908 Vulnerability Assessment Jobs

Job Title- Information Security Analyst, Associate Location- Pune, India Role Description Information Security Production Services (IS PS) supports all divisions with information security relevant areas, like Application user recertification and other identity & access management areas. IS PS is seeking an Information Security Analyst for Application Onboarding. Your key responsibilities Understand and analyze business setting front to back from an information security perspective, interact closely with the business (e.g. Divisional CISO, Divisional ISO, project managers, business managers, COO representatives) on new projects and advise the business on information security relevant aspects End to end understanding and hands on experience of End user recertification process and Request & Approval process. Onboarding new applications to the banks central Recertification, Request & Approval platform and Segregation of Duties control. Coordinating the banks onboarding process by interacting with stakeholders involved such as the business, Identity and Access Management team and IT. Liaise with subject matter experts (e.g. in IT, Legal, Group Data Protection, Compliance etc.) Present end results and options to the business and discuss steps for resolution, develop an area of expertise and knowledge in an information security topic. As on-boarding Information Security Analyst you will be responsible to perform on-boarding assessments if an IT asset is applicable for end user application access for request & approval, Recertification, segregation of Duties control and perform business requirement gathering. Responsible to onboard application for access from request & approval based on gathered business requirements on to be on-boarded role/entitlement of access provision and hand over to technical team for form configuration, SIT, Release Management and Deployment. Organize training session for applications where user provision will be handed over to CSO central ID Admin team Support UAT testing as part of affected stakeholder group for Recertification, Request & approval and SoD. Efficiently engage, manage and influence the main stakeholders, along within application on-boarding process including Information Security Officer, IT Application Owner, Engineering and Operations teams Provide process improvement inputs to various stakeholders involved Proactively seek ways to improve upon existing practices and processes. Display insight and ability in identifying issues and develop successful solutions Report and escalate potential risks to the management to help avoid / minimize the impact Work with multiple, distributed teams (across different locations) Support develops key operational procedures where necessary and ensure adherence to all such defined policies Comfortable with associated disciplines of Security Policy and Governance in banking domain Your skills and experience Should have 8+ years of total work experience or at least 6+ years of relevant experience in similar role. Background in information security, Identity and Access management or similar. Background in the business or having worked with a business unit of advantage Ability to manage multi-tasks assignments and efficiently prioritize workload with limited supervision and resilient under pressure. Ability to build a network in the business and among business managers, project managers and subject matter experts Strong communication skills both verbal (incl. presentation skills) or written and ability to deal with people at all levels in a global matrix organization Flexible, pro-active and innovative

Job Title: ISMS (Information Security Management System) Location: Airoli, Navi Mumbai Key Responsibilities: ISMS Implementation & Management: Develop, implement, and maintain the ISMS framework, including policies, procedures, and guidelines based on ISO 27001 and other relevant standards. Conduct regular risk assessments to identify vulnerabilities and recommend appropriate controls to mitigate information security risks. Coordinate with other departments to ensure adherence to ISMS protocols and align information security with business goals. Compliance & Audits: Ensure the organization complies with regulatory requirements related to information security, privacy, and data protection. Lead internal and external audits to assess the effectiveness of the ISMS, manage audit processes, and work towards continuous improvement. Documentation & Reporting: Maintain comprehensive documentation for all ISMS processes, policies, controls, and audit activities. Prepare reports for senior management, detailing the effectiveness of the ISMS and recommending improvements. Continuous Improvement: Monitor industry best practices and emerging security trends to enhance the organizations security posture. Recommend improvements to the ISMS based on audit findings, risk assessments, and new business requirements. Desired Traits: Proactive and self-driven. Ability to work independently as well as part of a team. Strong collaboration and interpersonal skills to engage with stakeholders at all levels.

