Security Assessments Jobs in Bengaluru

Job Title: Information Security Engineer Location: Bengaluru Company: Altisource (NASDAQ: ASPS) About Altisource At Altisource, we develop cutting-edge technologies and services for the mortgage and real estate industry. We re a trusted partner to 7 of the top 10 U.S. mortgage servicers, operate one of the leading real estate auction platforms, and support a cooperative with over 15% market share in the $1.8 trillion U.S. originations market. If you're passionate about cybersecurity and want to make an impact in a high-growth, tech-driven environment this is the role for you. Position Summary We re looking for a highly motivated Information Security Engineer to support our growing security operations. You will play a vital role in identifying and mitigating security risks across applications, systems, and networks. This role involves vulnerability assessments, code reviews, and automation of security tasks ensuring Altisource remains secure and compliant in a fast-paced environment. Key Responsibilities Conduct vulnerability assessments on applications, networks, and systems. Perform manual verification to reduce false positives and validate security fixes. Communicate identified vulnerabilities and recommend remediation steps to internal teams. Perform secure code reviews and assist development teams in fixing identified issues. Identify and mitigate risks throughout the software development lifecycle. Leverage commercial and open-source tools for vulnerability detection (e.g., Qualys, Nessus, Burp Suite). Assist in internal penetration testing initiatives. Develop internal tools and automate security tasks, leveraging AI where applicable. Stay updated on the latest threats, tools, and best practices in cybersecurity. Create detailed assessment reports and present findings to technical and non-technical stakeholders. Train and mentor team members on vulnerability management processes and tools. Required Qualifications Bachelor s degree in Computer Science, Engineering, or a related field. 3 to 5 years of hands-on experience in information security or related roles. Relevant certifications such as CEH, GIAC, or similar. Solid experience in: Network vulnerability assessments Application scanning and secure code review Windows, Linux, and Unix operating systems Familiarity with OWASP tools, methodologies, and security best practices. Strong communication skills both written and verbal. Preferred Skills Experience with tools like: Qualys, Nessus, Nexpose, SAINT Burp Suite Pro, HP WebInspect Static analysis tools (e.g., IBM AppScan Source, Fortify) Proficiency in one or more programming languages: Java, C, C++, .NET (C#, VB). Experience delivering training or presenting technical content to teams. Background in technical writing or web development is a plus. Be part of a team securing technologies used by top players in the mortgage and real estate space. Work with modern tools and frameworks. Enjoy a collaborative environment that supports innovation, growth, and learning. Qualification : Bachelors degree in Computer Science, Engineering, or a related field

Position: Security Engineer-2 Location: Bengaluru Employment Type: Full-Time Department: Engineering Job Description: We are seeking a proactive and skilled Security Engineer-2 to identify vulnerabilities, collaborate with development teams on mitigation strategies, and promote secure coding practices within the organization. You will play a critical role in ensuring the security and resilience of our products against emerging threats. Key Responsibilities: Conduct in-depth security assessments of products to discover vulnerabilities and demonstrate their exploitability and risk impact. Stay updated on emerging vulnerabilities and threats relevant to our products through independent research. Collaborate with developers to develop and implement mitigation and workaround plans according to security policies. Lead threat modeling and secure design review sessions with development teams to identify threats and define mitigation strategies. Conduct workshops to educate developers on threat modeling and secure coding principles. Prioritize and ensure mitigation of critical security defects during development sprints. Integrate and automate Static Application Security Testing (SAST) within the DevOps pipeline. Advocate and propagate secure coding principles across the development community. Serve as the primary point of contact for developers on critical secure development issues. Develop and deliver security training programs and technical workshops for developers and QA teams. Promote security awareness through tech talks and other knowledge-sharing activities. Required Qualifications and Skills: Strong knowledge of common vulnerabilities such as Cross-Site Scripting (XSS), SQL Injection, Cross-Site Request Forgery (CSRF), cryptographic weaknesses, and code injection. Proficiency in programming/scripting languages like Java, Ruby, and Python. Experience with cloud technologies and services. Ability to automate security testing processes and improve assessment productivity. Excellent communication skills to articulate security risks to both technical and non-technical audiences. Familiarity with industry-standard threat modeling, risk assessment, and vulnerability classification methodologies. Experience conducting white-box and grey-box security assessments, including architectural and API analysis. Knowledge of Secure Software Development Lifecycle (S-SDLC) and CI/CD integration. Bachelor s degree in Computer Science, Electrical Engineering, Computer Engineering, or equivalent experience in software engineering or security. Minimum 3 years of experience in application security or related security assessment roles. Deep understanding of attack vectors, exploits, and mitigation techniques, including chained attacks. Experience with languages such as Java, Go, Python, or Node.js (knowledge of multiple is a plus). Experience assessing cloud-native services, service meshes, and Kubernetes-based microservices. Strong problem-solving skills, able to think both offensively (like a hacker) and defensively (product security evaluation). Ability to learn new technologies and apply unconventional thinking to complex security challenges. Qualification : Bachelors degree in Computer Science, Electrical Engineering, Computer Engineering, or equivalent experience in software engineering or security

Job Title: General Manager Network Infrastructure & Security Location: Bangalore Department: IT and Systems Employee Type: Permanent Experience Required: 10 20 years Job Summary We are seeking a seasoned and strategic IT Infrastructure and Cybersecurity Leader to oversee and drive the company s enterprise-wide infrastructure and security initiatives. This role is responsible for developing and executing the vision, strategy, and programs to ensure the availability, performance, and security of our IT systems and data. The ideal candidate will work closely with executive leadership to align technology and security efforts with organizational objectives and risk tolerance. Key Responsibilities IT Infrastructure Management Lead the planning, implementation, and management of core IT infrastructure including networks, servers, cloud platforms, storage, and enterprise systems. Ensure high availability, performance, and scalability of IT infrastructure to support business operations. Oversee disaster recovery and business continuity strategies to mitigate operational risk. Manage vendor relationships, contracts, and Service Level Agreements (SLAs). Monitor system performance and continuously implement efficiency improvements and optimizations. Cybersecurity Leadership Establish, implement, and maintain cybersecurity policies, procedures, and standards across the organization. Conduct regular risk assessments, vulnerability scans, and implement corrective actions. Oversee security tools and solutions, including firewalls, antivirus, endpoint protection, SIEM, and intrusion detection systems. Lead incident response efforts, forensic investigations, and post-event reviews. Ensure compliance with relevant cybersecurity and data privacy regulations (e.g., ISO 27001, GDPR). Leadership & Cross-functional Collaboration Lead, mentor, and manage a team of IT infrastructure and security professionals. Collaborate with stakeholders across departments to align IT and cybersecurity strategies with business goals. Provide executive-level reporting on infrastructure performance, risk posture, incident management, and compliance metrics. Drive a culture of cybersecurity awareness and operational excellence throughout the organization. Qualifications & Experience Education: Bachelor s degree in Computer Science, Information Technology, or a related field. Master s degree preferred. Certifications (Preferred): CISSP, CISM, CISA, or equivalent professional certifications. Experience: 18+ years of progressive experience in IT infrastructure, cybersecurity, and risk management. Deep knowledge of security frameworks such as ISO/IEC 27001 and regulatory standards like GDPR. Proven experience in formulating and implementing enterprise-wide security policies and managing dynamic IT environments. Key Skills: Strategic planning & execution Project & vendor management Security architecture and governance Cross-functional collaboration & stakeholder communication Managing Security Operations Centers (SOC) Preferred Skills & Competencies Strong analytical and problem-solving skills to align business needs with technology solutions. Experience in documenting and executing security architecture and strategic plans. In-depth knowledge of IT networks, infrastructure systems, and cloud environments. Ability to communicate technical concepts to both technical and non-technical audiences, including C-level stakeholders. Qualification : Bachelors degree in Computer Science, Information Technology, or a related field

