Security Vulnerabilities Jobs in Bengaluru

IT System and Security Engineer Location: Bengaluru Work Type: Full-Time Company Overview Locus is a battle-tested, agentic Transportation Management System powering logistics across 30+ countries. In 2025, Locus joined the Ingka Group (IKEA Retail), combining high-growth tech agility with the scale of a global enterprise while continuing to operate independently. Role Overview We are seeking an IT System and Security Engineer to manage core IT operations, strengthen endpoint security, and ensure compliance. This hands-on role requires technical expertise to maintain a secure, compliant, and efficient environment across Google Workspace, Okta, and Jamf. Key Responsibilities Operations Management: Oversee user onboarding/offboarding, hardware provisioning, and complex troubleshooting. Security Administration: Monitor Okta, Jamf Pro, and Jamf Protect to ensure MFA enforcement and device encryption. Remediation: Proactively review and fix security vulnerabilities and compliance findings. Automation: Streamline routine tasks using Python, Bash, or Google Apps Script. Compliance & Audits: Maintain asset inventories and prepare evidence for SOC2 and ISO27001 readiness. Skills & Qualifications 2 5 years of experience in IT administration or security operations. Expertise: Google Workspace security and Identity Management (Okta). MDM Platforms: Proven experience with Jamf Pro, Intune, or equivalent tools. Scripting: Ability to write automation scripts in Python or Bash. Frameworks: Familiarity with SOC2 / ISO27001 compliance processes. What We Value Global Mindset: Curiosity about diverse markets. Driven: Energized by complex challenges. Thoughtful: Analytical and deliberate approach. Exact in Craft: Commitment to detail and excellence. Help redefine logistics through innovation. We offer competitive compensation, a supportive work environment, and the opportunity to scale IT security within the IKEA ecosystem.

Manager, Go-To-Market Technology Support Operations Location: Bengaluru Department: Business Technology Experience: 7+ Years (3+ Years in Team Management) Employment Type: Full-Time About Okta Okta is The World s Identity Company. We empower everyone to securely use any technology, on any device, from anywhere. Our Okta and Auth0 platforms offer secure access, authentication, and automation placing identity at the center of digital transformation and enterprise growth. At Okta, we celebrate diverse backgrounds and experiences. We aren t looking for a perfect fit we re looking for lifelong learners and collaborative builders who bring unique value to our mission. The Team You ll join the Go-To-Market Technology (GTM) group, a core part of Okta s Technology, Data & Intelligence (TDI) organization. Our vision: drive clarity, collaboration, and accountability across the business while enabling Okta s scale and growth. The Opportunity We re seeking a Manager to lead the Support Operations team within GTM Technology. This role is responsible for managing a team of Business Application Administrators who oversee and support Okta s GTM systems primarily Salesforce and integrated applications such as ServiceNow. You ll drive operational excellence, oversee capacity and team development, collaborate cross-functionally, and shape how we support and optimize business applications across global teams. This role requires strong technical know-how of the Salesforce ecosystem, a mindset for process improvement, and a passion for team leadership. Key Responsibilities Leadership & Talent Development Build, motivate, and lead a high-performing team of application administrators. Hire, mentor, and retain top talent through coaching and career planning. Provide direction and remove roadblocks to help your team succeed. Foster a culture of learning, ownership, and continuous improvement. Performance Management Define and track KPIs and team SLAs with a data-driven approach. Manage team resource allocation and adjust capacity as business needs shift. Identify skill gaps and build plans to address them through training and hiring. Cross-Functional Collaboration Partner with Technology, Data & Intelligence, Security, and Compliance teams to align on goals and incident handling. Refine escalation processes for a smooth support experience across teams. Enable seamless knowledge transfer and system supportability. Documentation & Automation Lead the Knowledge Centered Service (KCS) program to scale AI-driven incident resolution. Standardize and document team operational processes to ensure consistency. Security & Compliance Ensure all Salesforce and GTM-related systems adhere to compliance standards such as SOX. Collaborate with security teams on audits and mitigation of any vulnerabilities. Innovation Culture Encourage your team to explore new Salesforce, AI, and automation features. Promote participation in hackathons, Fix-It Days, and other internal innovation initiatives. Required Skills & Experience 7+ years of experience in IT or Business Systems, with 3+ years in people management. Strong expertise in the Salesforce ecosystem and enterprise SaaS tools like ServiceNow, Jira, Confluence, GitHub, etc. Experience in a global or multi-location work environment. Deep understanding of compliance (e.g., SOX) and security standards for enterprise applications. Proven track record of driving team innovation and embedding modern tools or practices. Excellent interpersonal and executive-level communication skills. Strong organizational, time management, and stakeholder alignment capabilities. Ability to remain resilient under pressure and maintain focus on team and business outcomes. High Impact: Drive global support operations for a critical business tech stack. Empowered Leadership: Build and lead a team in a dynamic, growing organization. Growth & Learning: Opportunities for continuous development in technology, leadership, and innovation. Collaborative Culture: Join a purpose-driven company with a human-centered, inclusive team culture. Join Us Become a part of a company that s transforming how identity is secured and scaled in the modern world. At Okta, you belong.

