125 Vapt Jobs - Page 5

Synergy IT is seeking an experienced Cybersecurity SOC Analyst to join our dynamic team. The ideal candidate will have a strong background in cybersecurity with a focus on Microsoft Sentinel, Azure Security, and Meraki Network solutions. As a Cybersecurity Analyst, you will play a critical role in safeguarding our organizations IT infrastructure by monitoring, analyzing, and responding to security incidents. Key Responsibilities: Security Monitoring & Incident Response: Utilize Microsoft Sentinel to monitor security events, analyze alerts, and manage incidents. Investigate and respond to security incidents using Azure Security tools and methodologies. Implement and manage security monitoring solutions, including those from Meraki for network security. Threat Intelligence & Analysis: Continuously evaluate and update threat intelligence to identify potential threats and vulnerabilities. Perform in-depth analysis of security events and incidents to determine their nature and impact. Security Management: Develop and implement security policies, procedures, and best practices for Microsoft Sentinel, Azure Security, and Meraki Networks. Ensure compliance with industry regulations and standards. System & Network Security: Configure, manage, and troubleshoot security solutions on Azure and Meraki Network environments. Conduct regular security assessments and vulnerability scans to identify and remediate potential security weaknesses. Collaboration & Reporting: Work closely with IT and cybersecurity teams to enhance overall security posture. Prepare and present detailed incident reports and security analyses to senior management. Continuous Improvement: Stay up-to-date with the latest cybersecurity trends, threats, and technologies. Recommend and implement improvements to security practices and tools. Qualifications: Experience: Proven experience as a Cybersecurity SOC Analyst or similar role with a strong focus on Microsoft Sentinel, Azure Security, and Meraki Network solutions. Demonstrated experience in incident detection, analysis, and response. Skills: Proficient in using Microsoft Sentinel for security information and event management (SIEM). Hands-on experience with Azure Security services and tools. Strong knowledge of Meraki Network solutions and their integration with security practices. Familiarity with other security tools and frameworks is a plus. Certifications: Relevant certifications such as CISSP, CISM, CEH, or Microsoft Certified: Azure Security Engineer Associate are highly desirable. Education: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field. Advanced degree or relevant certifications are a plus.

Hello Talented Techie! We provide support in Project Services and Transformation, Digital Solutions and Delivery Management. We offer joint operations and digitalization services for Global Business Services and work closely alongside the entire Shared Services organization. We make efficient use of the possibilities of new technologies such as Business Process Management (BPM) and Robotics as enablers for efficient and effective implementations. We are looking for Information Security Professional (ISMS/InfoSec) Job Summary: We are seeking a dedicated Information Security Professional to join our team. The ideal candidate will focus on maintaining and managing our ISO27001 certification. This role involves handling the overall Information Security Management System (ISMS), managing internal stakeholders, conducting internal audits, facilitating external audits, and overseeing the information security program management. Key Responsibilities: Maintain and manage the ISO27001 certification and related processes. Oversee the Information Security Management System (ISMS) ensuring compliance with ISO27001 standards. Manage and coordinate internal audits, identifying areas for improvement and implementing necessary changes. Facilitate external audits, acting as the primary point of contact with external auditors. Engage with internal stakeholders to ensure information security policies and practices are effectively communicated and implemented. Develop, implement, and manage information security programs to enhance organizational security posture. Stay updated with the latest developments in information security standards and best practices. Qualifications: Bachelor"™s degree in Information Security, Computer Science, or a related field. 5-7 years of experience in information security with at least 5 years in direct ISMS. Strong knowledge of ISO27001 standards and requirements. Experience in managing and maintaining an Information Security Management System (ISMS). Excellent stakeholder management skills and the ability to communicate effectively with various levels of the organization. Strong organizational and program management skills. Certifications such as ISO27001 Lead Auditor (LA) and Certified Information Systems Auditor (CISA) are preferred. Preferred Certifications: ISO27001 Lead Auditor (LA) Certified Information Systems Auditor (CISA) Skills: Excellent analytical and problem-solving abilities. Strong communication and interpersonal skills. Ability to work independently and as part of a team. High attention to detail and a commitment to maintaining high standards of work. Create a better #TomorrowWithUs! This role, based in Bangalore, is an individual contributor position. You may be required to visit other locations within India and internationally. In return, you'll have the opportunity to work with teams shaping the future. At Siemens, we are a collection of over 312,000 minds building the future, one day at a time, worldwide. We value your unique identity and perspective and are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us. Find out more about Siemens careers atwww.siemens.com/careers

