195 Vulnerability Jobs - Page 7

A ServiceNow Solution Architect plays a crucial role in designing, implementing, and optimizing ServiceNow solutions for organizations. Their responsibilities can be broadly categorized into different product SKU s ServiceNow platform engineering (on premise) with ITSM Modules including Service Request, Incident, Problem, Change, Rot and Configuration Management and security / regulatory disciplines Major accountabilities: Execute technology delivery strategy for business systems, platforms, and processes for a particular Business domain / Function. Partner with senior business stakeholders and TT Strategic Business Partners for demand analysis, solution proposal/evaluation, and funding estimates. Partner with business partners to ensure Technology Service/Solutions Delivery teams deliver products according to strategy with reuse across other areas. Ensure on time, within budget, compliant, secure, and quality delivery of portfolio for responsible function / service area. Ensure services, solutions, platforms, products are fit for purpose and achieve the desired business value and impact. Run efficient DevOps for platforms, products, or systems ensuring availability and optimal performance for responsible function / service area. Establish governance structure for projects, operations, etc with right stakeholder representation. Track, report, and deliver against agreed success factors and KPIs for various stakeholders for responsible function / service area. Follow industry trends and emerging practices to drive agility, speed, efficiency, and effectiveness. Ensure the overall user experience is considered when designing deploying new solutions and services. Ensure adherence to Security and Compliance policies and procedures. Monitor and proactively manage the ServiceNow platform to ensure high availability and optimal performance. Troubleshoot and resolve any platform-related issues or outages promptly. Implement best practices to prevent system downtime and performance degradation. Collaborate with the platform security teams to ensure the ServiceNow platform adheres to security standards and policies. Manage security controls, such as role-based access control, data encryption, and vulnerability assessments. Prepare the platform for audits, maintaining a secure and compliant environment. Lead a team of ServiceNow L3 and L2 consultants, administrators, and support staff. Coordinate and oversee the deployment of ServiceNow changes, updates, and enhancements. Manage and prioritize incident resolution and problem-solving efforts. Maintain and enhance ServiceNow configurations, workflows, and integrations as needed. Ensure that ServiceNow remains aligned with business requirements and objectives. Maintain comprehensive documentation for ServiceNow configurations, procedures, and incident resolutions. Collaborate with ServiceNow vendors and external partners to leverage their expertise and resources. Minimum Requirements: Bachelors degree in a related field (Computer Science, Information Technology, etc) is preferred. 10-15 years of relevant experience in IT operations, with a minimum of 5 years of experience in ServiceNow administration. ServiceNow certifications, such as Certified System Administrator (CSA) or Certified Implementation Specialist (CIS), are mandatory . Strong leadership and team management skills. In-depth knowledge of IT service management (ITSM) and ITIL processes. Excellent problem-solving and analytical abilities. Strong communication and collaboration skills. Proficiency in ServiceNow development, scripting, and customization. Knowledge of database management and integration technologies

We are looking for a Cyber Defense Vulnerability Incident Response Senior Analyst to join our growing Cyber Defense Operations (CDO) Centre. This role provides an outstanding opportunity to lead the response to critical vulnerabilities while also contributing to security incident handling and response. The ideal candidate will have a solid background in vulnerability management, with additional expertise in incident response. This is a great opportunity for someone who wants to deepen their understanding of the overlap between vulnerability management (VM) and incident response (IR). We are at an exciting moment in our transformation! Arm has a bold vision to develop technology that invisibly enables opportunity for a globally connected population. To achieve this, Arm is growing rapidly and developing new products. With new business capabilities, Arm is encountering new security challenges that require a thoughtful, adaptable approach to strengthen its cyber defences and detect respond strategy. Responsibilities: Vulnerability Management (Main Focus) Lead operational vulnerability management activities across infrastructure, applications, cloud, and third-party platforms. Validate findings and prioritize remediation based on business risk and threat intelligence. Collaborate with global IT, Engineering, and Security teams to drive vulnerability remediation efforts. Optimize and manage ServiceNow Vulnerability Management workflows. Act as technical lead in remediation planning, providing guidance and support to stakeholders. Collaborate with Red Team, Threat Intelligence, and Product Security to identify high-risk vulnerabilities. Lead Major vulnerability Incident response efforts in accordance with the response plan and policies. Incident Response (Secondary Focus) Support team in incident triage and response efforts as needed, particularly those involving vulnerability exploitation. Assist in forensic investigations and log analysis for potential Security Incidents. Contribute to the development of playbooks for vulnerability incident response. Deliver training and mentorship to junior analysts. Required Skills Experience: Demonstrable experience in vulnerability management, including implementation of scanning tools like Tenable, Qualys, or similar platforms. Hands-on experience with ServiceNow Vulnerability Management workflows and integrations. Experience with remediation coordination, risk-based prioritization, and vulnerability lifecycle management. Exposure to incident handling, including forensic and malware analysis basics. Solid understanding of cloud and container security vulnerabilities (AWS, Azure, GCP). Sufficient understanding of web technologies to manage Web vulnerabilities. Ability to articulate risk and technical topics clearly to non-technical stakeholders. Scripting and automation skills (eg, Python, PowerShell) to streamline workflows. Deep understanding of the cyber threat landscape and emerging exploitation trends. Nice-to-Have Skills Certifications: BSc or higher in Cybersecurity, Computer Science, or related field! Professional certifications: GIAC (GCIH, GCFA, GPEN), OSCP, or CISSP. Exposure to penetration testing or Red Teaming methodologies. Understanding of ITIL processes and project management principles

HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com , General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024. HackerOne Values HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability. Product Security Analyst Location: Pune Position Summary HackerOne is seeking a dynamic individual with a passion for Information Security to join our Technical Services team. As a Security Analyst, you will gain hands-on technical experience and exposure to some of the world s best hackers while delivering high-impact vulnerabilities to the top bug bounty programs in the industry. This role requires excellent communication skills, intellectual curiosity and drive to acquire the technical skills you ll need to ensure every valid bug report is reproducible and provides value to HackerOne customers. What You Will Do Evaluate assigned vulnerability reports submitted by hackers to determine the validity, risk and severity to HackerOne customers Collaborate with hackers to address missing information from reports as well as educate the HackerOne community members when reports are invalid Compose a technical summary for each valid report that includes clear and concise details regarding the impact, steps to reproduce and remediation advice Ensure clear and efficient communication between hackers and customers Proactively identify and solve issues, as well as accept and quickly respond to delegated work; as we are distributed, being able to win as a team to solve problems is critical to our success Assess vulnerability findings and determine whether the submission is valid based on program policies, scope and impact. Independently reproduce reported vulnerabilities in a test environment and compose a technical summary for valid findings. Minimum Qualifications Proven experience with vulnerability disclosure and bug bounty (experience managing a bug bounty program is a plus but not required) Hands-on experience doing security testing or ethical hacking on web and mobile applications Strong technical knowledge of OWASP top 10 Comfortable using security testing tools including Burpsuite Excellent written and verbal communication skills Experience using frameworks such as CVSS Self-motivated and able to manage your time and energy output while maintaining a consistent and sustainable operational rhythm This role is based in our Pune office and you must be able to work 4-5 days a week in office. English fluency Compensation 2.6M - 3.2M Offers Equity # LI-MH1 Job Benefits: Health (medical, vision, dental), life, and disability insurance* Equity stock options Retirement plans Paid public holidays and unlimited PTO Paid maternity and parental leave Leaves of absence (including caregiver leave and leave under COs Healthy Families and Workplaces Act) Employee Assistance Program Flexible Work Stipend *Eligibility may differ by country Were committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR). Visa/work permit sponsorship is not available. Employment at HackerOne is contingent on a background check. HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws. This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time. For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.

