Security Policies Jobs in Bengaluru

Security Operations Engineer FalconX Location: Bangalore Experience: 3+ Years Education: Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field About FalconX FalconX is a pioneering team of operators, investors, and builders transforming institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX simplifies the complex and fragmented digital asset ecosystem. Our platform empowers clients to navigate the crypto landscape seamlessly, providing access, liquidity, and tools to execute institutional strategies from start to scale. Role Overview We are looking for a Security Operations Engineer to strengthen our cybersecurity posture and protect our systems, data, and clients. In this role, you will monitor, detect, and respond to threats across on-premise and cloud environments, conduct investigations, perform threat hunting, and automate security operations. Key Responsibilities Monitor, detect, and respond to security incidents across cloud and on-premise environments. Analyze security alerts from various tools to identify potential threats and anomalies. Conduct forensic investigations and deep-dive analysis to identify trends and attack techniques. Perform proactive threat hunting across endpoints, networks, and cloud environments. Analyze security logs and behavioral patterns to detect Indicators of Compromise (IOCs). Investigate security incidents and provide actionable mitigation and remediation recommendations. Develop and refine threat hunting methodologies using frameworks like MITRE ATT&CK. Automate threat detection and response processes using scripting languages such as Python, PowerShell, or Bash. Continuously monitor emerging threats, vulnerabilities, and attack trends to improve strategies. Required Qualifications Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field. 3+ years of experience in Security Operations, Threat Hunting, or a similar cybersecurity role. Hands-on experience working with log data for detection and response (Cloud, EDR, Network, etc.). Experience developing and deploying detection rules (Yara, Sigma, SQL-based rules, etc.). Strong understanding of network security monitoring, packet analysis, and log correlation. Deep knowledge of advanced threat detection methodologies and threat intelligence. Proficiency in analyzing attacker TTPs using frameworks like MITRE ATT&CK. Skilled in scripting and automation for security operations (Python, PowerShell, Bash). Familiarity with endpoint security, identity management, cloud security, and incident response. Protect critical systems, data, and client assets from emerging cyber threats. Play a key role in detecting, investigating, and responding to security incidents. Collaborate with cross-functional teams to strengthen security posture and operational resilience. Drive proactive threat hunting and automation to improve efficiency and effectiveness. Qualification : Bachelors degree in Cybersecurity, Computer Science, Information Technology, or related field

IT System and Security Engineer Location: Bengaluru Work Type: Full-Time Company Overview Locus is a battle-tested, agentic Transportation Management System powering logistics across 30+ countries. In 2025, Locus joined the Ingka Group (IKEA Retail), combining high-growth tech agility with the scale of a global enterprise while continuing to operate independently. Role Overview We are seeking an IT System and Security Engineer to manage core IT operations, strengthen endpoint security, and ensure compliance. This hands-on role requires technical expertise to maintain a secure, compliant, and efficient environment across Google Workspace, Okta, and Jamf. Key Responsibilities Operations Management: Oversee user onboarding/offboarding, hardware provisioning, and complex troubleshooting. Security Administration: Monitor Okta, Jamf Pro, and Jamf Protect to ensure MFA enforcement and device encryption. Remediation: Proactively review and fix security vulnerabilities and compliance findings. Automation: Streamline routine tasks using Python, Bash, or Google Apps Script. Compliance & Audits: Maintain asset inventories and prepare evidence for SOC2 and ISO27001 readiness. Skills & Qualifications 2 5 years of experience in IT administration or security operations. Expertise: Google Workspace security and Identity Management (Okta). MDM Platforms: Proven experience with Jamf Pro, Intune, or equivalent tools. Scripting: Ability to write automation scripts in Python or Bash. Frameworks: Familiarity with SOC2 / ISO27001 compliance processes. What We Value Global Mindset: Curiosity about diverse markets. Driven: Energized by complex challenges. Thoughtful: Analytical and deliberate approach. Exact in Craft: Commitment to detail and excellence. Help redefine logistics through innovation. We offer competitive compensation, a supportive work environment, and the opportunity to scale IT security within the IKEA ecosystem.

Infrastructure Security Leader Location: Bengaluru About Us: Observe.AI Observe.AI is the leading AI-powered platform for customer experience, enabling enterprises to automate customer interactions using AI agents. Our platform ensures natural conversations, delivering predictable outcomes, and is trusted by top companies like DoorDash, Affordable Care, Signify Health, and Verida. Observe.AI blends advanced speech understanding, workflow automation, and enterprise-grade governance to deliver end-to-end AI solutions that optimize both human and AI interactions, providing insights for coaching and quality management. At Observe.AI, we re on a mission to transform customer experiences through AI. As a founding member of our Infrastructure/Cloud Security team, you will have the opportunity to shape and design cloud security from the ground up for a platform trusted by over 80 million users. Reporting directly to the VP of Information Security, you will drive a defense-in-depth approach across infrastructure, IAM, and networks. This is a unique, zero-to-one role where you ll define security strategy, mentor the team, and make a long-lasting impact in a fast-growing AI company. What You ll Be Doing: Security Strategy Development: Design and document security policies, reference architectures, design patterns, and roadmaps to protect our platform. Secure Access & Network Design: Lead efforts to design secure access controls and networks for production environments. Cross-Department Leadership: Collaborate with Corporate IT to implement security measures within the corporate environment. Defense-in-Depth: Implement network segmentation, firewall configurations, VPNs, and deep packet inspection to minimize impact from security incidents. AWS Infrastructure Security: Re-architect AWS infrastructure to enhance security, ensuring that networks, VPCs, and security configurations are optimized. Vulnerability Management: Identify tools and technologies to scan networks, OS, and infrastructure for vulnerabilities, and work with SRE teams to remediate identified risks. Security Compliance: Represent Infrastructure Security in PCI, SOC, ISO, HITRUST, and other regulatory audits, ensuring compliance. Collaborative Design: Partner with engineering teams and architects to ensure infrastructure designs meet both business and security requirements. Stakeholder Collaboration: Work with other teams to integrate up-to-date security features and infrastructure designs across the organization. What You ll Bring to the Role: 9+ years of experience in Software Engineering, Network Security, and AWS Security. Proven track record in designing and implementing secure Cloud Infrastructure, Network Security, and Corporate IT Security. Experience at a SaaS product company with hands-on knowledge of cloud security. Leadership experience in managing Infrastructure Security teams or Security-Focused SRE teams. Strong understanding of network designs, protocols, and certifications like CCNA (or similar). Ability to handle multiple, high-priority projects simultaneously while maintaining focus and quality. Comfort with working off-hours to handle security incidents in a dynamic, fast-paced environment. First-hand experience with major cloud providers, specifically AWS. Deep understanding of large-scale systems and N-tier architectures. Excellent communication skills, able to effectively influence and collaborate with stakeholders across the organization. Perks & Benefits: Medical Insurance: Comprehensive options, including free online doctor consultations. Leave Policies: Yearly privilege and sick leaves as per Karnataka S&E Act, along with generous national, festive, and parental leave. Learning & Development: Access to a fund that supports continuous learning and professional growth. Flexible Benefits: Tax exemptions for meals, PF, etc., along with other flexible benefit plans. Team Culture: Fun events to foster collaboration and culture across the organization.

