916 Vulnerability Assessment Jobs - Page 36

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : One Identity Manager Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements. Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: Must To Have Skills: Proficiency in One Identity Manager. Strong understanding of cloud security principles and best practices. Experience with identity and access management solutions. Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Ability to analyze security incidents and develop effective response strategies. Additional Information: The candidate should have minimum 3 years of experience in One Identity Manager. This position is based at our Jaipur office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : Identity Access Management (IAM) Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the security architecture, ensuring that it meets the business requirements and performance goals. You will play a crucial role in safeguarding our organization's systems and data. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Ensure the security architecture aligns with business requirements and performance goals. Design and implement security solutions to protect the organization's systems and data. Conduct risk assessments and vulnerability testing to identify potential security threats. Develop and maintain security policies, standards, and procedures. Stay up-to-date with the latest security trends and technologies. Train and educate employees on security best practices. Collaborate with cross-functional teams to integrate security measures into the development lifecycle. Investigate and respond to security incidents and breaches. Perform security audits and assessments to ensure compliance with industry regulations. Provide guidance and support to junior security professionals. Professional & Technical Skills: Must To Have Skills: Proficiency in ForgeRock Access Management. Good To Have Skills: Experience with Identity Access Management (IAM). Strong understanding of security architecture principles and best practices. Experience in designing and implementing security solutions. Knowledge of security frameworks and standards such as ISO 27001 and NIST. Familiarity with network security technologies and protocols. Experience in conducting risk assessments and vulnerability testing. Ability to analyze complex security issues and provide effective solutions. Additional Information: The candidate should have a minimum of 5 years of experience in ForgeRock Access Management. This position is based at our Bengaluru office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNow Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Develop and implement security architecture solutions. Conduct security assessments and provide recommendations. Collaborate with cross-functional teams to ensure security measures are integrated. Stay updated on the latest security trends and technologies. Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ. Good To Have Skills: Experience with SailPoint IdentityNow. Strong understanding of identity and access management principles. Knowledge of cloud security best practices. Experience in designing and implementing security solutions. Ability to communicate complex technical concepts effectively. Additional Information: The candidate should have a minimum of 3 years of experience in SailPoint IdentityIQ. This position is based at our Gurugram office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNow Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Develop and implement security solutions for cloud environments Conduct security assessments and audits to identify vulnerabilities Stay updated on the latest security trends and technologies Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Good To Have Skills: Experience with SailPoint IdentityNow Strong understanding of identity and access management principles Knowledge of cloud security best practices Experience in designing and implementing security solutions Ability to communicate complex security concepts to technical and non-technical stakeholders Additional Information: The candidate should have a minimum of 5 years of experience in SailPoint IdentityIQ This position is based at our Hyderabad office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNow Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Showcasing creativity and expertise in cloud security solutions. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Develop and implement security architecture solutions. Conduct security assessments and provide recommendations. Lead security projects and initiatives. Stay updated on the latest security trends and technologies. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ. Strong understanding of identity and access management concepts. Experience in designing and implementing security solutions. Knowledge of cloud security best practices. Hands-on experience with SailPoint IdentityNow. Experience in conducting security assessments and audits. Additional Information: The candidate should have a minimum of 7.5 years of experience in SailPoint IdentityIQ. This position is based at our Hyderabad office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Engineer, you will implement and validate security controls across in-vehicle systems, ensuring protection of ECUs, telematics units, and connected vehicle infrastructure. You will contribute to threat modeling and diagnostics hardening efforts, support penetration testing activities, and document the integration of cybersecurity measures in alignment with regulatory and technical requirements. Roles & Responsibilities: Support the development and implementation of cybersecurity controls across ECUs, telematics systems, and in-vehicle networks in alignment with ISO/SAE 21434 and company CSMS. Participate in security architecture and design reviews, contributing to the definition and validation of security requirements for embedded vehicle systems. Conduct and document