395 Security Assessment Jobs

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Spring Boot Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Security Architect, you will engage in a dynamic environment where your primary focus will be on reviewing and integrating all application requirements, particularly those related to security. Your typical day will involve collaborating with various teams to ensure that security considerations are embedded in the application architecture, providing insights that influence key decisions, and ensuring that the technical architecture aligns with security best practices. You will play a crucial role in shaping the security posture of applications, ensuring that they meet both functional and security requirements effectively. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and maintain security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Spring Boot.- Good To Have Skills: Experience with application security frameworks and tools.- Strong understanding of secure coding practices and application security principles.- Experience with threat modeling and risk assessment methodologies.- Familiarity with regulatory requirements related to application security. Additional Information:- The candidate should have minimum 7.5 years of experience in Spring Boot.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

About the Role: Grade Level (for internal use): 09 Department overview: The Customer & Growth Office, a new shared capability within Market Intelligence, partners closely with the Sales organization to deliver a differentiated customer experience. This group enables our sales team and businesses by overseeing customer success, sales operations, and implementation of commercial technology. This includes Salesforce, alignment to targets in strategic growth areas, and empowers accelerated growth and delivery by putting the customer at the core of everything we do driving a full customer experience that differentiates us from our competitors. The Proposal & Customer Assessment Team is part of the broader commercial operations. An enabling function to assist with due diligence questionnaires, risk assessments, audits, and other customer inquiries. Our goal is to enable new revenue generation via RFX & deliver superior customer satisfaction by providing high-quality proposals & relevant information during pre/post-sales. We serve a vast array of clients across geographies and are committed to the client-first mindset. The Due Diligence/Audit Specialist will focus on the inquiries received for Market Intelligence. Position Summary Project manager for complex customer audits and due diligence initiated by clients. Coordinate preparation, execution, and delivery of formal responses. Foster positive relationships with customers, maintain open and transparent communication with the customer throughout the process, acknowledge receipt of the due diligence request or audit initiation, and provide regular updates on progress. Develop a deep understanding of product solutions and platforms for effective communication. Maintains awareness of internal controls and audit/Due Diligence trends to ensure the process remains effective. Ensuring that responses are accurate, timely, and comply with company standards. Tracking to completion of action items raised during assessments and audits. Maintain thorough documentation of the entire due diligence or audit response process, including correspondence with the customer, supporting documentation provided, and any actions taken to address issues or concerns. Coordinating with internal stakeholders such as sales, product, legal, and information security to respond to customer requests and create accurate, persuasive, and cogent response documents. Assist with our centralized database processes, policies, and procedures to drive improvement in tools and content. Assist in continually updating due diligence content. Identify opportunities to optimize processes, leveraging automation, technology, and data analytics where possible. Education and experience Overall 3 7 years of relevant experience. Possessing a robust comprehension of Information/Cyber Security, Risk Management, BIA/BCP, Application Security, Network Security, Incident Response, and Cloud Security. Demonstrating a solid foundation in audit and control review, particularly in SOC audit, business processes, and controls. Proficient in addressing Third Party Risk Assessments, Information Security Assessments, and Audits. Exhibiting strong Decision-making and Critical Thinking skills, adept at conducting thorough analysis leading to informed decision-making outcomes. Personal competencies Excellent communication and interpersonal skills, with the ability to engage and influence stakeholders at all levels of the organization. Strong analytical and problem-solving skills, with the ability to assess complex information and develop actionable insights. Self-motivated with an outstanding attention to detail. Capable of managing multiple concurrent projects efficiently. Demonstrates creativity and consistently employs initiative in all tasks and projects. Ability to cultivate strong working relationships with internal colleagues is imperative for the role. About S&P Global Market Intelligence At S&P Global Market Intelligence, a division of S&P Global we understand the importance of accurate, deep and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, andmake decisions with conviction.For more information, visit www.spglobal.com/marketintelligence . Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. Recruitment Fraud Alert If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to reportfraud@spglobal.com. S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, pre-employment training or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here. ----------------------------------------------------------- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----------------------------------------------------------- 20 - Professional (EEO-2 Job Categories-United States of America), SLSGRP202.1 - Middle Professional Tier I (EEO Job Group)

