538 Vulnerability Management Jobs - Page 12

Need overall AppSec skills (SAST, DAST, Penetration testing) +Mobile app testing skills (Android, ioS). We should look for a candidate who has deep and diverse hands on exp in above skills. Also, The professional is expected to perform the application security activities - Static code assessment/ manual testing including mobile application testing for android and iOS apps.

Overview Exp. - 3-6 Years Location - Hyderabad, Bangalore, Gurgaon, Mumbai Shift - 11 AM - 8 PM Skills - Exp. in Vulnerability mgt., vulnerability scanning tools such as Qualys, Tenable, or Rapid7, Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). About Omnicom Global Solutions Omnicom Global Solutions is an integral part of Omnicom Group, a leading global marketing and corporate communications company. Omnicom’s branded networks and numerous specialty firms provide advertising, strategic media planning and buying, digital and interactive marketing, direct and promotional marketing, public relations, and other specialty communications services to over 5,000 clients in more than 70 countries. OGS India plays a critical role for our group companies and global agencies by providing stellar products, solutions, and services across Creative Services, Technology, Marketing Science (Data & Analytics), Advanced Analytics, Market Research, Business Support Services, Media Services, and Project Management. With over 4000 talented colleagues in India, we are growing rapidly and are looking for professionals like you to help build the next chapter of our journey. Responsibilities Role Overview We have an exciting opportunity for an Analyst, Vulnerability Management at our Hyderabad office. This role is central to maintaining and enhancing Omnicom’s cybersecurity framework by overseeing vulnerability assessments, remediation guidance, and program governance. As a Vulnerability Management Specialist, you will drive day-to-day scanning operations, review security exposures, and ensure that the organization’s attack surface is minimized through proactive analysis and mitigation. You’ll also collaborate on vendor assessments and support strategic improvements to our enterprise vulnerability management program. Key Responsibilities Maintain and operate vulnerability scanning tools and associated processes. Conduct regular scans and assessments of enterprise environments to detect security vulnerabilities. Review findings, prioritize risks, and recommend remediations or security patches in coordination with IT and security teams. Develop and present exception and management reports; track remediation status and escalate unresolved risks. Assist in creating and maintaining quality metrics and dashboards for vulnerability program performance. Monitor vendor and third-party security postures; support governance and compliance protocols. Collaborate with cross-functional teams to support risk mitigation strategies and secure configuration management. Contribute to the evolution of Omnicom’s next-generation vulnerability management and threat detection frameworks. Qualifications Required Qualifications 3–5 years of experience in vulnerability management, information security, or a related discipline. Proficiency with vulnerability scanning tools such as Qualys, Tenable, or Rapid7. Familiarity with patch management workflows and remediation lifecycle practices. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Ability to analyse technical findings, assess business impact, and provide actionable remediation guidance. Effective communication skills with experience in stakeholder engagement and reporting. Detail-oriented with strong problem-solving skills and the ability to work independently or in a team setting. Preferred Qualifications Security certifications such as CompTIA Security+, CEH, or equivalent. Exposure to vendor risk management and third-party security assessment. Experience with ITSM tools and ticketing systems for remediation tracking

Lead/Manage/Perform Security Reviews which includes Cloud Security and Data Security , Threat and Vulnerability Management , Identity and access management , Technology controls, process controls, and governance, risk and compliance elements , IT General Controls. Responsibilities Should manage/ oversee/execute engagements around Cyber Risk and Maturity Assessments, Cyber Strategy, Cloud Security, Data Protection, Third Party Risk Management, Enterprise Architecture reviews. Knowledge on NIST CSF, ISO 27001, ISO 27701, ISO 27017, DPDP Act Experience in financial sector companies like banks, NBFCs and FinTechs Mandatory Skill Strategy and Governance Preferred Skill Cyber Strategy Years of Experience Required 7 10 years Education Qualification Minimum Qualification BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Certifications CISA/CISM/ISO will be added advantage Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred Required Skills Strategy Plan Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Professional Courage

We re seeking a Container Security Engineer to join our EPEO - Security Services team and lead efforts to secure our containerized environments. You will be responsible for designing, implementing, and maintaining security controls across our Docker, Kubernetes, and other container-orchestration platforms. Your expertise will help ensure our development pipelines and production workloads remain resilient against emerging threats in the cloud-native landscape. Bachelor s degree in Computer Science, Information Security, or related field (or equivalent experience). 3+ years of hands-on experience securing containerized applications in production. Deep understanding of Docker and Kubernetes security primitives (Pod Security Policies, RBAC, Network Policies, etc.). Proficiency with container-security tooling and vulnerability scanners. Familiarity with CI/CD systems (Jenkins, GitLab CI, Tekton, etc.) and Infrastructure-as-Code (Terraform, Ansible, CloudFormation). Strong Linux administration skills and knowledge of host hardening best practices. Experience with cloud platforms (AWS, Azure, GCP) and their container services (EKS, AKS, GKE). Solid scripting skills (Bash, Python, Go, etc.) to automate security checks and integrations. Preferred Skills & Certifications Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), or equivalent. Cloud security certification (CCSP, AWS Security Specialty, Azure Security Engineer). Experience with service meshes (Istio, Linkerd) and container networking security. Knowledge of container registry management and image signing (Cosign, Binary Authorization). Familiarity with Linux seccomp, AppArmor, SELinux, and other kernel-level security controls. Prior experience in threat hunting, incident response, or forensics within container environments. Develop and maintain security policies, standards, and best practices for container images, registries, and orchestration platforms (Docker, Kubernetes, OpenShift, etc.). Integrate security scanning and vulnerability management tools into CI/CD pipelines (e.g., Cycode, Mondoo, etc.,). Harden container runtimes, host operating systems, network policies, and cluster configurations against misconfigurations and attacks. Perform threat modelling and risk assessments specific to containerized workloads (e.g., privilege escalations, supply chain risks). Monitor container runtime and orchestration logs for suspicious activities; respond to and investigate security incidents. Collaborate with DevOps, Cloud, and Application teams to embed shift-left security practices and provide training on secure container development. Lead periodic penetration tests, red-team exercises, and configuration reviews of cluster environments. Evaluate and recommend emerging container-security solutions, keeping abreast of CNCF projects and industry trends. Document security architecture, runbooks, and remediation guidelines for engineering teams.