Key Responsibilities Identity and Access Management (IAM) Design, implement, and manage IAM frameworks, ensuring secure access control across on-premises and cloud environments. Administer user accounts, roles, and permissions following the principle of least privilege. Perform periodic access reviews and audits to ensure compliance with organizational policies. Manage single sign-on (SSO), multi-factor authentication (MFA), and identity federation solutions. Collaborate with application teams to implement secure authentication and authorization protocols. Vulnerability Management Conduct regular vulnerability scans across infrastructure, applications, and endpoints using tools such as Qualys, Nessus, or equivalent. Analyze vulnerability reports, prioritize risks, and coordinate remediation efforts with relevant teams. Maintain and improve patch management processes to address identified vulnerabilities. Monitor and track emerging threats, ensuring timely implementation of mitigation measures. Create and present vulnerability management dashboards and reports for stakeholders. Security Operations Monitor and respond to security incidents, ensuring quick containment and resolution. Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions. Conduct root cause analysis for incidents and implement preventive measures. Ensure compliance with security standards such as ISO 27001, NIST, or CIS benchmarks. Develop and update runbooks and incident response procedures. and Governance Work closely with DevOps, infrastructure, and application teams to integrate security best practices. Participate in security assessments, audits, and risk analysis exercises. Support the development and enforcement of security policies and standards. Provide security awareness training to teams and stakeholders. Documentation and Reporting Maintain comprehensive documentation of IAM workflows, security processes, and vulnerability management activities. Provide periodic compliance and risk reports to management and relevant stakeholders. Qualifications and Skills Proven experience in IAM, vulnerability management, and security operations. Strong knowledge of identity management tools and vulnerability scanning tools (e.g., Qualys). Proficiency in configuring and managing security tools such as firewalls, IDS/IPS, and endpoint security solutions. Familiarity with cloud security practices across platforms like AWS, Azure, or Google Cloud. Strong analytical and problem-solving skills with attention to detail. Relevant certifications such as CISSP, CISM, CompTIA Security+, or GIAC are highly desirable. Key Responsibilities Identity and Access Management (IAM) Design, implement, and manage IAM frameworks, ensuring secure access control across on-premises and cloud environments. Administer user accounts, roles, and permissions following the principle of least privilege. Perform periodic access reviews and audits to ensure compliance with organizational policies. Manage single sign-on (SSO), multi-factor authentication (MFA), and identity federation solutions. Collaborate with application teams to implement secure authentication and authorization protocols. Vulnerability Management Conduct regular vulnerability scans across infrastructure, applications, and endpoints using tools such as Qualys, Nessus, or equivalent. Analyze vulnerability reports, prioritize risks, and coordinate remediation efforts with relevant teams. Maintain and improve patch management processes to address identified vulnerabilities. Monitor and track emerging threats, ensuring timely implementation of mitigation measures. Create and present vulnerability management dashboards and reports for stakeholders. Security Operations Monitor and respond to security incidents, ensuring quick containment and resolution. Configure and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions. Conduct root cause analysis for incidents and implement preventive measures. Ensure compliance with security standards such as ISO 27001, NIST, or CIS benchmarks. Develop and update runbooks and incident response procedures. and Governance Work closely with DevOps, infrastructure, and application teams to integrate security best practices. Participate in security assessments, audits, and risk analysis exercises. Support the development and enforcement of security policies and standards. Provide security awareness training to teams and stakeholders. Documentation and Reporting Maintain comprehensive documentation of IAM workflows, security processes, and vulnerability management activities. Provide periodic compliance and risk reports to management and relevant stakeholders. Qualifications and Skills Proven experience in IAM, vulnerability management, and security operations. Strong knowledge of identity management tools and vulnerability scanning tools (e.g., Qualys). Proficiency in configuring and managing security tools such as firewalls, IDS/IPS, and endpoint security solutions. Familiarity with cloud security practices across platforms like AWS, Azure, or Google Cloud. Strong analytical and problem-solving skills with attention to detail. Relevant certifications such as CISSP, CISM, CompTIA Security+, or GIAC are highly desirable.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Sr. Associate Director, Delivery Management In this role, you will: Oversee the planning, execution, and delivery of projects, adopting the Agile delivery lifecycle. Collaborate closely with the team to define the project scope, objectives, requirements, and timeline. Identifying, managing, and communicating dependencies and risks to project delivery. Actively manage and monitor project progress and resolve Risks, Issues, Assumptions and Dependencies and escalating as required, making recommendations to influence decision-making to maintain progress towards delivery and benefits realisation. Requirements To be successful in this role, you should meet the following requirements: Proven experience as a Technical Project Manager or in a similar role within an Agile environment. Own and manage the product backlog, ensuring it is aligned with client needs and business objectives. Prioritize backlog items on client value, strategic goals, and resource availability. Clearly communicate the backlog items and their priorities to the development team. Experience with successfully implementing production technology products with an advanced understanding of the methods, principals, and process necessary to set priorities of development teams to successfully productionize a technology product. Experience in engaging with clients and managing stakeholder relationships. Understand clients roles, needs, and pressures to identify opportunities for innovative product solutions. Collaborate closely with clients to gather requirements and translate them into actionable user stories. Act as the voice of the client within the Agile Scrum team, ensuring products meet client expectations. Strong understanding of Agile Scrum methodologies and product management principles. Ability to understand and translate client needs into actionable user stories and product requirements. Collaborate with the Scrum team to develop and deliver high-quality products. Participate in Agile ceremonies, including sprint planning, daily stand-ups, and retrospectives. Ensure the development team has a clear understanding of the product vision and goals. Strong understanding of Agile Scrum methodologies and product management principles. Strong problem-solving skills and the ability to prioritize tasks effectively. Kn owledge of technical software or background of working with software engineering technologies and principles Understanding of cybersecurity threat and risk management landscape, including the evolving international regulation, policy, framework, and organisational cyber controls response to these threats Artificial Intelligent/Machine Learning (AI/ML) Security and Automation Knowledge of key cybersecurity data sources (e. g. endpoint detection response, firewall logs, proxy logs, and vulnerability reports), how they are used in AI/ML solutions/metrics and visualisations, how this improves the security posture of the Bank.