Job Title: Cloud Architect SRE Location: Bangalore, India Shift: Rotational Shift Overview At Aptean, we build tailored ERP solutions that power transformation across industries from food production to manufacturing. In a world of generic enterprise software, our targeted products stand apart, delivering measurable results. With over 50 products, 3,000+ employees, and a global customer base, now is the perfect time to grow your career with us. About the Role We are looking for a highly skilled Cloud Architect SRE with deep expertise in Amazon Web Services (AWS) to lead the design, implementation, and management of cloud infrastructure. You ll play a pivotal role in defining our cloud strategy, enhancing system reliability, optimizing performance, and ensuring high availability and security across environments. Key Responsibilities Cloud Architecture & Strategy Design scalable, secure, and resilient AWS cloud architectures. Define and maintain architectural standards, templates, and best practices. Drive cloud governance, including IAM, PIM/PAM, and policy enforcement. Infrastructure & Automation Manage and troubleshoot AWS IaaS and PaaS services. Expertise in Windows Server OS, DNS, DHCP, RDWeb, and domain controllers. Implement automation and scripting for reporting, inventory, and orchestration. Optimize cloud resources for performance, reliability, and cost efficiency. Security & Compliance Implement AWS security controls including IAM, encryption, and network protection. Ensure compliance with frameworks like SOC2, BUPA, and internal policies. Conduct regular security assessments and resolve vulnerabilities. Cost Optimization Analyze and reduce cloud costs using AWS Cost Explorer, Trusted Advisor, etc. Leverage reserved and spot instances, right-sizing, and efficient resource management. Documentation Create and maintain detailed documentation including architecture diagrams, SOPs, and technical guides. Qualifications Education: Bachelor s degree in Computer Science, Information Technology, or a related field. Experience: 5+ years of hands-on experience designing and deploying AWS cloud architectures. Proven experience with AWS services such as EC2, S3, VPC, IAM, RDS, and CloudFormation. Proficiency with Infrastructure as Code (Terraform, CloudFormation). Strong understanding of networking protocols and DevOps principles. Certifications (preferred): AWS Certified Solutions Architect Professional AWS Certified DevOps Engineer Professional Soft Skills: Strong analytical and troubleshooting abilities Excellent communication and team collaboration Proactive and self-driven with the ability to work independently If you're passionate about solving complex technical challenges and shaping the future of cloud infrastructure, Aptean is the place for you. Our culture values diversity, inclusion, and collaboration where every voice matters and innovation thrives. Diversity & Inclusion at Aptean Aptean is committed to fostering a diverse, inclusive workplace. We celebrate differences in race, gender identity, sexual orientation, religion, disability, age, and background believing that diverse teams drive innovation and better results for our customers. Qualification : Bachelors degree in Computer Science, Information Technology, or a related field.

Cyber Security Analyst Bangalore, India Location: Bangalore (Bengaluru) Experience: 4 to 12 Years Industry: IT Security / Cybersecurity Job Summary: We are seeking a highly skilled Cyber Security Analyst with advanced knowledge in cybersecurity principles, risk assessment, and threat prevention. The ideal candidate will have hands-on experience with security tools, network defense, vulnerability assessments, and malware analysis to safeguard our organization s digital assets. Key Responsibilities: Analyze and mitigate cyber and IT security risks using advanced techniques and best practices Conduct vulnerability assessments and penetration testing across networks, platforms, and applications Utilize scripting and programming languages such as Python, PowerShell, Perl, HTML, and JavaScript for automation and security analysis Monitor network security devices including firewalls, proxies, NIDS/NIPS, and respond to security incidents Perform dynamic and static malware analysis and memory forensics to identify and counter threats Conduct reverse engineering of malware and apply countermeasures based on adversary tactics and protocols Apply in-depth knowledge of network protocols, network security monitoring, and incident response Ensure compliance with security standards and frameworks Collaborate with cross-functional teams to implement security improvements and ensure robust defense mechanisms Required Skills & Qualifications: Minimum 4+ years of professional experience in cybersecurity or related IT security roles Advanced understanding of cyber threats, risk management, and prevention techniques Proficiency in security system analysis, network security, and vulnerability assessment tools Experience with malware analysis, penetration testing, and reverse engineering Strong programming/scripting skills in Python, PowerShell, Perl, or similar languages In-depth knowledge of security standards, protocols, and industry best practices Hands-on experience with network security monitoring and defense technologies Preferred Certifications: Technical cybersecurity certifications from recognized bodies such as SANS, ISACA (CISA, CISM), (ISC) (CISSP), CompTIA Security+, Cisco (CCNA Security), CERT, or equivalent Work in a challenging role protecting critical digital infrastructure Collaborate with a talented cybersecurity team to combat evolving threats Access to continuous learning, professional development, and certification opportunities

Join Our Team as a Security Engineer Location: Bengaluru, India (On-site) Department: Global Information Security Reports to: Director of Information Security APAC At Cytiva, we are dedicated to advancing future therapeutics from discovery to delivery. As part of our Global Information Security Team, you ll work at the forefront of securing the systems, applications, and infrastructure that power critical healthcare solutions. Join us and play a key role in designing and implementing secure, resilient systems that ensure business continuity and safeguard our digital assets. What You Will Do Secure Architecture Design: Assist in developing and implementing secure architecture solutions for systems, applications, and infrastructure. Threat Modeling & Risk Assessment: Perform threat modeling and support security risk assessments to proactively identify vulnerabilities and mitigate potential threats. Design Reviews: Participate in security design reviews for applications and infrastructure across various environments, ensuring security best practices are followed. Security Technology Implementation: Deploy and manage enterprise security technologies, including Identity and Access Management (IAM), Data Loss Prevention (DLP), and Mobile Device Management (MDM). Regulatory Compliance: Ensure alignment with regulatory compliance and audit requirements, supporting the organization in maintaining secure, compliant systems. Who You Are Education: Bachelor s degree in Computer Science, Information Security, Cyber Security, or a related discipline. Experience: At least 5+ years of experience in security engineering or architecture, including expertise in threat modeling, risk assessment, and security architecture principles. Security Technologies: Hands-on experience with security technologies such as IAM, SIEM, EDR, DLP, and MDM. Cloud Security: Familiarity with cloud technologies (e.g., AWS, Azure, GCP) and cloud security best practices. Regulatory Compliance: Experience with frameworks and regulatory standards such as ISO 27001, NIST, and CIS Controls. Travel, Motor Vehicle Record & Physical/Environmental Requirements Travel: Ability to travel globally up to 10% of the time to support regional and global security initiatives. It Would Be a Plus If You Also Have: Experience conducting security design reviews for infrastructure, applications, and cloud environments. Expertise in implementing security standards and secure design patterns in alignment with frameworks like ISO 27001, NIST, and CIS Controls. Experience providing technical security advisory support to project teams, ensuring compliance with security and regulatory standards. Impactful Work: Your role directly influences the security and reliability of life-saving healthcare solutions used around the globe. Global Collaboration: Work with a diverse, dynamic, and global team of security experts dedicated to making a real difference. Career Development: Take advantage of opportunities for professional growth and continuous learning in a rapidly evolving industry. Apply now and join a global leader in advancing therapeutics and securing tomorrow s healthcare technologies. Qualification : Bachelors degree in Computer Science, Information Security, Cyber Security, or a related discipline.