Position: Security Engineer-2 Location: Bengaluru Employment Type: Full-Time Department: Engineering Job Description: We are seeking a proactive and skilled Security Engineer-2 to identify vulnerabilities, collaborate with development teams on mitigation strategies, and promote secure coding practices within the organization. You will play a critical role in ensuring the security and resilience of our products against emerging threats. Key Responsibilities: Conduct in-depth security assessments of products to discover vulnerabilities and demonstrate their exploitability and risk impact. Stay updated on emerging vulnerabilities and threats relevant to our products through independent research. Collaborate with developers to develop and implement mitigation and workaround plans according to security policies. Lead threat modeling and secure design review sessions with development teams to identify threats and define mitigation strategies. Conduct workshops to educate developers on threat modeling and secure coding principles. Prioritize and ensure mitigation of critical security defects during development sprints. Integrate and automate Static Application Security Testing (SAST) within the DevOps pipeline. Advocate and propagate secure coding principles across the development community. Serve as the primary point of contact for developers on critical secure development issues. Develop and deliver security training programs and technical workshops for developers and QA teams. Promote security awareness through tech talks and other knowledge-sharing activities. Required Qualifications and Skills: Strong knowledge of common vulnerabilities such as Cross-Site Scripting (XSS), SQL Injection, Cross-Site Request Forgery (CSRF), cryptographic weaknesses, and code injection. Proficiency in programming/scripting languages like Java, Ruby, and Python. Experience with cloud technologies and services. Ability to automate security testing processes and improve assessment productivity. Excellent communication skills to articulate security risks to both technical and non-technical audiences. Familiarity with industry-standard threat modeling, risk assessment, and vulnerability classification methodologies. Experience conducting white-box and grey-box security assessments, including architectural and API analysis. Knowledge of Secure Software Development Lifecycle (S-SDLC) and CI/CD integration. Bachelor s degree in Computer Science, Electrical Engineering, Computer Engineering, or equivalent experience in software engineering or security. Minimum 3 years of experience in application security or related security assessment roles. Deep understanding of attack vectors, exploits, and mitigation techniques, including chained attacks. Experience with languages such as Java, Go, Python, or Node.js (knowledge of multiple is a plus). Experience assessing cloud-native services, service meshes, and Kubernetes-based microservices. Strong problem-solving skills, able to think both offensively (like a hacker) and defensively (product security evaluation). Ability to learn new technologies and apply unconventional thinking to complex security challenges. Qualification : Bachelors degree in Computer Science, Electrical Engineering, Computer Engineering, or equivalent experience in software engineering or security

Cyber Security Analyst Bangalore, India Location: Bangalore (Bengaluru) Experience: 4 to 12 Years Industry: IT Security / Cybersecurity Job Summary: We are seeking a highly skilled Cyber Security Analyst with advanced knowledge in cybersecurity principles, risk assessment, and threat prevention. The ideal candidate will have hands-on experience with security tools, network defense, vulnerability assessments, and malware analysis to safeguard our organization s digital assets. Key Responsibilities: Analyze and mitigate cyber and IT security risks using advanced techniques and best practices Conduct vulnerability assessments and penetration testing across networks, platforms, and applications Utilize scripting and programming languages such as Python, PowerShell, Perl, HTML, and JavaScript for automation and security analysis Monitor network security devices including firewalls, proxies, NIDS/NIPS, and respond to security incidents Perform dynamic and static malware analysis and memory forensics to identify and counter threats Conduct reverse engineering of malware and apply countermeasures based on adversary tactics and protocols Apply in-depth knowledge of network protocols, network security monitoring, and incident response Ensure compliance with security standards and frameworks Collaborate with cross-functional teams to implement security improvements and ensure robust defense mechanisms Required Skills & Qualifications: Minimum 4+ years of professional experience in cybersecurity or related IT security roles Advanced understanding of cyber threats, risk management, and prevention techniques Proficiency in security system analysis, network security, and vulnerability assessment tools Experience with malware analysis, penetration testing, and reverse engineering Strong programming/scripting skills in Python, PowerShell, Perl, or similar languages In-depth knowledge of security standards, protocols, and industry best practices Hands-on experience with network security monitoring and defense technologies Preferred Certifications: Technical cybersecurity certifications from recognized bodies such as SANS, ISACA (CISA, CISM), (ISC) (CISSP), CompTIA Security+, Cisco (CCNA Security), CERT, or equivalent Work in a challenging role protecting critical digital infrastructure Collaborate with a talented cybersecurity team to combat evolving threats Access to continuous learning, professional development, and certification opportunities

Architect - Cyber Security | Bengaluru, India Location: Bangalore (Bengaluru) Experience: 12 to 20 Years Industry: IT Security / Cybersecurity Architecture Job Summary: We are looking for a seasoned Cyber Security Architect with over 12 years of experience designing and managing security architectures across multiple industries. The ideal candidate will bring strong expertise in secure design principles, SSDLC implementation, and cloud security especially within Azure environments. Key Responsibilities: Lead the development and management of enterprise-wide security architectures for global, multinational organizations Participate in Security Architecture Review Boards and drive secure coding practices along with Software Security Development Life Cycle (SSDLC) implementation Develop and enforce secure design principles and security standards across platforms Create and maintain current and future state architecture diagrams, supporting the technical roadmap with a comprehensive understanding of the technology market Deliver security solution architectures aligned with the enterprise architecture framework Provide expert guidance on securing multi-tenant cloud environments, with a focus on Microsoft Azure Collaborate with cross-functional teams to align security strategies with business goals and compliance requirements Required Skills & Qualifications: Minimum 12+ years of experience in security architecture across at least two different industries, preferably including cloud service providers Proven track record with security architecture development and governance in large-scale multinational companies Experience with secure coding, SSDLC, and security architecture review processes Strong proficiency in cloud security architecture, especially Azure multi-tenant environments Bachelor s or Master s degree in Information Security, Computer Science, or related field Must hold CISSP certification (Certified Information Systems Security Professional) Experience with architecture certification such as CISSP-ISSAP is highly preferred Additional certifications or memberships in SANS, ISACA, or similar cybersecurity organizations are a plus Azure Architecture or Azure Security certifications highly desirable Lead cybersecurity architecture in a global, dynamic enterprise environment Work with cutting-edge cloud technologies and secure multi-cloud ecosystems Grow professionally with access to industry-leading certifications and training Influence enterprise security strategy at the highest level Qualification : Bachelors or Masters degree in Information Security, Computer Science, or related field