HackerOne is a global leader in offensive security solutions. Our HackerOne Platform combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the software development lifecycle. The platform offers bug bounty, vulnerability disclosure, pentesting, AI red teaming, and code security. We are trusted by industry leaders like Amazon, Anthropic, Crypto.com , General Motors, GitHub, Goldman Sachs, Uber, and the U.S. Department of Defense. HackerOne was named a Best Workplace for Innovators by Fast Company in 2023 and a Most Loved Workplace for Young Professionals in 2024. HackerOne Values HackerOne is dedicated to fostering a strong and inclusive culture. HackerOne is Customer Obsessed and prioritizes customer outcomes in our decisions and actions. We Default to Disclosure by operating with transparency and integrity, ensuring trust and accountability. Employees, researchers, customers, and partners Win Together by fostering empowerment, inclusion, respect, and accountability. Senior Analytics Engineer, DataOne Remote Location: Pune, India **This role requires the candidate to be based in Pune and work from an office 4 or 5 days a week. This role may also require evening-shift work to overlap with USA timezones. Please only apply if youre okay with both of these requirements. *** Position Summary HackerOne is seeking a Senior Analytics Engineer to join our DataOne team. You will lead the discovery, architecture, and development of high-impact, high-performance, scalable source of truth data marts and data products. Joining our growing, distributed organization, youll be instrumental in building the foundation that powers HackerOnes one source of truth. As a Senior Analytics Engineer, youll be able to lead challenging projects and foster collaboration across the company. Leveraging your extensive technological expertise, domain knowledge, and dedication to business objectives, youll drive innovation to propel HackerOne forward. DataOne democratizes source-of-truth information and insights to enable all Hackeronies to ask the right questions, tell cohesive stories, and make rigorous decisions so that HackerOne can delight our Customers and empower the world to build a safer internet . The future is one where every Hackeronie is a catalyst for positive change , driving data-informed innovation while fostering our culture of transparency, collaboration, integrity, excellence, and respect for all . What You Will Do Your first 30 days will focus on getting to know HackerOne. You will join your new squad and begin onboarding - learn our technology stack (Python, Airflow, Snowflake, DBT, Meltano, Fivetran, Looker, AWS), and meet our Hackeronies. Within 60 days, you will deliver impact on a company level with consistent contribution to high-impact, high-performance, scalable source of truth data marts and data products. Within 90 days, you will drive the continuous evolution and innovation of data at HackerOne, identifying and leading new initiatives. Additionally, you foster cross-departmental collaboration to enhance these efforts. Deliver impact by developing the roadmap for continuously and iteratively launching high-impact, high-performance, scalable source of truth data marts and data products, and by leading and delivering cross-functional product and technical initiatives. Be a technical paragon and cross-functional force multiplier, autonomously determining where to apply focus, contributing at all levels, elevating your squad, and designing solutions to ambiguous business challenges, in a fast-paced early-stage environment. Drive continuous evolution and innovation, the adoption of emerging technologies, and the implementation of industry best practices. Champion a higher bar for discoverability, usability, reliability, timeliness, consistency, validity, uniqueness, simplicity, completeness, integrity, security, and compliance of information and insights across the company. Provide technical leadership and mentorship, fostering a culture of continuous learning and growth. Minimum Qualifications 8+ years experience as an Analytics Engineer, Business Intelligence Engineer, Data Engineer, or similar role w/ proven track record of launching source of truth data marts. 8+ years of experience building and optimizing data pipelines, products, and solutions. Must be flexible to align with some cross over in USA timezone. Extensive experience working with various data technologies and tools such as Airflow, Snowflake, Meltano, Fivetran, DBT, and AWS. Expert in SQL for data manipulation in a fast-paced work environment. Expert in creating compelling data stories using data visualization tools such as Looker, Tableau, Sigma, Domo, or PowerBI. Proven track record of having substantial impact across the company, as well as externally for the company, demonstrating your ability to drive positive change and achieve significant results. Excellent communication skills, and can present data-driven narratives in verbal, presentation, and written formats. Passion for working backwards from the Customer and empathy for business stakeholders. Experience shaping the strategic vision for data. Experience working with Agile and iterative development processes. Preferred Qualifications Strong proficiency in at least one data programming language such as Python or R. Experience working within and with data from business applications such as Salesforce, Clari, Gainsight, Workday, GitLab, Slack, or Freshservice. Proven track record of driving innovation, adopting emerging technologies and implementing industry best practices. Thrive on solving for ambiguous problem statements in an early-stage environment. Experience designing advanced data visualizations and data-rich interfaces in Figma or equivalent. Compensation Bands: Pune, India 3.7M - 4.6M Offers Equity #LI-HM1 Job Benefits: Health (medical, vision, dental), life, and disability insurance* Equity stock options Retirement plans Paid public holidays and unlimited PTO Paid maternity and parental leave Leaves of absence (including caregiver leave and leave under COs Healthy Families and Workplaces Act) Employee Assistance Program Flexible Work Stipend *Eligibility may differ by country Were committed to building a global team! For certain roles outside the United States, U.K., and the Netherlands, we partner with Remote.com as our Employer of Record (EOR). Visa/work permit sponsorship is not available. Employment at HackerOne is contingent on a background check. HackerOne is an Equal Opportunity Employer in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, pregnancy, disability or veteran status, or any other protected characteristic as outlined by international, federal, state, or local laws. This policy applies to all HackerOne employment practices, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. HackerOne makes hiring decisions based solely on qualifications, merit, and business needs at the time. For US based roles only: Pursuant to the San Francisco Fair Chance Ordinance, all qualified applicants with arrest and conviction records will be considered for the position.