Job Title: Lead Systems Software Engineer Location: Bengaluru, Karnataka, India (On-Site) Team Overview: Join our Application Security team at Cloud Software Group, where we focus on protecting web applications and services from security threats. As a part of this passionate team, you will engage in application layer attack protection, threat intelligence, and the mitigation of OWASP attacks. We are highly focused on emerging security trends and delivering cutting-edge solutions to defend against advanced cyber threats. Job Description: As a Lead Systems Software Engineer, you will be responsible for implementing, configuring, and maintaining Web Application Firewalls (WAFs) to safeguard web applications and services. This role involves identifying security threats, performing security assessments, and collaborating with cross-functional teams to ensure security best practices are followed throughout the development lifecycle. Key Responsibilities: WAF Implementation & Maintenance: Implement and maintain Web Application Firewalls (WAFs) to protect web applications and services from security threats, including bot attacks. Security Policies & Rules: Develop and manage security policies and rules for WAFs to ensure the prevention of OWASP-Top-10 vulnerabilities, unauthorized access, data breaches, and other security incidents. Security Assessments & Penetration Testing: Conduct security assessments and penetration testing of web applications and services to identify vulnerabilities and recommend remediation measures. Collaboration: Work closely with other security teams and developers to ensure security best practices are integrated into the design, development, and maintenance of web applications and bot management systems. Emerging Threats Awareness: Stay informed on the latest security threats, technologies, and best practices to continually improve the security posture and protect against evolving threats for WAF and API. Incident Response: Participate in incident response and investigations as needed to identify the root cause of security incidents and implement corrective actions to prevent recurrence. Continuous Improvement: Lead initiatives to improve processes, systems, or products to enhance job area performance. Address complex security problems by considering multiple issues across various specialties. Qualifications: Education: Bachelor s (BE/B.Tech) or Master s degree in Computer Science, Information Security, or related fields, or equivalent work experience. Experience: 9-11 years of experience in network protocols (TCP, UDP, HTTP, DNS, SSL/TLS) and web application security, with a focus on WAFs and bot mitigation. Technical Expertise: Experience with industry-leading WAFs such as Citrix NetScaler AppFirewall, Imperva, ModSecurity, or F5 BIG-IP ASM. Proficiency in C, C++, and scripting languages like Python and Perl. Analytical Skills: Strong problem-solving abilities with a demonstrated capacity to identify and respond to security threats quickly. Communication Skills: Excellent verbal and written communication skills with the ability to collaborate effectively across teams and with stakeholders. About Us: Cloud Software Group is one of the largest cloud solution providers globally, serving over 100 million users. Our suite of cloud-based products powers productivity and collaboration, enabling real work to get done from anywhere. We value passion for technology, risk-taking, and innovation. If you re ready to be part of a company on the brink of transformative growth, now is the perfect time to join us. We are committed to Equal Employment Opportunity (EEO) and compliance with all applicable laws, ensuring a diverse and inclusive workplace for all. This position is ideal for individuals passionate about cybersecurity and looking to be at the forefront of web application protection and security innovations. Qualification : Bachelors (BE/B.Tech) or Masters degree in Computer Science, Information Security, or related fields, or equivalent work experience.

Job Title: Senior Systems Software Engineer Location: Bengaluru, Karnataka, India Team Overview: Join a team of Application Security experts at Cloud Software Group, where we focus on securing web applications and services. Our team is passionate about application layer attacks, protection mechanisms, threat intelligence, and protecting against OWASP threats. We re constantly evolving, staying at the forefront of emerging security trends. Job Description: As a Senior Systems Software Engineer, you will be responsible for implementing, configuring, and maintaining Web Application Firewalls (WAFs) to secure web applications and services from potential threats, including bot attacks. This role involves ensuring the effective operation of WAFs to prevent common vulnerabilities and unauthorized access, conducting security assessments, and collaborating with other security and development teams to enhance the security posture of our web applications. Key Responsibilities: WAF Implementation & Maintenance: Implement, configure, and maintain Web Application Firewalls (WAFs) to protect against security threats like OWASP-Top-10 vulnerabilities, unauthorized access, data breaches, and bot attacks. Security Policy & Rule Development: Develop and manage security policies and rules for WAFs to enhance their effectiveness in preventing security incidents. Penetration Testing & Security Assessments: Perform security assessments and penetration testing of web applications and services to identify vulnerabilities and recommend remediation actions. Collaboration: Work closely with other security teams, developers, and stakeholders to ensure security best practices are followed in the design, development, and deployment of features for web applications and bot management. Stay Updated on Security Trends: Keep informed about emerging security threats and technologies, continually improving security mechanisms to safeguard against new threats for WAF and API. Incident Response: Participate in incident response and investigations to understand the root cause of security breaches and implement corrective actions to prevent future incidents. Process Improvement: Lead initiatives for improving processes, systems, and products to optimize the performance and effectiveness of security measures. Qualifications: Education: Bachelor's (BE/B.Tech) or Master s degree in Computer Science, Information Security, or related fields, or equivalent professional experience. Experience: At least 5 years of experience working with network protocols like TCP, UDP, HTTP, DNS, SSL/TLS, and web application security, particularly in WAF and bot mitigation. Technical Skills: Proficiency with industry-leading WAF solutions like Citrix NetScaler AppFirewall, Imperva, ModSecurity, or F5 BIG-IP ASM. Experience in programming languages such as C, C++, and scripting languages like Python or Perl. Problem-Solving Skills: Strong analytical and problem-solving abilities to identify, assess, and mitigate security threats quickly. Communication & Collaboration: Excellent communication skills, with the ability to effectively collaborate with stakeholders across teams. About Us: Cloud Software Group is one of the world s largest providers of cloud solutions, empowering more than 100 million users globally. At Cloud Software Group, we re building the future of work, enabling people to get things done from anywhere. Our team thrives on passion for technology, embracing the courage to take risks and innovate. We re on the brink of another significant leap in technology evolution and we need experts like you to help us get there. If you're passionate about cybersecurity and eager to drive innovations, this is the perfect time to join us and be part of something transformative. Qualification : Bachelor's (BE/B.Tech) or Masters degree in Computer Science, Information Security, or related fields, or equivalent professional experience.