Introduction Siemens Healthineers develops MedTech products that support better patient outcomes with greater efficiencies, giving providers confidence that they need to meet the clinical, operational, and financial challenges of a changing healthcare landscape. With 70,000+ employees Siemens Healthineers is one of the world"™s largest suppliers of technology to the healthcare industry. As a global leader in medical imaging, laboratory diagnostics, and healthcare information technology, we have a keen understanding of the entire patient care continuum"”from prevention and early detection to diagnosis and treatment. Brief Description: An Information Security Management system is maintained to address the complex challenges and threats in the rapidly evolving digital landscape and fulfill the organization"™s purpose and values. As an Information Security Professional, you will play an essential role in implementing and maintaining our Information Security requirements in accordance with ISO27001 and other relevant regulatory standards. You will gain expertise in driving implementation of various Information security topics in a cross-collaborative environment. What are my key Responsibilities? Assist the implementation and continuous improvement of the ISO27001 Information Security Management System (ISMS). Conduct regular risk assessments and internal audits to ensure compliance with ISO27001 standards. Ensure adherence to all relevant regulatory requirements as directed by the Global Cybersecurity Governance Organization and country specific cybersecurity requirements. Assist to Develop and maintain policies, procedures, and process documentation to meet the Information Security requirements. Work closely with various departments to collect and analyze operational security measures and help integrate measures into all aspects of operations without the need for follow-ups or reminders. Assist project teams for information security inquiries and incident response. Monitor and respond to security incidents and breaches, ensuring timely resolution and documentation of incidents. Assist with Planning, coordinating, conducting and preparing detailed audit reports for internal and external audits to assess the effectiveness of the information security program. Follow up on audit recommendations to ensure timely implementation of corrective actions. Maintain a comprehensive audit trail for all information security activities and initiatives. What do I need to qualify for this job? Bachelor"™s degree in engineering, Information Security, Computer Science, or a related field with 4-6 years of working experience. Minimum of 2-3 years of hands-on experience in information security, with a focus on implementing ISO27001. Strong understanding of ISO 27001 requirements, information security principles, risk management, IT infrastructure set up and regulatory requirements. Good understanding of ISO 27701 PIMS standards. Proven ability to work independently and collaboratively with cross-functional teams. Excellent communication, presentation and interpersonal skills. Self-directed with an ability to take ownership and accountability of assigned tasks. Familiarity with Software development best practices for ensuring security. Previous experience with Software quality assurance responsibilities will be preferred. Highly Recommended to have completed Lead Implementor certification in ISO 27001 standard . What else do I need to know? Siemens Healthineers is dedicated to equality and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens Healthineers are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow. We are looking forward to receiving your online application. Please ensure you complete all areas of the application form to the best of your ability as we will use the data to review your suitability for the role.

Role Overview : The Application Security Senior Engineer will play a crucial role in safeguarding our applications and digital assets against security threats. With a primary focus on Vulnerability Assessment and Penetration Testing (VAPT), the role involves identifying, assessing, and mitigating security vulnerabilities across our application portfolio. This position requires a proactive mindset, strong technical skills, and the ability to collaborate effectively with cross-functional teams and support the security projects. Key Responsibilities : 1. Vulnerability Assessment and Penetration Testing (VAPT): - Conduct comprehensive security assessments of applications using industry-standard tools and techniques.- Perform manual testing and automated scans to identify vulnerabilities such as OWASP Top 10, SQL injection, XSS, CSRF, etc.- Analyze and interpret assessment findings, providing clear and actionable recommendations to development teams.- Support the security gating process with timely security assessment and reporting.- Provide guidance and assistance on secure software development life cycle.- Track identified vulnerabilities through to resolution, collaborating closely with development teams to ensure timely mitigation.- Provide detailed vulnerability reports and metrics to stakeholders, including risk assessments and remediation progress. 2. Support for Security Projects: - Actively participate in security projects and initiatives, providing expertise and guidance on application security best practices.- Perform Security Architecture review for existing and new security projects and guide on security best practices.- Collaborate with architects and developers to integrate security into the SDLC (Secure Development Life Cycle) and CI/CD pipelines. 3. Incident Response and Support: - Assist in incident response activities related to application security incidents.- Contribute to root cause analysis and lessons learned sessions to improve incident handling and prevention strategies. 4. Security Awareness and Training: - Develop and deliver training sessions on secure coding practices and application security awareness.- Promote a culture of security within the organization, advocating for continuous improvement and adherence to security policies. Requirements: Bachelors degree in Computer Science/Information Technology, or a related field. Minimum of 5 years of experience in application security, with a focus on VAPT and secure development practices. Proven experience with security assessment tools such as Burp Suite, Qualys, Nessus, etc. Strong understanding of web application architecture, including front-end, back-end, and APIs. Solid knowledge of OWASP guidelines and best practices for secure coding. Certifications such as CISSP, CEH, OSCP, or similar are preferred. Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders. Strong analytical and problem-solving skills, with attention to detail. Why join us? Impactful Work: Play a pivotal role in safeguarding Tanla's assets, data, and reputation in the industry. Tremendous Growth Opportunities: Be part of a rapidly growing company in the telecom and CPaaS space, with opportunities for professional development. Innovative Environment: Work alongside a world-class team in a challenging and fun environment, where innovation is celebrated. Tanla is an equal opportunity employer. We champion diversity and are committed to creating an inclusive environment for all employees. www.tanla.com

Docker, Kubernetes and experience on at least one major Cloud Platform/Experience with scan reports from Qualys, Prisma Cloud or equivalent Knowledge/experience in DevSecOps tools would be good (DAST, SAST, SCA, Secret management tools like Synk or Checkmarx)