Some careers shine brighter than others. If you re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Sr. Associate Director, Delivery Management In this role, you will: Oversee the planning, execution, and delivery of projects, adopting the Agile delivery lifecycle. Collaborate closely with the team to define the project scope, objectives, requirements, and timeline. Identifying, managing, and communicating dependencies and risks to project delivery. Actively manage and monitor project progress and resolve Risks, Issues, Assumptions and Dependencies and escalating as required, making recommendations to influence decision-making to maintain progress towards delivery and benefits realisation. Requirements To be successful in this role, you should meet the following requirements: Proven experience as a Technical Project Manager or in a similar role within an Agile environment. Own and manage the product backlog, ensuring it is aligned with client needs and business objectives. Prioritize backlog items on client value, strategic goals, and resource availability. Clearly communicate the backlog items and their priorities to the development team. Experience with successfully implementing production technology products with an advanced understanding of the methods, principals, and process necessary to set priorities of development teams to successfully productionize a technology product. Experience in engaging with clients and managing stakeholder relationships. Understand clients roles, needs, and pressures to identify opportunities for innovative product solutions. Collaborate closely with clients to gather requirements and translate them into actionable user stories. Act as the voice of the client within the Agile Scrum team, ensuring products meet client expectations. Strong understanding of Agile Scrum methodologies and product management principles. Ability to understand and translate client needs into actionable user stories and product requirements. Collaborate with the Scrum team to develop and deliver high-quality products. Participate in Agile ceremonies, including sprint planning, daily stand-ups, and retrospectives. Ensure the development team has a clear understanding of the product vision and goals. Strong understanding of Agile Scrum methodologies and product management principles. Strong problem-solving skills and the ability to prioritize tasks effectively. Kn owledge of technical software or background of working with software engineering technologies and principles Understanding of cybersecurity threat and risk management landscape, including the evolving international regulation, policy, framework, and organisational cyber controls response to these threats Artificial Intelligent/Machine Learning (AI/ML) Security and Automation Knowledge of key cybersecurity data sources (e.g. endpoint detection & response, firewall logs, proxy logs, and vulnerability reports), how they are used in AI/ML solutions/metrics and visualisations, how this improves the security posture of the Bank. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Who are we FalconX is a pioneering team of operators, investors, and builders committed to revolutionizing institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX addresses the industrys foremost challenges: Navigating the digital asset market can be complex and fragmented, with limited products and services that support trading strategies, structures, and liquidity found in conventional financial markets. As a comprehensive solution for all digital asset strategies from start to scale, FalconX operates as the connective tissue empowering clients with seamless navigation through the ever- evolving cryptocurrency landscape. We are seeking a highly skilled Senior DevSecOps Engineer to join our team. This role is responsible for embedding security at every stage of our cloud infrastructure lifecycle, with a strong focus on hands-on implementation, automation, and DevSecOps best practices. You will work closely with development, operations, and security teams to ensure our AWS-based environments are secure, compliant, and resilient. Key Responsibilities Cloud Infrastructure Security Design, implement, and maintain security controls within cloud-based systems, focusing on AWS technologies and best practices. Integrate security scanning and compliance checks into CI/CD pipelines to ensure continuous security throughout the development lifecycle. Conduct regular vulnerability assessments and patching of virtual instances using Ansible and other cloud-native tools. Develop and maintain Infrastructure as Code (IaC) using Terraform for IAM, Cloudflare, and AWS components, ensuring security by design. Collaborate with cross-functional teams to embed security controls into development and deployment workflows. Deploy and manage cloud security tools (e.g., AWS Security Hub, GuardDuty, Inspector) to enhance cloud security posture. Automation and Scripting Develop and maintain scripts, tools, and automation workflows to streamline security operations, incident response, and compliance checks. Create and update Ansible playbooks for consistent, automated security configurations across cloud resources. Kubernetes and Container Security Apply foundational knowledge of container security, including best practices for Kubernetes clusters and workloads. Support the secure deployment and management of containerized applications, ensuring Kubernetes environments adhere to security guidelines. Assist with vulnerability scanning, secrets management, and policy enforcement in Kubernetes as needed. Compliance and Best Practices Ensure cloud infrastructure adheres to industry security standards and compliance requirements (SOC 2, ISO 27001, PCI DSS, etc.). Stay up to date with the latest cloud and container security threats, vulnerabilities, and tools, implementing proactive measures to mitigate risk. Collaboration and Documentation Work closely with DevOps and development teams to integrate security practices into the CI/CD pipeline and SDLC. Educate and train teams on secure coding, DevSecOps, and Kubernetes/container security practices. Maintain comprehensive documentation of security processes, configurations, and incident response procedures. Qualifications Bachelor s degree in Computer Science, Information Security, or a related field. 6-8 years of experience in cloud engineering, DevOps, or security engineering, with a strong focus on AWS technologies. Hands-on experience with Terraform, Ansible, and AWS services (EC2, IAM, Cloudflare, Kubernetes, etc.). Proficiency in scripting languages such as Python or Bash for automation and security tooling. In-depth knowledge of cloud security best practices, threat modeling, and common vulnerabilities. Experience with cloud security tools and integrating security into CI/CD pipelines. Foundational knowledge of Kubernetes security and container security principles. Excellent problem-solving skills, attention to detail, and ability to collaborate across teams. Preferred Qualifications AWS Certified Security - Specialty or equivalent cloud security certifications. Experience with advanced Kubernetes security (e.g., network policies, RBAC, Pod Security Policies). Knowledge of compliance frameworks (SOC 2, ISO 27001, PCI DSS, etc.). Notice at Collection and Privacy Policy Applicants located in California and/or applying to a role based in California, please refer to our Notice at Collection and Privacy Policy here . Inclusivity Statement FalconX is committed to building a diverse, inclusive, equitable, and safe workspace for all people. Our roles are intended for people from all walks of life. We encourage all those interested in applying to our organization to submit an application regardless if you are missing some of the listed background requirements, skills, or experiences! As part of our commitment to inclusivity, FalconX would like to acknowledge that the EEOC survey has limited potential responses that you can select. For legal reasons, FalconX must use this language to align with federal requirements, however, we want to ensure that you are able to provide a response to our own voluntary survey questions about your identity that best aligns with your most true self. FalconX is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, national origin, ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, or any other legally-recognized protected basis under federal, state, or local law. Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on FalconX.

Job Description: Value Preposition As a Lead Software Engineer, you work with Tech Managers, Quality analyst, Product owners and cross-functional global teams in a fast-paced and ever-changing environment to understand features and technical implementation. You will be responsible for designing , developing and maintaining solutions with Oracle Financial Services Analytical Application (OFSAA). You will be working on critical modules of OFSAA like KYC, ECM , SAR, CTR Job Details Position Title: Lead Software Engineer Career Level: P3 Job Category: Manager Role Type: Hybrid Job Location: Bangalore About the Team: You will be part of BSA/AML Technology team , a highly skilled with group of engineers, analyst and product specialists focused on developing and managing systems that help detect and prevent financial crime. We collaborate closely with multiple teams to build scalable solution for transaction monitoring , sanctions screening , KYC/CDD and case management. We value precision , accountability, and strong sense of purpose in our work. Whether we are integrating third party tools , building enhanced business solution , everything we do helps protect the integrity of financial system and ensure our customers and regulators are confident of our controls Impact Your focus will be on developing and maintaining software that supports OFSAA functions, including KYC, Case management, CTR , SAR etc. These solutions will help to improve the performance and reliability of our systems. Ultimately you will work to safeguard the financial systems. Key Deliverables Design, develop, test, and deploy software solutions for treasury management, leveraging relevant technologies and programming languages. Design , Configure and implement modules within OFSAA (KYC, ECM , SAR, CTR) Develop ETL process/ data mapping to integrate source system with OFSAA. Should have experience in customizing OFSAA module as per business needs. Support System upgrades , patches, performance tuning. Should have experience in mitigating vulnerability in the application. Should have experience in leading production deployments. Develop and maintain APIs for seamless integration with other financial systems. Provide technical support for the solutions deployed. Interface with other support teams such as network engineers, database administrators to troubleshoot and support. Write clean, well-documented, and maintainable code. Participate in code reviews and contribute to the teams knowledge base. Collaborate with other developers and testers to ensure the quality and reliability of the software. Participate in brainstorming sessions and contribute to the development of new ideas. Develop and execute unit and integration tests to ensure the quality and reliability of the software. Troubleshoot and resolve software issues in a timely manner. Continuously improve the performance and scalability of the software. Skills and Qualification Bachelor s degree in computer science with 8+ years of experience. Experience with FCCM (Financial Crime and Compliance management) Strong SQL and PL/SQL skills. Experience with Oracle Database. Should have hands on experience in OFSAA modules (KYC, ECM , SAR, CTR) Experience in data integration , API integration and performance tuning. Hands on experience in Dev ops tools Relationships & Collaboration The role you will work with cross functionally with Risk , data and enterprise tech team to ensure systems are accurate and scalable. You will need to collaborate closely with Tech teams , Application support and partner with Product/Business teams. experience.