Job Title: Information Security Engineer Location: Bengaluru Company: Altisource (NASDAQ: ASPS) About Altisource At Altisource, we develop cutting-edge technologies and services for the mortgage and real estate industry. We re a trusted partner to 7 of the top 10 U.S. mortgage servicers, operate one of the leading real estate auction platforms, and support a cooperative with over 15% market share in the $1.8 trillion U.S. originations market. If you're passionate about cybersecurity and want to make an impact in a high-growth, tech-driven environment this is the role for you. Position Summary We re looking for a highly motivated Information Security Engineer to support our growing security operations. You will play a vital role in identifying and mitigating security risks across applications, systems, and networks. This role involves vulnerability assessments, code reviews, and automation of security tasks ensuring Altisource remains secure and compliant in a fast-paced environment. Key Responsibilities Conduct vulnerability assessments on applications, networks, and systems. Perform manual verification to reduce false positives and validate security fixes. Communicate identified vulnerabilities and recommend remediation steps to internal teams. Perform secure code reviews and assist development teams in fixing identified issues. Identify and mitigate risks throughout the software development lifecycle. Leverage commercial and open-source tools for vulnerability detection (e.g., Qualys, Nessus, Burp Suite). Assist in internal penetration testing initiatives. Develop internal tools and automate security tasks, leveraging AI where applicable. Stay updated on the latest threats, tools, and best practices in cybersecurity. Create detailed assessment reports and present findings to technical and non-technical stakeholders. Train and mentor team members on vulnerability management processes and tools. Required Qualifications Bachelor s degree in Computer Science, Engineering, or a related field. 3 to 5 years of hands-on experience in information security or related roles. Relevant certifications such as CEH, GIAC, or similar. Solid experience in: Network vulnerability assessments Application scanning and secure code review Windows, Linux, and Unix operating systems Familiarity with OWASP tools, methodologies, and security best practices. Strong communication skills both written and verbal. Preferred Skills Experience with tools like: Qualys, Nessus, Nexpose, SAINT Burp Suite Pro, HP WebInspect Static analysis tools (e.g., IBM AppScan Source, Fortify) Proficiency in one or more programming languages: Java, C, C++, .NET (C#, VB). Experience delivering training or presenting technical content to teams. Background in technical writing or web development is a plus. Be part of a team securing technologies used by top players in the mortgage and real estate space. Work with modern tools and frameworks. Enjoy a collaborative environment that supports innovation, growth, and learning. Qualification : Bachelors degree in Computer Science, Engineering, or a related field

Position: Security Engineer-2 Location: Bengaluru Employment Type: Full-Time Department: Engineering Job Description: We are seeking a proactive and skilled Security Engineer-2 to identify vulnerabilities, collaborate with development teams on mitigation strategies, and promote secure coding practices within the organization. You will play a critical role in ensuring the security and resilience of our products against emerging threats. Key Responsibilities: Conduct in-depth security assessments of products to discover vulnerabilities and demonstrate their exploitability and risk impact. Stay updated on emerging vulnerabilities and threats relevant to our products through independent research. Collaborate with developers to develop and implement mitigation and workaround plans according to security policies. Lead threat modeling and secure design review sessions with development teams to identify threats and define mitigation strategies. Conduct workshops to educate developers on threat modeling and secure coding principles. Prioritize and ensure mitigation of critical security defects during development sprints. Integrate and automate Static Application Security Testing (SAST) within the DevOps pipeline. Advocate and propagate secure coding principles across the development community. Serve as the primary point of contact for developers on critical secure development issues. Develop and deliver security training programs and technical workshops for developers and QA teams. Promote security awareness through tech talks and other knowledge-sharing activities. Required Qualifications and Skills: Strong knowledge of common vulnerabilities such as Cross-Site Scripting (XSS), SQL Injection, Cross-Site Request Forgery (CSRF), cryptographic weaknesses, and code injection. Proficiency in programming/scripting languages like Java, Ruby, and Python. Experience with cloud technologies and services. Ability to automate security testing processes and improve assessment productivity. Excellent communication skills to articulate security risks to both technical and non-technical audiences. Familiarity with industry-standard threat modeling, risk assessment, and vulnerability classification methodologies. Experience conducting white-box and grey-box security assessments, including architectural and API analysis. Knowledge of Secure Software Development Lifecycle (S-SDLC) and CI/CD integration. Bachelor s degree in Computer Science, Electrical Engineering, Computer Engineering, or equivalent experience in software engineering or security. Minimum 3 years of experience in application security or related security assessment roles. Deep understanding of attack vectors, exploits, and mitigation techniques, including chained attacks. Experience with languages such as Java, Go, Python, or Node.js (knowledge of multiple is a plus). Experience assessing cloud-native services, service meshes, and Kubernetes-based microservices. Strong problem-solving skills, able to think both offensively (like a hacker) and defensively (product security evaluation). Ability to learn new technologies and apply unconventional thinking to complex security challenges. Qualification : Bachelors degree in Computer Science, Electrical Engineering, Computer Engineering, or equivalent experience in software engineering or security

