944 Vulnerability Assessment Jobs - Page 21

Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

SOC Analyst 5+ Years of exp in SOC, and should have exp with Azure/AWS cloud. Exp in Remediation and "Defender for Cloud " is a must. About the role As a SOC Analyst L3, you will play a critical role in strengthening our organization's security posture through proactive threat detection and response. You will monitor system and network activity for any dangers or weaknesses and delve into the details of potential security incidents. Along the way, you will get to: Incident Analysis: Analyze security notifications to identify potential security issues and evaluate their impact and severity. Incident Response: Oversee the response to verified security incidents, including containment measures and investigation. Threat and Vulnerability Analysis: Investigate, document, and report on information security issues and emerging trends. Adjust Security Tools and Processes: Fine-tune security tools and processes to improve the organization's overall security posture. Be Ambitious: This opportunity is not just about what you do today but also about where you can go tomorrow. When you bring your hunger, heart, and harmony to Insight, your potential will be met with continuous opportunities to upskill, earn promotions, and elevate your career. What were looking for Technical Proficiency: In-depth knowledge of security protocols, techniques, and technologies. Analytical Skills: Ability to analyze system performance and troubleshoot complex security issues. Communication: Effective communication skills to interact with team members and stakeholders. What you can expect Were legendary for taking care of you, your family and to help you engage with your local community. We want you to enjoy a full, meaningful life and own your career at Insight. Some of our benefits include: Freedom to work from another locationeven an international destination—for up to 30 consecutive calendar days per year. Medical Insurance Health Benefits Professional Development: Learning Platform and Certificate Reimbursement Shift Allowance But what really sets us apart are our core values of Hunger, Heart, and Harmony, which guide everything we do, from building relationships with teammates, partners, and clients to making a positive impact in our communities. Join us today, your ambITious journey starts here. When you apply, please tell us the pronouns you use and any reasonable adjustments you may need during the interview process. At Insight, we celebrate diversity of skills and experience so even if you don’t feel like your skills are a perfect match - we still want to hear from you! Today's talent leads tomorrow's success. Learn more about Insight: https://www.linkedin.com/company/insight/

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Architecture Design Good to have skills : NA Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will be responsible for defining the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve documenting the implementation of cloud security controls and transitioning to cloud security-managed operations. You will play a crucial role in safeguarding our organization's digital assets and ensuring the security of our cloud infrastructure. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Develop and maintain the cloud security framework and architecture. Ensure that the cloud security controls are implemented effectively. Collaborate with cross-functional teams to define and implement security policies and procedures. Conduct regular security assessments and audits to identify vulnerabilities and recommend remediation measures. Professional & Technical Skills: Must To Have Skills:Proficiency in Security Architecture Design. Strong understanding of cloud security principles and best practices. Experience in designing and implementing security controls for cloud environments. Knowledge of industry standards and regulations related to cloud security. Experience with cloud security tools and technologies. Good To Have Skills:Experience with network security and infrastructure design. Additional Information: The candidate should have a minimum of 7.5 years of experience in Security Architecture Design. This position is based at our Mumbai office. A 15 years full time education is required. Qualifications 15 years full time education

About Barry Wehmiller: - Barry Wehmiller Companies is a global supplier of manufacturing technology and services based in St. Louis Missouri. Although it was founded in 1885 as a maker of machinery for the brewing industry, since 1987 Barry-Wehmiller has acquired more than 80 companies that provide equipment and services for a variety of industries: packaging, paper converting, sheeting, corrugating, engineering, and IT consulting. In 2016 it was ranked no. 10 on the St. Louis Business Journal's list of the city's Top 150 Privately Held Companies. We believe our culture differentiates us from other firms. In India, Barry-Wehmiller operates as a hub of innovation and collaboration, housing our Global Competency Center (GCC) and other strategic functions. The GCC, based in Chennai, is an Engineering Center of Excellence that supports all Barry-Wehmiller divisions globally. The center focuses on areas such as design and development in mechanical, electrical, and controls engineering, software development, and additive manufacturing. We believe in: Ownership Youll drive features end-to-end, from design to deployment. Flexibility A friendly, results-oriented culture that respects your time. Empowerment Your insights are valued, and your work makes a visible difference. Learning & Growth Youll work on complex challenges with smart, passionate peersand have the support to level up continually. If youre ready to bring your best thinking to the table and grow in a high-impact, future-focused environment, wed love to hear from you. Job Description: The Enterprise IT Service Desk Workstation Vulnerability Analysts role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 3-5 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Travel: Travel could be up to 15% (in the country) as needed for remote support. What is it for you? This role is more than just a job. It’s an opportunity to be part of a global team that values people excellence, innovative solutions, and operational excellence. Barry-Wehmiller provides a unique environment where you can grow your skills, work on impactful projects, and collaborate with some of the brightest minds in the industry. In addition, we are deeply committed to your personal and professional growth, fostering a culture that helps you achieve your full potential. You can also apply to this job using the below Workday link https://bit.ly/4kPFsa7 (if the link doesn't work, simply copy paste the link in your browser) To understand more about our people-first philosophy, you may like to watch this short video by our CEO, Mr. Bob Chapman, on Truly Human Leadership : Watch the video https://bit.ly/4kSLZkE (if the link doesn't work, simply copy paste the link in your browser)