Job Description of Senior Systems Administrator for Infinite Computer Solutions Title: Senior Systems Administrator (E3) Location: Noida, Uttar Pradesh, India Responsibilities: Manage and maintain Windows-based servers and associated services, including Active Directory, DNS, DHCP, RDP, RDS and print services Maintain and manage virtualized infrastructure using VMWare and other virtualization technologies Strong knowledge of windows server patch management using WSUS . Strong knowledge of windows server Vulnerability remediation . Develop and maintain Power Shell scripts to automate routine tasks and improve system efficiency Monitor and troubleshoot server performance, including storage, network, and server-related issues Collaborate with other IT teams to ensure successful delivery of projects Conduct regular security audits and implement necessary changes to ensure system security Provide technical support to end-users as needed Document and maintain system configurations and procedures Requirements: Bachelors degree in computer science or related field At least 6 years of experience in managing Windows-based servers and services, including Active Directory, DNS, DHCP, RDP, and print services Strong experience in managing virtualized infrastructure using VMWare or other virtualization technologies Strong knowledge of windows server patch management using WSUS . Strong knowledge of windows server Vulnerability remediation . Proficient in Power Shell scripting Microsoft Windows Server, Azure Knowledge of network protocols and troubleshooting techniques Familiarity with IT security principles and best practices Excellent problem-solving skills and attention to detail Strong communication and collaboration skills Experience: 6 years.

Total Yrs. of Expserience 5 to 8 years Relevant Yrs. of experience 5 to 8 years Detailed JD (Roles and Responsibilities) Experience in Citrix Xen App and Xen desktop administration, deploy and publish the applications. Experience in Citrix MCS and PVS provisioning. Experience in Citrix NetScaler configurations, Storefront, Profiles, Group policies. Experience upgrades of Citrix versions and vulnerability fixing. Knowledge on Citrix latest versions. Should have good communication and interpersonal skills to communicate with Customer and stakeholder teams (PC Engineering/Security/Network) on support issues. Good to have fair understanding on Windows Servers VMware environment Citrix Xen App Xen desktop administration Knowledge on Windows VMware Basic ITIL process

Have you successfully engineered application security scanning solutions to deliver Cyber Security projectsDo you have experience working in a process-based frameworkDo you have proven ability to solve issues, supporting both technical and process needsAre you motivated to work in a complex, diverse and global environmentWe may be looking for you! We re looking for Cyber Tech engineer to: drive DevSecOps application on-boarding and adoption of Application Security services support application development teams with the triage, analysis and remediation of identified vulnerabilities support Application Security governance and the enhancement of application security testing policies, frameworks and best practices in order to improve application security controls and processes develop creation of security training and enablement across the organization You ll be working in the Cyber Hygiene Tech organization in Pune, India. This is a global team, diverse and collaborative, that works across business divisions to keep our technology, applications and the businesses they support secure. As a tech engineer, you ll play an important role in the adoption of security scanning solutions as part of DevSecOps within in the UBS applications portfolio. You ll partner with development and onboarding teams, CISO and Risk Managers to ensure applications are secure. bachelor s degree in Computer Sciences, Information Technology, or related subject; alternatively an equivalent education or experience in one of these topics a proven track record of overall 5+ years of relevant experience in Application Security Testing, Information Technology, Application Development, or Information Security strong understanding and experience with project planning and execution, application on-boarding or service adoption, and agile delivery hands on experience with Application Security solutions (SAST, SCA, IAST, DAST, API) and vulnerability analysis. Hands on experience with implementing security controls in the CI/CD pipeline strong communication skills and the ability to collaborate with development and project teams, and senior stakeholders

Who are we FalconX is a pioneering team of operators, investors, and builders committed to revolutionizing institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX addresses the industrys foremost challenges: Navigating the digital asset market can be complex and fragmented, with limited products and services that support trading strategies, structures, and liquidity found in conventional financial markets. As a comprehensive solution for all digital asset strategies from start to scale, FalconX operates as the connective tissue empowering clients with seamless navigation through the ever- evolving cryptocurrency landscape. We are seeking a highly skilled Senior DevSecOps Engineer to join our team. This role is responsible for embedding security at every stage of our cloud infrastructure lifecycle, with a strong focus on hands-on implementation, automation, and DevSecOps best practices. You will work closely with development, operations, and security teams to ensure our AWS-based environments are secure, compliant, and resilient. Key Responsibilities Cloud Infrastructure Security Design, implement, and maintain security controls within cloud-based systems, focusing on AWS technologies and best practices. Integrate security scanning and compliance checks into CI/CD pipelines to ensure continuous security throughout the development lifecycle. Conduct regular vulnerability assessments and patching of virtual instances using Ansible and other cloud-native tools. Develop and maintain Infrastructure as Code (IaC) using Terraform for IAM, Cloudflare, and AWS components, ensuring security by design. Collaborate with cross-functional teams to embed security controls into development and deployment workflows. Deploy and manage cloud security tools (e.g., AWS Security Hub, GuardDuty, Inspector) to enhance cloud security posture. Automation and Scripting Develop and maintain scripts, tools, and automation workflows to streamline security operations, incident response, and compliance checks. Create and update Ansible playbooks for consistent, automated security configurations across cloud resources. Kubernetes and Container Security Apply foundational knowledge of container security, including best practices for Kubernetes clusters and workloads. Support the secure deployment and management of containerized applications, ensuring Kubernetes environments adhere to security guidelines. Assist with vulnerability scanning, secrets management, and policy enforcement in Kubernetes as needed. Compliance and Best Practices Ensure cloud infrastructure adheres to industry security standards and compliance requirements (SOC 2, ISO 27001, PCI DSS, etc.). Stay up to date with the latest cloud and container security threats, vulnerabilities, and tools, implementing proactive measures to mitigate risk. Collaboration and Documentation Work closely with DevOps and development teams to integrate security practices into the CI/CD pipeline and SDLC. Educate and train teams on secure coding, DevSecOps, and Kubernetes/container security practices. Maintain comprehensive documentation of security processes, configurations, and incident response procedures. Qualifications Bachelor s degree in Computer Science, Information Security, or a related field. 6-8 years of experience in cloud engineering, DevOps, or security engineering, with a strong focus on AWS technologies. Hands-on experience with Terraform, Ansible, and AWS services (EC2, IAM, Cloudflare, Kubernetes, etc.). Proficiency in scripting languages such as Python or Bash for automation and security tooling. In-depth knowledge of cloud security best practices, threat modeling, and common vulnerabilities. Experience with cloud security tools and integrating security into CI/CD pipelines. Foundational knowledge of Kubernetes security and container security principles. Excellent problem-solving skills, attention to detail, and ability to collaborate across teams. Preferred Qualifications AWS Certified Security - Specialty or equivalent cloud security certifications. Experience with advanced Kubernetes security (e.g., network policies, RBAC, Pod Security Policies). Knowledge of compliance frameworks (SOC 2, ISO 27001, PCI DSS, etc.). Notice at Collection and Privacy Policy Applicants located in California and/or applying to a role based in California, please refer to our Notice at Collection and Privacy Policy here . Inclusivity Statement FalconX is committed to building a diverse, inclusive, equitable, and safe workspace for all people. Our roles are intended for people from all walks of life. We encourage all those interested in applying to our organization to submit an application regardless if you are missing some of the listed background requirements, skills, or experiences! As part of our commitment to inclusivity, FalconX would like to acknowledge that the EEOC survey has limited potential responses that you can select. For legal reasons, FalconX must use this language to align with federal requirements, however, we want to ensure that you are able to provide a response to our own voluntary survey questions about your identity that best aligns with your most true self. FalconX is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, national origin, ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, or any other legally-recognized protected basis under federal, state, or local law. Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on FalconX.

