10 Vulnerability Mitigation Jobs

Please find the Key skills for AppSec Lead - 10-18 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. skill: Vulnerability Assessment,Manual Penetration Testing using OWASP checklists,Penetration Testing,OWASP Top 10,OWASP ZAP,Ethical Hacking,Static/dynamic testing of mobile applications,Vulnerability Mitigation, any Certificates like CISSP, CISA, CISM, CRISC. Educational criteria: B.Sc (IT/CS/Security) / B.Tech/BE in Computer Science,BCA/MCA/MS/MSC/M TECH,ME Those who have relevant experience and Skills, as mentioned above please revert back soon. It's a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us.

Third Party Payroll: BCT Service : BCT Consulting Pvt Ltd.https://www.bct-consulting.com/ Role & responsibilities Client : UBER Total: 2-5 Years Location : BNG/HYD -work from office Notice period : Immediate to 15 Days Rounds of Interviews : 2 Role & responsibilities About the Role: Uber's Security Response and Investigations (SRI) team is the cybersecurity incident response body at Uber. SRI responds to security incidents and mitigates security threats across the company. The SRI team is made of three teams: vSOC (virtual Security Operations Center), Investigations and Automation, and Incident Command. You will be joining the vSOC team. As a Security Analyst on the vSOC team, You will be on the front-line of defense for the Uber Security Incident Response program. You will be handling triage for all security alerts for Uber globally across all environments (cloud, prod, corp). You will build Standard Operating Procedures (SOP) and help improve the incident response program. You will serve as an incident coordinator during high and critical severity incidents. Expect to work weekend shift (Saturday / Sunday) Basic Qualifications: Good understanding of cybersecurity fundamentals. This includes but is not limited to network protocols (e.g. TCP/IP stack) and security, system security, email security, etc. 2+ years of hands-on experience in a cybersecurity role. 1+ year of hands-on experience with security monitoring and response in a SOC environment. Strong problem-solving skills. Good communication skills. Preferred Qualifications: Experience with cybersecurity forensic methodologies and software. Experience driving complex incidents or leading investigations end-to-end. Threat hunting and Automation experience(SOAR/Python). Applied knowledge of cyber intel frameworks such as ATT&CK framework and kill-chain model. Experience working crisis events for a global company. Ability to work across geographically distributed teams. Certifications in Security is a plus.

Hi , As per response to your profile which is uploaded in Job portals. We have an excellent job openings for Application Security-Techno Manager -Mumbai Location in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates.(Apply for only Immediate to 30 days joiners) Job Description: Please find the Key skills for AppSec Lead - 10-18 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. skill: Vulnerability Assessment,Manual Penetration Testing using OWASP checklists,Penetration Testing,OWASP Top 10,OWASP ZAP,Ethical Hacking,Static/dynamic testing of mobile applications,Vulnerability Mitigation, any Certificates like CISSP, CISA, CISM, CRISC. Educational criteria: B.Sc (IT/CS/Security) / B.Tech/BE in Computer Science,BCA/MCA/MS/MSC/M TECH,ME Those who have relevant experience and Skills, as mentioned above please revert back soon. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Mumbai Only Notice Period: Apply only for Immediate to 30 days NP. DOB: Degree: Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

Ability to understand the technical implications and impact of various types of vulnerabilities on servers and applications including remote code execution, elevation of privilege, information disclosure. Ability to assess the risk associated with vulnerabilities, including impact and exploitability Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 3 plus years of experience Experience in vulnerability management, security operations, or a related field with a proven track record of identifying and mitigating vulnerabilities. Practical experience with vulnerability scanning, risk assessment, and patch management processes. Proficiency with vulnerability scanning tools such as Nessus, Qualys, Rapid7 Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Hands-on experience withTenable.SC (or an equivalent VM platform) including administration of Nessus remote and agent-based scans, profile creation and maintenance Skills in prioritizing vulnerabilities based on their severity, potential impact, and the organization’s risk profile, experience with ASM solution