Our Purpose Title and Summary Director, Software Engineering Overview Payment Resiliency develops customer-facing products designed to prevent disruption of payments and ensure uninterrupted commerce for Mastercard cardholders and business partners. A member of the Security Solutions Organization, Payment Resiliency empowers customers with self-service tools to manage on-behalf transaction processing, transaction blocking, and reporting. As Director of Software Engineering, you will play a critical role in the coordination and development of new functionality within the product portfolio. Role Formally lead multiple engineering teams to build, enhance, and support our products Work with business owners while ideating, developing and delivering new services Continuously build a strong network across the company for collaboration on technical and business solutions Recruit and hire the right talent, always bringing in the best individuals available for the role Provide and facilitate timely feedback, coaching in the moment, and mentoring for staff at all levels Emulate and drive Mastercard Way behaviors through their behavior, recognitions, coaching, and employee engagement Provide strategic thinking and leadership related to a wide range of applications and systems, or software-development methodologies Benchmark and drive engineering productivity, quality, and technology policy compliance in the areas of ownership Proactively share and seek knowledge within Guilds/Programs to drive reuse of practices and enhance productivity All About You Substantial IT experience with successful track record in managing a development organization with demonstrated thought-leadership and cross-aisle influence Progressively grown career with proven design and development experiences in modern programming languages, secure coding standards, and vulnerability management Experience with best practices and engineering usage of AI assisted code development leveraging tooling such as Copilot and CodeWhisperer Superior knowledge of automation test development, test suite management, and quality gating to ensure quality code and releases Refined skills in building applications using open frameworks to achieve reuse and reduce development times such as Spring Boot, Steeltoe, React, and DXP Possesses ability to document and coach team on the development practices and coding guidelines such as branching, peer reviews, library use, logging, scanning rules, test-driven development, and error handling Understands and elaborates technical debt and operational issues to drive prioritization discussions with stakeholders to improve the run experience Understands system architecture to plan for platform and infrastructure capacity (database, compute, network, storage) and drives the dependency prioritization to reduce the delivery lead time Understands customer journeys and ensure good customer experience by continuously reducing mean time to mitigate for incidents and ensuring high availability with 99.95% as a starting point Can define, organize, and report on test runs for major, minor, and hotfix releases including unit, component level, system level, customer journeys, past customer issues, and regulatory controls

Information Security Engineer Vulnerability Management Analyst What you will do In this vital role is focused on identifying, assessing, prioritizing, and tracking the remediation of vulnerabilities across the organizations technology stack. The Vulnerability Management Analyst plays a key role in the security operations team by ensuring known vulnerabilities are managed through their lifecycle using structured processes and tools. The individual will analyze vulnerability scan data, correlate threat intelligence (e.g., KEV, EPSS), and work closely with infrastructure, application, and business teams to drive risk-based remediation. Roles & Responsibilities: Analyze vulnerability scan results from tools like Tenable, Qualys, or Rapid7 to identify security weaknesses across infrastructure and applications. Prioritize vulnerabilities using multiple criteria, including CVSS, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), asset criticality, and business context. Partner with IT and DevOps teams to track remediation progress and provide technical guidance on mitigation strategies. Monitor threat intelligence feeds to correlate vulnerabilities with current exploit activity. Create and maintain vulnerability metrics, dashboards, and reports for leadership and compliance teams. Support vulnerability assessment activities in cloud environments (AWS, Azure, etc.). Maintain documentation related to the vulnerability management lifecycle. Assist in policy and process development related to vulnerability and patch management. Participate in audits and compliance efforts (e.g., SOX, ISO, NIST, PCI). What we expect of you We are all different, yet we all use our unique contributions to serve patients. Masters degree and 1 to 3 years of experience in Cybersecurity, vulnerability management or information security operations OR Bachelors degree and 3 to 5 years of experience in Cybersecurity, vulnerability management or information security operations OR Diploma and 7 to 9 years of experience in Cybersecurity, vulnerability management or information security operations Must-Have Skills: Familiarity with vulnerability management tools (e.g., Tenable, Qualys, Rapid7). Understanding of CVSS scoring, vulnerability lifecycle, and remediation workflows. Basic knowledge of threat intelligence and how it applies to vulnerability prioritization. Working knowledge of network, operating system, and application-level security. Ability to analyze scan data and correlate it with business context and threat intelligence. Preferred Qualifications: Good-to-Have Skills: Experience with KEV, EPSS, and other threat-based scoring systems. Familiarity with patch management processes and tools. Exposure to cloud security and related scanning tools (e.g., Prisma Cloud, AWS Inspector). CompTIA Security+ GIAC GSEC / GCIH Qualys Vulnerability Management Specialist (QVMS) Tenable Certified Nessus Auditor (TCNA) Soft Skills: Analytical Thinking Ability to interpret complex data sets and assess risk effectively Attention to Detail Precision in identifying and tracking vulnerabilities and remediation status Communication Skills Ability to communicate technical findings to both technical and non-technical audiences Collaboration & Teamwork Able to work across IT, DevOps, and security teams to drive resolution Curiosity & Continuous Learning Willingness to know the latest with evolving threats and technologies Problem-Solving Approach Capability to identify solutions to security weaknesses in diverse environments