Position: Technical Lead - DevOps Location: Bangalore Rural, Karnataka, India Department: Data Platform and DevOps Employment Type: Subexian Experience Required: 3 to 6 years Job Overview: We are seeking an experienced Kubernetes Administrator with a strong background in managing containerized environments. The ideal candidate will have 4+ years of hands-on experience in deploying, configuring, and optimizing Kubernetes clusters to drive scalability, reliability, and performance. This is an excellent opportunity to leverage your expertise in Kubernetes orchestration while contributing to the overall success of our platform. Key Responsibilities: Cluster Management: Deploy, configure, and manage Kubernetes clusters both on-premises and across cloud platforms such as AWS, Azure, and GCP. Security & Compliance: Implement best practices for cluster security, including role-based access control (RBAC), network policies, and data encryption at rest and in transit. Automation: Automate cluster provisioning and ongoing management using tools like Terraform, Ansible, or Helm charts, streamlining operations and reducing manual tasks by 40%. Monitoring & Performance: Continuously monitor cluster health and performance metrics using tools like Prometheus, Grafana, ensuring high availability and optimal performance. CI/CD Pipelines: Design and implement CI/CD pipelines for containerized applications using tools such as Jenkins, GitLab CI/CD, and CircleCI to enable smooth continuous delivery. Collaboration: Work closely with development teams to troubleshoot issues, optimize application performance, and ensure compatibility with Kubernetes environments. Security Audits: Conduct regular security audits to identify vulnerabilities and ensure compliance with industry standards. Documentation: Maintain clear and comprehensive documentation for deployment procedures, configuration settings, and troubleshooting guides to enhance knowledge sharing within the team. Infrastructure Management: Administer and maintain Linux/Unix servers and virtualization platforms such as VMware or KVM, ensuring seamless operations across the infrastructure. Backup & Recovery: Implement and manage robust backup and disaster recovery solutions to ensure data integrity and minimize system downtime. Technical Support: Provide expert-level technical support for server and network infrastructure-related issues. Required Skills & Qualifications: Proven experience in Kubernetes deployment, configuration, and administration. Strong command of containerization technologies, including Docker and containerd. Hands-on experience with cloud platforms such as AWS, Azure, and GCP. Proficiency in Infrastructure as Code (IAC) tools like Terraform and Ansible. Familiarity with CI/CD pipelines and automation tools like Jenkins and GitLab CI/CD. Excellent troubleshooting and problem-solving skills. Strong communication and collaboration abilities, with the capability to work effectively across cross-functional teams. If you re passionate about DevOps, Kubernetes, and driving the success of containerized environments, we d love to hear from you!

Job Title: Cloud Architect SRE Location: Bangalore, India Shift: Rotational Shift Overview At Aptean, we build tailored ERP solutions that power transformation across industries from food production to manufacturing. In a world of generic enterprise software, our targeted products stand apart, delivering measurable results. With over 50 products, 3,000+ employees, and a global customer base, now is the perfect time to grow your career with us. About the Role We are looking for a highly skilled Cloud Architect SRE with deep expertise in Amazon Web Services (AWS) to lead the design, implementation, and management of cloud infrastructure. You ll play a pivotal role in defining our cloud strategy, enhancing system reliability, optimizing performance, and ensuring high availability and security across environments. Key Responsibilities Cloud Architecture & Strategy Design scalable, secure, and resilient AWS cloud architectures. Define and maintain architectural standards, templates, and best practices. Drive cloud governance, including IAM, PIM/PAM, and policy enforcement. Infrastructure & Automation Manage and troubleshoot AWS IaaS and PaaS services. Expertise in Windows Server OS, DNS, DHCP, RDWeb, and domain controllers. Implement automation and scripting for reporting, inventory, and orchestration. Optimize cloud resources for performance, reliability, and cost efficiency. Security & Compliance Implement AWS security controls including IAM, encryption, and network protection. Ensure compliance with frameworks like SOC2, BUPA, and internal policies. Conduct regular security assessments and resolve vulnerabilities. Cost Optimization Analyze and reduce cloud costs using AWS Cost Explorer, Trusted Advisor, etc. Leverage reserved and spot instances, right-sizing, and efficient resource management. Documentation Create and maintain detailed documentation including architecture diagrams, SOPs, and technical guides. Qualifications Education: Bachelor s degree in Computer Science, Information Technology, or a related field. Experience: 5+ years of hands-on experience designing and deploying AWS cloud architectures. Proven experience with AWS services such as EC2, S3, VPC, IAM, RDS, and CloudFormation. Proficiency with Infrastructure as Code (Terraform, CloudFormation). Strong understanding of networking protocols and DevOps principles. Certifications (preferred): AWS Certified Solutions Architect Professional AWS Certified DevOps Engineer Professional Soft Skills: Strong analytical and troubleshooting abilities Excellent communication and team collaboration Proactive and self-driven with the ability to work independently If you're passionate about solving complex technical challenges and shaping the future of cloud infrastructure, Aptean is the place for you. Our culture values diversity, inclusion, and collaboration where every voice matters and innovation thrives. Diversity & Inclusion at Aptean Aptean is committed to fostering a diverse, inclusive workplace. We celebrate differences in race, gender identity, sexual orientation, religion, disability, age, and background believing that diverse teams drive innovation and better results for our customers. Qualification : Bachelors degree in Computer Science, Information Technology, or a related field.