Job Description : Airtel Business is looking for IT Security Analyst / L2 operation support for Security Services center Location : Noida Job Summary: This is an opportunity for a highly motivated individual to join a high energy team of security administrators responsible for managing global security infrastructure. This position is to be part of a global team, reporting to the Sr. Security Delivery Manager in Gurgaon. Responsibilities: As a member of the Security Operations Team Should have experience in Vulnerability Assessment and Penetration testing across Infra and Applications Hand-on experience with VA/ PT tools. Perform asset and network discovery activities; infrastructure vulnerability testing, helping to ensure full coverage of the Epsilon environment Prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets Vulnerability Analysis Creation. Produce vulnerability reports providing a highly timely; accurate; and actionable assessment of new vulnerabilities as they are discovered. Recommend security patches and any other measures; produce operations reports Support vulnerability scanning activities, interprets the results, and validates potential exposures; Collate security incident and event data to produce monthly exception and management reports Keep the Vulnerability Management Program in compliance with security policy and with published SLAs Leverage CMDB inventory and patch management systems to provide reporting and governance for vulnerability impact and remediation progress Monitor security vulnerability information from vendors, and third parties Assist in maintaining technical support documentation. Collaborate with Information Technology and Business Departments to implement or coordinate remediation required by audits, and document exceptions as necessary Skills/ Experience expected Ability to demonstrate knowledge with prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets Experience in deploying, operating, and maintaining vulnerability scanning infrastructure and services Strong knowledge industry standards regarding vulnerability management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP) Perform initial analysis, identification, remediation, and documentation of network intrusions and computer system compromises Technical Skills: 3 to 5 years of experience Security Operations experience Ability to read, write and modify scripts for automation of vulnerability management tasks using Python, PowerShell, Ruby on Rails, and/ or Bash Good knowledge of packet filtering, stateful packet inspection and the differences between them Good knowledge of fundamental networking/distributed computing environment concepts; routing, switching, VLANs, VPNS, NIS, NFS. Intermediate to advanced understanding of packet capture and analysis using snoop, tcpdump and Ethereal or similar tools. Experience with host security (e.g., passwords, uids/gids, SIDs, file permissions, ACLs, filesystem integrity, use of security packages, IPTables). Familiarity with incident response techniques, intrusion prevention systems, information security methodologies, authentication protocols and different IT Security threat mechanisms. Knowledge of IT Security Standards (ISMS / ISO 27001, PCI-DSS etc.)

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with cross-functional teams to ensure security measures are integrated into the development process, conducting assessments to identify vulnerabilities, and providing recommendations for improvements. You will also engage in discussions to enhance security protocols and contribute to the overall security strategy of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Collaborate with development teams to integrate security best practices into the software development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and principles.- Experience with security testing tools and methodologies.- Familiarity with threat modeling and risk assessment techniques.- Knowledge of compliance standards and regulations related to application security. Additional Information:- The candidate should have minimum 2 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Spring Boot Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Security Architect, you will engage in a dynamic environment where your primary focus will be on reviewing and integrating all application requirements, particularly those related to security. Your typical day will involve collaborating with various teams to ensure that security considerations are embedded in the application architecture, providing insights that influence key decisions, and ensuring that the technical architecture aligns with security best practices. You will play a crucial role in shaping the security posture of applications, ensuring that they meet both functional and security requirements effectively. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and maintain security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Spring Boot.- Good To Have Skills: Experience with application security frameworks and tools.- Strong understanding of secure coding practices and application security principles.- Experience with threat modeling and risk assessment methodologies.- Familiarity with regulatory requirements related to application security. Additional Information:- The candidate should have minimum 7.5 years of experience in Spring Boot.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Security Architect Project Role Description : Review and integrate all application requirements, involving security requirements. Review and integrate the application security technical architecture requirements. Provide input into final decisions regarding application security. Must have skills : Solution Architecture Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Security Architect, you will engage in a dynamic environment where you will review and integrate all application requirements, focusing on security aspects. Your typical day will involve collaborating with various teams to ensure that security requirements are seamlessly integrated into the application architecture, providing critical input into final decisions regarding application security, and ensuring that the technical architecture aligns with security protocols and standards. You will play a vital role in safeguarding applications by ensuring that security is a fundamental component of the development process. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on application security best practices.- Conduct regular assessments of application security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Solution Architecture.- Strong understanding of application security frameworks and methodologies.- Experience with threat modeling and risk assessment techniques.- Familiarity with secure coding practices and application security testing tools.- Ability to communicate complex security concepts to non-technical stakeholders. Additional Information:- The candidate should have minimum 7.5 years of experience in Solution Architecture.- This position is based in Pune.- A 15 years full time education is required. Qualification 15 years full time education