We re seeking a Container Security Engineer to join our EPEO - Security Services team and lead efforts to secure our containerized environments. You will be responsible for designing, implementing, and maintaining security controls across our Docker, Kubernetes, and other container-orchestration platforms. Your expertise will help ensure our development pipelines and production workloads remain resilient against emerging threats in the cloud-native landscape. Bachelor s degree in Computer Science, Information Security, or related field (or equivalent experience). 3+ years of hands-on experience securing containerized applications in production. Deep understanding of Docker and Kubernetes security primitives (Pod Security Policies, RBAC, Network Policies, etc. ). Proficiency with container-security tooling and vulnerability scanners. Familiarity with CI/CD systems (Jenkins, GitLab CI, Tekton, etc. ) and Infrastructure-as-Code (Terraform, Ansible, CloudFormation). Strong Linux administration skills and knowledge of host hardening best practices. Experience with cloud platforms (AWS, Azure, GCP) and their container services (EKS, AKS, GKE). Solid scripting skills (Bash, Python, Go, etc. ) to automate security checks and integrations. Preferred Skills Certifications Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), or equivalent. Cloud security certification (CCSP, AWS Security Specialty, Azure Security Engineer). Experience with service meshes (Istio, Linkerd) and container networking security. Knowledge of container registry management and image signing (Cosign, Binary Authorization). Familiarity with Linux seccomp, AppArmor, SELinux, and other kernel-level security controls. Prior experience in threat hunting, incident response, or forensics within container environments. Develop and maintain security policies, standards, and best practices for container images, registries, and orchestration platforms (Docker, Kubernetes, OpenShift, etc. ). Integrate security scanning and vulnerability management tools into CI/CD pipelines (e. g. , Cycode, Mondoo, etc. , ). Harden container runtimes, host operating systems, network policies, and cluster configurations against misconfigurations and attacks. Perform threat modelling and risk assessments specific to containerized workloads (e. g. , privilege escalations, supply chain risks). Monitor container runtime and orchestration logs for suspicious activities; respond to and investigate security incidents. Collaborate with DevOps, Cloud, and Application teams to embed shift-left security practices and provide training on secure container development. Lead periodic penetration tests, red-team exercises, and configuration reviews of cluster environments. Evaluate and recommend emerging container-security solutions, keeping abreast of CNCF projects and industry trends. Document security architecture, runbooks, and remediation guidelines for engineering teams.

Job Title: Information Security Analyst (InfoSec Analyst) Location: Remote Job Type: Fulltime YoE: 12+ years relevant experience Shift: 2 to 11 pm IST Description: The Information Security Analyst is responsible for the defining, planning, and monitoring of security measures for the protection of computer networks and information. This individual will also be responsible for monitoring and analyzing network security hardware and software and assist in the development and enforcement of network security policies. This position will work within the legal department and report to the Director, Head of the Security, Compliance, & Risk (SCR) department. Duties and Responsibilities: The following duties are normal for this job. These are not to be construed as exclusive or all-inclusive. Other duties may be required and assigned. Defines, maintains, and reports on overall computer network security strategies (Best Practices/Common Practices) with all information assets connected to the Vaco network. Must have the ability to communicate security policies and strategies to people of varying technical ability both verbally and in written format. Monitors operation of, and provides reports on, perimeter security systems such as firewalls, routers, proxy servers, intrusion detection and protection systems. Monitors operation of, and provides reports on, end point security systems such as anti-virus, patch management and vulnerability assessment tools. Monitors operation of, and provides reports on, security information and event management (SIEM) systems. Must have the ability to examine a variety of data sources to correlate events and determine courses of action. Participates in the incident response process when network anomalies are discovered and drives the incident process to completion. Manages relationships and coordinates operational activities between Vaco and external security services providers (e.g., Managed Security Services Providers, Penetration Testers, Solution providers, etc.). Coordinates vulnerability remediation activities and works with the IT operations section to mature the patch management lifecycle based on vulnerability management Service Level Agreements (SLAs) defined by the SCR function. Creates and publishes daily/weekly/monthly/quarterly/annual incident management reports as requested/required. Desired Competencies and Skills: Knowledge of SIEM systems Knowledge of Intrusion Detection Systems/Intrusion Protection Systems Knowledge of networking and firewall appliances Knowledge of Information Security standards (International Organization for Standardization 27000 series, National Institute of Standards and Technology, HITRUST) Knowledge of a variety of vulnerability management solutions Strong verbal and written communication skills. Project management and organizational skills Educational Requirements: Bachelor’s degree in Computer Science, Information Technology, Information Security or Electrical Engineering preferred, with at least two (2) years of experience of Information Security experience. One of the following certifications is required: Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM); GIAC certifications and/or Certified Ethical Hacker (CEH); CompTIA Security+. Any equivalent combination of education, training, and experience which provides the requisite knowledge, skills, and abilities for this job may be considered. Travel Requirements: 10% -Occasional travel to onsite offices or vendor conferences may occur