Technical Consultant - Security Intel & Operations Consulting Services Location: Bangalore, Karnataka, India Job Type: Full-Time Experience Level: Senior Introduction: At IBM Consulting, we believe that work is more than just a job it's a calling. In the role of Technical Consultant - Security Intel & Operations, you will be part of our Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to both public and private sector clients across the globe. Our team helps clients to innovate, adopt new technologies, and improve their security posture. Your Role and Responsibilities: As a Senior SOC Analyst working within the 24/7 Cyber Fusion Center (CFC), your role will involve the proactive monitoring, triaging, analyzing, and escalating incidents in client environments. You will be tasked with utilizing various cyber operations tools and technologies to analyze data, detect security threats, and mitigate risks. Your expertise will contribute to maintaining the security integrity of client systems and ensuring efficient incident response. Key Responsibilities: Incident Monitoring & Analysis: Monitor and analyze security events using various cybersecurity tools like SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to detect potential threats and mitigate risks. Perform event correlation using multiple data sources to understand the nature of security incidents and determine their impact on client environments. Threat Detection & Mitigation: Analyze alerts to identify active threats, perform root cause analysis, and apply appropriate mitigation techniques for both structured and unstructured environments. Evaluate security incidents across AWS and Azure environments, analyzing system, network, and email security events. Proactive Cybersecurity Measures: Conduct root cause analysis of security events and recommend actions to address vulnerabilities. Contribute to the development and constant improvement of SOC runbooks and playbooks to optimize security operations. Collaboration & Reporting: Work closely with cross-functional teams to escalate critical incidents and provide daily summary reports on activities relevant to cyber operations. Lead discussions on incident trends, perform cyber operations trend analysis, and report on findings to ensure continuous security enhancement. Continuous Improvement: Recommend improvements to automations, alert fidelity, and security controls to improve security efficacy and response time. Engage in team meetings, calls, and chats, contributing technical insights to enhance security strategies and tactics. Required Education and Experience: Education: Bachelor s Degree in Computer Science, Information Technology, Cybersecurity, or related fields. A Master s Degree is preferred but not required. Experience: Extensive experience working as a SOC Analyst or similar cybersecurity roles, especially in a 24/7 security operations center environment. Proficient in event analysis, log analysis, and network event management. Hands-on experience with cloud environments such as AWS and Azure, with a focus on cybersecurity threats and mitigations. Solid understanding of TCP/IP network security, modern attack techniques, exploitation methods, and operating system security. Preferred Technical and Professional Experience: Security Tools & Platforms: Experience with CyberArk, Azure SSO, and other enterprise security technologies. Knowledge of enterprise web technologies and cutting-edge security infrastructures. Familiarity with security automation tools and best practices for improving alert fidelity and security controls. Advanced Event & Threat Analysis: Proven ability to perform high-quality triage and in-depth analysis of security alerts. Experience in documenting incidents and escalating critical issues with appropriate cyber operations reports. Communication & Collaboration: Strong verbal and written communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders. Ability to actively contribute to team discussions, runbook creation, and security playbook updates. Global Impact: Join a globally recognized team working at the forefront of cybersecurity, helping to shape the future of digital security. Career Development: IBM offers a strong focus on professional growth, offering learning opportunities, certifications, and exposure to the latest security technologies. Collaborative Culture: Be part of a collaborative and dynamic team, working together to tackle the most pressing security challenges faced by businesses around the world. If you are ready to contribute to the security and resilience of leading global organizations, we invite you to apply and be a part of our forward-thinking security team at IBM Consulting. Qualification : Bachelors Degree in Computer Science, Information Technology, Cybersecurity, or related fields.

Job Title: GRC Specialist Location: Bangalore (On-site; full-time) About Locus: At Locus, we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastogi and Geet Garg, Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform. Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers. Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: About the Role Governance Risk and Compliance Specialist (GRC Specialist) We're looking for a candidate with 2-4 years of relevant experience. Key Responsibilities: Define, implement, and maintain the Information Security Management System (ISMS) and Privacy Information Management System (PIMS). Plan and execute periodic risk assessments. Work directly with the business units to facilitate risk assessment and risk management processes. Define, Review and Maintain the organizational information security policies, processes, procedures and control framework to ensure it is adequate to address the emerging risks due to changing environment, technology and legal requirements. Align customer and internal information security objectives to the ISMS and PIMS. Monitor and fulfill client contractual (MSA) information security and privacy obligations. Monitor and fulfill legal obligations related to protection of personal information across different jurisdictions like GDPR, CCPA. Prepare metrics based periodic reports and dashboards with support from the stakeholder functions for management review. Liaise with security vendors, suppliers, service providers and external resources for new security tools for improving security. Lead the Information Security audits / assessments / remediation and present key risks to the management. Perform the Third party Risk Assessment of Critical Vendors. Conduct Information Security and Privacy awareness and training programs for the employees as part of their induction and regular awareness. Oversee information security and privacy incident management process for incident reporting, containment, resolution and root cause analysis. Plan and coordinate BCP and DR tests. Setup guidelines for secure coding practices. Recommend security and privacy controls based on people, process and technology approach and industry best practices. Identifying solutions or writing automation scripts for solving regular tasks or optimizing processes. SOC Monitoring Activities such as. Firewall, Vulnerability, Inspector, Guarduty etc. Log Review, Incident Handling & Compliance adherence. Qualifications: Good understanding of information security compliance requirements like ISO27001, SOC2, CSA STAR and Privacy requirements like BS10012 & ISO27701. Good understanding of legal obligations towards protection of personal information across different jurisdictions like GDPR, CCPA, etc. Experience in creating and auditing security and privacy best practices and implementation of security and privacy principles across organization, to meet business goals along with customer and regulatory requirements. Experience implementing security and privacy controls for cloud platforms like AWS, Azure. Experienced in solving Audit and Regulatory Issues. Experience in auditing MDM, SSO solutions, AWS (Cloud Infra), Firewall, WAF, DLP etc. Good at solving information security compliance challenges by recommending solutions and best practices. Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

Job Title: Security Engineer - II Location: Bangalore (On-site; full-time) About Locus: At Locus, we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastogi and Geet Garg, Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform. Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers. Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: Key Responsibilities: Conduct comprehensive threat modeling for applications, cloud infrastructure, and overall systems architecture. Perform secure code reviews and security assessments for web, Android, and iOS applications, with a strong focus on cloud infrastructure security. Proactively identify and mitigate vulnerabilities across platforms, collaborating with development and DevOps teams to implement secure solutions. Automate and streamline security processes, aligning with the principle that Complexity is the enemy of Security. Oversee Vulnerability Management and Patch Management processes, ensuring timely remediation. Design and implement robust security measures and contribute to Red Team activities, including assessments of cloud, network, wireless, physical, and social engineering scenarios. Take ownership of assigned tasks and drive the continuous improvement of security practices across the organization. Assist in setting up and maintaining monitoring systems to identify and respond to potential incidents in real time. Develop custom tools, scripts, and scanners to address unique security challenges and automate repetitive tasks. Provide architectural guidance for securing cloud-based applications and DevOps pipelines. Continuously stay updated on emerging security technologies and techniques, sharing knowledge with the team. Qualifications: 3-5 yrs experienced Sr security engineer. Expertise in cloud security (AWS, Azure, or GCP) with a strong understanding of securing applications and infrastructure in cloud environments. Proficiency in DevOps and DevSecOps practices, including secure CI/CD pipeline integration and automation. Strong knowledge of OWASP and SANS testing methodologies for identifying and mitigating security vulnerabilities. Good understanding of software security weaknesses, architecture vulnerabilities, and mitigation strategies. Hands-on experience in threat modeling, vulnerability assessments, and penetration testing. Proficiency in any scripting language - Python. Experience in developing or customizing tools, scanners, or extenders for specific security needs. Ability to work independently and collaboratively within a team to solve complex security challenges. Experience in implementing security monitoring systems for early incident detection. Strong problem-solving skills and the ability to think creatively to simulate attack scenarios. Certification in security-related fields (e.g., AWS Certified Security, CISSP, CEH, OSCP). Experience with container security and orchestration platforms like Kubernetes and Docker. Knowledge of Infrastructure as Code (IaC) tools like Terraform or CloudFormation. Familiarity with modern DevOps tools (e.g., Jenkins, GitLab, Ansible). Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