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills:- Must To Have Skills:Proficiency in ForgeRock Access Management- Strong understanding of cloud security principles- Experience in implementing security controls in cloud environments- Knowledge of industry security standards and best practices- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in ForgeRock Access Management- This position is based at our Coimbatore office- A 15 years full-time education is required Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security policies and procedures- Conduct security assessments and audits- Stay updated on the latest security trends and technologies Professional & Technical Skills:- Must To Have Skills:Proficiency in ForgeRock Access Management- Strong understanding of cloud security principles- Experience in designing and implementing security solutions- Knowledge of security protocols and standards- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in ForgeRock Access Management- This position is based at our Bengaluru office- A 15 years full-time education is required Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Expected to provide solutions to problems that apply across multiple teams Develop and implement security solutions for cloud environments Conduct security assessments and audits to identify vulnerabilities Provide guidance on security best practices for cloud deployments Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Strong understanding of cloud security principles Experience with implementing security controls in cloud environments Knowledge of industry standards and regulations related to cloud security Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 12 years of experience in SailPoint IdentityIQ This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Hiring Tech Supervisor Network & Security Location : Chennai ( Onsite only) Experience : 6+ years Key Skills : Eight or more years in the network security or information security field Experience with Cisco ASA, FortiGate and Palo Alto Firewalls Experience with Cisco & Aruba switches Experience with Cisco routers & Meraki APs. Exposure working with switches, routers, firewalls, intrusion prevention systems is must. High level of experience with a variety of Windows operating systems in a functional capacity, and the security principles and applications that apply to those systems. Experience with well-known protocols and services like FTP,HTTP,SSH,SMB,LDAP Experience with Packet Analysis Tools like Wireshark or NetworkMiner. Fundamental understanding of the defense-in-depth strategies Some experience in the technologies listed below.( Syslog products, IPSec expertise, Switching & Routing expertise, PKI expertise) Experience in Firewall monitoring tools like SolarWinds /ME Network flow & firewall Experience with vulnerability assessment review and addressing the same. Experience managing the NOC team. Experience of managing the new Network infra setup project. Experience of managing the change requests management system. Experience of handling internal and external audits request. Preferred knowledge of IT Service Management change, incident, and request platform Role & responsibilities : Monitoring security related events and activities via several systems Providing first level incident response for incidents reported by the monitored systems. Maintenance of the configuration of security monitoring systems, i.e. ensuring that asset lists are correct, developing correlation rules, etc. Administration of the reporting functions of security monitoring systems, assisting in the identification and creation of appropriate reports for delivery to management. Analysis of the security threat landscape Assists NOC Engineers & technicians providing troubleshooting support of complex issues. Build a high-performance team responsible for monitoring network stability 24 hours a day, 7 days a week, 365 days a year Routine communication with internal support teams & Work to build strong cross-functional relationships with other IT Teams. Develops budgets, timelines, and ensures progress to plan, tracking critical project achievements Develop reports and trend analysis documentation on bandwidth and network security incidents Manages a team of Engineers and is responsible for ensure adequate schedule coverage Oversee Data Center management and tasks Oversees monitoring of the network for stability and performance in order to maintain 24x7 operations and resolve service impacts as they occur Ensures trouble tickets are worked effectively and efficiently and that the work with engineering, field technicians, and telecommunications carriers is effective in resolving service issues in accordance with established processes and procedures. Excellent interpersonal skills for interaction with subordinate technicians, vendors, contractors, customers, and/or functional peers. Delegates work assignments, sets priorities and time management for staff and train the NOC on repeatable administration processes Candidates serving notice / Early / Immediate joiners - Please share your updated CV on anand.rawal@agshealth.com