5+ years of hands on experience in Application/Mobile/Infrastructure penetration testing available from Pune/ Hyderabad location. Principal Accountabilities and Responsibilities Perform highly technical/analytical security assessments of custom mobile applications, widely understand infrastructure and networks, web services and APIs. This covers manual penetration testing. Clearly and professionally document root cause and risk analysis of all findings Adhere to the security testing process and raise any gaps or opportunities for improvement with manager. Work closely with the DevOps teams to ensure that the security testing requirements are met. Develop understanding of business functionality and apply testing methodology as appropriate to technologies and risks Demonstrate complex proof-of-concept exploits of vulnerabilities when required. Assist with coordination of security testing projects according to a structured process, including writing test plans, test cases and test reports.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled Firewall Engineer with hands-on experience in managing and optimizing security infrastructure, specifically Check Point and FortiGate firewalls. The ideal candidate will also have a strong understanding of security policy management tools like Skybox and Tufin. You will be responsible for designing, implementing, maintaining, and supporting firewall environments to ensure the integrity and security of enterprise systems and data.Key Responsibilities:- Design, configure, implement, and maintain firewall infrastructure using Check Point and FortiGate platforms.- Manage and optimize firewall rules, NAT policies, VPNs, and threat prevention features.- Use Skybox and Tufin to audit, analyze, and optimize firewall rules and ensure compliance with security policies.- Monitor firewall logs and network activity to identify and respond to security incidents or misconfigurations.- Participate in security assessments, rule base cleanups, and change management processes.- Assist in the development of network security policies and procedures.- Collaborate with security teams, network engineers, and system administrators to implement robust defense-in-depth strategies.- Stay current on evolving cybersecurity threats and recommend improvements to firewall architecture and policies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Good To Have Skills: Experience with cloud security solutions.- Strong understanding of network security protocols and best practices.- Experience in risk assessment and vulnerability management.- Familiarity with compliance frameworks such as ISO 27001 and NIST. Additional Information:- The candidate should have minimum 5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Security Information and Event Management (SIEM) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, monitoring systems for vulnerabilities, and responding to potential threats to ensure the integrity and safety of the organization's information and infrastructure. You will engage in proactive measures to safeguard against cyber threats while continuously improving security protocols and practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance organizational security. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk Security Information and Event Management (SIEM).- Strong understanding of security protocols and best practices.- Experience with incident response and threat analysis.- Familiarity with network security technologies and tools.- Knowledge of compliance standards and regulations related to information security. Additional Information:- The candidate should have minimum 2 years of experience in Splunk Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Data Loss Prevention (DLP) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous monitoring and improvement of security protocols to safeguard sensitive information and maintain compliance with industry standards. Roles & Responsibilities:- Expected to be an SME in DLP and Data masking solution implementation and support.- Collaborate and manage the team to perform.- Demonstrates excellent problem-solving skills and the ability to collaborate effectively with diverse stakeholders- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must Have Skills: Proficiency in Proofpoint and Microsoft Purview Data Loss Prevention (DLP) tools, Varonis Data Discovery and Data masking.- Creation of DLP detection and prevention policies- DLP agents compliance and incident monitoring- DLP agent upgradation- Design and implementation of Data masking solution across enterprise-wide applications- Perform Sensitive Data Discovery and analysis across enterprise data repositories- Create Technical documentation and installation/administration manuals- Strong understanding of risk management and mitigation strategies.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or GDPR, HIPAA, HiTrust- Familiarity with incident response and threat intelligence processes.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 8 years of experience in Data Loss Prevention (DLP) and Data Discovery- Good to have experience in Health care industry - Certifications on Proofpoint, Varonis is preferred.- This position is based in Coimbatore.- Willing to work in US shifts including support in late IST hours. Willing to work in office adhering to current HR policies.