Senior Information Security Analyst Data Governance Location: Bangalore, India About the Team The Information Security (InfoSec) team at Rubrik strengthens company-wide security through initiatives, tools, and processes that protect data and systems. They also oversee security monitoring, incident response, and educate employees on best practices to secure Rubrik s information assets. Role Overview This role focuses on data governance and security review throughout the Software Development Lifecycle (SDLC) to ensure sensitive data is properly protected. You will collaborate cross-functionally with Legal, Engineering, Product, and IT teams, while also supporting the Security Operations Center (SOC) with expert guidance on data governance during incident response. Key Responsibilities Perform data governance and security reviews during SDLC for new products and features. Manage and document metadata, including data lineage, ownership, and definitions. Conduct audits and assessments to ensure compliance with data governance standards. Maintain strong relationships and communication with internal stakeholders to facilitate governance adherence. Act as a subject matter expert for SOC, supporting incident response from a data security perspective. Support training and awareness programs on data governance policies and best practices. Develop and maintain governance documentation, policies, and procedures. Identify and escalate data governance risks with actionable recommendations. Experience & Qualifications Required: Bachelor s or Master s degree in Information Security, Data Analytics, or related field. 3 5 years in information security, data security, or data governance roles. Strong understanding of data security principles and frameworks (e.g., NIST). Excellent communication, presentation, and documentation skills. Project management skills to lead governance projects. Ability to adapt quickly and maintain professionalism in dynamic environments. Preferred: Certifications: CISSP, CISM, CDPSE, Security+ (or similar). Experience with data governance tools and metadata management. Knowledge of data privacy regulations: GDPR, CCPA, HIPAA. Experience supporting or collaborating with SOC/incident response teams. Strong analytical and problem-solving skills, especially with complex data. Familiarity with cloud-based data security solutions. Rubrik leads in Zero Trust Data Security , providing cutting-edge data protection across enterprise, cloud, and SaaS environments. This role offers an impactful chance to enhance data governance and security in a mission-critical, rapidly evolving tech company. Qualification : Bachelors or Masters degree in Information Security, Data Analytics, or related field.

Engineering Manager Active Directory Location: Bangalore, India About the Team The Active Directory team is part of Rubrik s Enterprise Data Protection (EDP) organization. They develop data protection solutions specifically for Active Directory, including backup, restore, and integration of AD as an Identity Provider within Rubrik s security platform. About the Role Rubrik is seeking an experienced Engineering Manager to lead the Active Directory development team. This role focuses on guiding the design and delivery of AD data protection solutions, scaling the team, and driving innovation. The ideal candidate combines strong software development expertise especially with Active Directory and identity technologies with proven leadership skills. What You ll Do Team Leadership: Mentor and lead developers and engineers, foster innovation, collaboration, and technical excellence. Development Lifecycle: Manage sprint planning, code reviews, and adherence to standards; prioritize workload and resource allocation. Software Development: Oversee design, development, and testing of Active Directory data protection solutions and integrations with Rubrik s security platform. Customer & Growth Management: Engage with customers to support adoption and scale the team accordingly. Strategic Planning: Collaborate on roadmap definition with product managers and architects aligned to business goals. Operational Excellence: Provide technical leadership on escalations, maintain system health, and minimize regressions. Documentation & Collaboration: Develop thorough documentation and work closely with engineering, security, infrastructure teams, and stakeholders. Communication: Effectively communicate project status, risks, and technical details to diverse audiences, including senior leadership. Experience & Qualifications Education & Experience: Bachelor s or Master s degree in Computer Science, Software Engineering, IT, or related field. 8-10 years in software development and IT, with at least 2-3 years in technical leadership or engineering management roles. Technical Expertise: Strong skills in distributed systems and data storage. Solid knowledge of Windows Server OS and Active Directory (AD/Entra-ID) concepts. Experience with Microsoft Windows ecosystem preferred. Understanding of Identity and Access Management (IAM) concepts; familiarity with IAM services like Okta or AWS IAM is a plus. Knowledge of identity security (users, groups, roles, NHI) is advantageous. Leadership & Management: Proven ability to lead, mentor, and develop software engineering teams. Strong grasp of software development methodologies and project management. Experience collaborating with customers, sales, and support teams. Excellent organizational, communication, interpersonal, and presentation skills. Rubrik is on a mission to secure the world s data with Zero Trust Data Security . We empower organizations to defend against cyber threats and ensure data resilience through innovative cloud and SaaS security technologies. Qualification : Bachelors or Masters degree in Computer Science, Software Engineering, IT, or related field.

Senior Software Engineer Cloud Native Protection Location: Bangalore, India About the Team Rubrik s Cloud Native Protection team safeguards customer data on public cloud platforms. With cloud data growing rapidly and cyber threats increasing, the team builds scalable, secure solutions to protect, search, and analyze cloud data efficiently. Operating like a startup within a startup, the team tackles complex engineering challenges in a culture driven by strong engineering values and collaboration. About the Role As a Senior Software Engineer, you will be a key technical leader responsible for driving complex projects, designing scalable cloud-native software, and mentoring team members. You ll work closely with other engineers and cross-functional partners, bringing technical expertise, initiative, and leadership to deliver impactful solutions. What You ll Do Design, develop, test, deploy, maintain, and improve cloud native protection software. Tackle open-ended, complex problems, leading investigation and scoping efforts. Own project execution and ensure successful delivery of assigned work. Mentor and guide junior engineers, fostering their growth. Collaborate with product management, QA, UI/UX, documentation, and support teams. Experience & Qualifications Education & Experience: Bachelor s or Master s degree in Computer Science or related field. 4+ years of professional experience in software development. Technical Skills: Proficient in one or more programming languages: Go, Java, C/C++, Scala, Python. Experience with public cloud platforms (AWS, Azure, GCP) is a plus. Familiarity with Docker, containers, Kubernetes, and microservices architectures is a bonus. Strong understanding of SDLC, design patterns, and software engineering best practices. Leadership & Collaboration: Proven problem-solving skills and attention to detail. Experience reviewing and designing software artifacts with high quality. Strong leadership and communication skills with a track record of mentoring others. Ability to work independently and deliver impactful results on complex projects. Rubrik is committed to securing the world s data through Zero Trust Data Security . Our platform combines machine learning and cloud-native technology to protect enterprises against cyberattacks, insider threats, and operational disruptions, ensuring data availability and integrity even under adverse conditions. Qualification : Bachelors or Masters degree in Computer Science or related field.