We have Immediate Openings on Vulnerability Management Contract to Hire role for multiple clients. Job Details Skills Vulnerability Management Experience 10+Years Location Pan India Job type Contract to HIRE Primary & Secondary Skills Vulneribility Management Qualys Guard Qualys Agent Policy Compliance Vulneribilty Scanning RESPONSIBILITIES Perform vulnerability assessment using leading Vulnerability Scanning solutions like Qualys, Microsoft Defender, etc. Perform vulnerability assessments on On-prem, Cloud hosted systems, container (like Docker & Kubernetes), databases, web services and other widely deployed infrastructure components. Perform false positive validation and ensure delivery of quality reports. Act as a technical SME to analyse the vulnerability results & detection logic. Provide technical advice and support on remediation to infrastructure / application support teams. Manage & Implement approved scan exclusions based on the request from platform support teams. Review findings and identify root causes for common issues and provide recommendations for sustainable improvements. Responsible to maintain vulnerability quality assurance by building VM team technical knowledge base. Research and report on security vulnerabilities and latest advancements in the vulnerability management lifecycle. Understand security policies, procedures and guidelines to all levels of management and staff. Communicate effectively orally and in writing and establish cooperative working relationships. Provide suggestion to improve vulnerability Management service based on current trends in information technology (Network, system security software and hardware). Act as line manager in the absence of team lead. People and Talent Minimum 6 years of experience in Information security and preferably in Banking and Financial services sector Good understanding and Implementation experience on Enterprise Network Security Architecture and Enterprise Network Design. In-depth working experience on Cloud technologies, routers, switches, firewalls, load balancers and proxy will be added advantage for the role. Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent. Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, CISA, CRISC and CISM. Strong knowledge and subject matter expertise in multiple areas within Information Security. Hands on skill and expertise in performing risk / threat assessments/risk consulting. Excellent written, oral communication and reporting skills. Provides technical leadership, expertise and direction working with district and college technical staff for design and implementation of information technology security systems. Develops strategy for propagating, maintaining, and measuring compliance against security policies, standards, and guidelines district-wide. Time management and organizational skills Ability and desire to learn new skills quickly Performs other related duties as assigned. Risk Management COMPETENCIES SKILLS FRAMEWORK Grow Self Applicable for all roles. Action Oriented Taking on new opportunities and tough challenges with a sense of urgency, energy and enthusiasm. Collaborates Building partnerships and working collaboratively with others to meet shared objectives. Courage Stepping up to address difficult issues and saying what needs to be said. Customer Focus Building strong customer relationships and delivering customer-centric solutions. Instils Trust Gaining the confidence and trust of others through honesty, integrity and authenticity. Nimble Learning Actively learning through experimentation when tackling new problems. Using both successes and failures as a learning factor.