Job Title: IMPO UAM Authorization Analyst Location: Bengaluru, India Unit: Johnson & Johnson Innovative Medicine Principal Operations (IMPO) Job Type: Full-Time Employment Type: Permanent About Johnson & Johnson: At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, profoundly impacting health for humanity. Role Purpose: The IMPO UAM Authorization Analyst role at Johnson & Johnson is responsible for enhancing user access security and compliance within global SAP S/4 systems, while driving key User Access Management (UAM) initiatives. This role supports business adaptation through SAP S/4 HANA implementation, focusing on core SAP Manufacturing, Order to Cash, Procure to Pay, and Finance processes. The position is part of the IMUAM team, ensuring security requirements are designed and implemented compliantly within the Transcend Program, a global initiative for business transformation. Key Responsibilities: Security Workshops & Role Design: Lead security workshops to gather business and compliance requirements for role design, ensuring validation post-build for S/4 HANA Roles and Authorization requirements. UAM Strategy Development: Develop UAM strategies involving composite roles, Fiori tiles, business roles/user personas, and data security/UI masking concepts for S/4HANA. Data Validation & Compliance Documentation: Perform data validation, conduct health checks, and provide compliance documentation to ensure proper security implementation. Role Design & Testing: Design, test, and implement rule sets for SAP S/4HANA role design, ensuring they align with security protocols. User Account Setup & Support: Support role data and user account setup. Provide advice on role design testing and coordinate business UAT activities. Authorization Defects Management: Manage authorization defects and provide support for user cutover and Hypercare activities during and post-implementation. Collaboration & Training: Work closely with the Business Adaptation team to facilitate training, communication, and readiness across regions. Assist in transitioning between project phases and operational support teams. Compliance & Security Audits: Ensure compliance with internal and external standards through regular SAP security assessments and audits. Issue Troubleshooting & Resolution: Troubleshoot and resolve complex SAP security issues to maintain a secure environment. Documentation Management: Develop and maintain comprehensive documentation for SAP security policies, procedures, and configurations. Mentorship & Team Development: Train and mentor junior team members, promoting the implementation of SAP security standard processes. Qualifications: Required: Educational Background: Bachelor s degree in a relevant field (preferably Risk Management, Compliance, Audit). Experience: 6-8 years of experience in UAM within an enterprise risk management framework. Demonstrated expertise in SAP GRC Access Control and Identity Management tools. Hands-on experience with end-to-end SAP S/4HANA implementation, including Fiori. Deep knowledge of SAP authorization concepts, Segregation of Duties (SoD) mitigation, and remediation strategies. Proficiency in risk matrix/rule set maintenance, data analysis, conversion, and migration. Tools & Platforms: Experience with teamwork platforms (e.g., Confluence, Jira, MS Teams). Project Management: Strong project management and collaboration skills with experience in remote and virtual environments. Language Skills: Fluent in English with outstanding oral and written communication skills. Additional Experience: Experience in the pharmaceutical domain is a plus. Preferred: Industry Experience: Experience in Life Sciences, Pharmaceuticals, or similar industries. Leadership & Innovation: Demonstrated leadership skills with the ability to embrace innovation and promote a culture of continuous improvement. Project Management: Previous experience in a PMO role managing large-scale SAP implementation projects. Cross-Cultural Team Collaboration: Ability to work effectively with team members from different cultural and technical backgrounds. Other Requirements: Hybrid Work: Ability to work on-site a minimum of three days per week, with up to two remote workdays based on the flexible work policy. Travel: May require up to 10% domestic and/or international travel. Diversity & Inclusion: Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. We are committed to fostering an inclusive and diverse work environment, and we encourage applicants from all backgrounds to apply. We value diversity and do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, age, national origin, or veteran status. Qualification : Bachelors degree in a relevant field, with a preference for studies in Risk Management, Compliance, and Audit.

Location: Bengaluru, India Role: Cybersecurity Analyst Company: Wipro Limited In a world where data is power, protecting that data is a mission, not just a job. As a Cybersecurity Analyst at Wipro, you ll be the guardian of sensitive information, spotting threats before they strike and building a resilient security posture for the organization. What You ll Do 1 Keep Customers Safe Deliver customer-centric cybersecurity, ensuring systems are fortified and risks are minimized. Monitor logs, security events, and access patterns to detect unusual, unauthorized, or illegal activity. Safeguard log sources, security configurations, and access controls. 2 Hunt, Analyze & Respond Track, analyze, and respond to security incidents escalated by L1 teams (24x7 rotational shifts). Perform log reviews and forensic analysis to understand unauthorized access or breaches. Use advanced analytics tools to identify emerging threat patterns. Conduct detailed root cause analysis and recommend specific, actionable improvements. 3 Be the Incident Commander Lead incident response efforts, coordinating with internal teams and customers for swift resolution. Plan and refine disaster recovery strategies for potential breaches. Create incident reports, dashboards, and analysis summaries to share insights and learnings. 4 Collaborate & Educate Work closely with internal technical leads, practice teams, and external customers to manage security concerns. Assist with internal and external audits, maintaining the information security risk register. Deliver cybersecurity awareness training for colleagues, turning every employee into a security ally. Provide hands-on advice and guidance on handling malicious emails, phishing attempts, and suspicious activity. Key Relationships Stakeholder Why You ll Work Together Internal Tech & Project Leads Regular updates, security reporting, coordination Security Intelligence Team For threat intelligence sharing and practice alignment Customers Direct support during incidents, ensuring transparency & fast resolutions What You Need to Succeed Technical Mastery Deep knowledge of Network Security devices, Firewalls, Endpoints, SIEM, Application Security, IDS/IPS, Vulnerability Assessments & Penetration Testing (VA/PT). Process Excellence Solid understanding of standards, processes, and automation tools to improve consistency and reduce risk. Communication & Collaboration Clear, effective communication skills you ll be the go-to person for explaining security risks to both techies and non-techies. How Your Success Will Be Measured Performance Area Measure Customer Focus Fast, effective resolution of security incidents for internal & external users Process Adherence 90-95% SLA compliance for response & resolution times Key Competencies Effective Communication Collaborative Working Execution Excellence Analytical Thinking & Problem Solving Reinvent Cybersecurity With Wipro This isn t just a job it s your chance to reinvent how organizations protect themselves in a rapidly evolving threat landscape. Join Wipro. Own the mission. Protect the future. Applications from people with disabilities are explicitly welcome.