Staff Engineer DSPM Location: Bangalore, India About the Team Rubrik s Security Apps team focuses on securing customer data across cloud, SaaS, and on-premises environments. As data volumes grow exponentially, so do the associated cybersecurity risks. The team builds scalable and innovative solutions to protect, search, and analyze data seamlessly. Operating like a startup within a startup, they emphasize strong engineering principles, innovation, and teamwork to drive product excellence. About the Role As a Staff Engineer, you will play a critical role in Rubrik s R&D, collaborating closely with product teams to build and evolve scalable, fault-tolerant backend systems. You will lead the development of data ingestion pipelines and advanced analysis engines, shaping the technical direction of multiple projects. Additionally, you will mentor engineers, fostering leadership skills and promoting a culture of technical excellence. What You ll Do Design, develop, test, deploy, and maintain high-performance software systems. Build large-scale distributed systems and storage infrastructure. Develop backend services that ingest and process sensitive data from multiple cloud providers. Create data pipelines for classification, correlation, anomaly detection, automated issue resolution, and customer reporting. Own project priorities, deadlines, and deliverables with end-to-end accountability. Identify and resolve software bottlenecks, driving continual innovation. Provide technical leadership and mentorship to engineers, guiding their growth into leadership roles. Influence architecture and design decisions across teams and projects strategically. Propose and lead process improvements and technical initiatives to boost productivity. Collaborate rapidly with engineers, product designers, and stakeholders to solve real-world problems. Operate effectively in an agile, fast-paced environment, adapting quickly to evolving business needs. Experience & Qualifications Bachelor s or Master s degree in Computer Science or a related field. 13+ years of industry experience solving complex technical problems. Proficiency in one or more programming languages such as Go, Java, C/C++, Scala, or Python. Experience designing and architecting large-scale distributed systems. Proven ability to guide and mentor engineers in scalable software design and implementation. Strong communication and collaboration skills. Experience with public cloud platforms (GCP, AWS, Azure) is a plus. About Rubrik Rubrik is on a mission to secure the world s data with its Zero Trust Data Security platform. Using machine learning, Rubrik Security Cloud protects data across enterprises, cloud, and SaaS environments, enabling resilience against cyberattacks, insider threats, and operational disruptions while ensuring data integrity and availability. Qualification : Bachelors or Masters degree in Computer Science or a related field.

Lead Network Engineer DDI & LB Location: Bengaluru, India Company: Chevron Experience: 10-15 Years Position Overview Chevron is seeking a Lead Network Engineer to join our ENGINE team. In this role, you'll design, implement, and maintain network solutions including DDI, load balancing, and network security for Chevron s enterprise-wide infrastructure. Key Responsibilities Design and implement enterprise-wide network infrastructure solutions (DDI, Load Balancer, DNS, DHCP). Provide tier-3 support for network troubleshooting, including load balancers like F5 and Azure. Lead network architecture and consulting efforts for DDI systems (TCPWave, BlueCat, InfoBlox). Collaborate with global teams to develop agile solutions and improve operational efficiency. Develop technical design documentation and ensure network security compliance. Key Skills & Qualifications Bachelor's or Master's degree in Computer Science, IT, or a related field. 10-15 years of experience in network engineering and wireless communications. Expertise in network services (DNS, DHCP, IPAM) and load balancing (F5, Azure). CCNP or CCIE certification required; additional certifications in Azure or Windows Server are a plus. Advanced proficiency in English (both written and verbal). Benefits Competitive salary and benefits package Health, dental, and vision insurance Retirement savings plan Paid time off and work-life balance Professional development programs Apply Now Equal Opportunity Statement Chevron is an equal opportunity employer, committed to diversity and inclusion in the workplace. Qualification : Bachelor's or Master's degree in Computer Science, IT, or a related field.

Join Our Team as a Security Operations Analyst Location: Bangalore, India (On-site) Department: Information Security At Cytiva, we are advancing the future of therapeutics from discovery to delivery. As a leading global provider of technology and services that help researchers and pharmaceutical companies develop and manufacture life-saving treatments, our work is integral to shaping the future of healthcare. We are seeking a Security Operations Analyst to join our global Information Security Team in Bangalore. In this key role, you will be at the forefront of protecting our digital assets and infrastructure by monitoring, analyzing, and responding to security incidents. By proactively identifying threats and vulnerabilities, you will help minimize risk and ensure business continuity. What You ll Do Lead Security Incident Response: Conduct advanced security incident analysis and digital forensics to identify and mitigate threats. Lead investigations into malware, network traffic anomalies, and endpoint detection. Provide Expertise: Guide and mentor L1 and L2 SOC analysts, enhancing the quality of security alerts and incident handling. Optimize Security Tools: Collaborate with engineering teams to fine-tune SIEM tools (e.g., Splunk, Microsoft Sentinel, Elastic Security) and other security technologies for improved detection and response. Proactive Threat Hunting: Identify hidden threats within the organization through threat hunting activities, reducing the potential attack surface. Enhance Security Posture: Partner with other IT and security teams to strengthen the overall security posture, ensuring resilient systems and infrastructures. Post-Incident Reporting: Produce detailed incident reports and provide recommendations for security improvements, leading post-incident reviews with cross-functional teams. Who You Are Experience: Minimum of 5+ years in a corporate IT environment, including at least 2 years in an L3 or senior analyst role. Security Knowledge: Deep expertise in security frameworks such as MITRE ATT&CK, NIST, CIS Controls, and ISO 27001. Technical Skills: Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar, ArcSight) and EDR/XDR solutions. Vendor certifications are a plus. Incident Response Expertise: Strong background in incident response, threat hunting, and forensic investigations. Cloud Security Knowledge: Familiarity with cloud security platforms (AWS, Azure, Google Cloud) and modern attack techniques. Certifications like OSCP, CEH are advantageous. Additional Skills That Would Be a Plus: Scripting & Automation: Proficiency in scripting (e.g., Python, PowerShell, Bash) to automate security processes and improve SOC workflows. Specialization: Expertise in EDR, SIEM, UBA, DLP, or Data Security. OT Environments: Experience with Operation Technology (OT) environments is an advantage. Innovative Culture: Join a dynamic, global team dedicated to advancing healthcare through technology and innovation. Impactful Work: Your role will directly contribute to the security and integrity of vital technologies used in the life sciences industry. Global Collaboration: Work with cross-functional teams around the world, contributing to an organization's critical security initiatives. Growth Opportunities: Benefit from continuous learning, career development, and the chance to make a tangible impact on both the organization and the industry. Apply now and be part of a team that is dedicated to ensuring the security of life-saving technologies.