threat modeling and risk assessments using methodologies such as HEAVENS, STRIDE, and custom attack graphs. Perform penetration testing and intrusion validation on in-vehicle protocols including CAN, DoIP, and Ethernet, as well as wireless interfaces such as Bluetooth and Wi-Fi. Assist in the execution of fuzz testing and vulnerability analysis using tools like CANoe, Wireshark, Scapy, and Python-based custom scripts. Contribute to the validation of secure boot mechanisms and assist in reverse engineering activities to verify firmware security compliance. Work with software and hardware teams to analyze security issues, identify root causes, and define corrective actions and mitigations. Maintain operational documentation, including test procedures, vulnerability logs, and mitigation tracking in compliance with regulatory requirements. Collaborate with cross-functional teams to integrate secure diagnostics, access control strategies, and key management protocols. Participate in internal assessments and support audit readiness for cybersecurity compliance frameworks such as UNECE WP.29 and ISO 26262. Professional & Technical Skills: Experience supporting in-vehicle cybersecurity programs with 8+ years in embedded or automotive systems development, including 3–4 years focused on penetration testing, diagnostics security, or secure ECU architecture. Hands-on experience conducting security testing and vulnerability assessments on vehicle communication interfaces such as CAN, DoIP, and Ethernet, as well as wireless protocols including Bluetooth, Wi-Fi, and cellular. Strong working knowledge of UDS diagnostics (ISO 14229), secure diagnostics access control, and protocol fuzzing techniques to uncover vulnerabilities in ECUs and vehicle gateways. Proficiency with security testing tools and platforms such as CANoe, Wireshark, Scapy, Python, and Ghidra for traffic analysis, custom scripting, and reverse engineering. Familiarity with cryptographic principles and practical usage of cryptographic libraries (e.g., OpenSSL, mbedTLS) and hardware security modules (HSM) for secure key storage, boot processes, and firmware authentication. Experience supporting OTA (Over-the-Air) update platforms and ensuring their secure integration using encryption, authentication, and rollback protection mechanisms. Exposure to cybersecurity development in Agile-based or V-model automotive environments, working collaboratively with software, systems, and validation teams. Knowledge of regulatory and compliance standards relevant to automotive cybersecurity, including ISO/SAE 21434, UNECE WP.29 (R155/R156), and functional safety (ISO 26262). Ability to document test cases, generate detailed security analysis reports, and provide engineering teams with clear recommendations and follow-up actions for mitigation. Demonstrated problem-solving skills and the ability to troubleshoot complex issues related to embedded systems security, communication integrity, and control system protection. Additional Information: 5+ years' experience implementing and performing Automotive Cybersecurity Experience with AUTOSAR (Classic/Adaptive), ECU firmware security, or secure telematics units. This position is based at our Bengaluru office A 15-year full-time education is required Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : German Language Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work related problems. Conduct regular assessments of cloud security measures to identify areas for improvement. Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: Must To Have Skills: Proficiency in German Language. Strong understanding of cloud security principles and frameworks. Experience with security compliance standards such as ISO 27001 or NIST. Familiarity with risk assessment methodologies and tools. Ability to communicate complex security concepts to non-technical stakeholders. Additional Information: The candidate should have minimum 3 years of experience in German Language. This position is based at our Pune office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNow Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Lead the design and implementation of security solutions Conduct security assessments and audits Develop security policies and procedures Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Strong understanding of identity and access management Experience with cloud security technologies Knowledge of security frameworks and standards Hands-on experience with security architecture design Additional Information: The candidate should have a minimum of 7.5 years of experience in SailPoint IdentityIQ This position is based at our Hyderabad office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Node.js Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply security skills to design, build, and protect enterprise systems, applications, data, assets, and people. You will provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Your day will involve ensuring the security of critical assets and systems. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Implement security measures to protect systems and data Conduct security assessments and audits Develop security policies and procedures Professional & Technical Skills: Must To Have Skills: Proficiency in Node.js Strong understanding of cybersecurity principles Experience with security tools and technologies Knowledge of network security protocols Familiarity with cloud security best practices Additional Information: The candidate should have a minimum of 5 years of experience in Node.js This position is based at our Bengaluru office A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNow Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Develop and implement security solutions for cloud environments Conduct security assessments and audits to identify vulnerabilities Stay updated on the latest security trends and technologies Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ Good To Have Skills: Experience with SailPoint