(Senior) Backend Engineer Location: Bengaluru (Whitefield) Team: Product Engineering Employment: Full-Time | Hybrid About Cognite Cognite is a global SaaS leader in AI and data-driven industrial transformation, powering industries like Oil & Gas, Chemicals, Pharma, Manufacturing, and Energy with products such as Cognite Atlas AI and Cognite Data Fusion (CDF). Recognized as a 2022 Technology Innovation Leader and 2024 Microsoft Energy and Resources Partner of the Year, Cognite is reshaping the future of industrial digitalization. Our Values Impact: Focused on delivering measurable results. Ownership: Taking responsibility beyond one s role to foster collaboration. Relentless: Innovating persistently and thoughtfully. About the Team and Role Join the Product team that develops Cognite Data Fusion , a robust platform enabling asset-intensive industries to leverage operational data at scale. You ll work in autonomous, cross-functional teams focused on delivering critical services, including authentication and authorization, that protect privileged customer data. As a Backend Engineer, you will: Develop and maintain scalable, secure backend features for CDF. Make architectural decisions balancing synchronous and asynchronous designs. Write high-quality, well-tested code integrated via continuous integration pipelines. Collaborate across engineering, product, and customer success teams to shape product direction. Monitor and improve service performance, reliability, and security. Proactively address technical debt and vulnerabilities. Keep documentation clear and up-to-date. Strong hands-on experience with software development in languages like Kotlin, Java, Python, or Rust. Ability to learn new languages and use the best fit for the task. Experience with large-scale cloud environments (AWS, GCP, or Azure) and Kubernetes. Familiarity with SaaS product environments is a plus. Expertise in designing and maintaining large-scale infrastructure and web services. Solid foundation in computer science fundamentals: data structures, algorithms, software design. Proven ability to prioritize work for maximum impact. Strong problem-solving skills and troubleshooting complex systems. Collaborative mindset working across teams with shared technical stacks. Work in a diverse, inclusive global organization with 70+ nationalities and a strong DEI focus. Modern, hybrid work environment based in Whitefield, Bengaluru. Flat organizational structure with direct access to decision-makers and minimal bureaucracy. Opportunity to collaborate with world-class talent on ambitious projects spanning multiple industries. Engage in the Cognite HUB to connect with peers and partners directly. Make Your Mark Join us to build cutting-edge industrial data solutions that empower better decisions and sustainable business value. Cognite welcomes candidates from all backgrounds and encourages you to apply even if your experience doesn t perfectly match every qualification.

Join Our Team as a Security Operations Analyst Location: Bangalore, India (On-site) Department: Information Security At Cytiva, we are advancing the future of therapeutics from discovery to delivery. As a leading global provider of technology and services that help researchers and pharmaceutical companies develop and manufacture life-saving treatments, our work is integral to shaping the future of healthcare. We are seeking a Security Operations Analyst to join our global Information Security Team in Bangalore. In this key role, you will be at the forefront of protecting our digital assets and infrastructure by monitoring, analyzing, and responding to security incidents. By proactively identifying threats and vulnerabilities, you will help minimize risk and ensure business continuity. What You ll Do Lead Security Incident Response: Conduct advanced security incident analysis and digital forensics to identify and mitigate threats. Lead investigations into malware, network traffic anomalies, and endpoint detection. Provide Expertise: Guide and mentor L1 and L2 SOC analysts, enhancing the quality of security alerts and incident handling. Optimize Security Tools: Collaborate with engineering teams to fine-tune SIEM tools (e.g., Splunk, Microsoft Sentinel, Elastic Security) and other security technologies for improved detection and response. Proactive Threat Hunting: Identify hidden threats within the organization through threat hunting activities, reducing the potential attack surface. Enhance Security Posture: Partner with other IT and security teams to strengthen the overall security posture, ensuring resilient systems and infrastructures. Post-Incident Reporting: Produce detailed incident reports and provide recommendations for security improvements, leading post-incident reviews with cross-functional teams. Who You Are Experience: Minimum of 5+ years in a corporate IT environment, including at least 2 years in an L3 or senior analyst role. Security Knowledge: Deep expertise in security frameworks such as MITRE ATT&CK, NIST, CIS Controls, and ISO 27001. Technical Skills: Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar, ArcSight) and EDR/XDR solutions. Vendor certifications are a plus. Incident Response Expertise: Strong background in incident response, threat hunting, and forensic investigations. Cloud Security Knowledge: Familiarity with cloud security platforms (AWS, Azure, Google Cloud) and modern attack techniques. Certifications like OSCP, CEH are advantageous. Additional Skills That Would Be a Plus: Scripting & Automation: Proficiency in scripting (e.g., Python, PowerShell, Bash) to automate security processes and improve SOC workflows. Specialization: Expertise in EDR, SIEM, UBA, DLP, or Data Security. OT Environments: Experience with Operation Technology (OT) environments is an advantage. Innovative Culture: Join a dynamic, global team dedicated to advancing healthcare through technology and innovation. Impactful Work: Your role will directly contribute to the security and integrity of vital technologies used in the life sciences industry. Global Collaboration: Work with cross-functional teams around the world, contributing to an organization's critical security initiatives. Growth Opportunities: Benefit from continuous learning, career development, and the chance to make a tangible impact on both the organization and the industry. Apply now and be part of a team that is dedicated to ensuring the security of life-saving technologies.