Join Our Team as a Security Engineer Location: Bengaluru, India (On-site) Department: Global Information Security Reports to: Director of Information Security APAC At Cytiva, we are dedicated to advancing future therapeutics from discovery to delivery. As part of our Global Information Security Team, you ll work at the forefront of securing the systems, applications, and infrastructure that power critical healthcare solutions. Join us and play a key role in designing and implementing secure, resilient systems that ensure business continuity and safeguard our digital assets. What You Will Do Secure Architecture Design: Assist in developing and implementing secure architecture solutions for systems, applications, and infrastructure. Threat Modeling & Risk Assessment: Perform threat modeling and support security risk assessments to proactively identify vulnerabilities and mitigate potential threats. Design Reviews: Participate in security design reviews for applications and infrastructure across various environments, ensuring security best practices are followed. Security Technology Implementation: Deploy and manage enterprise security technologies, including Identity and Access Management (IAM), Data Loss Prevention (DLP), and Mobile Device Management (MDM). Regulatory Compliance: Ensure alignment with regulatory compliance and audit requirements, supporting the organization in maintaining secure, compliant systems. Who You Are Education: Bachelor s degree in Computer Science, Information Security, Cyber Security, or a related discipline. Experience: At least 5+ years of experience in security engineering or architecture, including expertise in threat modeling, risk assessment, and security architecture principles. Security Technologies: Hands-on experience with security technologies such as IAM, SIEM, EDR, DLP, and MDM. Cloud Security: Familiarity with cloud technologies (e.g., AWS, Azure, GCP) and cloud security best practices. Regulatory Compliance: Experience with frameworks and regulatory standards such as ISO 27001, NIST, and CIS Controls. Travel, Motor Vehicle Record & Physical/Environmental Requirements Travel: Ability to travel globally up to 10% of the time to support regional and global security initiatives. It Would Be a Plus If You Also Have: Experience conducting security design reviews for infrastructure, applications, and cloud environments. Expertise in implementing security standards and secure design patterns in alignment with frameworks like ISO 27001, NIST, and CIS Controls. Experience providing technical security advisory support to project teams, ensuring compliance with security and regulatory standards. Impactful Work: Your role directly influences the security and reliability of life-saving healthcare solutions used around the globe. Global Collaboration: Work with a diverse, dynamic, and global team of security experts dedicated to making a real difference. Career Development: Take advantage of opportunities for professional growth and continuous learning in a rapidly evolving industry. Apply now and join a global leader in advancing therapeutics and securing tomorrow s healthcare technologies. Qualification : Bachelors degree in Computer Science, Information Security, Cyber Security, or a related discipline.

Position: Analyst - SecOps (SOC Level 2) Job Overview: We are looking for a skilled SOC Level 2 Analyst to join our global Cyber Operations team. This critical role ensures the security of our organization by monitoring, detecting, and responding to security incidents. The Analyst will work on a rotating 24x7 shift schedule, including night shifts. The ideal candidate will have strong experience in SOC operations, incident response, and proficiency with cybersecurity tools and technologies. Key Responsibilities: Threat Detection and Incident Response: Monitor, analyze, and respond to global security alerts using SIEM/SOAR tools. Perform triage and analysis with sandboxing technologies and threat intelligence platforms. Investigate security events, implement containment and recovery strategies, and expedite workflows with AI/ML capabilities. Query and correlate security data using KQL (Kusto Query Language) to identify and address threats. Develop and manage automated detection rules and playbooks in Microsoft Sentinel. Enhance endpoint protection and data security using Microsoft Defender and MS Purview Data Loss Prevention (DLP) tools. Threat Hunting and Data Forensics: Perform proactive threat hunting and data forensics to identify and investigate potential threats. Use advanced threat intelligence platforms to refine detection strategies. Develop and execute SOC playbooks to improve response times and operational efficiency. Team Collaboration and Leadership: Provide assistance with complex incidents and investigations. Collaborate with USA security escalation teams and other departments to improve the organization s overall security posture. Contribute to the development and refinement of SOC procedures and best practices. Career Development: Opportunities for progression to roles like SOC Lead or SOC Architect. Access to continuous learning, certifications, and professional development resources. Regular performance reviews to discuss career growth and advancement. Qualifications: Bachelor s degree in Computer Science, Cybersecurity, or related field (preferred). 3-5 years of experience as a SOC Analyst, with lead responsibilities being a plus. Strong proficiency in KQL (Kusto Query Language) for querying and analyzing security data. Hands-on experience with Microsoft Sentinel (including rule creation, playbook implementation, and workbooks). Proficiency in Microsoft Defender and MS Purview DLP for endpoint protection and data security. Certifications such as CISSP, CEH, or CompTIA Security+ are a plus. Core Technologies and Expertise: Microsoft Sentinel: Expertise with SIEM, rule creation, playbooks, and workbooks. KQL (Kusto Query Language): Proficiency in querying and data correlation. Microsoft Defender: Strong knowledge of endpoint protection and threat detection. MS Purview DLP: Experience in data loss prevention strategies. Incident Response Tools: Knowledge of containment and recovery strategies. Vulnerability Management: Familiarity with assessments, penetration testing, and monitoring. Threat Intelligence Platforms: Ability to leverage and analyze threat intelligence. Network Security: Working knowledge of firewalls, IDS/IPS, and network security protocols. Data Forensics: Skilled in forensic analysis and investigation. SOC Playbooks: Ability to create and manage effective SOC playbooks. Additional Skills: Strong understanding of incident response processes and procedures. Excellent analytical, problem-solving, and communication skills. Ability to work collaboratively within a well-managed team. Rotational 24x7 shift coverage. Location: Bangalore, India (SKAV Seethalakshmi, GESC) Employment Type: Full-time Job Category: Information Technology Qualification : Bachelors degree in Computer Science, Cybersecurity, or related field (preferred).