IdentityNow Strong understanding of identity and access management Knowledge of cloud security best practices Experience in designing and implementing security controls for cloud environments Additional Information: The candidate should have a minimum of 5 years of experience in SailPoint IdentityIQ This position is based at our Hyderabad office A 15 years full-time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : SailPoint IdentityIQ Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Develop and implement security policies and procedures Conduct security assessments and audits Stay updated on the latest security trends and technologies Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityNow Good To Have Skills: Experience with SailPoint IdentityIQ Strong understanding of identity and access management Knowledge of cloud security best practices Experience in designing and implementing security solutions Ability to communicate complex security concepts to non-technical stakeholders Additional Information: The candidate should have a minimum of 5 years of experience in SailPoint IdentityNow This position is based at our Bengaluru office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Solution Development Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities: Expected to be an SME Collaborate and manage the team to perform Responsible for team decisions Engage with multiple teams and contribute on key decisions Provide solutions to problems for their immediate team and across multiple teams Lead security solution development projects Conduct security assessments and audits Develop security policies and procedures Professional & Technical Skills: Must To Have Skills: Proficiency in Security Solution Development Strong understanding of cloud security principles Experience with security architecture design Knowledge of security compliance standards Hands-on experience with security tools and technologies Additional Information: The candidate should have a minimum of 5 years of experience in Security Solution Development This position is based at our Pune office A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNow Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities: Expected to be an SME. Collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Facilitate training sessions to enhance team knowledge and skills. Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: Must To Have Skills: Proficiency in SailPoint IdentityIQ. Good To Have Skills: Experience with SailPoint IdentityNow. Strong understanding of cloud security principles and best practices. Experience in designing and implementing security frameworks. Familiarity with compliance standards such as ISO 27001 and NIST. Additional Information: The candidate should have minimum 5 years of experience in SailPoint IdentityIQ. This position is based at our Jaipur office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem. Roles & Responsibilities: Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements. Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity. Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces. Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle. Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular). Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules. Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification. Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning. Lead red team exercises and security reviews in coordination with product security and development teams. Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262. Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements. Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis. Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces. Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular. In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications. Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments. Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434. Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards. Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering. Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment. Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams. Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information: 7+ years' experience implementing and performing Automotive Cybersecurity This position is based at our Bengaluru office A 15-year full time education is required Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Google Cloud Data Services Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :GCP Security Architect – Solution Design, Compliance, and Security EngineeringWe are hiring GCP Security Architects with 7+ years of experience in designing secure GCP environments and integrating automated security across deployments. This role emphasizes applied engineering, platform security control implementation, and ensuring audit-ready, secure-by-default environments. Roles & Responsibilities: Design and implement secure, scalable GCP architectures. Configure and maintain IAM (roles, policies, IDP integrations, MFA, SSO). Establish secure configurations for VPCs, VPNs, Data Encryption (KMS), and Cloud Armor. Manage Cloud Security Command Center for visibility, governance, and incident response. Implement Cloud Operations Suite for logging, alerting, and security analytics. Conduct threat modeling, vulnerability assessments, and define remediation paths. Automate security checks and controls using Terraform, Cloud Shell, and CI/CD integrations. Collaborate with platform, DevOps, and risk teams to embed security into development lifecycles. Support audit preparation, policy compliance, and security documentation efforts. Review solution designs and assist with enforcing GCP security guardrails. Professional & Technical Skills: Analytical and detail-oriented with a strong problem-solving mindset. Strong communicator with cross-functional collaboration experience. Continuously stays updated with evolving cloud threat landscapes. Excellent communication skills, including the ability to convey complex security concepts to technical and non-technical stakeholders. Strong working knowledge of IAM, VPC SC, Cloud Armor, encryption practices, and security policy enforcement. Experience with Terraform, automated auditing, and log analysis tools. Additional Information:Bachelor's degree in engineering or computer science, Information Security, or a related field.Certifications such as Google Cloud Certified – Professional Cloud Security Engineer is a must; CCSP preferred. 