Job Description Must Have: Experience in handling Clients and Stakeholder interactions. Well versed with CSV and GxP process and ability to adopt to client Process, systems and documentation needs like Test Protocol, Test Plan, Test Strategy, IQ/OQ/PQ scripts, RTM, Test Summary Report etc., Understanding of various SDLC methodologies(Agile, Waterfall, V) Flexibility to Work as per Customer timings Generate Automation Test Strategy for applications deployed on Cloud. ( Public and Private cloud) Automate scripts using a given Selenium-based framework, Serenity based BDD framework or any open-source tools. Working experience in testing Restful Webservices and APIs using frameworks or tools like POSTMAN, Rest API, etc. Analyze requirements, perform impact analysis, and regression analysis, and communicate with stakeholders on the need for changes in requirements. Perform Risk Analysis of Project & automation deliverables and work towards mitigation plans. Good experience with various testing types like Functional, Regression, UI/ Usability, Integration testing, etc., Hands-on experience using ADO or any test management tools. Good to Have: Experience in Programming or scripting languages (Java/JS etc.,). Experience in designing automation frameworks (POM, Cucumber BDD, etc.,.). Experience working on CAPAS, Incident Management, FMEA Risk Assessment, Functional Risk Assessment etc., Experience with Vulnerability testing (VAPT). Knowledge of Performance testing using Jmeter or any open-source tools. Idea on Generative AI for testing. An idea of estimation techniques for Automation testing efforts (Design and Execution). Experience in testing and test planning of CI/CD-based solutions through tools like Azure DevOps. Role & responsibilities Preferred candidate profile

Position Summary The Head of Application Security (AppSec) & Vulnerability Management will be responsible for conducting security assessments and penetration testing of IT, cloud, and OT infrastructure, performing application security assessments for hosted applications, and providing DevSecOps support for new applications throughout their lifecycle. This role involves identifying potential vulnerabilities, suggesting mitigation strategies, and assisting customers and partners in implementing these strategies. Additionally, the role includes project management, service delivery, quality assurance, customer management, and maintaining relationships with vendors and technology partners. Key General Responsibilities: Lead and drive the AppSec and Vulnerability Management functions, ensuring effective service delivery through project acquisition, execution, and operational support. Demonstrate strong leadership skills by managing departmental and functional teams, including hiring, developing, and growing team competency. Provide expert technical guidance to delivery teams, partners, and customers, ensuring the successful implementation of security solutions. Be results-oriented with the ability to think strategically and align efforts with customer needs, working backward from those needs to achieve goals. Oversee project management, service management, and quality assurance processes to ensure successful delivery and client satisfaction. Exhibit strong communication skills, with a proven ability to work cross-functionally, deliver results, and demonstrate ownership in various projects. Manage all aspects of people development, including hiring, talent development, performance management, succession planning, and team engagement. Possess excellent interpersonal skills, with the ability to influence and engage stakeholders at all levels within the organization and with external customers, partners, and vendors. Support sales strategies to meet revenue targets by providing pre-sales support and delivering appropriate security solutions. Identify and cultivate new opportunities with existing customers, ensuring high levels of customer satisfaction and retention. Key Technical Responsibilities: As a technical leader, drive the future strategy for threat intelligence, security architecture reviews, vulnerability management, security configuration, DevSecOps, and application security. Conduct both manual and automated internal and external vulnerability assessments across IT, cloud, and OT environments. Perform security control and vulnerability assessments specifically within OT environments. Execute Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications. Conduct Vulnerability Assessment and Penetration Testing (VAPT) for web applications, Android applications, and APIs. Perform Gray Box and/or penetration testing on web, API, and mobile devices (Android). Complete project tasks with high quality and within deadlines. Analyze findings, draw comprehensive conclusions, and provide detailed recommendations and mitigation plans. Clearly communicate technical impacts and business risks to non-technical audiences after project completion. Provide expert advice on selecting and implementing appropriate security assessment and testing software and tools. Implement and manage DevSecOps practices using the Software Assurance Maturity Model (SAMM) to evaluate and enhance the security of software development processes. Adhere to security standards and frameworks, implementing best practices and methodologies. Work closely with product development teams to ensure adherence to secure coding practices. Educate customers, technical teams, and application developers about emerging threats, vulnerabilities, and application security, promoting a Security Champion program to raise awareness. Qualifications Education: oBachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. A master's degree or relevant certifications (e.g., CISSP, CEH, OSCP) are preferred. Experience: oOver 10 years of experience in leading and managing threat and vulnerability functions, projects, and customer engagements. o6-8 years of direct, hands-on experience in cybersecurity, including familiarity with security standards and best practices, vulnerability assessments, web application testing, network and mobile application assessments, and penetration testing. o1-2 years of experience in enterprise security management, including security product/solution integration and security operations, with a solid understanding of network and system security concepts, standards, and best practices. oProven track record in building, leading, and managing security teams, with experience in cybersecurity practices, application security (AppSec), threat intelligence, vulnerability management, penetration testing, and infrastructure security assessment. oDemonstrated excellence in project management, service management, and customer relations. oExceptional written, presentation, and verbal communication skills, essential for effective team coordination, partner support, and service discussions. oStrong analytical abilities with a creative approach to solving complex technical problems. oCapable of working effectively with clients, management, staff, vendors, and consultants, and interacting and collaborating with senior management, including IT, Network, Security, and C-level executives. oAbility to remain calm and patient in high-pressure situations within a dynamic environment. Skills and Competencies oStrong background in network and infrastructure vulnerability assessment and penetration testing. oComprehensive understanding of security vulnerabilities, including OWASP Top 10, enterprise security architecture, relevant standards, best practices, and frameworks. oExtensive experience in securing web applications, APIs, Android mobile apps, and cloud environments (AWS/Azure). oProficient in software penetration testing, architectural risk assessment, threat modeling, static code analysis, and secure code review for web applications, APIs, and Android mobile applications. oStrong expertise in assessing web applications for security vulnerabilities using tools such as Burp Suite, OWASP ZAP, or similar. oSkilled in evaluating the security of Android mobile applications, including reverse engineering and code analysis. oIn-depth knowledge of cloud security best practices, with hands-on experience in AWS and Azure cloud platforms, including configuring security controls and monitoring for cloud-based threats. oExpertise in evaluating API security, focusing on authentication, authorization, and data protection. oExperience in web and mobile app security assessment according to OWASP standards. oProficient in analyzing vulnerabilities in various applications using both manual and automated tools. oFamiliarity with security practices in DevOps and CI/CD pipelines. oExperience with Windows and Linux operating systems, with a good understanding of operating system internals and mobile OS (Android), especially in the context of app development. oFamiliarity with common compliance requirements such as GDPR, PCI-DSS, and ISO 27001. oExperience with OWASP Mobile Security Testing Guide and associated checklists. oAbility to configure and utilize automated scanners for tasks such as login sequence, policy customization, and scan throttling, while effectively analyzing and managing false positives. oSkilled in identifying vulnerabilities not detected by automated scanners through manual testing, including authentication, session management, CSRF, and business logic testing. oUnderstanding of application workflows to identify entry points and potential vulnerabilities. oHands-on experience with popular security tools, including NMAP, Nessus, Burp Suite, Netsparker, Metasploit, and OWASP ZAP. oFamiliarity with Agile processes and development tools such as Jira, Confluence, Bitbucket, Git, Maven, and Jenkins. Why Tribastion? Strategic Leadership: Play a pivotal role in shaping Tribastions growth strategy in one of the most competitive markets in the world. Career Advancement: Opportunities for professional growth within a dynamic and rapidly expanding organization. Innovative Environment: Contribute to a company that prioritizes excellence, innovation, and leadership in the cybersecurity industry.