Location: Bengaluru Designation: Assistant Manager Entity: Deloitte Unleash Your Potential with Deloitte India's impact on the global economy has skyrocketed, and at Deloitte, we offer you an opportunity to unlock your potential by working alongside leaders and organizations that are shaping the future, both in the region and beyond. At Deloitte, we celebrate the whole you. Join us, and you ll be part of a team driven to make an impact that matters by collaborating, innovating, and growing together. About the Team The Technology & Transformation team is about more than just numbers. It s about building upon past achievements, addressing current challenges, and laying the foundation for future success. At Deloitte, we help organizations navigate change, ensuring they stay ahead of the curve. Learn more about the Technology & Transformation Practice. Your Role and Responsibilities As an Assistant Manager (AM) in our Cyber Team, you'll play a key role in building and maintaining positive relationships with both internal teams and clients. Your main goal will be to exceed client expectations and ensure their security and privacy needs are met. Key responsibilities include: Security and Privacy Expertise: Apply knowledge in security and privacy domains such as governance, risk management, compliance, access control, security architecture, incident response, disaster recovery, business continuity, data protection, etc. Industry Standards: Leverage frameworks and standards such as PCI-DSS, ISO/IEC 27001, ISO/IEC 17799, COBIT, ITIL, and others. Risk Management: Demonstrate a deep understanding of security controls and risk management processes. Certifications: Preferably hold certifications like CEH, CISSP, CISA, ISO 27001, ISO 22301, or equivalent. Information Security Management: Assist in ISO 27001-based Information Security Management System (ISMS) implementation and maintenance. Assessing and Improving Security Posture: Evaluate client information security posture, identify risks, and develop solutions to close gaps. Information Security Controls: Review and implement security controls across various areas such as change management, incident management, access management, antivirus management, physical security, etc. Data Privacy: Advise clients on data privacy and information security topics like data leakage prevention and identity management. Client Guidance: Serve as a subject matter expert in security and privacy, supporting clients in developing frameworks and implementing solutions. Audits & Reviews: Conduct information systems audits covering IT infrastructure and advise on best practices for data protection. Desired Qualifications Educational Background: Degree in IT, Computer Science, or related fields. Certifications: PCI-DSS, ISO 27001, ISO 31000, ISO 22301, CISA, ITIL, or equivalent certifications preferred. Other Certifications: CISSP, CEH, GSEC, GCIH, LPT, CCSK, etc. are a plus. Location and Work Style Base Location: Bengaluru Travel: This role involves occasional or frequent travel to client locations. Hybrid Work: Deloitte s default work style is hybrid, tailored to the needs of each domain. Key Expectations for the AM Role As an Assistant Manager at Deloitte, you ll be expected to embrace and live our purpose. You should challenge yourself to identify key issues that matter to clients, your team, and society. Specifically, we expect our AMs to: Inspire and Lead: Lead with integrity, inclusivity, and motivation. Create Purpose: Help shape a vision and purpose that drives positive change. Be Agile: Deliver high-quality results through collaboration and teamwork. Build Diverse Capabilities: Develop and support future capabilities within the team. Influence & Persuade: Ability to influence stakeholders and drive decisions. Collaborate for Solutions: Work together to create new solutions for clients. Drive Value: Leverage business acumen to deliver client value. Expand Business: Spot and leverage new business opportunities. Analytical Thinking: Use data and analytics to inform decisions and recommend impactful solutions. Communication: Effectively communicate and structure ideas for win-win outcomes. Engagement Management: Manage engagements to ensure timely execution and quality results. Adapt to Change: Respond resiliently to changing environments and needs. Manage Quality & Risk: Ensure high-quality results while mitigating risks. Strategic Problem Solving: Apply strategic thinking to solve complex business challenges. Tech Savvy: Use ethical technology practices to create high-impact solutions. Empathy & Inclusion: Foster a safe, inclusive environment where everyone is valued. Growth at Deloitte Connect for Impact: Work alongside exceptional professionals solving complex global issues and making a positive impact on the community, society, and the planet. Empower to Lead: Regardless of your career level, you ll have opportunities to inspire, support, and grow both professionally and personally. Inclusion for All: We value diversity and inclusivity in everything we do. At Deloitte, we are committed to creating a culture where everyone feels respected, valued, and empowered. Drive Your Career: You have the autonomy to shape your career path. With global mobility, cross-business opportunities, and continuous upskilling, you can chart a fulfilling career journey. A Culture of Wellbeing At Deloitte, we prioritize your 360-degree wellbeing. Our workspaces and initiatives cater to your unique needs, including flexibility, accessibility, safety, and support for caregiving. Join us for a workplace where you can thrive. Your Next Step: Unleash Your Potential at Deloitte! Qualification : Degree in IT, Computer Science, or related fields.

Job Title: Security Engineer - II Location: Bangalore (On-site; full-time) About Locus: At Locus, we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastogi and Geet Garg, Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform. Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers. Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: Key Responsibilities: Conduct comprehensive threat modeling for applications, cloud infrastructure, and overall systems architecture. Perform secure code reviews and security assessments for web, Android, and iOS applications, with a strong focus on cloud infrastructure security. Proactively identify and mitigate vulnerabilities across platforms, collaborating with development and DevOps teams to implement secure solutions. Automate and streamline security processes, aligning with the principle that Complexity is the enemy of Security. Oversee Vulnerability Management and Patch Management processes, ensuring timely remediation. Design and implement robust security measures and contribute to Red Team activities, including assessments of cloud, network, wireless, physical, and social engineering scenarios. Take ownership of assigned tasks and drive the continuous improvement of security practices across the organization. Assist in setting up and maintaining monitoring systems to identify and respond to potential incidents in real time. Develop custom tools, scripts, and scanners to address unique security challenges and automate repetitive tasks. Provide architectural guidance for securing cloud-based applications and DevOps pipelines. Continuously stay updated on emerging security technologies and techniques, sharing knowledge with the team. Qualifications: 3-5 yrs experienced Sr security engineer. Expertise in cloud security (AWS, Azure, or GCP) with a strong understanding of securing applications and infrastructure in cloud environments. Proficiency in DevOps and DevSecOps practices, including secure CI/CD pipeline integration and automation. Strong knowledge of OWASP and SANS testing methodologies for identifying and mitigating security vulnerabilities. Good understanding of software security weaknesses, architecture vulnerabilities, and mitigation strategies. Hands-on experience in threat modeling, vulnerability assessments, and penetration testing. Proficiency in any scripting language - Python. Experience in developing or customizing tools, scanners, or extenders for specific security needs. Ability to work independently and collaboratively within a team to solve complex security challenges. Experience in implementing security monitoring systems for early incident detection. Strong problem-solving skills and the ability to think creatively to simulate attack scenarios. Certification in security-related fields (e.g., AWS Certified Security, CISSP, CEH, OSCP). Experience with container security and orchestration platforms like Kubernetes and Docker. Knowledge of Infrastructure as Code (IaC) tools like Terraform or CloudFormation. Familiarity with modern DevOps tools (e.g., Jenkins, GitLab, Ansible). Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