7+ years in security roles, with 3+ years in hands-on GCP security delivery. This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : One Identity Manager Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities: Expected to be an SME. Collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Facilitate training sessions to enhance team knowledge and skills. Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: Must To Have Skills: Proficiency in One Identity Manager. Strong understanding of cloud security principles and practices. Experience with identity and access management solutions. Familiarity with compliance frameworks such as ISO 27001 or NIST. Ability to analyze security incidents and develop mitigation strategies. Additional Information: The candidate should have minimum 5 years of experience in One Identity Manager. This position is based at our Jaipur office. A 15 years full time education is required. Qualification 15 years full time education

Hiring expert Product Security Engineers to be part of a young and leading Enterprise SaaS Product Company that s redefining the Loyalty domain! At Loyalty Juggernaut, we re on a mission to revolutionize customer loyalty through AI-driven SaaS solutions. We are THE JUGGERNAUTS, driving innovation and impact in the loyalty ecosystem with GRAVTY , our SaaS Product that empowers multinational enterprises to build deeper customer connections. Designed for scalability and personalization, GRAVTY delivers cutting-edge loyalty solutions that transform customer engagement across diverse industries including Airlines, Airport, Retail, Hospitality, Banking, F&B, Telecom, Insurance and Ecosystem. Visit www.lji.io to know more about us. As a Product Security Engineer, youll to ensure the security of GRAVTY throughout the development lifecycle. In this role, you will work closely with Engineering, DevOps, and Product teams to design and implement security controls, identify vulnerabilities, and drive secure coding practices. Your responsibilities will include and not limited to Lead and conduct Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, API, and infrastructure. Think like an attacker and simulate advanced threat scenarios to proactively identify security gaps. Utilize leading security tools such as Burp Suite, Acunetix, OWASP ZAP, Snyk, Wiz, and others. Leverage offensive security platforms and toolkits like Wireshark, Metasploit, Kali Linux, and more. Perform API and mobile platform security testing, including vulnerability discovery and exploit validation. Execute and document Open-Source Intelligence (OSINT) investigations. Collaborate closely with DevOps/Engineering to integrate security tools into CI/CD pipelines and promote DevSecOps best practices. Contribute to secure coding reviews and vulnerability triage, and assist in patch, compliance, and access control management. Monitor and respond to production security alerts and assist with security incident handling. To be successful in this role, you should have A Bachelor s degree in Engineering , preferably CS/IT. 1-3 years of proven experience in penetration testing and vulnerability management. Strong coding/scripting proficiency in Python, Java, Ruby, or similar. Familiarity with AWS cloud, Linux systems, Docker containers, and infrastructure security practices. Exposure to DevSecOps, including implementing security tools in CI/CD, and production environment protection. Experience in Secure Development Lifecycles, access controls, and patch & compliance frameworks. Industry-recognized certifications like CEH, eWPT, eWPTX, or equivalent are a plus. Excellent analytical, communication, and collaboration skills. A curious mind, a passion for security, and a knack for staying one step ahead of adversaries.

Responsibilities: Deliver engaging cybersecurity training (offline) Simplify core topics for beginners Guide learners in exam prep and concept clarity Address student queries and provide mentorship Support learners toward certification success

Role & responsibilities Security Integration Across SDLC: Collaborate closely with development teams throughout the SDLC to embed security best practices from design through deployment. Application Penetration Testing: Perform hands-on penetration testing of web, mobile, and API-based applications. Partner with developers to ensure effective and timely remediation of vulnerabilities. Senior Security Analyst Security Scanning & Analysis: Conduct Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) using industry-standard tools. Analyze and interpret results to support developers in remediation efforts. Code Reviews & Secure Coding: Participate in code reviews to identify insecure coding patterns and provide actionable feedback aligned with secure coding standards. Threat Modeling & Design Reviews: Facilitate security design reviews and threat modeling exercises to identify potential risks early in the development pro Preferred candidate profile We are seeking a highly skilled and proactive Senior Security Analyst to join our Application Security team. This role is critical in embedding security across the Software Development Life Cycle (SDLC) and ensuring the security of our applications through expert-level testing, review, and collaboration with development teams. The ideal candidate will possess a strong technical background in application security, excellent communication skills, and hands-on experience in penetration testing and secure coding practices.