Total Yrs. of Experience 7+ years Relevant Yrs. of experience 5+ years Detailed JD (Roles and Responsibilities) Lead the design and implementation of secure cloud landing zones for AWS, Azure, and GCP, incorporating robust security controls for core services and features. Design and implement hybrid and multi-cloud security solutions that seamlessly integrate public cloud services with traditional hosting and delivery models. Conduct in-depth evaluations of cloud security posture, identify Gaps and establish an actionable roadmap to remediate potential risks. Design and implement cloud security controls across all the security domains (Cloud Workload, Network, Identity, Vulnerability, Governance, Monitoring and Data etc.) within Azure, AWS and GCP. Create Automation scripts using Infrastructure as Code (IaC) tools like Terraform, Ansible, Chef, or Puppet to ensure secure and automated deployments. Oversee the development of automation scripts to streamline security operations, improve system reliability, and enhance monitoring capabilities. Leverage industry best practices (NIST, CIS) to design and implement effective security and compliance frameworks. Keep updated with emerging cloud security trends such as Solutions, Controls, Threats, Vulnerabilities and Compliance standards. Build strong client relationships, understand their business needs, and communicate complex technical concepts effectively. Requirements: Minimum 8+ years of experience in cybersecurity, with at least 4 years in cloud security roles (AWS / Azure / GCP). Design and implement robust, scalable cloud security architecture based on Secure Landing Zone tailored to meet client needs and align with industry standards and compliance frameworks. Deep understanding and hands on experience of cloud security controls and the ability to leverage advanced security tools like CNAPP, CIEM, and CWPP etc. ( PaloAlto Prisma, WIZ, Aqua, Orca, Crowdstrike and etc.) Experience on Azure, AWS and GCP platform, with security controls like CSPM (Microsoft Defender for Cloud / Security Hub), CNAPP, EDR (Microsoft Defender CWPP), Key Vault, DDoS (Azure DDoS/ AWS Shield), Security Groups, VNP, Firewall, SASE, Secure Web Gateway (FrontDoor / AWS WAF) and Serverless Security, etc. Desing and implement cloud security controls across all the security domains (Network, Identity and Access, Vulnerability, Environment Governance, Monitoring and Data Privacy) within Azure and AWS Proficient in frameworks like CSA Cloud Controls Matrix, NIST Cybersecurity Framework, or similar. Hands-on experience in two or more core cloud security domains (e.g., IAM, Network Security, Governance etc.). Knowledge on Compliance Standards like HIPAA, PCI DSS, GDPR, and other relevant regulations. Extensive hands-on experience with tools like Experience in Automation, scripting Cloud Formation/ Terraform, and DevSecOps to secure cloud infrastructure deployment Create and maintain automation scripts to streamline cloud security processes, enhance system reliability, and reduce manual interventions Mandatory skills Cloud security Desired/ Secondary skills Domain Cyber Sec

Design and manage the development of modular, reusable, elegantly designed and maintainable software or solutions that supports the Manufacturing organization as we'll as other Cross Functional strategic initiatives. Participate fit-gap workshops with business providing effort estimates and solutions proposals. Hands on, solution driven and customer focused. Develop and maintain the code repositories for which you are responsible and respond rapidly to bug reports or security vulnerability issues. Embody and integrate software development best practices into your everyday work and inspire others within the engineering community to emulate these practices. Collaborate extensively with your colleagues across Security, Compliance, Engineering, Project Management, Product Management, Product Service Management and Business Management. Enable data needed for frontend applications on AWS or any other cloud platform to support building data lake and manufacturing analytics use cases on top. Driving use cases on real time and near real time analytics, integrations with multiple internal and external systems. Continue support for moving other manufacturing warehousing platforms to the cloud. Ensure delivered solutions adhere to architectural and development standards, best practices, and meet requirements as recommended in the architecture handbook. Ensure designed solutions are aligned with Data and Analytics strategy standards and roadmap. Bring innovations to the solutions and add measurable values to manufacturing business. Work Experience: 4+ years of previous relevant experience. Experience in customer facing IT roles is a plus. Strong data engineering fundamentals in data management, data analysis, back end system design. Strong hands-on exposure in Data Analytics solutions (descriptive, diagnostic, predictive prescriptive) Previous AWS experience is preferred. Previous working experience in manufacturing business for a healthcare company is a plus. Previous working experience with D365 is a plus. Previous working experience in driving AI/ML (including Generative AI) projects is a plus. Familiar with Agile, Disciplined Agile as we'll as Waterfall delivery concepts. Collecting and interpreting requirements as we'll as building supporting solutions to satisfy business requirements.