Job Title : Security Engineer - Contractual Role Experience Required : 2-4 years. Job Summary : Seeking for a highly skilled and motivated Web Application Firewall (WAF) and Bot Operations Security Engineer who will play a crucial role in ensuring the security and resilience of our organisations systems, networks, and infrastructure. He will be responsible for deploying, configuring, and managing Web Application Firewalls (WAFs) and bot mitigation solutions to protect our web applications from various cyber threats and malicious activities. This role involves a deep understanding of web application security, bot management, and hands-on experience with WAF technologies and bot mitigation tools. Required Skills: The candidate should have minimum experience of 3 years in Vulnerability management to carry out WAF & BOT solutions. Mandatory : 3+ years of experience in web application security, including hands-on experience with WAF technologies and bot mitigation tools (e.g., Akamai, Cloudflare, Imperva, AWS WAF, Azure Application Gateway, F5 BIG-IP). Strong understanding of web application vulnerabilities, attack vectors, and mitigation techniques. Experience with security monitoring and incident response. Good to have: Proficiency in scripting languages (e.g., Python, Bash) for automation and custom rule creation. Knowledge of web technologies, including HTTP/HTTPS, HTML, JavaScript, and APIs. Familiarity with security frameworks and standards (e.g., OWASP, CIS). Certification: Mandatory : Relevant security certifications such as CISSP, CISM, CEH, or other industry-recognized credentials. Good to have: Certifications such as CREST Practitioner Security Analyst (CPSA), Certified Expert Penetration Tester (CEPT) etc. Qualifications : 1. Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). 2. Strong understanding of networking protocols, operating systems, and security technologies. 3. Excellent analytical and problem-solving skills. 4. Proficient in at least one scripting language. Responsibilities : WAF Management: Deploy, configure, and maintain Web Application Firewalls to protect web applications from threats such as SQL injection, cross-site scripting (XSS), and other OWASP Top 10 vulnerabilities. Develop and implement custom WAF rules and policies to address specific security requirements and threat landscapes. Monitor WAF performance and fine-tune rules to minimize false positives and negatives. Bot Mitigation: Implement and manage bot detection and mitigation solutions (including advanced BOTs) to safeguard against automated attacks and scraping activities. Analyze bot traffic patterns and behaviour to fine-tune detection and mitigation strategies. Stay updated on emerging bot threats and mitigation techniques, and proactively adjust strategies to counteract new attack vectors. Incident Response: Investigate and respond to security incidents, attack scenarios related to web applications and bot activities. Perform root cause analysis for security events and provide recommendations for improvements to prevent recurrence. Must be willing to be available during off-hours and weekends for incident response and attack scenarios as needed. Collaboration and Communication: Work closely with application developers, system administrators, and other stakeholders to address security concerns and ensure secure application deployment. Provide security guidance and best practices to teams across the organization to enhance overall security posture.