Cybersecurity Specialist Summary Apply Now vijayawada Full-Time 5+ Years Industry IT/Security Responsibilities Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. About The Role Develop and manage security measures for networks, systems, and applications. The role includes conducting regular security audits and responding to security incidents. Qualifications Develop and implement security measures for networks and systems. Conduct regular security audits and risk assessments. Respond to security incidents and manage incident response plans. Provide training and guidance on cybersecurity best practices. Skills Expertise in network security, firewalls, and intrusion detection systems. Proficiency in SIEM tools like Splunk or QRadar. Strong knowledge of compliance standards (ISO, NIST). Experience with vulnerability assessment and penetration testing.

Position Details- Position: VAPT Lead Experience: 8-12 years Job Location: Powai, Mumbai - WORK FROM OFFICE Number of Position 1 Description: We are looking for VAPT LEAD who will be responsible for running automated and manual security scans which include but not limited to SAST, DAST, IAST, Mobile, Web, API and ad-hoc pen-testing. The candidate will play a key role of integrating Security element in DevSecOps The role entails taking responsibility of analysing security vulnerabilities and capability to provide mitigation solutions to fix issues, providing guidance to application teams, and coordinating with cross functional teams across the platform. Responsibilities: Hands-on experience creating and implementing DevSecOps pipeline using CICD automation tools like Jenkins, Automated scanning tools, BurpSuite, and open source tools. Implement Application Cyber Security Controls/Policies developed by IT Security Team. Ability to demo security vulnerability to application teams. Drive application security issues to a resolution. Provide a clear guidance to application teams during vulnerability mitigation effort Conduct application security assessment on periodic intervals and for every release Collect and report status on application security assessments including milestones, deliverables, timing, tasks, risk areas, and status to Head of IT Security Categorize and recommend assessment strategies for existing and new application development Coach development and vendor teams on application security Develop user training material on secure coding and conduct training sessions Coordinate and execute IT security projects Integrate the Application and DevOps processes and CI/CD pipelines from early stages of the development lifecycle. Evaluating and on-boarding security tools such as SAST, vulnerability and open source scanning into the Security DevOps life cycle for multiple tech stacks. Contributing features to internally developed Cyber security tools, and integrate those tools into the Security DevOps pipelines. Driving continuous improvement for Security DevOps pipelines and processes, and to the Cyber security tools, services, and processes. Engage in security research in keeping abreast of the latest security issues for Cloud enabled enterprises Research best practices for a variety of technologies and document / advice on solutions for security for multiple teams Develop, improve and monitor system compliance with the IT framework for controls and levels of access Collaborate with internal teams to manage and mitigate security vulnerabilities and risks Collaborate with software engineering and digital team to deliver integrated security solutions, and improve developer security practices Collaborate on Red Team penetration testing of IT systems Essential Qualification: Tenable/Qualys tool experience is mandatory. Experience with Dockers, Kubernetes, Terraform Good to have Appsec, API Testing, Infra Cloud Security testing experience. Must have experience with a modern version control system such as: Git, Github, GitLab. CISSP, OSCP or other security certifications desired. Experience with infrastructure as code and technologies behind it (Terraform preferred) Must have 4+ years of progressive experience in computing and information security. Capable of analysing data from various data sources and generating reports, charts and graphs. • Proven experience with at least one of the following technologies: MySQL, Postgres, FireBase, Google Cloud Storage and willing to learn and fill in any gaps. Working knowledge of agile methodology, techniques, and frameworks, such as Scrum or Kanban Excellent people and project management skills. Strong communication and presentation skills. Strong analytical and problem-solving skills.