:Bachelor's degree and a minimum of 2 years of professional experience in an IT-related field (Information Security, Network Security, IT Infrastructure).Experience on Network Security, Firewall Security, and Web Security (including web application firewalls and proxies)Directory services (Microsoft Active Directory), SCCM, Vulnerability Assessment (infrastructure, server, workstation, and *application).Experience on SIEM, PIM, Content Filtering, and Cisco Firewalls.CompTIA Security+ certification, CEH, CHFI, or equivalent, preferred.Experience on Change Management Review and Security Audits/Reviews.Experience on Linux and hacking tools (Kali Linux, Backtrack.Excellent interpersonal and communication skills, Self-driven, quick learner with attention to details and quality.Knowledge of ISO 27001, HIPAA, SOX will be an advantage.Good knowledge of security programs, process, and metric.Good knowledge of IT Security Infrastructure and related applications and toolsets. Examples include firewalls & Network. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visitr1rcm.com Visit us on Facebook Location - Chennai,Noida,Hyderabad,Gurugram

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. Were looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like youThen it seems like youd make a great addition to our vibrant team. Siemens founded the new business unit Siemens Advanta (formerly known as Siemens IoT Services) on April 1, 2019 with its headquarter in Munich, Germany. It has been crafted to unlock the digital future of its clients by offering end-to-end support on their outstanding digitalization journey. Siemens Advanta is a strategic advisor and a trusted implementation partner in digital transformation and industrial IoT with a global network of more than 8000 employees in 10 countries and 21 offices. Highly skilled and experienced specialists offer services which range from consulting to craft & prototyping to solution & implementation and operation- everything out of one hand. We are looking for a Product & Solution Security Professional Youll make a difference by Mandatory Skills - Needs to be specialized in at least one/two of different areasSecure Architecture & Design, Threat & Risk Analysis, Secure Project Integration. Network security- firewall & network IDS, IPS PSSE will be primarily involved in the secure architecture and design, defines secure design principles, supports selection of secure suppliers and technologies and the development of secure configuration standards and security topics such as IDS, security patch management or Anti-Virus systems must be considered. Also, as part of project integration- defines, supervises, and tests the components/ subsystems with regards to system security, defines and establishes zones and conduits taking physical security concerns into account and prepares and performs security handover of complex systems to customers. Supports and consults the project leaders in implementing the required product & solution security. Supports project teams in conducting the corresponding security activities during the project execution process and / or services. Can support multiple projects and should occupy the function for the main part of is defined working time. Reports to the Project / Functional Lead and the Product & Solution Security Officer. Specification and maintenance of secure coding, secure design guidelines, configuration, and hardening guidelines Synchronize adequately with Information Security organization to ensure architecture and design, and integration IT-infrastructure is sufficiently secure. Specification and maintenance of security requirements for the project. Support for meeting international and regional security standards and regulations (like IEC62443, ISO27000, CENELEC, NIST, SANS) in the project. Planning and performing threat and risk analysis and definition of countermeasures in line with risk acceptance criteria of organization. Evaluation of third-party components regarding product & solution security. Clearance of implementation and documentation of security critical components (e.g., cryptographic functions, hidden function, firewall settings) Verification of implementation regarding security requirements (e.g., as part of system test, factory, or site acceptance test). This includes recommendation and creation of security testing tools. Validation (e.g., friendly hacking, penetration testing) to ensure that implementation fulfills security expectations. Involvement in the analysis and handling of security vulnerabilities & incidents. Sound understanding of Product and solution security topic. Hands on experience of Threat and Risk Analysis (TRA) Supporting the systems engineering for security issues. Monitoring and evaluation of vulnerabilities and security incidents Assessment of security-related requirements Proficient in MS Word, Excel (Writing Macros) and PowerPoint Management and Reporting Exhibiting excellent communication and analytical skills Desired Skills: 9+ years of experience is required. Great Communication skills. Analytical and problem-solving skills Join us and be yourself! Make your mark in our exciting world at Siemens. This role is based in Pune and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. Find out more about Siemens careers at & more about mobility at https://new.siemens.com/global/en/products/mobility.html