Vulnerability Assessment, Vulnerability Mitigation, Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cyber Security Assessment Consulting, Cybersecurity, Cyber Security Perform comprehensive penetration testing and vulnerability assessments on enterprise networks, firewalls, routers, switches other infrastructure components Identify and exploit vulnerabilities to assess the security posture of network components Provide detailed reports with risk ratings, remediation steps, and security recommendations Work with IT DevOps teams to ensure timely resolution of vulnerabilities Utilize industry-standard tools such as Nessus, Nmap, Metasploit, Burp Suite, Wireshark, Open VAS Implement and manage vulnerability scanning solutions across the organization Collaborate with IT, DevOps security teams to ensure patches and mitigations are applied effectively Conduct security assessments for cloud environments (AWS, Azure, GCP) including configuration audits Identify misconfigurations, privilege escalations security risks in cloud infrastructure Implement continuous monitoring logging solutions for cloud security visibility

Aqua, Vulnerability Assessment, Vulnerability Mitigation - Applicants should possess 7+ years of demonstrated experience in cybersecurity, network engineering, and/or infrastructure engineering 5 of the years must include hands on experience in one or many of the following areas - threat intelligence, server vulnerability management and container vulnerability management - 3 plus years experience administering cloud container vulnerability solutions like Aqua or Wix is required Candidates without this experience will not be considered - 3+ years working with container technologies and container vulnerabilities is required Candidates without this experience will not be considered - Experience with scanning solutions such as Rapid7, Qualys, or Tenable scanning is desired - Understanding of MITRE ATTCK and OWASP frameworks is desired - Understanding of malware and common attack types is desired

Penetration Testing, Manual Penetration Testing using OWASP checklists, Cloud Security Assessment, Security Configuration Review, Vulnerability Assessment, Vulnerability Mitigation, Cyber Security 4 to 6 years of experience conducting Application Security assessments Experienced in conducting Manual and Automated DAST for Web, API Thick client covering OWASP Top 10 Experienced in conducting Manual code review Experienced in Mobile VAPT (Both static and Dynamic) Knowledge of Infra VAPT or at least VA and configuration review Knowledge in Container / Docker security / Cloud Audit is a plus Certifications suck as CEH, CRTP, OSCP is preferred Good communication skills, ability to explain vulnerabilities to business users in simple terms

Lead and manage the AppSec team consisting of L1 and L2 resources. Serve as the primary point of contact between the Bank and the team for all project-related activities. Monitor daily operations, ensure resource optimization, and address any issues that arise during the engagement. Application & Security Review - Oversee the review of application security including web, mobile, API, and other banking applications. Perform comprehensive reviews of Network Architecture, Source Code, VAPT reports, and configuration audits. Review deliverables from L1 and L2 resources, ensuring completeness and quality. Compliance and Risk Management Reporting Stakeholder Management B.Sc (IT/CS) / B.Tech in Computer Science, Information Technology, or related field. CISSP, CISA, CISM, CRISC 10-15 years of experience in Application Security, Network Security, and IT Risk & Compliance, with hands-on expertise in security assessments, process audits, and application reviews. Experience in BFSI is preferred. Skills Vulnerability Assessment, Manual Penetration Testing using OWASP checklists, Penetration Testing, OWASP Top 10, OWASP ZAP, Ethical Hacking, Static/dynamic testing of mobile applications, Vulnerability Mitigation Education - BE/B Tech, BCA,BSC IT/Since, M Tech/ME/MS/MSC/MCA

Hiring for IT MNC Company Vulnerability assessment on ISEC servers, VA report generation, dashboard publishing with daily updates, follow-up with respective stakeholders for closure of open points and update the same to ISEC ISG team Required Candidate profile Experience: 4 +Years Location: Ghansoli/Turbhe Notice Period: 30 Days snehapawar@peshr.com/7021769496

Role Overview: We are seeking an experienced Senior Container Security & Quality Assurance Engineer. The successful candidate will establish comprehensive testing methodologies for security-hardened, minimal container images .