Join Our Team as a Security Engineer Location: Bengaluru, India (On-site) Department: Global Information Security Reports to: Director of Information Security APAC At Cytiva, we are dedicated to advancing future therapeutics from discovery to delivery. As part of our Global Information Security Team, you ll work at the forefront of securing the systems, applications, and infrastructure that power critical healthcare solutions. Join us and play a key role in designing and implementing secure, resilient systems that ensure business continuity and safeguard our digital assets. What You Will Do Secure Architecture Design: Assist in developing and implementing secure architecture solutions for systems, applications, and infrastructure. Threat Modeling & Risk Assessment: Perform threat modeling and support security risk assessments to proactively identify vulnerabilities and mitigate potential threats. Design Reviews: Participate in security design reviews for applications and infrastructure across various environments, ensuring security best practices are followed. Security Technology Implementation: Deploy and manage enterprise security technologies, including Identity and Access Management (IAM), Data Loss Prevention (DLP), and Mobile Device Management (MDM). Regulatory Compliance: Ensure alignment with regulatory compliance and audit requirements, supporting the organization in maintaining secure, compliant systems. Who You Are Education: Bachelor s degree in Computer Science, Information Security, Cyber Security, or a related discipline. Experience: At least 5+ years of experience in security engineering or architecture, including expertise in threat modeling, risk assessment, and security architecture principles. Security Technologies: Hands-on experience with security technologies such as IAM, SIEM, EDR, DLP, and MDM. Cloud Security: Familiarity with cloud technologies (e.g., AWS, Azure, GCP) and cloud security best practices. Regulatory Compliance: Experience with frameworks and regulatory standards such as ISO 27001, NIST, and CIS Controls. Travel, Motor Vehicle Record & Physical/Environmental Requirements Travel: Ability to travel globally up to 10% of the time to support regional and global security initiatives. It Would Be a Plus If You Also Have: Experience conducting security design reviews for infrastructure, applications, and cloud environments. Expertise in implementing security standards and secure design patterns in alignment with frameworks like ISO 27001, NIST, and CIS Controls. Experience providing technical security advisory support to project teams, ensuring compliance with security and regulatory standards. Impactful Work: Your role directly influences the security and reliability of life-saving healthcare solutions used around the globe. Global Collaboration: Work with a diverse, dynamic, and global team of security experts dedicated to making a real difference. Career Development: Take advantage of opportunities for professional growth and continuous learning in a rapidly evolving industry. Apply now and join a global leader in advancing therapeutics and securing tomorrow s healthcare technologies. Qualification : Bachelors degree in Computer Science, Information Security, Cyber Security, or a related discipline.

Job Title: Lead Systems Software Engineer Location: Bengaluru, Karnataka, India (On-Site) Team Overview: Join our Application Security team at Cloud Software Group, where we focus on protecting web applications and services from security threats. As a part of this passionate team, you will engage in application layer attack protection, threat intelligence, and the mitigation of OWASP attacks. We are highly focused on emerging security trends and delivering cutting-edge solutions to defend against advanced cyber threats. Job Description: As a Lead Systems Software Engineer, you will be responsible for implementing, configuring, and maintaining Web Application Firewalls (WAFs) to safeguard web applications and services. This role involves identifying security threats, performing security assessments, and collaborating with cross-functional teams to ensure security best practices are followed throughout the development lifecycle. Key Responsibilities: WAF Implementation & Maintenance: Implement and maintain Web Application Firewalls (WAFs) to protect web applications and services from security threats, including bot attacks. Security Policies & Rules: Develop and manage security policies and rules for WAFs to ensure the prevention of OWASP-Top-10 vulnerabilities, unauthorized access, data breaches, and other security incidents. Security Assessments & Penetration Testing: Conduct security assessments and penetration testing of web applications and services to identify vulnerabilities and recommend remediation measures. Collaboration: Work closely with other security teams and developers to ensure security best practices are integrated into the design, development, and maintenance of web applications and bot management systems. Emerging Threats Awareness: Stay informed on the latest security threats, technologies, and best practices to continually improve the security posture and protect against evolving threats for WAF and API. Incident Response: Participate in incident response and investigations as needed to identify the root cause of security incidents and implement corrective actions to prevent recurrence. Continuous Improvement: Lead initiatives to improve processes, systems, or products to enhance job area performance. Address complex security problems by considering multiple issues across various specialties. Qualifications: Education: Bachelor s (BE/B.Tech) or Master s degree in Computer Science, Information Security, or related fields, or equivalent work experience. Experience: 9-11 years of experience in network protocols (TCP, UDP, HTTP, DNS, SSL/TLS) and web application security, with a focus on WAFs and bot mitigation. Technical Expertise: Experience with industry-leading WAFs such as Citrix NetScaler AppFirewall, Imperva, ModSecurity, or F5 BIG-IP ASM. Proficiency in C, C++, and scripting languages like Python and Perl. Analytical Skills: Strong problem-solving abilities with a demonstrated capacity to identify and respond to security threats quickly. Communication Skills: Excellent verbal and written communication skills with the ability to collaborate effectively across teams and with stakeholders. About Us: Cloud Software Group is one of the largest cloud solution providers globally, serving over 100 million users. Our suite of cloud-based products powers productivity and collaboration, enabling real work to get done from anywhere. We value passion for technology, risk-taking, and innovation. If you re ready to be part of a company on the brink of transformative growth, now is the perfect time to join us. We are committed to Equal Employment Opportunity (EEO) and compliance with all applicable laws, ensuring a diverse and inclusive workplace for all. This position is ideal for individuals passionate about cybersecurity and looking to be at the forefront of web application protection and security innovations. Qualification : Bachelors (BE/B.Tech) or Masters degree in Computer Science, Information Security, or related fields, or equivalent work experience.