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management- Strong understanding of cloud security principles- Experience in designing and implementing security solutions for cloud environments- Knowledge of industry security standards and best practices- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in ForgeRock Access Management- This position is based at our Hyderabad office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Data Loss Prevention (DLP) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that all systems are fortified against potential cyber threats. You will also engage in continuous monitoring and improvement of security protocols to safeguard sensitive information and maintain compliance with industry standards. Roles & Responsibilities:- Expected to be an SME in DLP and Data masking solution implementation and support.- Collaborate and manage the team to perform.- Demonstrates excellent problem-solving skills and the ability to collaborate effectively with diverse stakeholders- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must Have Skills: Proficiency in Proofpoint and Microsoft Purview Data Loss Prevention (DLP) tools, Varonis Data Discovery and Data masking.- Creation of DLP detection and prevention policies- DLP agents compliance and incident monitoring- DLP agent upgradation- Design and implementation of Data masking solution across enterprise-wide applications- Perform Sensitive Data Discovery and analysis across enterprise data repositories- Create Technical documentation and installation/administration manuals- Strong understanding of risk management and mitigation strategies.- Experience with security frameworks and compliance standards such as ISO 27001, NIST, or GDPR, HIPAA, HiTrust- Familiarity with incident response and threat intelligence processes.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 8 years of experience in Data Loss Prevention (DLP) and Data Discovery- Good to have experience in Health care industry - Certifications on Proofpoint, Varonis is preferred.- This position is based in Coimbatore.- Willing to work in US shifts including support in late IST hours. Willing to work in office adhering to current HR policies.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Node.js Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Implement security measures to protect systems and data- Conduct security assessments and audits- Develop security policies and procedures Professional & Technical Skills: - Must To Have Skills: Proficiency in Node.js- Strong understanding of cybersecurity principles- Experience with security tools and technologies- Knowledge of network security protocols- Familiarity with cloud security best practices Additional Information:- The candidate should have a minimum of 5 years of experience in Node.js- This position is based at our Bengaluru office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to assess security risks, implementing security measures, and ensuring compliance with industry standards. You will engage in proactive security assessments and work on developing strategies to mitigate potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities.- Develop and implement security policies and procedures to enhance overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and application security principles.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security tools and technologies for vulnerability scanning and remediation.- Knowledge of compliance frameworks and regulations related to information security. Additional Information:- The candidate should have minimum 5 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Email Security Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a detail-oriented and proactive Application Security Analyst to join our security team. The ideal candidate will have hands-on experience with Black Duck software composition analysis and a strong background in conducting thorough source code reviews to identify and mitigate security vulnerabilities. This role involves collaborating closely with development teams to ensure secure coding practices and maintaining the security posture of applications throughout the SDLC.Key Responsibilities:- Perform security assessments and vulnerability analysis of applications using Black Duck to identify open-source component risks and compliance issues.- Conduct in-depth source code reviews to detect security flaws, including injection attacks, authentication weaknesses, insecure data handling, and other common vulnerabilities.- Collaborate with developers, DevOps, and QA teams to remediate identified security vulnerabilities and integrate security controls into development processes.- Develop and enforce security policies and best practices for secure coding and application security.- Support threat modeling, risk assessments, and security testing activities throughout the software development lifecycle (SDLC).- Stay updated with the latest application security trends, vulnerabilities, tools, and mitigation techniques.- Provide security training and awareness sessions for development teams.- Create clear and concise documentation on findings, recommendations, and remediation strategies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Email Security.- Strong understanding of cloud security principles and practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Knowledge of risk assessment methodologies and security compliance requirements.- Familiarity with incident response and threat management processes. Additional Information:- The candidate should have minimum 2 years of experience in Email Security.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Identity and Access Management (IAM) Operations, Microsoft Azure Active Directory Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and maintain comprehensive documentation of security policies and procedures.