The purpose of the role is to lead the end-to-end delivery of manufacturing analytics applications that contain GEN AI, AI and/or other advanced analytics components, requires hands on management as we'll as consulting on advanced analytics topics for business customers. Ensure development runs smoothly, drive continuous process improvement, cooperate with various teams along the solution delivery value chain. Support project and solution delivery managers with needed content for meetings and team events. Interact with all relevant stakeholders to ensure successful solution delivery with up to standard designs. Usual stakeholders are: architecture teams, data scientists, DevOps, Security, Integration Factory, Infrastructure teams, Platform support teams, Quality assurance team members as we'll as Product Owners. Major accountabilities: Design and manage the development of modular, reusable, elegantly designed and maintainable software that supports the Quality organization as we'll as strategic initiatives. Be hands on, solution driven and customer focused. Develop and maintain the code repositories for which you are responsible and respond rapidly to bug reports or security vulnerability issues. Embody and integrate software development best practices into your everyday work and inspire others within the engineering community to emulate these practices. Collaborate extensively with your colleagues across Security, Compliance, Engineering, Product Management, Product Service Management and Business Management. Minimum Requirements: 10+ years of prior programming experience in a professional environment, building applications across platforms. Experience in customer facing IT roles Strong data engineering fundamentals in data management, data analysis, back end system design. Preferred experience with Data Analytics solutions Previous experience with AI/GenAI initiatives are a big plus.

Commenda is building the worlds first global business console, allowing multinational businesses to seamlessly comply with regulations everywhere that they operate. With paying customers and real production traffic, reliability is already a top-line business metric. You ll be the first dedicated SRE, setting the vision and hands-on practices that keep our web app, backend services, and critical third-party integrations up and humming even as we scale 10 . This is a high-impact, high-autonomy role: you ll report to the CTO, work shoulder-to-shoulder with every engineer, and have the authority to knock down whatever walls stand between our users and 99.99% availability. What youll do First 90 days: Audit our current infra (AWS, Terraform, Docker, CI/CD) and spin up a pragmatic roadmap for reliability, observability, and incident response. Stand up monitoring & alerting (Prometheus/Grafana, OpenTelemetry, PagerDuty or better tools you champion). Harden CI/CD pipelines and IaC templates so every deploy is boring and reversible. Draft, socialize, and enforce lightweight runbooks; mentor engineers to own their services in prod. Next 12 months: Drive our SLO/SLI program own the numbers, surface them to the org, and course-correct when we drift. Lead game days, post-mortems, and deep-dive root cause analyses that actually change systems & culture. Evolve our capacity-planning, autoscaling, and cost-to-serve models as we land bigger customers. Champion security best practices (least privilege, secret management, vulnerability scanning). Continuously hunt for toil and automate it away think one-click staging envs, zero-touch rollbacks, etc. We care less about your education and work experience and more about culture fit, commitment and drive. This is probably the right role for you if: You read the Site Reliability Engineering book and felt

We are seeking a skilled and detail-oriented Security Testing Engineer to lead and execute security assessments for our flagship product, DvM a cloud-native platform designed for managing fleets of field hardware devices. This role is critical in ensuring the security, integrity, and resilience of our deployments across Linux , Kubernetes , and GridOS environments Work Experience Design and implement comprehensive security testing strategies for the DvM platform. Perform vulnerability assessments, penetration testing, and threat modelling across cloud-native components. Conduct security reviews of Kubernetes clusters, Linux-based deployments, and GridOS-integrated services. Identify and remediate security flaws in APIs, microservices, and containerized workloads. Monitor and evaluate system logs, network traffic, and access controls for anomalies and potential threats. Stay current with emerging security threats, vulnerabilities, and mitigation techniques relevant to cloud-native and IoT environments.

Cybersecurity Engineer with expertise in Embedded Penetration Testing, Reverse Engineering, and Software Security. The ideal candidate will be responsible for identifying security vulnerabilities, performing penetration testing on embedded systems, and ensuring secure software development practices. This role requires a strong understanding of cybersecurity principles, software security, and embedded system security.

5+ years Java development -Java 11- 17 2/3 Years in FO Pricing / Risk / E-trading development Strong JAVA server-side low latency multithreaded development Strong Knowledge of Spring, SpringBoot 5+ years in a Technology position within the Capital Markets industry preferably in FO Ability to work in a fast-paced environment Bachelor s degree in computer science or equivalent Experience with high capacity / low latency infrastructure is a must Nice to Have: Knowledge of BPIPE , BBG SPAI , DAPI, ION , Tradeweb Python, NumPy Working with quant and supporting desk Hands on Senior Java Developer with over 5 years of enterprise development experience Work with multiple business teams including trading and quantitative analysts Provide work estimates as needed Develop system architectures, designs and concepts Maintain and improve code quality using static & dynamic code analyses, security vulnerability scans, code coverage and CI/CD pipeline gating Provide technical guidance and be a technical mentor to the development team Design, build and configure applications to meet business process and application requirements Participate in all phases of software delivery lifecycle from analysis through support Strong JAVA server side low latency skills Self starter, Ability to debug, fix production issues , performance improvement under pressure Expert level UNIX administration skills and ability to script (Shell, Perl, BASH, etc.) Knowledge of version control / source code management tools such as GitHub, standard SDLC, Jenkins etc,

Verisk offers the opportunity to work with advanced technologies, global clients, and hundreds of the most innovative, talented minds in the industry Become a member of our Atmospheric Perils Vulnerability team and join our growing Research and Modeling department in our Hyderabad, India office Use your knowledge of civil engineering and statistics to develop models of extreme catastrophic events (i e , hurricanes, tornadoes, storm surge, flood etc ) and assess building performance in the context of such events This Principal Engineer position is responsible for developing, enhancing and supporting the engineering/vulnerability components of Verisk s atmospheric perils based portfolio risk analysis models that cover worldwide regions, including perils such as straight-line wind from tropical cyclones, severe convective storms and winter storms, hail, snow, and freezing temperatures General responsibilities include identifying the impact that these perils can have on the built environment, including physical damage which can result in monetary loss to buildings/infrastructure, contents, and loss of use (downtime) The candidate will work closely with a team of structural engineers, meteorologists, hydrologists, hydraulic engineers, statisticians, and specialists in financial application of probabilistic risk assessment The candidate is expected to be highly motivated, detail oriented, well organized, and an independent worker and collective team player at the same time with the unique ability to lead research model and development across groups

Job Description: Perform Penetration testing (vulnerability Scans and manual assessments) on a regular basis and to provide remediation to the findings. Accurately identify and perform real-time analysis and eradication of false positives from the tool generated reports Tests the effectiveness of the implemented fixes on applications Creating detailed Vulnerability reports and effective communications to the concerned team Communicate security risks in applications and remediation guides to the development teams effectively Keep track of new vulnerabilities on various aspects Act as a security expert in application development efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices Mandatory Tool Experience: Qualys Guard (VA) HP Fortify (Source Code Review)