Job Title: Senior Systems Software Engineer Location: Bengaluru, Karnataka, India Team Overview: Join a team of Application Security experts at Cloud Software Group, where we focus on securing web applications and services. Our team is passionate about application layer attacks, protection mechanisms, threat intelligence, and protecting against OWASP threats. We re constantly evolving, staying at the forefront of emerging security trends. Job Description: As a Senior Systems Software Engineer, you will be responsible for implementing, configuring, and maintaining Web Application Firewalls (WAFs) to secure web applications and services from potential threats, including bot attacks. This role involves ensuring the effective operation of WAFs to prevent common vulnerabilities and unauthorized access, conducting security assessments, and collaborating with other security and development teams to enhance the security posture of our web applications. Key Responsibilities: WAF Implementation & Maintenance: Implement, configure, and maintain Web Application Firewalls (WAFs) to protect against security threats like OWASP-Top-10 vulnerabilities, unauthorized access, data breaches, and bot attacks. Security Policy & Rule Development: Develop and manage security policies and rules for WAFs to enhance their effectiveness in preventing security incidents. Penetration Testing & Security Assessments: Perform security assessments and penetration testing of web applications and services to identify vulnerabilities and recommend remediation actions. Collaboration: Work closely with other security teams, developers, and stakeholders to ensure security best practices are followed in the design, development, and deployment of features for web applications and bot management. Stay Updated on Security Trends: Keep informed about emerging security threats and technologies, continually improving security mechanisms to safeguard against new threats for WAF and API. Incident Response: Participate in incident response and investigations to understand the root cause of security breaches and implement corrective actions to prevent future incidents. Process Improvement: Lead initiatives for improving processes, systems, and products to optimize the performance and effectiveness of security measures. Qualifications: Education: Bachelor's (BE/B.Tech) or Master s degree in Computer Science, Information Security, or related fields, or equivalent professional experience. Experience: At least 5 years of experience working with network protocols like TCP, UDP, HTTP, DNS, SSL/TLS, and web application security, particularly in WAF and bot mitigation. Technical Skills: Proficiency with industry-leading WAF solutions like Citrix NetScaler AppFirewall, Imperva, ModSecurity, or F5 BIG-IP ASM. Experience in programming languages such as C, C++, and scripting languages like Python or Perl. Problem-Solving Skills: Strong analytical and problem-solving abilities to identify, assess, and mitigate security threats quickly. Communication & Collaboration: Excellent communication skills, with the ability to effectively collaborate with stakeholders across teams. About Us: Cloud Software Group is one of the world s largest providers of cloud solutions, empowering more than 100 million users globally. At Cloud Software Group, we re building the future of work, enabling people to get things done from anywhere. Our team thrives on passion for technology, embracing the courage to take risks and innovate. We re on the brink of another significant leap in technology evolution and we need experts like you to help us get there. If you're passionate about cybersecurity and eager to drive innovations, this is the perfect time to join us and be part of something transformative. Qualification : Bachelor's (BE/B.Tech) or Masters degree in Computer Science, Information Security, or related fields, or equivalent professional experience.