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements. Professional & Technical Skills: -Azure Role/PIM assignment, SPN Credential Renewal, Confluence Documentation, Clean up of Azure AZ Admin group, GCP onboarding of the logs, OCI Access with Britive.-Bulk User Creation and Role assignment GCP, Custom role creation, Conduct regular security audits of Azure roles. Third party users and non-human identities management, Role management,-Minor Code Enhancements, Automated log monitoring and Alert-Azure Guest User Enhancement, Power Shell Scripts Enhancements,-Automation for Cloud Identity and access governance for Gaps cloud systems,-Third party users and non-human identities management, Role management. Additional Information:- The candidate should have minimum 5 years of experience in Identity and Access Management (IAM) Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Firewalls Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled Firewall Engineer with hands-on experience in managing and optimizing security infrastructure, specifically Check Point and FortiGate firewalls. The ideal candidate will also have a strong understanding of security policy management tools like Skybox and Tufin. You will be responsible for designing, implementing, maintaining, and supporting firewall environments to ensure the integrity and security of enterprise systems and data. Roles & Responsibilities:-Design, configure, implement, and maintain firewall infrastructure using Check Point and FortiGate platforms.-Manage and optimize firewall rules, NAT policies, VPNs, and threat prevention features.-Use Skybox and Tufin to audit, analyze, and optimize firewall rules and ensure compliance with security policies.-Monitor firewall logs and network activity to identify and respond to security incidents or misconfigurations.-Participate in security assessments, rule base cleanups, and change management processes.-Assist in the development of network security policies and procedures.-Collaborate with security teams, network engineers, and system administrators to implement robust defense-in-depth strategies.-Stay current on evolving cybersecurity threats and recommend improvements to firewall architecture and policies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls.- Strong understanding of cloud security principles and best practices.- Experience with network security protocols and technologies.- Ability to design and implement security policies and procedures.- Familiarity with compliance frameworks and regulatory requirements. Additional Information:- The candidate should have minimum 5 years of experience in Palo Alto Networks Firewalls.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. You will be responsible for overseeing the security aspects of cloud infrastructure. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Develop and implement security strategies for cloud environments.- Conduct security assessments and audits to identify vulnerabilities.- Stay updated on the latest security trends and technologies.- Lead security incident response and resolution efforts. Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security controls for cloud environments.- Knowledge of security compliance standards and regulations.- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with Identity and Access Management solutions. Additional Information:- The candidate should have a minimum of 7.5 years of experience in ForgeRock Access Management.- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education

Secondary skill Experience with security tools and technologies (e.g., SIEM, IDS/IPS, firewalls). Familiarity with DevSecOps practices. Missions We are seeking a skilled Cloud Security Analyst to join our team. The ideal candidate will have extensive experience in cloud security, particularly with Azure, AWS, and Microsoft 365 (M365). This role involves ensuring the security of our cloud infrastructure, identifying and mitigating risks, and implementing best practices to protect our data and systems Design, implement, and manage security measures for cloud environments (Azure, AWS, M365). Monitor cloud infrastructure for security breaches and respond to incidents. Conduct regular security assessments and audits. Develop and enforce security policies and procedures. Collaborate with IT and development teams to ensure secure deployment of applications. Stay updated with the latest security trends and threats. Responsible to managed cloud operational security Review users request on Azure and provide approval or implement required configuration (ex admin consent (permissions to internal or external applications to access Cloud Tenant with the user account)) Azure access reviews configuration and follow-up (report on non-completed reviews, send reminder to reviewers and reschedule access reviews) Monitor and provide report on Conditional access group exception groups Monitor and report on security alerts (Defender for Cloud) not managed by SG SOC. Provide training and guidance to staff on cloud security best practices. Profile Strong organizational, analytical and reporting as well as determination skills Previous experience of network security components administration Experience with security tools and technologies (e.g., SIEM, IDS/IPS, firewalls). Familiarity with DevSecOps practice