Looking for challenging roleIf you really want to make a difference - make it with us Can we energize society and fight climate change at the same time At Siemens Energy, we can. Our technology is key, but our people make the difference. Brilliant minds innovate. They connect, create, and keep us on track towards changing the worlds energy systems. Their spirit fuels our mission. TitleAgentic AI and Domain-Specific LLM Developer We are seeking talented and passionate developers with experience in developing customized solutions based on the NVIDIA Morpheus Cyber AI framework to join our team. In this role, you will be instrumental in the development of a state-of-the-art Grid Cybersecurity software platform designed to safeguard electric sector critical infrastructure from emerging cyber threats. Your new role- challenging and future- oriented Design, develop, and implement cybersecurity solutions using NVIDIA Morpheus Cyber AI framework, NVIDIA AgentIQ toolkit, NVIDIA Blue Field, Domain-Specific LLM, Open API, and OpenUSD. Collaborate with cross-functional teams to integrate AI-driven security features into the Grid Cybersecurity platform. Analyze and process large datasets to identify and mitigate potential published and zero-day OT/ICS vulnerabilities. Develop and maintain robust, scalable, and secure software CI/CD processes and have experience with DevSecOps software composition analysis tools. Troubleshoot, debug, and optimize existing software for improved performance and security. Stay up to date with the latest advancements in AI and cybersecurity to ensure our platform remains at the forefront of innovation. We dont need superheroes, just super minds Bachelor masters degree in Artificial Intelligence, OT/ICS Cybersecurity, Computer Science, Embedded Device Engineering, or a related field. Proven experience with NVIDIA Morpheus Cyber AI framework and comparable AI frameworks. Experience with operational technology (OT)/industrial control systems (ICS) critical infrastructure cybersecurity technologies. Strong programming skills in Python. Additional languages such as C++ or Java is a plus. Commercial product experience with AI, machine learning, and customizing common AI frameworks for specific use cases. Strong experience with DevOps, DevSecOps, AIOps/AI Governance, and MLOps. Stay up to date on new developments in AI for Cybersecurity. Experience presenting at technical conferences is a plus. Experience with AI trust documentation projects. Ability to work collaboratively in a fast-paced, dynamic environment. Excellent innovation, problem-solving, and communication skills. Familiarity with project management systems, including Jira or Trello. Familiarity with Software Bill of Materials (SBOM) for vulnerability management. Experience with grid computing and large-scale distributed data processing. Knowledge of private cloud platforms such as AWS, Azure, or Google Cloud. Understanding of networking protocols and security measures. Experience with digital twins for cybersecurity.

Looking for challenging roleIf you really want to make a difference - make it with us Can we energize society and fight climate change at the same time At Siemens Energy, we can. Our technology is key, but our people make the difference. Brilliant minds innovate. They connect, create, and keep us on track towards changing the worlds energy systems. Their spirit fuels our mission. Your new role- challenging and future- oriented Security Implementation and Management Implementing and maintaining security controls, including firewalls, intrusion detection systems, and data encryption. Hands On Experience in Fortigate & Checkpoint Firewalls. Expert knowledge of FW clustering, HA, Traffic Filtering, Defining Network & Security policies, Network Segmentations (VLAN), IDS/IPS, NGFW Concepts. Log Management & Forwarding over Syslog. Vulnerability Assessment and Mitigation Identifying and addressing potential vulnerabilities in systems and networks. Practical knowledge of VAPT tools like NESSUS Professional. Incident Response Investigating and responding to security incidents, including breaches and attacks. Risk Management Assessing and mitigating cybersecurity risks to the organization. Security Awareness and Training Providing training and education to project customer on cybersecurity best practices. Disaster Recovery and Business Continuity -Contributing to the development and maintenance of disaster recovery and business continuity plans. Communication Focused Reporting and CommunicationPreparing reports and communicating security status to management and other stakeholders. Vendor ManagementManaging relationships with IT service providers and vendors to ensure security standards are met. Collaboration and LiaisonCollaborating with other departments and teams to ensure security policies are followed. Technical Support and AdviceProviding technical support and advice on security-related issues. Documentation Documenting security processes, policies, and procedures. Other Important Responsibilities Staying Up to DateKeeping abreast of the latest cybersecurity trends, threats, and technologies. Problem SolvingIdentifying and resolving security-related issues and problems. Compliance Ensuring the organization complies with relevant cybersecurity regulations and standards. Weve got quite a lot to offer. How about you This role is based at Site (Gurgaon). Youll also get to visit other locations in India and beyond, so youll need to go where this journey takes you. In return, youll get the chance to work with teams impacting entire cities, countries- and the shape of things to come. Were Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow.