Technical Consultant - Security Intel & Operations Consulting Services Location: Bangalore, Karnataka, India Job Type: Full-Time Experience Level: Senior Introduction: At IBM Consulting, we believe that work is more than just a job it's a calling. In the role of Technical Consultant - Security Intel & Operations, you will be part of our Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to both public and private sector clients across the globe. Our team helps clients to innovate, adopt new technologies, and improve their security posture. Your Role and Responsibilities: As a Senior SOC Analyst working within the 24/7 Cyber Fusion Center (CFC), your role will involve the proactive monitoring, triaging, analyzing, and escalating incidents in client environments. You will be tasked with utilizing various cyber operations tools and technologies to analyze data, detect security threats, and mitigate risks. Your expertise will contribute to maintaining the security integrity of client systems and ensuring efficient incident response. Key Responsibilities: Incident Monitoring & Analysis: Monitor and analyze security events using various cybersecurity tools like SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions to detect potential threats and mitigate risks. Perform event correlation using multiple data sources to understand the nature of security incidents and determine their impact on client environments. Threat Detection & Mitigation: Analyze alerts to identify active threats, perform root cause analysis, and apply appropriate mitigation techniques for both structured and unstructured environments. Evaluate security incidents across AWS and Azure environments, analyzing system, network, and email security events. Proactive Cybersecurity Measures: Conduct root cause analysis of security events and recommend actions to address vulnerabilities. Contribute to the development and constant improvement of SOC runbooks and playbooks to optimize security operations. Collaboration & Reporting: Work closely with cross-functional teams to escalate critical incidents and provide daily summary reports on activities relevant to cyber operations. Lead discussions on incident trends, perform cyber operations trend analysis, and report on findings to ensure continuous security enhancement. Continuous Improvement: Recommend improvements to automations, alert fidelity, and security controls to improve security efficacy and response time. Engage in team meetings, calls, and chats, contributing technical insights to enhance security strategies and tactics. Required Education and Experience: Education: Bachelor s Degree in Computer Science, Information Technology, Cybersecurity, or related fields. A Master s Degree is preferred but not required. Experience: Extensive experience working as a SOC Analyst or similar cybersecurity roles, especially in a 24/7 security operations center environment. Proficient in event analysis, log analysis, and network event management. Hands-on experience with cloud environments such as AWS and Azure, with a focus on cybersecurity threats and mitigations. Solid understanding of TCP/IP network security, modern attack techniques, exploitation methods, and operating system security. Preferred Technical and Professional Experience: Security Tools & Platforms: Experience with CyberArk, Azure SSO, and other enterprise security technologies. Knowledge of enterprise web technologies and cutting-edge security infrastructures. Familiarity with security automation tools and best practices for improving alert fidelity and security controls. Advanced Event & Threat Analysis: Proven ability to perform high-quality triage and in-depth analysis of security alerts. Experience in documenting incidents and escalating critical issues with appropriate cyber operations reports. Communication & Collaboration: Strong verbal and written communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders. Ability to actively contribute to team discussions, runbook creation, and security playbook updates. Global Impact: Join a globally recognized team working at the forefront of cybersecurity, helping to shape the future of digital security. Career Development: IBM offers a strong focus on professional growth, offering learning opportunities, certifications, and exposure to the latest security technologies. Collaborative Culture: Be part of a collaborative and dynamic team, working together to tackle the most pressing security challenges faced by businesses around the world. If you are ready to contribute to the security and resilience of leading global organizations, we invite you to apply and be a part of our forward-thinking security team at IBM Consulting. Qualification : Bachelors Degree in Computer Science, Information Technology, Cybersecurity, or related fields.

Job Description: Site Reliability Engineer - OCI Cloud Engineering Team Role: Site Reliability Engineer (SRE) Team: OCI OLTP (Online Transaction Processing) Location: Kiev Career Level: IC2 Experience: 5+ years Overview: Oracle Cloud Infrastructure s (OCI) OLTP organization is seeking a Site Reliability Engineer (SRE) to join our dynamic and fast-paced Cloud engineering team. The team is responsible for mission-critical distributed systems and cloud services, and we are looking for an engineer who is deeply interested in databases, distributed systems, and cloud services. If you thrive in an environment where innovation, problem-solving, and operational excellence intersect, this is an exciting opportunity for you! As a member of the SRE services, you will focus on Cloud Services, building deployments, operations, security vulnerability mitigation, and automation. You will be instrumental in fostering a culture of Site Reliability Engineering (SRE) within the team, and your work will directly contribute to ensuring the stability, performance, and reliability of Oracle s global cloud service infrastructure. This role requires someone who is adaptable, highly motivated, and capable of managing large-scale cloud environments with a focus on continuous improvement. Key Responsibilities: Cloud Service Operations & Reliability: Deploy, operate, and maintain large-scale cloud service products in a highly available, fault-tolerant, and scalable environment. Collaborate with internal teams to identify and mitigate cross-team issues that pose operational risks to cloud services. Focus on systems reliability and ensure the continuous availability of cloud services by automating tasks and eliminating manual interventions. Automation & Improvements: Automate operational tasks and improve service deployments, focusing on scaling, performance, and uptime. Contribute to CI/CD systems, ensuring seamless integration and continuous delivery for cloud-based services. Leverage automation tools such as Terraform, Grafana, and Bitbucket to streamline operations. Security & Incident Response: Mitigate security vulnerabilities within cloud services and ensure compliance with Oracle's security standards. Participate in on-call rotations to provide immediate troubleshooting support and ensure rapid issue resolution. Perform deep analysis of service performance and collaborate with team members to diagnose and resolve issues that affect service availability or performance. Collaborative Problem-Solving: Work closely with cross-functional teams, including development, database, networking, and storage experts, to ensure the reliability and performance of services. Identify systemic issues and potential risks, develop solutions, and ensure proper documentation and communication with stakeholders. Documentation & Knowledge Sharing: Contribute to documentation such as runbooks, operational guides, and troubleshooting manuals. Mentor junior engineers and share knowledge on best practices for site reliability engineering and cloud service operations. Continuous Learning: Stay up to date with new cloud technologies, trends, and best practices, and actively implement them in your day-to-day work. Technical and Professional Requirements: Cloud Services & Infrastructure: 5+ years of experience in SRE, DevOps, or Automation roles with a focus on large-scale infrastructure and cloud services. Hands-on experience with cloud platforms (e.g., OCI, AWS, Azure) and expertise in compute, database, networking, and storage services within cloud environments. Automation & Tooling: Proficiency with automation tools such as Terraform, Grafana, LumberJack, and Shepherd. Solid experience in using CI/CD tools and processes for cloud service deployments and operations. Scripting & Systems: Strong knowledge of scripting languages, particularly Python and Java. Familiarity with Linux systems, docker containers, virtualized infrastructure, and orchestration (e.g., Kubernetes). Performance & Troubleshooting: Excellent troubleshooting skills with a focus on performance, availability, reliability, and scalability of distributed systems. Experience in operating fault-tolerant, highly available, high-throughput distributed systems. Security & Incident Management: Familiarity with security practices and mitigating security vulnerabilities in cloud services. Proven ability to handle incident response and provide efficient troubleshooting during on-call rotations. Collaboration & Communication: Strong verbal and written communication skills, capable of working effectively with diverse teams across multiple geographies. Ability to work in a highly collaborative environment, driving operational excellence and customer satisfaction. Preferred Qualifications: Experience in operating and maintaining multi-tenant, cloud-based infrastructure with a focus on scalability and high availability. Familiarity with tools and platforms like Grafana, Prometheus, and other observability and monitoring tools. Experience in networking and storage technologies in a cloud environment. Joining OCI s OLTP team as an SRE gives you the opportunity to work with cutting-edge technologies and contribute to the operational excellence of Oracle s global cloud infrastructure. This is a chance to grow your skills in a highly dynamic environment and to solve complex problems that directly impact mission-critical cloud services. With a focus on automation, scalability, and high performance, you will be an essential part of a team that powers Oracle s leading cloud services. If you are an experienced engineer passionate about cloud technologies, automation, and ensuring the reliability of large-scale systems, we encourage you to apply and join us in this exciting journey!