Sr. Engineer - Vulnerabity Management/Patching Linux Exp : 7+ Yrs Level L3 Role. Location: Madhapur - Hyderabad. Overview: IT Engineer who can do analysis, mitigation and remediation of all the identified vulnerabilities and security gaps to strengthen the security posture of SHI environment. The assigned team will speed up remediation to secure SHI environment from external and internal cyber threats. All the identified vulnerabilities and security gaps need to be fixed to mitigate the potential impact as per the criticality of the risk. Proposed two senior resource to perform vulnerability management and patching. The role will require the following including but not limited to: Review and understanding of the entire environment Having complete visibility of the inventory of environment Review Vulnerabilities identified by tool Analyze the Vulnerability Assessment report Isolate false positives Prioritize the risk remediation plan Identify the dependencies and conduct impact analysis of the Patches & Fixes Work along with the Application team for dependencies and impact Work along with Offshore and Onsite Ops team for remediation planning Work along with SOC and Infosec team for remediation and fixes Develop a plan to rectify the issues Build Security Playbooks for remediation process as per organization environment Implement required patches and fixes in Test environment and conduct the impact analysis After the successful testing implement fixes on production servers Guiding and helping in Automation and customization of remediation as much as possible Follow and adhere to ITIL Process Review the status of imports for patch implementations and follow up with IT Operations. Track the progress of regulatory compliance obligations and ensure their completion. Review deferred item status and revise or implement fixes. Monitor Vulnerability Management dashboards and reports. Please share CV : [email protected] .

WHAT YOU LL DO We are seeking a skilled and experienced Attack Surface Reduction Analyst with a strong background in penetration testing to join our cybersecurity team. The successful candidate will be responsible for identifying potential security risks and vulnerabilities in our organizations systems, applications, and networks, performing penetration testing, and facilitating and managing third-party penetration testing engagements. WHO YOU LL WORK WITH Attack Surface Reduction team helps and contribute to improve the security posture of H&M by operating within an Agile model. We play a crucial role in proactively identifying and help in mitigating potential security risks and vulnerabilities across H&Ms systems, applications, and networks, with the aim of preventing unauthorized access, data breaches, and other security incidents. Key Responsibilities: Conduct comprehensive vulnerability assessments (VA) and penetration tests (PT) on H&Ms systems, networks, and applications. Utilize industry-standard tools and methodologies to identify potential vulnerabilities and weaknesses in our attack surface. Collaborate with cross-functional teams to prioritize and remediate identified vulnerabilities in a timely manner. Experience in designing, implementing, and managing vulnerability management processes and workflows. Facilitate and manage penetration testing engagements with third-party vendors. Collaborate with other members of the cybersecurity team to develop and implement strategies to reduce our attack surface. Develop and maintain security policies and procedures for our organizations systems, applications, and networks. Monitor our organizations systems, applications, and networks for unauthorized access, suspicious activity, and other security threats. Stay up to date with the latest trends and developments in the field of cybersecurity, specifically related to attack surface reduction techniques. WHO YOU ARE We are looking for people with Bachelors degree in computer science, information security, or a related field. 6-10 years of experience in vulnerability scanning, vulnerability management, and penetration testing. Solid knowledge of common vulnerabilities and exposures (CVEs), common attack vectors, and security best practices. Strong knowledge of security assessment tools, vulnerability scanning, and penetration testing. Proficient in using industry-standard vulnerability assessment and penetration testing tools (e.g., Kali Distro, Qualys, Burp Suite, etc.). Familiarity with industry frameworks and standards, such as NIST, OWASP, and CIS. Effective communication skills, with the ability to clearly convey technical concepts to both technical and non-technical stakeholders. Excellent analytical, problem-solving, and communication skills. Relevant certifications , such as SANS, OSCP, OSEP, CompTIA Security+ or CREST are a plus. WHY YOU LL LOVE WORKING HERE At H&M, we are proud to be a vibrant and welcoming company. We offer our employees attractive benefits with extensive development opportunities around the globe. We offer all our employees at H&M