Job ID: 197283 Required Travel :Minimal Managerial - Yes Location: :India- Pune (Amdocs Site) Who are we Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our approximately 30,000 employees around the globe are here to accelerate service providers migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $4.89 billion in fiscal 2023. In one sentence The Information Security Lead develops, maintains, and publishes required information security standards, procedures, and guidelines per domain of responsibility. Responsible for conceiving and executing forward-looking security systems or processes design, implements programs for user awareness, compliance monitoring, security controls design and implementation. What will your job look like You will maintain the organization's information security effectiveness and efficiency by defining and leading the implementation of security approaches, standards and procedures supporting strategic plans and directions You will lead teams to resolve Information Security challenges. Provide the information security requirements for cross-organization projects and accompany the implementation of the requirements. Utilize deep information security understanding to support internal and external business-related activities, formulate IS solutions based on technical and business requirements. Maintain a detailed knowledge of IS solutions and present them to our customers. You will lead unit level initiatives and ensure competency to meet the needs of the team/ Amdocs /Customers. You will design solutions and formulate response to RFx, create POC/demos, and present IS solutions to customers/corporate stakeholders. Utilize deep technical knowledge of IS products and services to align appropriate solutions based on client need. You will lead and manage Information Security Projects, including (as required) budget and resources, customer relationships, timelines, deliverables, quality and overall management. You will recommend information technology strategies, policies, and procedures by evaluating the organization's outcomes, identifying problems, evaluating trends, and anticipating requirements. You will keep updated with emerging security threats and alerts; conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts; collaborate with other cyber threat researchers. You will be accountable for meeting quality objectives, adherence to best practices, quality processes, and methodologies; lead continuous improvement via Root Cause Analysis, Lessons Learned, and Prevention processes; Track quality KPIs and continuously improve quality and measurements. You will promote clarity and alignment with ongoing, effective communication to the project team regarding the unit s goals and status, project matters, companywide changes, special initiative status, etc.; Strive for strong and healthy working relationships within the team. You will provide technical guidance and training to information owners, other security managers, and IT associates. Information Security Manager functions include: You will lead, manage and mentor teams in specific domains such as risk assessment, cyber technologies, corporate security, PMI, SOC, Penetration testing, security operations, etc. You will attract, develop and retain talent to build and maintain strong, effective and competent teams, and ensure the enhancement of their knowledge. Coach and empower the team and foster an environment that encourages teamwork based on motivation and inspiration. Responsible for HR processes such as recruitment, onboarding, definition of clear goals and objectives, ongoing performance management and feedback, career development, and growth of the team and its members. Manage day to day employee relations. 12. Information Security Expert functions include: You will be the technical expert and leader of certain domains such as IT, Application and GRC. All you need is... 1. 6-7 years of experience in the information security management ecosystem 2. Familiarity with industry standards and frameworks, such as NIST, CIS, ISO 27001, and GDPR. 3. Strong understanding of security best practices, including, vulnerability management, system hardening, patch management, and secure coding. 4. Proven experience working with security tools such as CrowdStrike, InsightVM, Tripwire, WIZ etc. 5. Experience with cloud security platforms (AWS, Azure) and native security services 6. Knowledge of network security principles & solutions, including IAM, firewalls, IDS/IPS, and secure network design. 7. Good team player - an advantage 8. Ability to scale up - for cross-domain security tools Why you will love this job: You will have the influence on many of the security teams in Amdocs and therefor the whole company You will bring the innovation into security teams in Amdocs You will have the independence to design the role as you think and like Amdocs is an equal opportunity employer. We welcome applicants from all backgrounds and are committed to fostering a diverse and inclusive workforce

Skills: Cyber Threat,Threat Detection, Incident Response, Vulnerability Management, Infrastructure Security, Risk-based security, Network Security, Cloud Security