Position Summary: We are seeking a skilled IT Technician to join our Cyber Security team in India. The successful candidate will be responsible for design and test new Cyber Security portfolio elements, ensuring robust and secure solutions and tools to guarantee the cybersecurity of our installed plant base (brownfield) in accordance with the latest standards and guidelines (NIS2, NERC CIP, etc.) and customers demands. Working with technical experts from other business units, the aim is to ensure that these solutions meet the latest security standards and address potential threats in the IT/OT environment. Especially for our installed systems (brownfield), new cybersecurity technologies need to be assessed, and proof-of-concepts organized/created. As part of a hybrid working model and due to the nature of the role, you will need to travel frequently to Germany. A Snapshot of your Day How Youll Make an Impact (responsibilities of role) Planning, setup, operation and maintenance of an IT/OT test environment for the simulation of production systems. With a special focus on servers, firewalls, routers, switches, etc. and corresponding users and operating software Testing and evaluation of new cybersecurity technologies (HW and SW) for our HVDC/FACTS systems and their implementation in case of positive evaluation Ensuring protection against cyberattacks by implementing the latest technologies Support in the automation and optimization of production processes Collaborate with the Control & Automation team to integrate new technologies Preparation of technical documentation, installation instructions and user manuals Provide technical expertise for bidding activities, present security concepts, and assist in creating customer-centric solutions What You Bring Degree in network/communication technology, computer science or IT security, alternatively a relevant apprenticeship with several years of professional experience Sound knowledge of IT administration, e.g. network security, Windows Server, Active Directory, WSUS, virtualization, firewalls, remote access solutions, etc. Preferably several years of experience in IT/OT cybersecurity in the field of critical infrastructures Desirable, experience in automation technology. Familiarity with national and international IT security standards in an industrial environment (e.g. BDEW, NERC-CIP, IEC 62443) Very good knowledge of English (German will be an added advantage) High level of commitment, ability to work in a team and willingness to solve technical challenges independently, pragmatically and purposefully

OT Cybersecurity Engineer for Digital Industries Customer Services, India About Siemens Accelerating transformation for industries For us, it all starts and ends with our customers. Maximizing value for them is what drives us! Combining the real world of automation with the digital world of information technology opens up completely new possibilities for our customers in all industries, empowering them to make better decisions and enable them to accelerate their transformation to become a Digital Enterprise. With our unique portfolio, we can make a decisive contribution to sustainable industrial innovation- transforming the everyday and creating a better tomorrow for societies and people around the world. Cybersecurity for Industry We give Cybersecurity for Industry the highest priority in successful digitalization, so we place it at the center of our development of innovative products, solutions, and services. We rely on the multilayer Defense in Depth concept strengthened by Zero Trust principles. This ensures reliable and always up-to-date protection on all levels, thanks to three pillars- plant security, network security, and system integrity- including Industrial Cybersecurity Services. At Digital Industries we create and implement digital manufacturing concepts for our vertical customer based on the Digital Enterprise software suite, TIA, MindSphere, Industrial Edge and Industrial cybersecurity offerings from Digital Industries. Are you passionate about safeguarding critical infrastructure and ensuring the security of industrial control systemsJoin our team as a Cybersecurity Engineer and play a pivotal role in protecting our ICS and SIS systems, networks, and information. Key Responsibilities: Security MeasuresEngineer, implement, and monitor robust security measures to protect ICS and SIS systems, related networks, and sensitive information. System Security Identify and define system security requirements to ensure comprehensive protection. Security ArchitectureDesign and develop detailed cybersecurity architectures and designs, adhering to industry-standard blueprints and best practices. Implementing Backup Solutions and ManagementImplement and manage system backup technologies like Acronis, Veritas, Veeam and other providers, overseeing installation and deployment. Threat Detection and Vulnerability monitoringImplement solution like Claroty or Nozomi at ICS for the customers. Installing remediation to risk score for the customer. Endpoint SecurityDeploy and manage endpoint security and application control solutions from providers like McAfee, as well as SIEM solutions such as McAfee, Splunk, and Q-radar etc. Network SecurityImplement and manage network-based firewalls (e.g., Siemens, Fortinet, Palo Alto, CISCO), network troubleshooting, and intrusion detection products. Network ManagementInstall and manage network management solutions like SiNEC NMS, SolarWinds, WhatsUp Gold etc. Firmware UpdatesConduct firmware updates for various automation control systems, switches, and firewalls. Domain Controller ConfigurationConfigure and deploy domain controller settings and policies to defined computer groups as per approved list for ICS. Host-Based SecurityImplement host-based security technologies, including antivirus, data leakage prevention, host IPS, whitelisting, and anomaly detection. Installation and TestingPerform installation, configuration, and testing activities at both factory and customer sites, with experience in Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT). DocumentationPrepare comprehensive system documentation, including functional design specifications, backup systems documentation, firewall configurations, network diagrams, system architectures, asset inventory, FAT and SAT procedures, and operation & maintenance manuals. Experience 5 to 6 years of experience in working for OT Security systems design, implementation and consulting with at least some experience in industrial automation systems design. Proven experience in cybersecurity, particularly in ICS. Strong understanding of cybersecurity principles and best practices. Proficiency in managing backup technologies, endpoint security, SIEM solutions, and network-based firewalls. Hands-on experience with network management solutions and firmware updates. Ability to configure domain controllers and implement host-based security technologies. Excellent documentation skills and experience with FAT and SAT procedures. Education o Bachelors degree in engineering (Electrical Engineering, Computer Engineering, or related field). A degree in Cybersecurity is preferred. o Valid certification in OT security (e.g., CISSP, GICSP, OSCP) would be additional advantage. Business Travel You will be in the delivery and implementation team and hence should be willing to travel and experience various manufacturing sites across India