We are hiring for Security Engineer- Navi Mumbai Location (Belapur) for one of our project. Interested candidate can share resume to ankita.patari@happiestminds.com Experience: 2 to 5 Years Location: Navi Mumbai Location (Belapur) Office Timings: Monday to Friday (First Saturday and Third Saturday working) Looking for max 15 Days Joiners only Immediate Joiners please mentioned in Subject Line(Immediate Joiner_AppSec) General Shift Exp Range-2 to 4 Years Primary Skills : SAST, Penetration testing , Vulnerability Assessment Responsibility: Static Code analysis, Static/dynamic testing of mobile applications,Vulnerability Assessment,Penetration Testing Thanks And Regards, Ankita P Ghosh ankita.patari@happiestminds.com

locationsGURGAON, INDINDIA VIRTUAL, IND time typeFull time posted onPosted 3 Days Ago time left to applyEnd DateMay 26, 2025 (13 days left to apply) job requisition idR1146864 . Key Responsibilities Security Administration Design, Engineer and manage security solutions. Configure, monitor, and troubleshoot systems to ensure optimal performance and security. Plan and execute upgrades, patches, and other maintenance activities for security tooling. Collaborate with the cybersecurity team to ensure robust security measures and compliance with industry standards. Technical Support and Troubleshooting: Provide advanced technical support for AWS cloud networking issues. Mentor and guide junior engineers and IT support staff. Documentation and Reporting Create and maintain comprehensive documentation of configurations, procedures, and processes. Generate regular reports on system performance, security incidents, and maintenance activities. Qualifications Education : Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field; or equivalent work experience. Experience : At least 3 years of hands-on experience in Cyber Security. Technical Skills: Strong understanding of network protocols and services (TCP/IP, DNS, VPN, etc.).Knowledge of scripting languages (PowerShell, Python) for automation. Key Competencies Problem-Solving Skills: Strong analytical and troubleshooting abilities to diagnose and resolve complex technical issues. Communication Skills: Excellent verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders. Project Management Ability to manage multiple projects and priorities in a fast-paced environment. Offers of employment are conditional upon passage of screening criteria applicable to the job.

locationsGURGAON, INDINDIA VIRTUAL, IND time typeFull time posted onPosted 4 Days Ago time left to applyEnd DateMay 23, 2025 (10 days left to apply) job requisition idR1146865 . Key Responsibilities Security Administration Design, Engineer and manage security solutions. Configure, monitor, and troubleshoot systems to ensure optimal performance and security. Plan and execute upgrades, patches, and other maintenance activities for security tooling. Collaborate with the cybersecurity team to ensure robust security measures and compliance with industry standards. Technical Support and Troubleshooting: Provide advanced technical support for AWS cloud networking issues. Mentor and guide junior engineers and IT support staff. Documentation and Reporting Create and maintain comprehensive documentation of configurations, procedures, and processes. Generate regular reports on system performance, security incidents, and maintenance activities. Qualifications Education : Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field; or equivalent work experience. Experience : At least 3 years of hands-on experience in Cyber Security. Technical Skills: Strong understanding of network protocols and services (TCP/IP, DNS, VPN, etc.).Knowledge of scripting languages (PowerShell, Python) for automation. Key Competencies Problem-Solving Skills: Strong analytical and troubleshooting abilities to diagnose and resolve complex technical issues. Communication Skills: Excellent verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders. Project Management Ability to manage multiple projects and priorities in a fast-paced environment. Offers of employment are conditional upon passage of screening criteria applicable to the job.

Description: Work with multiple medical customers in the areas of - - Threat modelling, security requirements and architecture - Drive security lifecycle for multiple customer projects - Drive pen testing requirements across projects - Take part in customer discussions for new business development activities - Setup security practice for MedTech in India Requirements: - Must have 15+ years of experience in cyber security areas - Must be efficient in medical domain security - Must have experience with medical device security: threat modelling, pen testing, SAST, DAST - Must be hands on with pen testing of medical devices, application and cloud Job Responsibilities: Work with multiple medical customers in the areas of - - Threat modelling, security requirements and architecture - Drive security lifecycle for multiple customer projects - Drive pen testing requirements across projects - Take part in customer discussions for new business development activities - Setup security practice for MedTech in India What We Offer: Exciting Projects: We focus on industries like High-Tech, communication, media, healthcare, retail and telecom. Our customer list is full of fantastic global brands and leaders who love what we build for them. Collaborative Environment: You Can expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment — or even abroad in one of our global centers or client facilities! Work-Life Balance: GlobalLogic prioritizes work-life balance, which is why we offer flexible work schedules, opportunities to work from home, and paid time off and holidays. Professional Development: Our dedicated Learning & Development team regularly organizes Communication skills training(GL Vantage, Toast Master),Stress Management program, professional certifications, and technical and soft skill trainings. Excellent Benefits: We provide our employees with competitive salaries, family medical insurance, Group Term Life Insurance, Group Personal Accident Insurance , NPS(National Pension Scheme ), Periodic health awareness program, extended maternity leave, annual performance bonuses, and referral bonuses. Fun Perks: We want you to love where you work, which is why we host sports events, cultural activities, offer food on subsidies rates, Corporate parties. Our vibrant offices also include dedicated GL Zones, rooftop decks and GL Club where you can drink coffee or tea with your colleagues over a game of table and offer discounts for popular stores and restaurants!