What you will do In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organizations IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e.g., KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organizations security posture through structured vulnerability management processes. Roles & Responsibilities: Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7. Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality. Collaborate with IT and security teams to track remediation status and escalate high-risk findings. Monitor public threat intelligence sources to understand the context of vulnerabilities. Contribute to the development of dashboards and reports for tracking vulnerabilities and trends. Assist in documenting vulnerability management processes and remediation workflows. Support compliance and audit requests by providing vulnerability data as needed. Learn and follow policies related to patch management and secure configurations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelors degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools Must-Have Skills: Basic familiarity with vulnerability management platforms (e.g., Tenable, Qualys, or Rapid7) Understanding of basic CVSS scoring and vulnerability classification Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment Foundational knowledge of networking and common IT systems Willingness to learn and grow in the field of vulnerability management Preferred Qualifications: Good-to-Have Skills: Exposure to KEV, EPSS, or similar threat-based scoring frameworks Basic experience with scripting languages (e.g., Python, PowerShell) Awareness of cloud security tools (e.g., AWS Inspector, Azure Defender) Familiarity with compliance standards such as NIST, ISO, or PCI-DSS CompTIA Security+ (preferred) Tenable Certified Nessus Auditor (Preferred) Qualys Vulnerability Management Specialist (Preferred) Soft Skills: Analytical Thinking Comfortable working with data and identifying patterns Attention to Detail Careful review and tracking of vulnerabilities Communication Skills Able to clearly document and explain findings Collaboration & Teamwork Works well with cross-functional teams Curiosity & Continuous Learning Strong interest in cybersecurity and professional growth Problem-Solving Mindset Seeks practical solutions to real-world security issues

Total Yrs. of Experience 8 10 Years Relevant Yrs. of experience 8+ years of experience Detailed JD (Roles and Responsibilities) JAMF Administrator Support including Server Management and Upgrades., Very good at handling clients, has the experience of working in large engagements, very good in ITIL processes of service management. Deep understanding of MacOS Ventura, Excellent analytical and troubleshooting skills Creation, Support, Implementation, and distribution of Mac OSX Image. Knowledge in Packaging for Mac using BASH Script, Shell Script Pearl Script & JAMF Admin Tools. Hardware & Platform Independent Images using Mac Technology. JAMF Policy & Configuration Profile Creation, Support & Implementation for Mac Imaging. JAMF PPPC Utility ( Privacy Preferences Policy Control (PPPC). Replication of Distribution Points/SMB Shares. Running Reports using Custom Queries, Should have advanced understanding of Policy Management and Policy creation. Developed Custom Mac policies as per the clients requirement. Recommend driver management best practices. ITSM process and tools knowledge (service now) Incident Management, Tracking & Solution for any issues related to the Engineered Solution. Designing & Implementing Enterprise Solutions for Enterprise Customers with Server Support. Provide recommendations for automation and modern endpoint management approaches. Mac OSX vulnerability management (Patch Management) Automatic DEP Enrolment Profile via Script. New / Upgrade / Update OS - Beta / Developer OS Testing. Application Deployment / Application Patches & Met Compliance. Comfortable working in rotation US shifts JAMF 100/200 certified Mandatory skills JAMF, MAC OS

Key Responsibilities: SCCM Administration & Maintenance: Manage and maintain SCCM/MECM infrastructure, including servers, management point, distribution points, and clients. Perform health checks and routine maintenance of SCCM components. Monitor SCCM logs and troubleshoot issues related to deployments, updates, and configurations. Software & Patch Management: Deploy Windows updates, security patches, and third-party application patches using SCCM. Create and manage deployment packages for applications, drivers, and OS images. Ensure compliance with patching policies and update schedules. OS Deployment & Imaging: Configure and manage Windows OS deployment (OSD) using SCCM Task Sequences. Troubleshoot PXE boot, driver injection, and imaging related issues. Client Health & Troubleshooting: Ensure SCCM client health and remediate issues affecting deployments. Troubleshoot application installation failures, patching issues, and SCCM agent problems. Reporting & Compliance: Generate SCCM reports for software deployments, patch compliance, and inventory. Work with security teams to ensure endpoint compliance and vulnerability management. Technical Skills: Strong experience with SCCM/MECM (Current Branch ,2012, or later versions) administration. Handson experience with Software Deployment, Patch Management, and OSD. Good understanding of Windows Server (2016/2019/2022) and Active Directory. Familiarity with Intune, Azure AD, and Modern Endpoint Management. Shifts: 24*7 rotational shifts Qualifications Bachelor s degree in Computer Science, Information Technology, or a related field.

Management Level Senior Manager & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC At PwC , you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purposeled and valuesdriven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC , we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. JOB DESCRIPTION Purpose of the Job /Role Lead/Manage/Perform Security Reviews which includes Cloud Security and Data Security , Threat and Vulnerability Management , Identity and access management , Technology controls, process controls, and governance, risk and compliance elements , IT General Controls. Roles and Responsibilities Should manage/ oversee/execute engagements around Cyber Risk and Maturity Assessments, Cyber Strategy, Cloud Security, Data Protection, Third Party Risk Management, Enterprise Architecture reviews. Knowledge on NIST CSF, ISO 27001, ISO 27701, ISO 27017, DPDP Act Experience in financial sector companies like banks, NBFCs and FinTechs Certifications CISA/CISM/ISO will be added advantage Mandatory Skill Sets Strategy and Governance Preferred Skill Sets Cyber Strategy Years of experience required 10 years Education Qualification Minimum Qualification BE/ BTech Minimum 7 years for Managers Postgraduates in any stream would be preferred (not mandatory) Prior Big 4 experience would be an added advantage Experience in IT Risk Advisory/ Assurance for varied industry segments preferred Excellent communication skills both written and oral Education Degrees/Field of Study required Bachelor of Technology, Master of Business Administration Degrees/Field of Study preferred Required Skills Cyber Risks Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance {+ 16 more} Travel Requirements Government Clearance Required?