Job Title: Lead Engineer Software Test & Release Location: Bangalore Job Summary We are looking for a skilled Security Test and Automation Engineer with 7-9 years of experience in Security Verification and Validation, particularly on Embedded Systems. The ideal candidate will have 3-4 years of leadership experience in managing a team of security test engineers and hands-on expertise in scripting languages like Python, Java, and AI/ML-based tools. The primary responsibility will be to develop and execute security testing strategies across various domains including Devices, Automotive, Medical Devices, and Telecom Infrastructure (Wireless and Wired). Key Responsibilities Security Test Strategy: Develop and execute a comprehensive security test and automation strategy across multiple domains like Devices, Automotive, Medical Devices, and Telecom Infrastructure. Collaborate with project teams to capture best practices, share knowledge about the latest tools and technologies, and identify opportunities for new solution development. Understand client requirements for security testing and prepare proposals related to Security and Penetration Testing. Penetration Testing: Work with clients to understand their testing needs (e.g., number and types of systems for testing). Plan, create, and execute penetration methods, scripts, and tests to assess the security of systems. Perform remote or on-site security testing of a client s network or infrastructure to uncover vulnerabilities. Simulate security breaches to test system vulnerabilities and identify potential threats. Generate detailed reports outlining security issues, the level of risk, and recommendations for remediation. Team Leadership and Development: Lead and mentor a team of security test engineers, providing guidance on technical challenges and professional growth. Conduct reviews of designs, code, and test plans to identify risks and ensure quality deliverables. Identify training needs for the team and provide support for their technical development. Risk Analysis and Requirement Management: Conduct requirement analysis and feasibility studies, considering risk identification and mitigation. Perform system-level work estimation and ensure timely delivery of high-quality work. Ensure traceability of requirements from design to delivery, while optimizing code and ensuring test coverage. Continuous Improvement: Participate in technical initiatives within the project and organization, delivering training and maintaining a high level of technical competence through ongoing self-study and technical assessments. Identify and implement improvements in security testing practices and tools. Required Skills and Experience 7-9 years in Security Verification and Validation on Embedded Systems. 3-4 years of experience leading a team of security test engineers. Hands-on experience with scripting languages like Python, Java, and AI/ML-based tools. Experience in penetration testing and security assessments for embedded systems and network infrastructures. Technical Expertise: Strong knowledge of security testing methodologies, vulnerability assessments, and penetration testing. Proficiency in scripting languages (Python, Java, Perl, Shell scripts, TCL). Experience in Automation Frameworks for security testing. Understanding of network protocols (2G, 3G, LTE, 5G) and security concerns within telecommunications and embedded systems. Certifications: Bachelor s degree in Engineering or equivalent. Certifications in Security Testing (e.g., Certified Ethical Hacker - CEH) are highly desirable. Tools and Technologies: Experience with test and trace/log collection tools such as QXDM, QCAT, QPST, Prism, and other telecom instruments (e.g., Anritsu, Keysight). Familiarity with automation scripting tools like RTD (for Anritsu) or equivalent. Knowledge of Linux host platforms and network simulation tools. Specialization: Expertise in 2G, 3G, 4G, 5G, Interop Testing, and VSAT-SATCOM technologies. Understanding of 3GPP specifications and network vendor tests. Desirable Skills Strong problem-solving and analytical skills to identify vulnerabilities and assess risks in systems. Ability to provide strategic and actionable insights based on security findings. Ability to communicate complex security issues to non-technical stakeholders. Leadership and mentoring capabilities to guide junior engineers and promote team development. Work Environment Location: Bangalore Opportunity to work in a dynamic environment with the latest tools and technologies in the security testing domain. If you have a passion for security testing and automation, along with a desire to lead and contribute to impactful projects, this is the perfect opportunity for you! Apply now to join our team and make a significant impact in the field of security testing.

Job Title: Senior Technical Program Manager Location: Bengaluru, India About Couchbase: As industries race to embrace AI, traditional database solutions fall short of rising demands for versatility, performance, and affordability. Couchbase is leading the way with Capella, the developer data platform for critical applications in the AI world. By uniting transactional, analytical, mobile, and AI workloads into a seamless, fully managed solution, Couchbase empowers developers and enterprises to build and scale applications with unmatched flexibility, performance, and cost-efficiency from cloud to edge. Trusted by over 30% of the Fortune 100, Couchbase is unlocking innovation, accelerating AI transformation, and redefining customer experiences. Come join our mission! Job Overview: As a Senior Technical Program Manager, you will play a pivotal role in the planning, management, communication, and governance of Couchbase Engineering and Cloud programs and projects. You ll lead cross-functional initiatives in a fast-paced, results-oriented environment, ensuring high-quality and timely execution of critical projects that align with Couchbase s goals and vision. Responsibilities: Release Management: Coordinate and execute efficient release management processes, ensuring smooth and timely deployment of software updates while maintaining rigorous testing and validation protocols. Security Program Management: Lead the development and implementation of comprehensive security programs, overseeing risk assessments, designing strategies, and ensuring compliance with industry standards to safeguard assets and data. Cross-Functional Collaboration: Work closely with cross-functional teams to ensure seamless integration of engineering solutions, consistently meeting Service Level Agreements (SLAs) for development and support. Program Management: Formulate, organize, and monitor interconnected projects, ensuring clarity of cross-functional requirements and managing scope, quality, and schedules effectively. Risk Management: Identify potential risks and dependencies across multiple work streams, using data-focused analysis to drive mitigation actions. Product Strategy Alignment: Collaborate with the product team to clarify and specify the product roadmap, ensuring alignment with business goals. Stakeholder Communication: Communicate goals, status, risks, and impacts to teams and stakeholders, adapting your communication style to suit different audiences. Issue Resolution: Effectively manage issues, backlogs, and changes, escalating risks and bottlenecks at the earliest opportunity to ensure smooth project execution. Qualifications: Education: Bachelor s/Master s degree in Computer Science or equivalent. Experience: 5 - 7 years of experience managing cross-functional and/or cross-team projects in a fast-paced environment. Cloud Expertise: Experience with AWS, GCP, or Azure platforms; certifications are helpful but not required. Problem-Solving: Excellent analytical skills, with a strong ability to solve complex technical and operational issues. Systems Understanding: Solid understanding of large-scale distributed systems design and operational challenges. Cross-Functional Collaboration: Experience partnering with engineering teams and driving execution across all phases of the software development lifecycle. Remote Work Experience: Comfortable working remotely with global teams, and adept at navigating ambiguity in a rapidly evolving environment. Communication Skills: Strong verbal and written communication skills, with the ability to create clear specifications, executive reports, and communicate complex ideas to diverse audiences. Modern customer experiences require a flexible cloud database platform that powers applications across cloud, edge, and everything in between. Couchbase s mission is to simplify how developers and architects develop, deploy, and consume modern applications. With Capella, our flexible, affordable cloud platform, we empower organizations to quickly build and deliver premium customer experiences with unmatched price-performance. More than 30% of the Fortune 100 trust Couchbase to power their modern applications. Benefits at Couchbase: Generous Time Off Program: Flexibility to care for yourself and your family. Wellness Benefits: Comprehensive medical plans, dental, vision, life insurance, and employee assistance programs. Financial Planning: RSU equity program, ESPP, retirement planning, and business travel insurance. Career Growth: A Be valued, Create value approach to your career development. Fun Perks: Ergonomic office setup, food & snacks for in-office employees, and more! Qualification : Bachelors/Masters degree in Computer Science or equivalent.