6+ yrs of exp in Cyber Security consulting, with min 3 yrs in leadership role Expertise in cybersecurity frameworks & standards such as NIST, ISO 27001, GDPR, DPDPA, PCI DSS, etc. Exp in GDPR, VAPT, App security. Must have exp in consulting

Responsibilities include, but are not limited to: Monitor and maintain office IT infrastructure health including firewall and servers in On Prem Data Centre / offices Managing Cloud Environment (AWS, Azure) Monitoring the logs from Network devices Responsible for compliance activities related to Regulatory guidelines. Involving in IS Audit with Auditors (Internal audit, Regulator audit, Statutory auditors) Involving in Vulnerability Assessment and Penetration Testing related to Infra / Application Coordinating with CISO office and implementing CERT-in alerts and advisories. SOC coordination for security related alerts and remediation. Email server administration (Microsoft 365 Exchange online, Zimbra) Coordinating with Remote Infrastructure Management System / Managed Service Provider partners. Storage devices management (NAS, FTP, SFTP, etc) Microsoft Internet Information Server (IIS) administration, XAMPP, Apache IT Asset management and Stock maintaining. Oversees the required need of hardware and software license and support agreements. Manages all required documentation, as well as reporting and provides delivery according to standards. Assist in providing resolution management to all users technical issues. Monitor and maintain in Windows server (DNS, DHCP, AD) and client administration AD User Management, Antivirus management, Access control management and Desktop level support management LAN/WAN administration Installation, configuration and administration for windows client operating systems. Ensure backup activity and define backup strategies includes application level and database level Develop innovative network troubleshooting methods that reduce downtime and lower repair costs Responsible for creating and administering disaster plans (DR) that will keep the company functional in the event of a crisis. Ensuring RPO/RTO for On Prem and Cloud Applications Determine the rationale and methods for upgrading company network software programs each time an update is released VMWare administration.

Source code review, VAPT, Mobile app security, API

Karthika Consulting & Solutions Pvt Ltd is looking for Information Technology Professional to join our dynamic team and embark on a rewarding career journey Manage and adapt forecasting tools to effectively monitor inventory, consolidate financial and operational KPI's (SharePoint). Design for new LAN cabling including patch panels, UTP, switches, router. Work on many different customer migrations including IIS, email, DNS, SQL and others programs. Assist in collection, maintenance, and management of employee records, biweekly payroll processing, and benefits submissions. Install and troubleshoot company wireless internet. Migrate Linux DNS servers into Microsoft environment. Possess administrative access to install and troubleshoot software. Utilize Kali Linux to test for vulnerabilities against internal and external infrastructure. Install and configure secured environments, VPN Internet connectivity of virtualize server environment and clients. Implement network services including data backups/restores, security, wireless connectivity, VPN and terminal servers. Maintain ERP system including troubleshooting, relationship management, contract negotiation, and new system proposal and comparison. Develop user/reader-friendly company intranet (SharePoint) to promote better collaboration, and ensure crisp succinct communications across all corporate channels.

To design the security infrastructure / policies for the organization, implement & monitor the same To ensure security compliance with respect to recommendations received from government agencies like CEA, NCIIPC Design, review, implement & monitor IT security related controls as part of Internet Controls, ITGC, IFC, ERM ISMS certification (ISO 27001 ) for IT systems; this will include preparation and periodic review of policies and SOPs, regular trainings and maintaining records in prescribed formats Conducting internal security audit and generating reports by deploying VA tools Periodic security/VAPT audits and implementation of the findings IT security related new initiatives like - Security Operations Centre (SOC), Security Information and Event Management (SIENA), c lou d security, EMM-enterprise mobility management Creating IT Security awareness within the organisation

Role Brief: The ideal candidate will have a strong background in software engineering with a focus on DevOps practices and tools with extensive experience in shell scripting, application deployment, and release management. Primary responsibility is to streamlining our development processes, ensuring smooth deployments, and managing the release lifecycle for our flagship products. Role & Responsibilities: Implement and maintain Deployment pipelines to facilitate seamless code integration and delivery. Ensure consistency across development, testing, and production environments. Set up and manage monitoring tools to ensure system reliability and performance. Analyze logs for troubleshooting and performance tuning. Work closely with development, QA, and operations teams to ensure successful delivery and deployment of applications. Develop, maintain, and optimize shell scripts for automation of tasks and processes. Manage and execute deployment processes for Java-based applications, ensuring high availability and performance. Oversee the end-to-end release process, including planning, scheduling, and coordinating releases across multiple environments. Troubleshooting techniques and fixing the code bugs Identifying and deploying cyber-security measures by continuously performing vulnerability assessment and risk management Incidence management and root cause analysis Role Requirements: 7+ years of experience as a DevOps Engineer or similar software engineering role. Proficient in shell scripting (Bash, etc.) with a strong understanding of automation tools and frameworks. Proven experience in deploying and managing Java-based applications both manually and automatically . Experience in Manual deployment is a must. Solid understanding of release management processes and best practices. Version Control: Proficiency with version control systems (Git, Bitbucket etc.). Must have a strong experience in handling the Nginx Configuration files and handling Nginx as a reverse proxy. Experience in handling SSL Certificates and DNS management. Must have a strong Experience with environment configuration and management. Experience in handling MySQL/MariaDb Queries. Good to have knowledge on handling the YAML Property files. Understanding of Containerisation (Docker) and Orchestration (Kubernetes,EKS) techniques. Strong analytical and troubleshooting skills. Excellent verbal and written communication skills. Key Skilset : Linux, Bash Shell Scripting, Nginx, Java Microservices deployment, RabbitMQ Configuration and Setup, Server setup and configuration, Networking Concepts, AWS Resources like EC2,RDS, SSL Certificate Installation, Tomcat, Manual Deployment, DB Configurations on property files, Software Package Installation and upgradation on servers, OS Patch Activity, VAPT. Notice Period : Available to join in less than 30 days Emails : rohit.g@hotfoot.co.in / Nisha.ap@hotfoot.co.in