Role Responsibilities: A day in the life of an Infoscion • As part of the Infosys consulting team, your primary role would be to actively aid the consulting team in different phases of the project including problem definition, effort estimation, diagnosis, solution generation and design and deployment • You will explore the alternatives to the recommended solutions based on research that includes literature surveys, information available in public domains, vendor evaluation information, etc. and build POCs • You will create requirement specifications from the business needs, define the to-be-processes and detailed functional designs based on requirements. • You will support configuring solution requirements on the products; understand if any issues, diagnose the root-cause of such issues, seek clarifications, and then identify and shortlist solution alternatives • You will also contribute to unit-level and organizational initiatives with an objective of providing high quality value adding solutions to customers. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Work Experience: 2 - 9 years of experience Educational Requirements: Master of Computer Science,MCA,Bachelor Of Computer Science,Bachelor of Engineering,BCA,BTech Additional Responsibilities: Ability to work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data • Awareness of latest technologies and trends • Logical thinking and problem solving skills along with an ability to collaborate • Ability to assess the current processes, identify improvement areas and suggest the technology solutions • One or two industry domain knowledge Technical and Professional Requirements: Technical Requirements: • Primary skills:Domain->Network->Network Security Firewall & Policies,IDAM,IDAM->Cyberark,IDAM->Forgerock,IDAM->Microsoft Identity manager,IDAM->Okta,IDAM->Oracle Access Manager(OAM),IDAM->Oracle Identity Manager(OIM),IDAM->Ping/Federate,IDAM->Sailpoint,IDAM->Saviyant,Technology->Application Security->Application Security - ALL,Technology->Enterprise Mobility Solution->MS Azure AD, MS Azure RMS, MS Intune,Technology->Finacle-Core-Payments->Faster Payment Service->Advance,Technology->Infrastructure Security->Security Incident and Event Management (SIEM),Technology->Network->CISCO technologies,Technology->Network-Firewall_and_Media->Palo Alto Preferred Skills: IDAM,IDAM->Oracle Identity Manager(OIM),IDAM->Oracle Access Manager(OAM),IDAM->Sailpoint,IDAM->Cyberark,IDAM->Ping/Federate,IDAM->Forgerock,IDAM->Microsoft Identity manager,IDAM->Okta,IDAM->Saviyant,Domain->Network->Network Security Firewall & Policies,Technology->Application Security->Application Security - ALL,Technology->Infrastructure Security->Security Incident and Event Management (SIEM)->Splunk,Technology->Network->CISCO technologies,Technology->Enterprise Mobility Solution->MS Azure AD, MS Azure RMS, MS Intune,Technology->Network-Firewall_and_Media->Palo Alto,Technology->Cloud Security->AWS - GRC & responsibilities Preferred candidate profile for HUBLI

Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Primary Skills Expertise in conducting and managing Security baseline scans, including familiarity with tools like Rapid7Nessus/Qualys etc. Strong knowledge of SBC processes and standards such as CIS benchmarks. Experience in reviewing and interpreting SBC results and providing actionable recommendations for Windows or Unix/Linux environments. In-depth knowledge of security configurations, hardening techniques for Windows or Unix/Linux environments. Ability to understand and assess group policies, permissions, patches, and security settings for windows or Unix/Linux platforms. Proficiency in performing risk assessments and understanding the criticality of identified vulnerabilities. Ability to work and collaborate with technical teams to prioritize remediation based on business risk, asset criticality, and exposure to ensure vulnerabilities/SBC controls are remediated promptly and in line with organizational security policies. Strong ability to present scan findings and SBC review results clearly to technical and non-technical stakeholders. Secondary Skills Familiarity with key industry compliance frameworks (e.g., ISO 27001, PCI DSS, HIPAA) and how security baselines relate to compliance requirements. Experience in reviewing and coordinating patch management processes, ensuring that patches are applied in a timely manner while minimizing business disruption. Understanding of the relationship between vulnerabilities and potential incidents, with knowledge of how to collaborate with incident response teams to mitigate threats. Familiarity with network security concepts (e.g., firewalls, IDS/IPS, network segmentation) and how these relate to system vulnerabilities. Understanding of cloud and hybrid environments, and how baseline compliance scans are performed in cloud infrastructures like AWS, Azure etc. Familiarity with ticketing systems (e.g., Jira, ServiceNow) to streamline remediation workflows.