Infosec Lead Experience: 5-7 Years | Location: Bengaluru About Gameskraft: Founded in 2017, Gameskraft is one of India s fastest-growing online gaming companies. Our mission is to build a safe, secure, and responsible gaming ecosystem while delivering unmatched experiences through innovation and technology. As the industry s only ISO 27001 and ISO 9001 certified company, we set the highest benchmarks in security, design, and performance. Job Summary: We are seeking an experienced Infosec Lead to drive our security strategy, ensuring robust web security, application security, and compliance across the organization. You will be responsible for leading a team of security professionals, implementing best-in-class security measures, and ensuring compliance with industry regulations such as HIPAA, PCI-DSS, ISO, and GDPR. Key Responsibilities: Security Strategy & Program Management: Develop, implement, and maintain a comprehensive security program to safeguard company assets, systems, and data. Collaborate with cross-functional teams to integrate security into product development and business operations. Conduct risk assessments and vulnerability analyses to identify and mitigate security threats. Compliance & Regulatory Adherence: Ensure compliance with HIPAA, PCI-DSS, ISO, GDPR, and other relevant security frameworks. Maintain security certifications and drive adherence to regulatory standards. Develop and enforce security policies, standards, and procedures. Incident Response & Risk Management: Lead incident response efforts, including investigation, containment, and remediation. Continuously monitor security threats, emerging trends, and vulnerabilities to strengthen cyber resilience. Provide security guidance and risk analysis during product launches and infrastructure changes. Team Leadership & Stakeholder Collaboration: Lead and mentor a team of security professionals, fostering a culture of security awareness across the organization. Work closely with engineering, IT, legal, and business teams to embed security best practices. Present regular security reports and key performance metrics to senior management. What You Bring to the Table: Education: Bachelor s or Master s degree in Computer Science, Information Security, or a related field. Experience: 5-7 years of experience in information security, with a strong focus on web security, application security, and compliance. Proven track record in leading security teams and managing enterprise security programs. Technical Expertise: Strong knowledge of security technologies such as firewalls, IDS/IPS, SIEM, encryption, authentication protocols, and penetration testing tools. Experience with cloud security (AWS, Azure, GCP) and DevSecOps methodologies. Familiarity with secure coding practices and application security frameworks (OWASP, NIST, CIS Controls). Hands-on expertise in risk assessment, vulnerability management, and security architecture design. Certifications (Preferred): CISSP, CISM, CISA, CEH, or equivalent industry-recognized security certifications. Soft Skills & Leadership: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to influence and drive security initiatives across multiple teams. Work Culture at Gameskraft: Startup Environment: Fast-paced, ownership-driven culture where innovation and agility thrive. Impactful Work: Direct contribution to securing one of India s largest gaming platforms. Collaboration: Work alongside some of the best minds in the gaming and consumer internet industry. Data-Driven: Leverage analytics to enhance security posture and decision-making. Compensation & Benefits: Attractive Compensation & ESOPs Competitive salary with equity options. Health Insurance 5 Lakh medical cover for you and your family. Car Lease Policy Exclusive leasing options for employees. Relocation Benefits Assistance with moving to Bengaluru. Free Lunch & Stocked Pantries Enjoy great food while you work! Performance-Based Growth Transparent appraisals and rapid career progression. Join Us & Secure the Future of Gaming! If you re passionate about cybersecurity, risk management, and building secure digital ecosystems, we d love to have you on board. Apply now and be part of an exciting journey at Gameskraft! Qualification : Bachelors or Masters degree in Computer Science, Information Security, or a related field.

Job Role: Vulnerability Assessment Specialist The Vulnerability Assessment Specialist will be responsible for managing vulnerability scanners, executing security assessments, and proactively identifying vulnerabilities across Vodafone s IT environments. This role requires collaboration with various teams to address and mitigate risks, ensuring a secure infrastructure. Experience and Skills Required Experience: 5+ years of relevant experience in vulnerability management and vulnerability assessment. Proven expertise in vulnerability scanning tools like Qualysguard VMDR, WAS, and cloud scanning management. Industry-recognized security certification such as CEH (Certified Ethical Hacker). Hands-on experience with scanning and penetration testing tools such as Retina, ACUNETIX, Nessus, Open VAS, Metasploit framework, NMAP, and Nagios. Familiarity with operating systems like Linux and Windows, web application security, virtualization platforms (VMware), and network/infrastructure security assessments. Knowledge of OWASP, Sandbox, Kali Linux, Burp Suite, CVE, SSL PKI, 2FA, IAM, Perimeter Security, and SIEM solutions. Experience compiling VAPT (Vulnerability Assessment and Penetration Testing) reports and conducting penetration testing on test environments. (Optional but preferred) Knowledge of advanced penetration testing techniques and tools. Key Responsibilities: Execute security assessments to highlight and articulate risks to the business. Participate in defining the scope of security scanning and vulnerability assessment activities. Act as a technical subject matter expert for security scanning tools and processes. Manage the overall scanning infrastructure and ensure the quality and accuracy of scanning activities and deliverables. Proactively identify vulnerabilities across Vodafone environments and ensure timely mitigation actions. Continuously improve security assessment services and processes. Perform vulnerability research to discover new and previously unknown vulnerabilities. Prepare detailed technical reports on vulnerability scanning results and communicate findings to resolver teams. Respond to technical queries related to reports and findings.