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow- Strong understanding of cloud security principles- Experience in implementing security controls in cloud environments- Knowledge of identity and access management solutions- Hands-on experience with security architecture design- Familiarity with security compliance frameworks Additional Information:- The candidate should have a minimum of 7.5 years of experience in SailPoint IdentityNow- This position is based at our Hyderabad office- A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Splunk Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Implement security measures to protect systems and data.- Conduct security assessments and audits.- Develop security policies and procedures.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Splunk.- Strong understanding of network security principles.- Experience with security tools such as SIEM, IDS/IPS.- Knowledge of incident response and vulnerability management.- Good To Have Skills: Experience with cloud security solutions. Additional Information:- The candidate should have a minimum of 5 years of experience in Splunk.- This position is based at our Bengaluru office.- A 15 years full-time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the security architecture, ensuring that it meets the business requirements and performance goals. Must have skills : Application Security Architecture and Design Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the security architecture, ensuring that it meets the business requirements and performance goals. You will play a crucial role in safeguarding the organization's digital assets and ensuring data protection. Roles & Responsibilities:- Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Lead security architecture design and implementation.- Conduct security assessments and audits.- Develop security policies and procedures.- Stay updated on the latest security trends and technologies. Professional & Technical Skills: - Must To Have Skills: Proficiency in Application Security Architecture and Design.- Strong understanding of cybersecurity principles.- Experience in threat modeling and risk assessment.- Knowledge of security frameworks such as ISO 27001 and NIST.- Hands-on experience with security tools and technologies. Additional Information:- The candidate should have a minimum of 5 years of experience in Application Security Architecture and Design.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Were looking for a hands-on architect to design, deploy, and manage Kubernetes clusters, ensuring high availability and performance. Youll lead the full lifecycle management of databasesautomating installs, upgrades, backups, and decommissionswhile actively contributing to open-source communities. This role involves driving security excellence by analyzing and remediating vulnerabilities (CVEs), conducting in-depth assessments using tools like Burp Suite and Anchore, and ensuring compliance with industry standards. Youll optimize workloads for resilience, troubleshoot complex issues across OS, containers, and databases, and deliver production-ready solutions. Strong debugging, observability, and collaboration skills are essential. You have: Bachelor's or Master's Engineering degree or equivalent with Over 12 years of experience in databases and Kubernetes with deep expertise in architecture, automation, and secure deployments; expert in MariaDB, Cassandra, and Redis, including tuning and troubleshooting in production. Strong programming skills in Python for automation and tooling, with hands-on experience in containerized environments using Docker, Kubernetes, Helm charts, and custom Operators. Proven track record in Microservices architecture, container orchestration, virtualization, and DevOps practices, including CI/CD pipeline development and deployment automation. Advanced knowledge of security protocols (TLS, SSH), encryption standards, and secure design principles, with experience in threat modeling, system hardening, and security-by-design methodologies. Skilled in security assessments and tooling, including vulnerability scanning, penetration testing, and robustness/DoS analysis using tools such as Anchore, Tenable, Netsparker, Codenomicon, and Nmap; familiarity with SBOM generation and integration in CI/CD workflows. It would be nice if you also had: Working knowledge of Infrastructure as Code tools like Terraform or Pulumi, along with GitOps workflows Familiarity with Prometheus, Grafana, ELK/EFK stacks, or OpenTelemetry for end-to-end observability, especially for performance tuning and incident response in distributed systems Design, deploy, and manage scalable, highly available MariaDB, Cassandra, and Redis databases within Kubernetes clusters, while continuously optimizing performance and reliability. Automate end-to-end lifecycle management workflowsincluding install, upgrade, backup, recovery, and decommissionwhile contributing technical improvements to open-source communities. Lead the response to security vulnerabilities across database stacks, collaborating with security and engineering teams to analyze, prioritize, and remediate CVEs. Conduct in-depth security assessments using tools like Burp Suite, Anchore, and Codenomicon, and map findings to risk levels to ensure compliance with security standards. Collaborate with cross-functional teams and customers to deliver secure, production-ready database solutions, troubleshoot complex issues across the stack, and stay current with trends in Kubernetes, OSS, and cloud security.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: ForgeRock Identity Manager. Experience3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Microsoft Threat Protection. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: PingFederate. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Checkpoint Firewalls and VPN. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Experience in wide range of DLP services - MIP/AIP, DAR, Policy . DLP policy - design, development, maintenance and fine tuning. Good stakeholder engagement experience - involvement in multiple projects. Good understanding of data controls and risk assessment. Experience in implementation of case management tool for DLP tickets. DLP tool - McAfee, Symantec.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: OT/IOT Security Operations Centre (SOC). Experience1-3 Years.