Role: Vulnerability Mgmt Analyst Location: Remote Work timing: UK Hours \ US Hours Overview: We are seeking a detail-oriented and highly skilled Vulnerability Management Analyst to join our cybersecurity team. The successful candidate will be responsible for identifying, analyzing, prioritizing, and remediating vulnerabilities across the organizations IT assets. The role involves leveraging industry-standard tools like Qualys , Tenable Nessus , Rapid7 , and integrating findings into ServiceNow SecOps for streamlined remediation. Key Responsibilities: Perform regular vulnerability scans using tools such as Qualys , Tenable Nessus , and Rapid7 InsightVM . Analyze scan results to identify true positives, prioritize findings based on risk and criticality, and recommend remediation actions. Collaborate with IT infrastructure, application, and network teams to ensure timely patching and mitigation of identified vulnerabilities. Integrate vulnerability data into ServiceNow Security Operations (SecOps) for incident tracking and response coordination. Monitor vulnerability trends and provide risk insights to leadership. Support compliance initiatives and audits by providing reports and evidence of remediation efforts. Maintain documentation for vulnerability management procedures and policies. Assist in developing and improving vulnerability management workflows, processes, and automation. Required Skills & Experience: 3+ years of hands-on experience in vulnerability management or related cybersecurity roles. Strong expertise in using Qualys , Tenable Nessus , Rapid7 InsightVM , or equivalent tools. Familiarity with ServiceNow SecOps or other security orchestration and response platforms. Solid understanding of TCP/IP, operating systems (Windows, Linux), and common network services. Experience with CVSS scoring and vulnerability remediation prioritization. Ability to communicate technical issues to both technical and non-technical audiences. Preferred Certifications (at least one required): CompTIA Security+ CompTIA CySA+ GIAC Enterprise Vulnerability Assessor (GEVA) Nice to Have: Knowledge of regulatory and compliance frameworks (e.g., NIST, ISO 27001, PCI-DSS). Familiarity with scripting (Python, PowerShell) for automation of scanning and reporting tasks. Exposure to SIEM platforms and incident response procedures. Education: Bachelors degree in Information Security, Computer Science, or a related field (or equivalent practical experience). Thanks & Regards: Kanika Katiyar Associate Recruiter Email: kkatiyar@fcsltd.com FCS Software Solutions Limited https://www.fcsltd.com

As an L1 Threat Hunter, you will work closely with SOC analysts and incident responders to identify, analyze, and escalate suspicious activity using a variety of tools and threat intelligence sources.

Urgent Requirement for Vulnerability Management, Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. Ensure organization's cloud infrastructure complies with industry standards Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Vice President - Cyber Security Operations Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a clients needs and budget, and external threat analysis, which provides critical intelligence, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a proven, high energy, results oriented Cybersecurity Operations Leader, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established SecOps Leader, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security posture. This is an opportunity for you to showcase your strong communication skills and experience in SOC operations, security governance & advisory, security risk management, security architecture, and cyber incident response programs. Job responsibilities: Service Delivery Management: Oversee the end-to-end delivery of Managed XDR, Attack Surface Reduction, and Advisory services to clients, ensuring high-quality outcomes and client satisfaction. SOC Operations Leadership: Lead and manage Security Operations Center (SOC) operations, ensuring effective monitoring, incident management, and response processes are in place. Incident & Escalation Management: Take responsibility for escalations arising from security event monitoring, incident management, and response. Ensure timely resolution and process improvements. SLA & Process Compliance: Ensure that service level agreements (SLAs) are met, while also driving process adherence, continuous improvements, and operational excellence. Governance & Metrics: Establish and refine operational foundations, defining key metrics and KPIs to drive governance, quality, and efficiency. Influence operational change to improve performance. Threat Management & Detection: Lead efforts in threat management, modeling, and hunting. Identify threat vectors and develop use cases and detection rules to enhance security monitoring capabilities. Team Training & Development: Ensure that the team’s skill development and training needs are adequately addressed to maintain cutting-edge security expertise. Cybersecurity Maturity & Resilience: Assist clients in identifying potential threats, vulnerabilities, and deficiencies, advising on measures to enhance their cybersecurity maturity and resilience. Solution Design & Communication: Evaluate client needs, create tailored security solutions, and effectively communicate the value proposition of complex security concepts to both technical and non-technical stakeholders. Security Assessments: Plan and execute IT security assessments of on-premise/cloud IT assets. Understand organizational objectives, policies, and regulations to identify risk areas and prepare comprehensive review programs. Stakeholder Communication: Possess strong communication skills to engage with senior management, board members, technical teams, and key client stakeholders to convey complex security concepts effectively. Sales & Proposal Support: Contribute to sales pursuits, proposals, and the development of security practice eminence. Drive business growth through strategic client relationships. Project Delivery: Lead and deliver complex security projects in a fast-paced, team-driven environment. Knowledge Sharing & Collaboration: Foster a collaborative environment by promoting and participating in forums that enhance the firm’s collective knowledge and assist clients with complex challenges. Enterprise Security Leadership: Provide leadership and strategic direction to the organization’s information security initiatives. Cybersecurity Strategy & Technology Update: Regularly update and refine the cybersecurity strategy to incorporate new technologies and emerging threat information. Client Relationship Management: Establish and maintain strong client relationships to further expand the service portfolio and ensure long-term client success. Job specifications: 1. Qualification: A bachelor’s degree in a related field (e.g., Computer Science, Cybersecurity, or Information Technology) and a minimum of 15 years of relevant work experience. Certifications Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA). Cloud security certifications from major Cloud Service Providers (AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect), or Certified Cloud Security Professional (CCSP) / Certificate of Cloud Security Knowledge (CCSK). 2. Desired Skills: Desired Skills & Experience : SOC Expertise: Strong understanding of SOC operations, design, and management. Experience with domain administration, network architecture, and change control procedures. Risk Management Knowledge: Familiarity with IT risk management standards and frameworks, including ISO 31000, NIST Cybersecurity Framework, ISO 27001/27002, GDPR, PCI DSS, SOC 1/SOC 2, COBIT, and HITRUST. Networking & Security Technologies: Knowledge of networking (TCP/IP, OSI model), operating systems (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS), and programming languages (C, Java, Perl, Shell). Threat Landscape Awareness: In-depth understanding of cyber-attacks, threat vectors, risk management, and incident response. Security Solutions Proficiency: Hands-on experience with MDR, EDR, XDR, SIEM, Vulnerability Management, IDS/IPS, NTA, UEBA, DLP, and other security technologies. Penetration Testing Tools: Familiarity with penetration testing and application security tools (Kali Linux, Metasploit, Burp Suite, Nessus, NMAP). Security Frameworks & Methodologies: Understanding of OWASP, the MITRE Attack Framework, Cyber Kill Chain, and the SDLC (Software Development Lifecycle). Cloud Security Expertise: Advanced knowledge of cloud security practices and implementations. Vendor/Partner & Client Management: Strong experience in vendor/partner management, client management, and the ability to lead client relationships effectively. Offerings Development: Ability to research and develop innovative security risk-based offerings that meet client needs. Shaping Client Expectations: Expertise in managing and shaping client expectations throughout engagement cycles.