Summary of Essential Job Functions The primary responsibility of the InfoSec Tech Lead is to ensure the organization's global information security, compliance, and risk management. The role involves collaborating with various teams to identify and implement security requirements for product applications and infrastructure. Minimum Requirements (Education & Work Experience) Education: Bachelor s/Master s degree in Computer Engineering or Information Science. Certifications (Preferred): OSCP, OSCE, ECSA|LPT, CPT, CEH. Experience: 5-7 years in Vulnerability Management, covering Application, Infrastructure, Cloud, Mobile Security, Secure Code Review, and IoT. Work Location: Bangalore, India (May require travel). Competency Requirements Hands-on experience in Network, Web-based, and Cloud Application Security Assessments including threat modeling, vulnerability assessments, and penetration testing. Knowledge of current information security trends. Familiarity with security bug classification frameworks (e.g., CVSS, DREAD) and application of classification methods. Expertise in Web Service vulnerability assessments. Understanding of Mobile Application Security (iOS/Android). Experience in code review methods and standards. Ability to develop proof-of-concept (POC) exploits for security vulnerabilities. Proficiency with web application vulnerability scanning tools (e.g., Acunetix, NTO Spider, BurpSuite Pro, WebInspect, Core Impact). Experience with network assessment tools and exploitations (e.g., Kali Framework, QualysGuard, Nessus, Nexpose, Nmap, Metasploit, Saint). Experience in static code review tools (e.g., Checkmarx, HP Fortify, IBM AppScan Source). Proficiency in at least two scripting languages (e.g., Python, Perl, PHP, Ruby, etc.). Ability to assess applications using OWASP, OSSTMM, CESG, CREST, NIST, ISSAF, PTES methodologies. Understanding of SDLC practices and adaptability to Agile methodologies. Experience in high-level programming languages (e.g., Java, C, C++, .NET (C#, VB)), with DAST code review as an added advantage. Knowledge of operating systems (Windows/Linux/UNIX IBM AIX, Sun Solaris, HP UX) and network equipment. Experience providing technical oversight to project teams to ensure quality engagements. Strong experience in mentoring, coaching, and leading teams in challenging environments. Familiarity with security compliance frameworks (PCI, SOC, GDPR). Other Requirements Strong ethics and integrity in business and information security. Proficiency in English (written and verbal communication skills). Ability to prepare professional reports and present findings to technical and executive stakeholders. Ability to interact with customers and understand security requirements. Job Responsibilities Conduct and manage Vulnerability Assessments and Penetration Testing (VAPT) for Infrastructure, Web Applications, and Web Services/APIs. Perform manual and automated security testing to identify vulnerabilities. Conduct periodic configuration audits for network devices, servers, and critical functions. Perform secure code reviews across multiple programming languages and recommend corrective actions. Assess SDLC processes for security compliance. Develop security testing scripts and procedures. Participate in security-related projects as per skillset. Continuously evaluate application architecture to enhance security processes. Analyze suspected vulnerabilities, collaborate with subject matter experts, and recommend remediation measures. Evaluate and recommend security products and solutions. Act as a security advisor for secure coding standards and security information management. Qualification : Bachelors/Masters degree in Computer Engineering or Information Science.

About Unilever Unilever is a purpose-driven global company, impacting the lives of billions of consumers in over 190 countries. Our brands are trusted and loved, and we are committed to making sustainable living commonplace. We believe that doing business the right way drives both performance and positive societal change. At Unilever, we foster an inclusive, flexible, and collaborative work environment. Your career here will be a dynamic journey where you can shape your future while contributing to a better business and a better world. About UniOps Unilever Operations (UniOps) is the technology and business services engine of Unilever, providing seamless enterprise solutions across 190+ locations. Through strategic sourcing, digital transformation, and operational excellence, UniOps enables Unilever to drive growth, enhance efficiency, and stay future-fit. Role Overview As a Global Security Specialist Workplace Experience and Operations, you will be responsible for designing, implementing, and managing security programs across Unilever s global workplace facilities, passenger fleet, and travel service lines. Your role will ensure compliance with global security and safety standards while driving innovation, operational excellence, and best practices in risk management. You will collaborate with internal stakeholders, suppliers, and cross-functional teams to enhance safety measures, leverage emerging security technologies, and maintain a secure environment for Unilever employees. Key Responsibilities Security Strategy & Technology Integration Develop and implement a comprehensive security and safety strategy aligned with Unilever s global objectives. Design roadmaps for security transformation initiatives and oversee their execution. Evaluate and integrate advanced security technologies to enhance workplace safety. Support the deployment of digital solutions to meet security and safety goals. Stay updated on emerging security trends and recommend innovative measures. Cross-Functional Collaboration Partner with internal teams, including HR, IT, Legal, and Facility Management, to create a holistic security framework. Communicate security initiatives and updates to senior leadership. Drive change management efforts, providing training and awareness programs. Operational Safety & Security Assist in implementing the Workplace Sustainability, Safety & Security (WPS) work plan. Ensure compliance with Unilever s global safety policies for travel, events, and fleet management. Monitor security and safety performance, infrastructure, and service delivery. Proactively manage risks and escalations, working closely with regional teams. Vendor & Budget Management Manage relationships with key security and safety suppliers. Oversee contract negotiations, service level agreements, and supplier performance evaluations. Develop and manage the budget for security initiatives, ensuring efficient resource allocation. Capability Building & Compliance Embed a strong security culture across Unilever s workplace services, impacting 800+ employees and 6,000+ contractors. Ensure consistent implementation of global security frameworks and standards. Organize training programs, workshops, and capability-building initiatives. Champion a culture of security awareness to minimize risks and incidents. Qualifications & Experience Education: Bachelor s degree in Engineering, Science, Business, or a related technical discipline. Experience: Strong background in security and safety management within a corporate, FMCG, or facility management environment. Knowledge of occupational safety regulations and industry best practices. Experience in managing large-scale security projects and implementing digital security solutions. Familiarity with change management and training initiatives. Skills: Strong communication and stakeholder management skills. Ability to work in a fast-paced, global environment. Proficiency in Microsoft Office (Word, Excel, PowerPoint, Outlook). Project management experience with a strategic mindset. Fluency in English; additional language skills are a plus. Why Join Unilever? At Unilever, we celebrate diversity and inclusion, ensuring that all employees regardless of race, gender, age, disability, or background have the opportunity to thrive. Join us to challenge conventional ideas, drive innovation, and make a meaningful impact on business and society. Qualification : Bachelors degree (Engineering / Science / Business / Technical discipline).

About Oracle Customer Success Services Oracle Customer Success Services (CSS) follows a One Oracle approach to ensure customer success by offering a comprehensive range of services and solutions. Supported by certified and experienced professionals, CSS accelerates the customer journey by providing expert implementation and support. Through a customer-centric, integrated service model, CSS collaborates closely with Oracle Development to deliver exceptional solutions. Role Overview As a Senior Cloud Security Engineer, you will be responsible for delivering high-quality support and services in Oracle Database, Engineered Systems, and Cloud Technologies for premium customers. This role covers the entire product lifecycle, including architecture design, implementation, optimization, and maintenance. You will work directly with customers to ensure they maximize the value of Oracle s technology solutions. Career Level: IC4 Key Responsibilities 4.5 to 10 years of experience in Oracle Cloud Infrastructure (OCI). Lead the full cycle of Oracle Cloud Security assessments, design, and implementations, ensuring adherence to best practices. Hands-on expertise in Oracle Identity and Access Management (IAM), Identity Cloud Service (IDCS), and cloud security solutions. Implement and manage Active Directory (AD) and IDCS connectivity. Define and maintain role hierarchies, function security policies, and provisioning mechanisms. Perform vulnerability scanning using Qualys Guard and recommend remediation actions. Customize roles and responsibilities while configuring Single Sign-On (SSO) solutions. Analyze and report on application security configurations and compliance status. Support Software Development Life Cycle (SDLC) processes, including environment configuration and migration. Ensure robust User Access Provisioning, Application Control, and Security management. Deliver end-to-end Oracle Cloud Applications Security & Controls services. Required Skills & Expertise Cloud Security Cloud Services Cloud Technologies Diversity & Inclusion at Oracle At Oracle, we believe innovation thrives in an inclusive environment that embraces diverse perspectives. Our career opportunities span industries, roles, countries, and cultures, allowing employees to grow, innovate, and maintain work-life balance. With over 40 years of industry leadership, Oracle operates with integrity and excellence, serving some of the world s top companies. We are committed to fostering an inclusive workforce that encourages thought leadership and innovation. Oracle offers a highly competitive suite of employee benefits, including: Medical and life insurance Retirement planning options Parental leave policies Flexible work arrangements Opportunities to give back to the community through volunteer programs