JOB SUMMARY - State briefly the principal purpose or focus of the position. Describe the primary function (what must be accomplished) and the major objective (why the function is performed). The Security Administrator will support the administration, monitoring, and continual improvement of our cybersecurity applications and platforms. The individual will play a key role in ensuring the ongoing functionality of existing security tools. The ideal candidate will have a foundational knowledge of cybersecurity principles and a strong willingness to learn and grow into an engineering-focused career path. Administer and maintain cybersecurity platforms (e. g. , SIEMs, EDR solutions, vulnerability scanners, email security gateways, public security scoring sites). Monitor cybersecurity tools and platforms for disruptions, alerts, misconfigurations, and performance issues. Perform basic troubleshooting of platforms and escalate significant issues and incidents to senior security staff in a timely manner. Recommend and assist with functional improvements to existing security solutions. Participate in audits, security reviews, and compliance initiatives as needed. Assist in documenting cybersecurity processes, configurations, and workflows. MINIMUM REQUIREMENTS - List the minimum requirements of skills, knowledge and the type and length of previous experience necessary for an individual to be considered for this position. 4+ years of IT experience 1-2 years of security experience 1-2 years of cloud experience Any experience with basic administration of security tools (e. g. , antivirus/EDR, SIEMs, firewalls, identity management systems). Any experience with encryption technologies and digital certificate management Any experience with security and secrets protection platforms Any experience with incident response activities on Windows and Linux systems Any experience identifying and remediating security vulnerabilities Any experience with running scripts and scripting languages Strong written and verbal communication skills Ability to troubleshoot security problems Ability to properly handle confidential and sensitive information EDUCATION REQUIREMENTS - List the minimum requirements of education and/or certification for an individual to be considered for this position. Bachelor s degree in information systems or comparable experience CompTIA Network+ or Security+ highly desired essential functions - List up to 5 to 8 brief statements which describe the major activities for which the position is accountable. Do not list all individual tasks or steps necessary to achieve the end results, but stress the end result itself. List in order of importance. Monitor various platforms for security design flaws, configuration flaws, and other security related service changes Perform platform configuration updates as required for end-user operation Ensure configurations remain in compliance with security requirements Ensure known vulnerabilities are managed and mitigated in a timely manner Evaluate security implications of current processes, service requests, and proposed changes Respond to security events and participate in investigations Ensure regulatory controls are followed and evidence of violation is maintained for review Maintain current knowledge of security practices Review security bulletins and assess impact ADDITIONAL CHARACTERISTICS - List any additional skills, knowledge or characteristics that are preferred but not essential. Knowledge of NIST, CIS Top 20, and ISO 27001 controls Knowledge of business impact and critical needs for IT services Ability to manage tasks independently and escalate as necessary Ability to work with and coordinate between multiple groups Ability to function in a dynamic environment Ability to manage multiple tasks and meet deadlines Ability to prioritize appropriately Ability to pay attention to detail Desire to learn security best practices and promote security throughout the organization Committed to diversity and inclusion At Manhattan, it s about more than just the work. From cultural celebrations to interest groups to volunteer opportunities, your true self is always welcome here. Our team members backgrounds, experiences and perspectives add to us as a whole and make us unique. We are proudly an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a veteran. In the United States, Manhattan Associates participates in the Employment Eligibility Verification Program (E-Verify) operated by the Department of Homeland Security in partnership with the Social Security Administration. Participation in the E-Verify Program allows Manhattan to confirm the employment eligibility of all newly hired employees after the Employment Eligibility Verification Form (Form I-9) has been completed.

Implement and manage access control measures to ensure only authorized users have access to sensitive information. This involves configuring Entra, Azure IAM, and Azure AD B2C. Secure and manage Microsoft 365 services using the Microsoft Defender. Implement and manage security policies and configurations in Microsoft 365. Implement data protection measures, DLP using Microsoft Purview. Administer and secure Azure environments using Azure Policies. Analyze and act on security recommendations from various Defender for Cloud products. Perform a review of Azure infrastructure and provide security recommendations. Writing automation using various scripting frameworks such as PowerShell, python, and various automation tools. Collaborate with different operations and engineering teams to drive the implementation of various security measures. Formal Education in Cyber Security - demonstrated through certifications. Basic proficiency in different domains of information security, such as Vulnerability Assessments and penetration testing of web and mobile applications, Security principles, Incident Response, BCP DR, Access Control, Network Security, and security operations. Advanced proficiency in securing and managing Microsoft 365 services, including Entra, using the Defender portal. Exposure to Microsoft Purview including AI-Hub, Label, SIT, and DLP policies. Hands-on experience in administering and securing Azure environments using Azure Policies and various Defender for cloud products. Hands-on experience in Azure Networking services like VNET, DNS, NSG, Front Door, Private links, etc. Writing KQL and Graph queries with Strong analytical skills to interpret security data and develop actionable insights. Knowledge of Microsoft Sentinel/XDR, Threat Intelligence and threat-hunting expenses. Understanding of OWAPS Top 10, Zero Trust principle. Experience with Azure Automation, PowerShell, and Python scripting would be an added advantage Experience: 5 to 7 years of experience in information security with hands-on experience with Microsoft Defender and Defender for Cloud Certifications: Preferred to have Microsoft and Azure certifications like AZ-500, SC-200, SC-300, SC-400, SC-100, ISC2 CC (Certified in Cybersecurity) is recommended

You will be responsible for developing and maintaining a robust application security strategy and architecture that aligns with industry best practices and regulatory requirements. The ideal candidate will possess a deep understanding of both AppSec and general cybersecurity principles. Your Day to Day Develop and maintain a robust application security strategy, standards and target state architectures which aligns with industry best practices and regulatory requirements. Be the application security advocate across the organization. Lead discussions and reviews around new technologies, framework enhancements and product reviews. Define and improve application security in the SDLC, ensuring security is prioritized from inception to deployment. Conduct regular security architecture risk assessments and threat modelling to implement effective risk mitigation strategies. Ensure compliance with relevant security standards, regulations, and industry frameworks (eg, PCI DSS, GDPR). Maintain awareness on latest DevSecOps approaches and how they fit into large enterprise organization s AppSec program. Collaborate with software engineers and leadership teams as we'll and cybersecurity teams to integrate security controls throughout the software development lifecycle. Be comfortable interfacing and providing guidance to senior and technical leadership on application security issues/approaches, to achieve the deployment of effective security solutions. What do you need to bring Degree in Computer Science, Cybersecurity, Mathematics, or a related field. 15+ years experience in AppSec, Software/Systems Engineering, and/or Architecture. Expert level understanding of NodeJS, Java, modern web development frameworks and Service Oriented Architecture (SOA). Familiarity with iOS, Android and browser SDK development. Expert level understanding of AppSec scanning tools across SAST/SCA/DAST/IAST/Container Security/API Security/Secret Scanning/Fuzzing in large enterprise environments. In depth knowledge of SDLC, and CI/CD pipelines best practices. Good understanding of SLSA and supply chain security. Expert level understanding of containerized platforms and security best practices. In depth understanding of cybersecurity principles, including cryptography, authentication, web security, vulnerability assessments and threat detection. Desired expertise in various security testing activities, including penetration testing, vulnerability scanning, and code reviews. Working knowledge of major cloud platforms such as AWS, Azure, Google Cloud. Industry certifications (eg, CISSP, CISM, CCSP, or equivalent) are a plus.