Worker Sub-Type: Regular Job Description: QNX is a trusted supplier of safe and secure operating systems, hypervisors, frameworks, and development tools, and provides expert support and services for building the world s most critical embedded systems. We are the embedded experts. QNX was born in embedded, and provides time-tested and trusted foundation software, including our deterministic microkernel real-time operating system (RTOS), safety-certified products, middleware, and security solutions, all purpose-built for embedded systems. QNX software is trusted by more than 68% of the Electric Vehicle market by volume , 24 of the top 25 EV manufacturers and is running in 255 million vehicles globally. Our foundation products have been pre-certified to ISO 26262 ASIL D, and we offer a broad range of board support packages, professional services, AUTOSAR adaptive support and middleware solutions - from acoustic management to digital cockpits to advanced driving assistance (ADAS) - to accelerate development and help OEMs meet Start of Production (SOP) dates. Are you the person we are looking for? We are seeking a skilled and detail-oriented Security Operations Analyst to join our Hybrid Security Operations Center. This dynamic role encompasses responsibilities from both the Security Operations Center (SOC) and the Vulnerability Management domains. The ideal candidate will have strong analytical abilities, experience with security tools and technologies and a proactive approach to threat detection, incident response, and vulnerability management. Responsibilities: Monitor security alerts and notifications from various security tools and systems. Investigate and respond to security incidents, performing root cause analysis and document findings. Conduct real-time analysis of security incidents and escalate as necessary. Implement and manage security controls and measures to protect the organization s assets. Maintain and update incident response playbooks and standard operating procedures. Collaborate with IT and other departments to ensure timely resolution of security incidents. Generate reports on security incidents, trends (KRIs), and SOC performance metrics (KPIs). Conduct regular vulnerability assessments and scans across the organizations network, applications, and systems. Analyze and interpret scan results prioritize vulnerabilities based on risk and impact. Work with IT teams to remediate identified vulnerabilities and provide guidance on best practices. Develop and maintain vulnerability management policies, standards, and procedures. Stay updated on the latest vulnerabilities, exploits, and security trends. Skills & Qualifications: Bachelor s degree in Computer Science, Information Security, or related field; or equivalent work experience. 3+ years of experience in a SOC analyst role and/or vulnerability management role. Strong knowledge of security incident response processes and methodologies. Experience with security information and event management (SIEM) technologies. Proficiency with vulnerability assessment tools such as Nessus, Qualys, or Rapid7. Familiarity with common security frameworks and standards (e.g., NIST, ISO 27001, CIS). Relevant certifications such as CISSP, GIAC, CEH, or CompTIA Security+, or equivalent are preferred. Additional Assets: Ability to work effectively both independently and as part of a team. High level of integrity, professionalism, and attention to detail. Excellent analytical, problem-solving, and communication skills. Scheduled Weekly Hours: 40

Implement and review IT security technologies in Infrastructure, applications and cloud platforms for effective enforcement of policies. Periodic review of user and privileged access management for infrastructure and applications. Maintaining updated information security documentation including standard operating procedures, review records. Design and implementation of security use cases in Security incident event management and end point security policies. Act as a first responder for cyber security incidents and part of cyber security incident response team by working in close coordination with IT infrastructure and application teams. Conduct vulnerability assessment with IT systems and collaborate with stakeholders for remediation of vulnerabilities. Implement and review IT security technologies in Infrastructure, applications and cloud platforms for effective enforcement of policies. Periodic review of user and privileged access management for infrastructure and applications. Maintaining updated information security documentation including standard operating procedures, review records. Design and implementation of security use cases in Security incident event management and end point security policies. Act as a first responder for cyber security incidents and part of cyber security incident response team by working in close coordination with IT infrastructure and application teams. Conduct vulnerability assessment with IT systems and collaborate with stakeholders for remediation of vulnerabilities. Educational Qualifications and experience: Bachelors degree in science, engineering discipline Minimum of 5 years experience IT operations with at least 2-3 years of hands-on experience with cyber security technologies. Competency in applying the cyber/information security frameworks and standards such as MITRE, NIST and ISO 27001

So, what’s t he r ole all about? As a member of the Cloud Security team, a successful Cloud Security Analyst will need to be self-sufficient to collaborate effectively with multiple teams, such as Application Support, Infrastructure Operations, DevOps, Product R&D, Security teams, customers and 3 rd party auditors. This role will hold the responsibility of understanding the Cloud security policies, procedures, practices and technologies and documenting them appropriately as well as demonstrating to auditors and customers the excellent Cloud Security at NICE. A successful candidate in this role will be able to work in production cloud environments to collect and curate evidence and explain it to anyone who asks for it. Experience with Governance, Risk and Compliance (GRC) is a big plus! How will you make an impact? You will directly impact the success of the NICE cloud business by ensuring all customer and auditory security requirements are met and demonstrated. A diverse, merit-driven work environment which rewards a growth mindset and encourages innovation and continued professional development; The opportunity to work in a global, highly skilled, passionate workforce to deliver world-class service and products to market. Competitive pay and excellent benefits. Generous PTO policies. A highly focused security & compliance team which is collaborative, supportive, experienced, and driven to help everyone from the individual to enterprise to our customers realize the success for which they aim. Have you got what it takes? 1-2 years of experience with Information Security & Compliance or GRC University-level degree in InfoSec, Computer Science or other related field. knowledge with major compliance frameworks such as PCI, ISO 27001/17, SOC 2, HITRUST, GDPR. A burning curiosity to learn as much as you can about the NICE cloud environment and the services and products we offer our customers as well as the existing security infrastructure we have in place today; Excellent communications skills along to work collaboratively with security team members and operations and development teams or independently to achieve tactical and strategic security goals; Strong organization and prioritization skills; Education, training or experience with security and compliance fundamentals; Experience working with work tracking tools such as JIRA, Service Now or others. What’s in it for you? Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr! Enjoy NICE-FLEX! At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere. Requisition ID: 7117 Reporting into: Technical Manager Role Type: Individual Contributor