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Delivery Governance Good to have skills : NA Minimum 18 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Roles & Responsibilities: Expected to be a SME with deep knowledge and experience. Should have influencing and Advisory skills. Engage with multiple teams and responsible for team decisions. Expected to provide solutions to problems that apply across multiple teams, and provide solutions to business area problems. Lead the planning, execution, and monitoring of Security Services projects. Collaborate with cross-functional teams to ensure project success. Provide guidance and mentorship to junior team members. Develop and implement strategies to enhance Security Delivery Governance. Professional & Technical Skills: Must To Have Skills: Proficiency in Security Delivery Governance. Strong understanding of security frameworks and compliance standards. Experience in risk management and mitigation strategies. Knowledge of security technologies and tools. Good To Have Skills: Security certifications such as CISSP or CISM. Additional Information: The candidate should have a minimum of 18 years of experience in Security Delivery Governance. This position is based at our Pune office. A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Governance Good to have skills : Managed Cloud Security Services, Security Information and Event Management (SIEM), Identity Access Management (IAM) Minimum 15 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will lead the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Roles & Responsibilities: Expected to be a SME with deep knowledge and experience. Should have Influencing and Advisory skills. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Expected to provide solutions to problems that apply across multiple teams. Lead the planning and execution of security projects. Provide guidance and expertise on security governance best practices. Collaborate with cross-functional teams to ensure security requirements are met. Professional & Technical Skills: Must To Have Skills:Proficiency in Security Governance. Good To Have Skills:Experience with Identity Access Management (IAM), Security Information and Event Management (SIEM), Managed Cloud Security Services. Strong understanding of security frameworks and compliance standards. Experience in risk assessment and mitigation strategies. Knowledge of security technologies and tools. Excellent communication and leadership skills. Additional Information: The candidate should have a minimum of 15 years of experience in Security Governance. This position is based at our Pune office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role :Security Architect Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills :ServiceNow Governance, Risk, and Compliance (GRC) Good to have skills :Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification :15 years full time education Summary:As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will document the implementation of the cloud security controls and transition to cloud security-managed operations. Your typical day will involve designing and implementing security solutions, collaborating with cross-functional teams, and ensuring compliance with governance and risk management standards. Roles & Responsibilities: Expected to be an SME, collaborate and manage the team to perform. Responsible for team decisions. Engage with multiple teams and contribute on key decisions. Provide solutions to problems for their immediate team and across multiple teams. Design and implement security solutions to protect the organization's cloud infrastructure. Collaborate with cross-functional teams to ensure the security architecture meets business requirements. Ensure compliance with governance and risk management standards. Conduct risk assessments and develop mitigation strategies. Stay up-to-date with the latest security trends and technologies. Provide guidance and support to junior security professionals. Professional & Technical Skills: Must To Have Skills:Proficiency in ServiceNow Governance, Risk, and Compliance (GRC). Good To Have Skills:Experience with Security Architecture Design. Strong understanding of cloud security principles and best practices. Experience in designing and implementing security controls for cloud environments. Knowledge of industry standards and regulations related to cloud security. Familiarity with security frameworks such as ISO 27001 and NIST. Ability to conduct security assessments and audits. Excellent problem-solving and analytical skills. Additional Information: The candidate should have a minimum of 7.5 years of experience in ServiceNow Governance, Risk, and Compliance (GRC). This position is based at our Bengaluru office. A 15 years full time education is required. Qualifications 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : ForgeRock Access Management Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills:- Must To Have Skills:Proficiency in ForgeRock Access Management- Strong understanding of cloud security principles- Experience in implementing security controls in cloud environments- Knowledge of industry security standards and best practices- Hands-on experience with security tools and technologies Additional Information:- The candidate should have a minimum of 5 years of experience in ForgeRock Access Management- This position is based at our Coimbatore office- A 15 years full-time education is required Qualifications 15 years full time education