Educational Bachelor of Engineering Service Line Quality Responsibilities In this role, you will help architect, deploy security solutions, tools for Application, DevSecOps & SSDLC, and Public Cloud Security. You need to learn about Infosys business initiatives, products and business needs to drive clients' security projects. Develop technical solutions and advisesecurity controls to mitigate security vulnerabilities. Partner with Security Engineers, Architects, and clients to drive security initiatives in technology and policy governance. Preferred Skills: Foundational-Cybersecurity Competency Management-Cyber Competency Strategy Planning

Educational Master Of Technology,Master Of Engineering,Bachelor Of Technology,Bachelor of Engineering Service Line Engineering Services Responsibilities A day in the life of an Infoscion As part of the Infosys consulting team, your primary role would be to lead the engagement effort of providing high-quality and value-adding consulting solutions to customers at different stages- from problem definition to diagnosis to solution design, development and deployment. You will review the proposals prepared by consultants, provide guidance, and analyze the solutions defined for the client business problems to identify any potential risks and issues. You will identify change Management requirements and propose a structured approach to client for managing the change using multiple communication mechanisms. You will also coach and create a vision for the team, provide subject matter training for your focus areas, motivate and inspire team members through effective and timely feedback and recognition for high performance. You would be a key contributor in unit-level and organizational initiatives with an objective of providing high-quality, value-adding consulting solutions to customers adhering to the guidelines and processes of the organization. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Technical and Professional : Experience in at least one of the following fieldsembedded security, secure design and hardware security Detailed knowledge of PKI and cryptography Knowledge of automotive vehicle systems, architecture, and automotive communication protocols (CAN, Ethernet etc.) would be considered an asset Work with different teams across the business to ensure development and implementation complies with legislation R155 vehicle cyber security, according to ISO21434 process. Participate in implementing process to comply with R155 for Polestar. Review Software applications for potential security vulnerabilities by conducting application security reviews i.e. Secure Design review, Threat Modelling. Preferred Skills: Domain-Automotive-Engine / Power Train Domain-Automotive-Infotainment System Domain-Automotive-Connected Car Domain-Automotive-Electric Vehicles (EVs)-EV

TitleSecurity Test Engineer Key Responsibilities Core Skills Must have Work Experience Minimum of 2+ Years of work experience in Application security, Vulnerability Assessment & Penetration Testing. Skill Set Vulnerability Assessment and Penetration Testing for Web application and API. Knowledge on open source and commercial tools Source code Review Knowledge on scripting language is desirable. Expertise in DAST for web Application (e.g. Acunetix, IBM AppScan, Burpsuite etc.) tooling including triage. Advance Understanding of Security standard and best practices. Hands on exp in Kali Linux , SQL Map Expertise in Vulnerability Assessments using various open source and commercial tools. Sound knowledge of network security devices (Firewalls, proxies , NIDS/NIPS, ETC.) Ability to analyse and detect false positives from the vulnerabilities identified by scanners and communicate effectively with all stakeholders in order to mitigate the existing vulnerabilities in the application. Experience in in performing SAST scan with tool (e.g. Veracode, SecureAssist, IBM AppScan, Checkmarx , Snyk) tooling including triage. Understanding of webbased application vulnerabilities and API Vulnerabilities (OWASP TOP 10) Strong customer service orientation & Experience working in a teamoriented, collaborative environment. Strong organization and time management skills Offshore