We are Hiring Senior Consultant Cyber Security Solution Architect Location: Bangalore, Hyderabad Experience: 14+ years Are you passionate about designing secure, scalable cloud and enterprise security architectures? Join us as a Cyber Security Solution Architect and be at the forefront of helping clients secure their digital ecosystems. What You’ll Do: Design and deliver end-to-end cybersecurity solutions for enterprise clients Collaborate with infra/application architects to embed security in architecture Lead cloud security (Azure/AWS/GCP), DDoS, SIEM, WAF, and container security design Define KPIs and lead security assessments & compliance initiatives (ISO 27001, NIST) Build client-facing proposals and conduct solution defense with stakeholders What We’re Looking For: 14+ years of overall experience, with 5+ years in complex security engineering projects Strong hands-on with tools: Azure Security Center, GuardDuty, Palo Alto, Qualys, etc. Exposure to CASB, Zero Trust, IAM, and multi-cloud security Excellent communication, client interaction, and solutioning skills Preferred Certifications: CISSP | CISM | CEH | CCSP | TOGAF | AWS/Azure/GCP Security Ready to shape the future of enterprise security? Apply now / email at mary.nancy1@sonata-software.com

Number of Openings 1 ECMS ID in sourcing stage 527090 Assignment Duration 6 months Total Yrs. of Experience 8-10 Yrs Relevant Yrs. of experience 8+ Detailed JD (Roles and Responsibilities) Manage VM tool (Tenable.io) and on-premises VA scanners. Perform regular health check to ensure scanner are up and running with latest plugins. Ensure scans scopes are updated and proper scans are performed on assets as per desired frequency. Troubleshoot and fix scanning issues like authentication failure observed in scheduled scans. Perform risk assessments on vulnerabilities identified by infrastructure scans to determine real risk and prioritizing vulnerabilities. Report findings to teams / individual owners of assets and follow up to get the remediation completed within defined SLA. Develop hardening configuration standards (CIS) document for windows and Linux operating systems and get them implemented with help of stakeholders. Ensure compliance scans are performed to validate hardening configuration as per desired frequency. Report EC2 instances and lambda functions vulnerability findings from aws inspector to individual resource owners and follow up to get the remediation completed within defined SLA. You should be good at performing vulnerability assessment and articulate the findings in an easily consumable manner to the asset owners. Hence it is expected to have good reporting skills as well. Configuration and maintenance of regular and ad-hoc vulnerability scans against internal and external IT infrastructure including Cloud Assessment, reporting and remediation tracking of identified vulnerabilities. Collaboration with Tribe/ Product owners and cross-functional stakeholders related to vulnerability management. Mandatory skills Perform vulnerability assessment and articulate the findings in an easily consumable manner to the asset owners and good reporting skills. Configuration and maintenance of regular and ad-hoc vulnerability scans against internal and external IT infrastructure including Cloud Assessment, reporting and remediation tracking of identified vulnerabilities. Collaboration with Tribe/ Product owners and cross-functional stakeholders related to vulnerability management. Desired/ Secondary skills Knowledge on scripting (e.g. PowerShell) to write automation scripts. Solid understanding of the Cloud terminology, windows platform, Active Directory, and networking protocols Sound knowledge of ITIL standards. Working experience of ITSM tool such as ServiceNow. Domain Cyber Security Max Vendor Rate in Per Day (Currency in relevance to work location) INR 12000 Work Location given in ECMS ID Hyderabad WFO/WFH/Hybrid WFO Hybrid BG Check (Before OR After onboarding) Pre onboarding Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO General shift - 5 days a week (as required)

Understanding of network defence principles, common attack vectors, and attacker techniques. Technical baseline skills and the ability to acquire in-depth knowledge of network and host security technologies Basic Linux/Windows OS knowledge, firewall rules and policy fundamentals. Excellent analytical and problem-solving skills. Strong work ethic and commitment to accomplish assigned tasks with a sense of urgency. Windows, Linux, Network Security, Phishing, Splunk, Malware

OrangeMantra is looking for Senior .Net Developer to join our dynamic team and embark on a rewarding career journey Designing and developing software applications using C#, ASP.NET, and other .Net technologies. Collaborating with cross-functional teams to define, design, and ship new features. Debugging and fixing software issues in a timely manner. Writing clean, efficient, and well-documented code. Ensuring software security and data protection. Participating in code reviews and testing to ensure software quality. Staying up-to-date with emerging trends and technologies in .Net development.