Take VAPT and Baseline Sign off for the templates. Create Linux Cluster as per Project requirement. Create ESXi Cluster for building new infrastructure. Required Candidate profile Designation: Linux Engineer L3 Experience: 5+ years Location:Bhandup Take VAPT and Baseline Sign off for the templates. Contact: snehapawar@peshr.com/7021769496

Dear Candidate, We are hiring an Application Security Developer to integrate security into software development. Ideal for developers who understand both coding and security risks. Key Responsibilities: Perform secure code reviews and static analysis Implement security features in web and mobile applications Collaborate with DevOps to automate security in CI/CD Conduct developer training on secure coding Required Skills & Qualifications: Experience with static/dynamic analysis tools (SonarQube, Checkmarx) Knowledge of web security standards (OWASP, CWE) Strong programming skills (Java, Python, JavaScript) Bonus: Familiarity with DevSecOps practices Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

ANZEN Technologies Private Limited stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. 1. Web Application Security Assessment 2. Mobile Application Security Assessment 3. API Security Assessment 4. Network Vulnerability Assessment & Penetration Testing 5. Understanding vulnerabilities in depth, along with mitigating them - Experience: 2-4 years - Relevant certifications are an advantage - Notice Period: 30 days - Job Location: Navi Mumbai - Work Mode: Work from Office We are looking for immediate Joiner Only

Position Details- Position: VAPT Lead Experience: 8-12 years Job Location: Powai, Mumbai - WORK FROM OFFICE Number of Position 1 Description: We are looking for VAPT LEAD who will be responsible for running automated and manual security scans which include but not limited to SAST, DAST, IAST, Mobile, Web, API and ad-hoc pen-testing. The candidate will play a key role of integrating Security element in DevSecOps The role entails taking responsibility of analysing security vulnerabilities and capability to provide mitigation solutions to fix issues, providing guidance to application teams, and coordinating with cross functional teams across the platform. Responsibilities: Hands-on experience creating and implementing DevSecOps pipeline using CICD automation tools like Jenkins, Automated scanning tools, BurpSuite, and open source tools. Implement Application Cyber Security Controls/Policies developed by IT Security Team. Ability to demo security vulnerability to application teams. Drive application security issues to a resolution. Provide a clear guidance to application teams during vulnerability mitigation effort Conduct application security assessment on periodic intervals and for every release Collect and report status on application security assessments including milestones, deliverables, timing, tasks, risk areas, and status to Head of IT Security Categorize and recommend assessment strategies for existing and new application development Coach development and vendor teams on application security Develop user training material on secure coding and conduct training sessions Coordinate and execute IT security projects Integrate the Application and DevOps processes and CI/CD pipelines from early stages of the development lifecycle. Evaluating and on-boarding security tools such as SAST, vulnerability and open source scanning into the Security DevOps life cycle for multiple tech stacks. Contributing features to internally developed Cyber security tools, and integrate those tools into the Security DevOps pipelines. Driving continuous improvement for Security DevOps pipelines and processes, and to the Cyber security tools, services, and processes. Engage in security research in keeping abreast of the latest security issues for Cloud enabled enterprises Research best practices for a variety of technologies and document / advice on solutions for security for multiple teams Develop, improve and monitor system compliance with the IT framework for controls and levels of access Collaborate with internal teams to manage and mitigate security vulnerabilities and risks Collaborate with software engineering and digital team to deliver integrated security solutions, and improve developer security practices Collaborate on Red Team penetration testing of IT systems Essential Qualification: Tenable/Qualys tool experience is mandatory. Experience with Dockers, Kubernetes, Terraform Good to have Appsec, API Testing, Infra Cloud Security testing experience. Must have experience with a modern version control system such as: Git, Github, GitLab. CISSP, OSCP or other security certifications desired. Experience with infrastructure as code and technologies behind it (Terraform preferred) Must have 4+ years of progressive experience in computing and information security. Capable of analysing data from various data sources and generating reports, charts and graphs. • Proven experience with at least one of the following technologies: MySQL, Postgres, FireBase, Google Cloud Storage and willing to learn and fill in any gaps. Working knowledge of agile methodology, techniques, and frameworks, such as Scrum or Kanban Excellent people and project management skills. Strong communication and presentation skills. Strong analytical and problem-solving skills.

As part of its mission to detect and monitor vulnerabilities of all Safran' systems exposed over the Internet, the cybersecurity team of the Digital and Information System Department needs to reinforce its vulnerability assessment team. The objective of the job is to detect vulnerabilities affecting Safran's assets exposed on the internet in order to reduce the attack surface . By using a scalable means of continuously monitoring, you will identify risky elements and define efficient remedial action. Role & responsibilities Cortex Xpanse - Attack Surface Management platform SecurityScorecard - Security Ratings & Cybersecurity Risk platform Assets Discovery: - Use ASM platform to discover and continuously monitor Safran's technical assets exposed on the Internet. - Follow the evolution of these assets over time - Complete inventory of Safran's internet assets ASM management and configuration: - Use functions and features of the ASM to define rules and policies based on Safran' security requirements Vulnerability assessment: - Detect Vulnerabilities and policy violations - Evaluate supplier risk and assess the security of acquired companies. - Identify critical vulnerabilities in assets that cyber attackers could exploit - Investigate and recommend appropriate corrective actions - Detect false positive using tools or manual methods - Directly report to operational team when a vulnerability is detected - Review escalated cases until closure Support through remediation process: - Provide as much as possible operational team in the remediation process and in the recommendation performed. Vulnerability reporting: - Ensure an appropriate reporting - Prepare meetings and draw reports - Monthly meetings with different stakeholders (with operational teams, CISO, cybersecurity team) Interested candidate share their profile on jyoti.mehra@safrangroup.com with CTC & notice period details.