Educational Bachelor of Engineering,Master Of Engineering Service Line Cyber Security Responsibilities 8 years experience in security assessing application designs experience in working in a regulated industry.Experience in System Architecture, Cloud Security, and Security Overall.Secondary Skills: Ability to explain security controls, vulnerabilities and control gaps to solution architectsGood to Have Skills: Very good Communication Skills.Positive Attitude towards work and deliverable. Technical and Professional : 8 years experience in security assessing application designs experience in working in a regulated industry.Experience in System Architecture, Cloud Security, and Security Overall.Secondary Skills: Ability to explain security controls, vulnerabilities and control gaps to solution architectsGood to Have Skills: Very good Communication Skills.Positive Attitude towards work and deliverable. Preferred Skills: Technology-Enterprise Architecture-Digital Architecture

5+ years of hands on experience in Application/Mobile/Infrastructure penetration testing available from Pune/ Hyderabad location. Principal Accountabilities and Responsibilities Perform highly technical/analytical security assessments of custom mobile applications, widely understand infrastructure and networks, web services and APIs. This covers manual penetration testing. Clearly and professionally document root cause and risk analysis of all findings Adhere to the security testing process and raise any gaps or opportunities for improvement with manager. Work closely with the DevOps teams to ensure that the security testing requirements are met. Develop understanding of business functionality and apply testing methodology as appropriate to technologies and risks Demonstrate complex proof-of-concept exploits of vulnerabilities when required. Assist with coordination of security testing projects according to a structured process, including writing test plans, test cases and test reports.

: 1. Monitoring and analysis of cyber security events using Microsoft Sentinel SIEM. 2. Monitor internal and external threats, examine logs, events, and alerts generated by multiple platforms for anomalous activity. 3. Development and execution of SOC and standard operating procedures (SOP). 4. Triage security events and incidents, detect anomalies, and report/direct remediation actions. 5. Timely escalate security incidents whenever SLA's are not met. 6. Assist in incident detection and resolving incidents by following all phases of incident management lifecycle. 7. Integrate and collaborate threat information to improve incident detection capabilities. 8. Should be capable of report generation from security solutions and preparation of report for management or leadership review. 9. Collect evidence of security incidents, and other error conditions that may constitute a breach in security or a degradation of integrity or confidentiality of systems and data. Ability to coordinate and work with stakeholders to track security incidents till closure.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Prisma Access Secure Access Service Edge (SASE) Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust and secure cloud environment that supports business operations effectively. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Evaluate and recommend new security technologies and practices to improve the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- Strong understanding of cloud security principles and best practices.- Experience with security frameworks such as NIST, ISO 27001, or CIS.- Familiarity with identity and access management solutions.- Knowledge of network security protocols and technologies. Additional Information:- The candidate should have minimum 7.5 years of experience in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training and knowledge sharing sessions to enhance team capabilities.- Monitor and assess the effectiveness of implemented security measures and recommend improvements. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of cloud security frameworks and best practices.- Experience with risk assessment and management methodologies.- Familiarity with compliance standards and regulations related to cloud security.- Ability to analyze security incidents and develop effective response strategies. Additional Information:- The candidate should have minimum 5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills: - Must To Have Skills: Proficiency in ForgeRock Access Management- Strong understanding of cloud security principles- Experience in designing and implementing security solutions for cloud environments- Knowledge of industry security standards and best practices- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 7.5 years of experience in ForgeRock Access Management- This position is based at our Hyderabad office- A 15 years full time education is required Qualification 15 years full time education

Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions. Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies. SIEM and Incident ResponseHands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel). Strong skills in incident response, threat hunting, and forensic investigation. Access and Identity ManagementFamiliarity with IAM concepts and tools, including MFA and SSO solutions. Experience with configuring and troubleshooting access control for network and endpoint systems. Automation and ScriptingBasic scripting abilities (e.g., Python, PowerShell) for automating security processes. Excellent analytical and problem-solving skills. Effective communication skills for interacting with team members and stakeholders. Ability to work in a fast-paced environment and handle high-stakes incidents. Certifications (Preferred) CompTIA Security+, Cisco CCNA Security, Certified Ethical Hacker (CEH), or other relevant security certifications. Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 10 years of experience in security & infrastructure administration Experience on any Products for Implementation & Operations in SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application Expertise of handling industry standard risk, governance and security standard methodologies and incident response processes (detection, triage, incident analysis, remediation and reporting). have shown attention to detail and interpersonal skills and expertise to oversee input and develop relevant metrics and Competence with Microsoft Office, e.g. Word, Presentation, Excel, Visio, etc Preferred technical and professional experience Ability to multitask and work independently with minimal direction and maximum accountability. One or more security certifications. (CEH, Security+, GSEC, GCIH, etc).

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Managed Cloud Security Services Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a CSPM WIZ Administrator and analyst, you will be responsible for overseeing the security posture of cloud environments, ensuring compliance with industry standards, and implementing best practices to mitigate risks. Your role will involve configuring and managing CSPM tools, conducting regular assessments, and collaborating with cross-functional teams to enhance cloud security. Roles & Responsibilities:-CSPM WIZ Tool Management:Configure, deploy, and maintain CSPM solutions to monitor and secure cloud resources.-Security Assessments:Conduct regular security posture assessments to identify vulnerabilities and misconfigurations.-Compliance Monitoring:Ensure adherence to compliance frameworks such as ISO 27001, NIST, and GDPR.-Incident Response:Collaborate with security teams to respond to and remediate security incidents.-Automation:Implement automation scripts to streamline security processes and reduce manual efforts.-Documentation:Maintain detailed records of security configurations, assessments, and incidents. Professional & Technical Skills: - Must To Have Skills: Proficiency in Managed Cloud Security Services.- Strong understanding of cloud security frameworks and best practices.- Experience with risk assessment and management in cloud environments.- Familiarity with compliance standards such as ISO 27001, NIST, and GDPR.- Ability to design and implement security controls tailored to cloud architectures. Additional Information:- The candidate should have minimum 5 years of experience in Managed Cloud Security Services.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : CyberArk Privileged Access Management Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define Beyond Trust solution framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of PAM controls and facilitating the streamlining of process and security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Work as a lead in PAM engagements.- Should be able to work as Individual Contributor and with a Team as required for the Administration of Beyond Trust.- Technical contribution in respective technology to Practice.- Candidate should have good working experience of 6-8 years for administration of Beyond Trust Enterprise Password Safe deployment and operational tasks.- Knowledge of the following CyberArk components confirmed by related work experience:- Administration experience Also should have participated in Disaster Recovery and Patching/Upgrade Activities.- Experience with developing and following processes with vendor instructions, templates, presentations and skilled in progress measurement for efforts. Ability to work on virtual teams and must possess good interpersonal skills.- Solid Work Ethic and sense of ownership to complete assigned duties, tasks or projects.- Good Experience with Windows Server Administration minimum 2 Years of demonstrated work experience.- Experience handling system integration and Vendor/Client technical support communications.- Experience Administering Unix/Linux Server environments.- Experience using and troubleshooting Operating Systems (Windows/Nix), and other applications (e.g. web and document browsers, plug-ins). Professional & Technical Skills: - Must To Have Skills: Proficiency in CyberArk / Beyond Trust Privileged Access Management.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR.- Ability to conduct risk assessments and vulnerability assessments.- Good knowledge in Cyber Security frameworks and Data security.- Professional Certification from Beyond Trust Additional Information:- The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management.- This position is based at our Noida office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Node.js Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Implement security measures to protect systems and data- Conduct security assessments and audits- Develop security policies and procedures Professional & Technical Skills: - Must To Have Skills: Proficiency in Node.js- Strong understanding of cybersecurity principles- Experience with security tools and technologies- Knowledge of network security protocols- Familiarity with cloud security best practices Additional Information:- The candidate should have a minimum of 5 years of experience in Node.js- This position is based at our Bengaluru office- A 15 years full-time education is required Qualification 15 years full time education