attractive benefits with extensive development opportunities around the globe. All our employees receive a staff discount card, usable on all our H&M brands in stores and online. Brands covered by the discount are H&M (Beauty and Move included), COS, Weekday, Monki, H&M HOME, & Other Stories, ARKET, Afound. In addition to our staff discount, all our employees are included in our H&M Incentive Program - HIP. You can read more about our H&M Incentive Program here . In addition to our global benefits, all our local markets offer different competitive perks and benefits. Please note that they may differ between employment types and countries. JOIN US Our uniqueness comes from a combination of many things - our inclusive and collaborative culture, our strong values, and opportunities for growth. But most of all, it s our people who make us who we are. Take the next step in your career together with us. The journey starts here. *We are committed to a recruitment process that is fair, equitable, and based on competency. We therefore kindly ask you to not attach a cover letter in your application. ADDITIONAL INFORMATION This is a full-time position, starting in June 2025 . Apply by sending in your CV in English as soon as possible, but no later than the 30th of May 2025 . Due to data policies, we only accept applications through the SmartRecruiters or career page

Req ID: 319245 NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a Security Analysis Senior Specialist to join our team in Noida, Uttar Pradesh (IN-UP), India (IN). Day to Day job Duties(what this person will do on a daily/weekly basis) Work as individual contributor in a team of Security Systems staff and help customers using ITIL methodology, process and ITSM tools following Standard Operating Procedures. In some situations, acts as a Lead for the account where he/she needs to directly work with ISM/CDE of the account along with the Manager. Timely reporting of issues to management and proactive approach for problem solving Responsible for Quality issues and find ways to mitigate gaps in process to avoid quality issues. Ensure all Service Management procedures are being followed by him/her and the entire team Builds deeper understanding of processes, procedures, customers and organization. Assists program or process development and implementation. Develops solutions to a variety of problems of moderate complexity. Applies research, information gathering and analytical and interpretation skills to problems of diverse scope. Works on assignments where considerable judgment and initiative are required in resolving problems and making choices, recommendations, or decisions. Involved with local or business specific engagement initiatives in support of broader programs Assumes responsibility to improve service, efficiency and quality of work. Contributes to area by ensuring quality of output. Basic Qualifications(what are the skills required to this job with minimum years of experience on each) User Access Provisioning, Good communication Skills & Customer Handling, Ticket Hygiene, Should have around 3 year of experiences on AD, Knpwledge Base Drafting, About NTT DATA NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies.Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us atus.nttdata.com NTT DATA endeavors to make https://us.nttdata.comaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here. Job Segment Consulting, Technology

Role & responsibilities Minimum 3 years of overall experience 1+ years in Incident Management, Vulnerability Management, Bug Bounty & Cyber security analysis Assess and support severity assignment on reported vulnerabilities in line with the Common Vulnerability Scoring System (CVSS) Effectively communicating vulnerability findings to stakeholders, including technical and non-technical audiences Developing strategies to address identified vulnerabilities, including mitigation plans and timelines Coordinate the remediation of findings from the organizations Bug Bounty & Vulnerability Disclosure Programs working directly with whitehat researchers. Analyze findings to understand if our vulnerability scanners failed to identify them and work with the relevant to address any visibility gaps Identify missing security controls that could have mitigated the Bug Bounty finding and ensure correction is tracked to completion Mature the program through the onboarding of new assets Works closely with Risk Management teams to document identified risks and issues highlighted through Bug Bounty Program Maintains a working knowledge of key data security frameworks and regulations such as PCI (Payment Card Industry)/Logical Security guidelines and models, HIPPA (Health Insurance Portability and Accountability Act), (GDPR) General Data Protection Regulation, PII (Personally Identifiable Information), NIST CSF (Cyber Security Framework). Collaborates with Legal and Privacy Offices when critical data is at risk as a result of a Bug Bounty finding Maintain and follow runbooks for day-to-day activities