Hi, We are looking to expand our Cyber Security Team. Job Location is Faridabad Role & responsibilities Cyber security and network security testing including operation of test equipment in accordance with Regulatory Standards and requirements. use his/her expertise and experience for testing, planning and report writing. Responsible for contributing to accomplishment of department goals and objectives. Full ownership of timely delivery of project. collaborate with cross-Functional teams. Stay up to date with emerging threats, vulnerabilities, testing tools, guidelines. Recommend best practices. Provide training to other team members as needed. Conduct multiple projects within tight deadlines. Testing report preparation and review. Participate in incident response activities as needed. Preferred candidate profile Graduate in computer Science/Information Technology/ Cyber Security. Must be CEH (EC Council). Highly motivated and certified in Ethical hacking and Network Security/Cyber Security. Expertise in penetration tests, vulnerability assessments and security audits on various computer systems, networks and applications to identify potential security risks and vulnerabilities. Strong knowledge of network protocols, operating systems, and security technologies. Experience with security tools such as Metasploit, Nessus, burp Suite and Wireshark. Also, OWASP top 10. Excellent analytical, problem-solving, and communication skills. Teamwork and management. Willingness to travel if required. Salary and benefits: Salary will be based on competency Other Benefits Medical and Accidental Insurance Transport facility (Nearest Metro station) Food facility 5 days/week Interested candidate please share your updated resume to nikita.singh@nemko.com or apply to this job here on naukri.com

Position : Senior Cyber Security Engineer Location : Madurai Experience : 5+ Years Roles and Responsibilities: 1. Security Infrastructure Design: Develop and design security architectures for complex systems. Implement security solutions that effectively protect information systems and data. 2. Implementation of Security Measures: Deploy security technologies, including Firewalls, intrusion detection/prevention systems, antivirus software, and encryption solutions. Configure and manage security tools to detect and respond to security incidents. 3. Network Security: Implement and manage network security measures to protect against unauthorized access, attacks, and vulnerabilities. 4. Vulnerability Management: Conduct vulnerability assessments and penetration testing to identify and remediate security weaknesses. Develop and implement strategies for addressing vulnerabilities in a timely manner. 5. Identity and Access Management: Design and implement access controls to ensure only authorized users have appropriate access. Manage identity and access management solutions to protect against unauthorized access. 6. Security Policy and Compliance: Develop and enforce security policies, standards, and procedures. Ensure compliance with relevant laws, regulations, and industry standards. 7. Incident Response and Forensics: Participate in incident response activities, including investigation, analysis, and resolution of security incidents. Conduct digital forensics to identify the root cause of security incidents. 8. Security Awareness and Training: Provide security awareness training to employees to promote a security-conscious culture. Advise on best practices for maintaining security in daily operations. 9. Security Research and Evaluation: Stay informed about the latest security trends, threats, and technologies. Evaluate new security solutions and technologies for potential adoption. 10. Collaboration and Communication: Collaborate with other IT teams, departments, and stakeholders to implement security measures. Communicate security risks and recommendations to technical and non-technical audiences. 11. Impact study of various alerts and categorization based on priority. 12. Strong experience in managing Cyber Security within IT Application, Cloud, Network, IT Infrastructure, etc. 13. Having an active role in all aspects of the project - from first meeting with clients and identifying the Security issues to final recommendations and implementation of the Security change. 14. Good experience in troubleshooting and resolving issues related to Firewall, Cybersecurity Attack, Threat Management and etc 15. Good understanding of the current IT Security practices, threat analysis, privacy and risk policies especially covering Data Loss Prevention (DLP) and etc. 16. Consistently develop security procedures and standard operating documents related to IT Security Operations covering configuration, patching, troubleshooting guides etc. 17. Ability to handle high pressure situations with Good Analytical skills, Problem solving and Interpersonal skills. 18. Find cost-effective solutions to cyber security problems Required Skills and Qualifications: 1. More than 5 years of experience in the Cybersecurity of IT field 2. Strong understanding of network and systems security principles. 3. Proficiency in configuring and managing security technologies and tools. 4. Knowledge of encryption protocols, firewall configurations, and intrusion detection/prevention systems. 5. Experience with vulnerability assessment tools and methodologies. 6. Familiarity with security compliance frameworks (e.g., NIST, ISO 27001). 7. Understanding of identity and access management concepts. 8. Incident response and digital forensics skills. 9. Excellent problem-solving and analytical skills. 10. Strong communication and collaboration skills. Certifications: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Shift Timings: 8:30 AM to 5:30 PM / Monday to Friday Please share the CV with: careers@golden-hippo.com Website: www.golden-hippo.com