Job Title: IMPO UAM Authorization Analyst Location: Bengaluru, India Unit: Johnson & Johnson Innovative Medicine Principal Operations (IMPO) Job Type: Full-Time Employment Type: Permanent About Johnson & Johnson: At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, profoundly impacting health for humanity. Role Purpose: The IMPO UAM Authorization Analyst role at Johnson & Johnson is responsible for enhancing user access security and compliance within global SAP S/4 systems, while driving key User Access Management (UAM) initiatives. This role supports business adaptation through SAP S/4 HANA implementation, focusing on core SAP Manufacturing, Order to Cash, Procure to Pay, and Finance processes. The position is part of the IMUAM team, ensuring security requirements are designed and implemented compliantly within the Transcend Program, a global initiative for business transformation. Key Responsibilities: Security Workshops & Role Design: Lead security workshops to gather business and compliance requirements for role design, ensuring validation post-build for S/4 HANA Roles and Authorization requirements. UAM Strategy Development: Develop UAM strategies involving composite roles, Fiori tiles, business roles/user personas, and data security/UI masking concepts for S/4HANA. Data Validation & Compliance Documentation: Perform data validation, conduct health checks, and provide compliance documentation to ensure proper security implementation. Role Design & Testing: Design, test, and implement rule sets for SAP S/4HANA role design, ensuring they align with security protocols. User Account Setup & Support: Support role data and user account setup. Provide advice on role design testing and coordinate business UAT activities. Authorization Defects Management: Manage authorization defects and provide support for user cutover and Hypercare activities during and post-implementation. Collaboration & Training: Work closely with the Business Adaptation team to facilitate training, communication, and readiness across regions. Assist in transitioning between project phases and operational support teams. Compliance & Security Audits: Ensure compliance with internal and external standards through regular SAP security assessments and audits. Issue Troubleshooting & Resolution: Troubleshoot and resolve complex SAP security issues to maintain a secure environment. Documentation Management: Develop and maintain comprehensive documentation for SAP security policies, procedures, and configurations. Mentorship & Team Development: Train and mentor junior team members, promoting the implementation of SAP security standard processes. Qualifications: Required: Educational Background: Bachelor s degree in a relevant field (preferably Risk Management, Compliance, Audit). Experience: 6-8 years of experience in UAM within an enterprise risk management framework. Demonstrated expertise in SAP GRC Access Control and Identity Management tools. Hands-on experience with end-to-end SAP S/4HANA implementation, including Fiori. Deep knowledge of SAP authorization concepts, Segregation of Duties (SoD) mitigation, and remediation strategies. Proficiency in risk matrix/rule set maintenance, data analysis, conversion, and migration. Tools & Platforms: Experience with teamwork platforms (e.g., Confluence, Jira, MS Teams). Project Management: Strong project management and collaboration skills with experience in remote and virtual environments. Language Skills: Fluent in English with outstanding oral and written communication skills. Additional Experience: Experience in the pharmaceutical domain is a plus. Preferred: Industry Experience: Experience in Life Sciences, Pharmaceuticals, or similar industries. Leadership & Innovation: Demonstrated leadership skills with the ability to embrace innovation and promote a culture of continuous improvement. Project Management: Previous experience in a PMO role managing large-scale SAP implementation projects. Cross-Cultural Team Collaboration: Ability to work effectively with team members from different cultural and technical backgrounds. Other Requirements: Hybrid Work: Ability to work on-site a minimum of three days per week, with up to two remote workdays based on the flexible work policy. Travel: May require up to 10% domestic and/or international travel. Diversity & Inclusion: Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. We are committed to fostering an inclusive and diverse work environment, and we encourage applicants from all backgrounds to apply. We value diversity and do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, age, national origin, or veteran status. Qualification : Bachelors degree in a relevant field, with a preference for studies in Risk Management, Compliance, and Audit.

Location: Bengaluru (Land of startups, street food, and tech sorcery) Region: IN (aka Incredible India ) Your Mission (Should You Choose to Accept) We re on the hunt for a Data Defender Extraordinaire who knows their way around DLP (Data Loss Prevention) tools like a wizard with their spellbook. Your daily grind? Guarding sensitive data like it s the last slice of pizza at a party. Intrigued? Read on! What You'll Be Juggling Spot the weak spots assess, predict, and eliminate risks lurking in the DLP universe. Play DLP DJ fine-tune policies, tweak settings, and generate reports that even Sherlock would envy. Be the first responder to DLP alarms, acting faster than your favorite food delivery app. Team up with data owners, legal, and compliance crews because data protection is a team sport. Stay thirsty for knowledge keep your data defense skills sharp and shiny. Continuously polish DLP workflows innovation doesn t sleep, and neither do threats. Tinker with tools troubleshoot, upgrade, and experiment with new DLP features like a mad scientist. Brainstorm like a boss find smarter ways to shield data and improve our security fortress. Identify sneaky gaps and plug them with creative solutions (your inner detective will love this). Rethink risk scores like a pro because risk is rarely a static creature. Support the incident response squad from escalations to triage, you ve got their backs. Suggest clever ways to uncover hidden sensitive data because secrets love hiding in plain sight. Partner with legal eagles & compliance gurus to keep our data playbook always regulation-ready. Research like a lone wolf and solve tech puzzles solo when needed (self-starter vibes are welcome). Who We re Looking For 5+ years fighting the good fight in InfoSec, especially around Governance, Risk & Compliance (GRC). DLP veteran you ve configured, deployed, troubleshot, and reported your way through multiple tools. Natural leader either as a subject matter expert or a hands-on lead. Analytical ninja you can spot security puzzles no one else can and know exactly when to hit the panic button. Fluent in Windows & Mac (bonus points if you speak Linux too). Words matter you can write a killer email and explain technical gobbledygook to non-tech folks without breaking a sweat. Bonus superpower: Integrity. We want someone who does the right thing, even when no one s looking. In short: If you can talk DLP like a pro, think like a hacker (but stay on the good side), and communicate like a TED speaker we should probably talk.

