools like Anchore, Tenable, and Nmap. It would be nice if you also had: Knowledgeable in SBOM generation, Design for Security & Privacy, and Threat & Risk analysis. Understanding of Zero Trust architecture, compliance frameworks (NIST, CIS, ISO 27001), and experience with AI-driven security analytics tools. Familiarity with tools like Terraform, Ansible, and cloud-native security practices across AWS, Azure, and GCP. Deploy and manage open-source components across various PaaS environments (NCS, AWS, Azure, GCP) while ensuring compliance with security and performance standards. Analyze, prioritize, and remediate Common Vulnerabilities and Exposures (CVEs) in Rocky and Redhat OS, collaborating with development teams for effective resolution. Conduct security scans (e.g., Burp, Anchore, Malware, Codenomicon), analyze reports, and assess severity based on open-source software usage. Develop and test Rocky OS as per CSF specifications, leveraging expertise in Linux-based OS, Python programming, and automation. Work with microservices, containers (Docker, Kubernetes, Helm), and CI/CD pipelines to enhance software delivery and deployment efficiency. Implement secure communication protocols (TLS, SSH), encryption methodologies, and security hardening practices to safeguard applications. Perform penetration testing, vulnerability assessments using tools like Anchore, Tenable, and Nmap, and contribute to security risk analysis and mitigation strategies. Contribute to Software Bill of Materials (SBOM) generation, threat modeling, and secure design principles to ensure compliance with industry security standards.

Experience of SQL & advance SQL . Develop and implement data governance policies, standards, and procedures to ensure data quality and complianceSecurity Excellent communication and problem-solving skills Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 4-7 yrs of exp, 3 + yrs of relevant experience Experience with data quality tools and data management software Experience in Data Management (Data Quality, Data Governance)Threat Modeling. Experience with data visualization and reporting tools (Tableau Preferred technical and professional experience Excellent communication and problem-solving skills.. Thorough understanding of SQL & advance SQL . Develop and implement data governance policies, standards, and procedures to ensure data quality and compliance

We are seeking a skilled and proactive Cyber Security Engineer to protect our organizations systems, networks, and data from cyber threats. The ideal candidate will be responsible for developing security measures, responding to incidents, and ensuring compliance with industry regulations. You have: Bachelor s degree in cyber security, Computer Science, Information Technology, or related field. 1-2 years of experience with security tools (SIEM, IDS/IPS, EDR, firewalls). Knowledge of network security, encryption, authentication, and cloud security. Understanding of ethical hacking, penetration testing, and forensic analysis. It would be nice if you also had: Experience with cloud security (AWS, Azure, Google Cloud). Knowledge of secure coding practices and DevSecOps. Familiarity with security frameworks and regulatory requirements. Industry certifications preferred (CISSP, CISM, CEH, CompTIA Security etc.). Monitor, detect, and respond to cyber threats, vulnerabilities, and attacks. Implement security measures such as firewalls, encryption, and endpoint protection. Conduct security assessments, penetration testing, and risk analysis. Develop and enforce security policies, procedures, and best practices. Ensure compliance with industry standards (ISO 27001, NIST, GDPR, HIPAA, etc.). Investigate security incidents and provide incident response and forensic analysis. Collaborate with IT and other departments to strengthen cybersecurity posture. Provide cybersecurity awareness training to employees. Stay up to date with the latest security threats, trends, and technologies.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : One Identity Manager Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements. Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: Must To Have Skills: Proficiency in One Identity Manager. Strong understanding of cloud security principles and best practices. Experience with identity and access management solutions. Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Ability to analyze security incidents and develop effective response strategies. Additional Information: The candidate should have minimum 3 years of experience in One Identity Manager. This position is based at our Jaipur office. A 15 years full time education is required. Qualification 15 years full time education