> Role Purpose The purpose of this role is to analyse, identify, rectify recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT

> Role Purpose The purpose of this role is to analyse, identify, rectify recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT

> Role Purpose The purpose of this role is to analyse, identify, rectify recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Privilege Password Management CyberArk. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT Mandatory Skills: Archer. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Azure B2X Security. Experience: 3-5 Years.

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Information Security Project Specialist ZS’s India Capability & Expertise Center (CEC) houses more than 60% of ZS people across three offices in New Delhi, Pune and Bengaluru. Our teams work with colleagues across North America, Europe and East Asia to create and deliver real world solutions to the clients who drive our business. The CEC maintains standards of analytical, operational and technological excellence across our capability groups. Together, our collective knowledge enables each ZS team to deliver superior results to our clients. What You’ll Do Executes the end-to-end management of security projectsincluding resource management, communications, training requirements, change management and budget (if applicable). Estimate the resources and participants needed to achieve project goals. Reviews and recommends changes, reductions or additions to the overall project Acts as the liaison between InfoSec and end-users when applicable Maintains the efficiency of the project management process such as planning, scheduling, and budget and risk assessment. Identifies and mitigates potential risks Work with cross-functional teams and staff of all levels, including assisting in the development, training and assignment of work/projects to team members reporting to others; Works well within a structured environment in which team members can work together as an efficient team. What You’ll Bring Bachelor’s Degree required. 7 - 10 years of relevant work experience, including Information Security, project management (5+ years), and team management. PMP-PMI certification desired, or completion within a year of assuming the position. Agile certification desired, or completion within a year of assuming the position. Security+ or equivalent certification desired, or completion within a year of assuming the position. (CISM- Certified Information Security Manager, CompTIA Security+, Etc ) Project plan development experience, including charter, scope, project management approach, management plans, statement of work, cost estimates, schedule. Excellent communication (written and oral) and interpersonal skills; ability to interface and influence all levels within the organization, including facilitation, consulting, negotiation, and presentation. Excellent project management and coordination skills working with multiple stakeholders across several technology platforms and business areas Strong technical skills and experience. The ideal candidate has lead projects relating to Information Security deliveries or migrations (Vulnerability Management, Identity and access management, Cloud Strategy & Governance, Data Security, Enterprise Risk Management, Asset Management, Security awareness & training) Project plan and budget management. Knowledge of project management best practices, Experience identifying and mediating risk. Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At www.zs.com

Daily assessment of vulnerabilities identified by infrastructure scan Evaluate rate and perform risk assessments on assets Prioritizing vulnerabilities discovered along with remediation timeline s Work with associated teams to explain vulnerabilities and remediation steps as required Maintain knowledge of the threat landscape Create reports and provide analysis on vulnerabilities for technical teams and leadership Skill Required Knowledge of application network and operating system security Experience with vulnerability and patch assessment Linux and windows experience Good understanding of Windows and Linux patching Knowledge of vulnerability scoring systems CVSS CMSS Experience on vulnerability scanning tools Excellent writing and presentation skills are required in order to communicate findings and status Primary Skills VMDR Policy Compliance Qualys Tenable Nessus Rapid7 Secondary Skills Excellent writing and presentation skills are required in order to communicate findings and statusCleary communicate priorities and escalation points procedures to other team members Detail oriented organized methodical follow up skills with an analytical thought process Experience performing dynamic scans static scans and penetration testing Development experienceProject management experience Innovative and efficiency focused Track trends and configure systems as required to reduce false positives from true events

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLA??s (90-95%), response time and resolution time TAT Mandatory Skills: Saviynt. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver / No. / Performance Parameter / Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Privilege Password Management CyberArk. Experience: 3-5 Years.