Location: Bengaluru, India Role: Cybersecurity Analyst Company: Wipro Limited In a world where data is power, protecting that data is a mission, not just a job. As a Cybersecurity Analyst at Wipro, you ll be the guardian of sensitive information, spotting threats before they strike and building a resilient security posture for the organization. What You ll Do 1 Keep Customers Safe Deliver customer-centric cybersecurity, ensuring systems are fortified and risks are minimized. Monitor logs, security events, and access patterns to detect unusual, unauthorized, or illegal activity. Safeguard log sources, security configurations, and access controls. 2 Hunt, Analyze & Respond Track, analyze, and respond to security incidents escalated by L1 teams (24x7 rotational shifts). Perform log reviews and forensic analysis to understand unauthorized access or breaches. Use advanced analytics tools to identify emerging threat patterns. Conduct detailed root cause analysis and recommend specific, actionable improvements. 3 Be the Incident Commander Lead incident response efforts, coordinating with internal teams and customers for swift resolution. Plan and refine disaster recovery strategies for potential breaches. Create incident reports, dashboards, and analysis summaries to share insights and learnings. 4 Collaborate & Educate Work closely with internal technical leads, practice teams, and external customers to manage security concerns. Assist with internal and external audits, maintaining the information security risk register. Deliver cybersecurity awareness training for colleagues, turning every employee into a security ally. Provide hands-on advice and guidance on handling malicious emails, phishing attempts, and suspicious activity. Key Relationships Stakeholder Why You ll Work Together Internal Tech & Project Leads Regular updates, security reporting, coordination Security Intelligence Team For threat intelligence sharing and practice alignment Customers Direct support during incidents, ensuring transparency & fast resolutions What You Need to Succeed Technical Mastery Deep knowledge of Network Security devices, Firewalls, Endpoints, SIEM, Application Security, IDS/IPS, Vulnerability Assessments & Penetration Testing (VA/PT). Process Excellence Solid understanding of standards, processes, and automation tools to improve consistency and reduce risk. Communication & Collaboration Clear, effective communication skills you ll be the go-to person for explaining security risks to both techies and non-techies. How Your Success Will Be Measured Performance Area Measure Customer Focus Fast, effective resolution of security incidents for internal & external users Process Adherence 90-95% SLA compliance for response & resolution times Key Competencies Effective Communication Collaborative Working Execution Excellence Analytical Thinking & Problem Solving Reinvent Cybersecurity With Wipro This isn t just a job it s your chance to reinvent how organizations protect themselves in a rapidly evolving threat landscape. Join Wipro. Own the mission. Protect the future. Applications from people with disabilities are explicitly welcome.

Job Title: Application Security Engineer About PhonePe Group PhonePe is India s leading digital payments company with 500 million registered users and 37 million merchants, covering over 99% of India s postal codes. Building on its leadership in digital payments, PhonePe has expanded into financial services, including insurance, mutual funds, stock broking, and lending. It has also ventured into adjacent tech-enabled businesses such as Pincode for hyperlocal shopping and Indus App Store, India s first localized app store. The PhonePe Group is a portfolio of businesses aligned with the company s vision to offer every Indian an equal opportunity to accelerate their progress by unlocking the flow of money and access to services. Culture At PhonePe, we empower our people and trust them to do the right thing. We create an environment that enables you to give your best every day, from day one. If you are passionate about building technology that impacts millions, ideating with the brightest minds, and executing with purpose and speed, PhonePe is the place for you! Job Description We are looking for a skilled Application Security Engineer to join our team and strengthen our security posture. You will proactively identify and mitigate vulnerabilities across our web applications, APIs, and mobile apps. The ideal candidate will have a strong background in penetration testing, secure code review, and security automation. Roles & Responsibilities (What You Will Do) Penetration Testing: Perform penetration testing on web applications, APIs, and mobile apps, providing in-depth vulnerability analysis and remediation guidance. Secure Code Review: Conduct both manual and automated secure code reviews, primarily in Java, Python, and JavaScript. Security Automation: Develop security automation solutions using Python to streamline testing, improve coverage, and reduce manual effort. Collaborate with Development Teams: Work closely with development teams to ensure timely resolution of security issues within fast-paced release cycles. Threat Modeling: Create and maintain threat models, applying threat modeling techniques to proactively identify and mitigate design-level security risks. Security Education: Foster a security-first mindset by educating developers on secure coding practices, common vulnerabilities, and attack vectors. Effectively communicate security findings to stakeholders. What Makes You a Great Fit Experience: 1-5 years of experience in application security, penetration testing, or related fields. Penetration Testing Expertise: Strong penetration testing expertise with tools like Burp Suite, OWASP ZAP, semgrep, MobSF, Jadx-GUI, and other mobile security testing frameworks. DevSecOps Knowledge: Experience integrating security into the SDLC and familiarity with DevSecOps tools. Secure Coding Knowledge: Proficiency in secure coding principles, OWASP Top 10, CWE, and exploit techniques. Scripting Skills: Strong scripting skills (Python preferred) for security automation. Communication Skills: Excellent communication and stakeholder management abilities. Continuous Learning: Passion for continuous learning and staying updated on security trends. Certifications (Optional): Certifications like OSCP, OSWE, CRTP, or a proven Bug Bounty track record and/or CTF participation are a plus. PhonePe Full-Time Employee Benefits Insurance Benefits: Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance. Wellness Program: Employee Assistance Program, Onsite Medical Center, Emergency Support System. Parental Support: Maternity and Paternity Benefits, Adoption Assistance Program, Day-care Support. Mobility Benefits: Relocation Benefits, Transfer Support Policy, Travel Policy. Retirement Benefits: Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment. Other Benefits: Higher Education Assistance, Car Lease, Salary Advance Policy. Why Work at PhonePe Working at PhonePe is a rewarding experience. With great people, a work environment that thrives on creativity, and the opportunity to take on roles beyond your defined job description, PhonePe offers a chance to grow your career in an innovative, dynamic company.