Job Title: Security Engineer - II Location: Bangalore (On-site; full-time) About Locus: At Locus, we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastogi and Geet Garg, Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform. Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers. Join us at Locus and be part of a team shaping the future of global logistics. Job Overview: Key Responsibilities: Conduct comprehensive threat modeling for applications, cloud infrastructure, and overall systems architecture. Perform secure code reviews and security assessments for web, Android, and iOS applications, with a strong focus on cloud infrastructure security. Proactively identify and mitigate vulnerabilities across platforms, collaborating with development and DevOps teams to implement secure solutions. Automate and streamline security processes, aligning with the principle that Complexity is the enemy of Security. Oversee Vulnerability Management and Patch Management processes, ensuring timely remediation. Design and implement robust security measures and contribute to Red Team activities, including assessments of cloud, network, wireless, physical, and social engineering scenarios. Take ownership of assigned tasks and drive the continuous improvement of security practices across the organization. Assist in setting up and maintaining monitoring systems to identify and respond to potential incidents in real time. Develop custom tools, scripts, and scanners to address unique security challenges and automate repetitive tasks. Provide architectural guidance for securing cloud-based applications and DevOps pipelines. Continuously stay updated on emerging security technologies and techniques, sharing knowledge with the team. Qualifications: 3-5 yrs experienced Sr security engineer. Expertise in cloud security (AWS, Azure, or GCP) with a strong understanding of securing applications and infrastructure in cloud environments. Proficiency in DevOps and DevSecOps practices, including secure CI/CD pipeline integration and automation. Strong knowledge of OWASP and SANS testing methodologies for identifying and mitigating security vulnerabilities. Good understanding of software security weaknesses, architecture vulnerabilities, and mitigation strategies. Hands-on experience in threat modeling, vulnerability assessments, and penetration testing. Proficiency in any scripting language - Python. Experience in developing or customizing tools, scanners, or extenders for specific security needs. Ability to work independently and collaboratively within a team to solve complex security challenges. Experience in implementing security monitoring systems for early incident detection. Strong problem-solving skills and the ability to think creatively to simulate attack scenarios. Certification in security-related fields (e.g., AWS Certified Security, CISSP, CEH, OSCP). Experience with container security and orchestration platforms like Kubernetes and Docker. Knowledge of Infrastructure as Code (IaC) tools like Terraform or CloudFormation. Familiarity with modern DevOps tools (e.g., Jenkins, GitLab, Ansible). Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization. Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.

At FalconX, we re a team of operators, investors, and builders revolutionizing institutional access to the cryptocurrency markets. Positioned at the intersection of traditional finance and cutting-edge technology, FalconX addresses the unique challenges of the digital asset market, providing comprehensive solutions for all digital asset strategies. By acting as the connective tissue, we enable clients to navigate the ever-evolving crypto landscape with ease and precision. Job Title: Senior Cloud Engineer (Security Implementation) We re on the lookout for a highly skilled Senior Cloud Engineer to join our team. This role will focus on implementing and maintaining strong security measures for our cloud infrastructure, with a strong emphasis on hands-on security implementation and cloud security best practices. You ll play a crucial role in ensuring the integrity and safety of our cloud-based systems, leveraging cutting-edge technologies and best practices in cloud security. What You'll Do: Cloud Infrastructure Security Implement and maintain robust security measures for our cloud-based systems, with a primary focus on AWS technologies. Conduct regular vulnerability assessments and patching of EC2 instances using Ansible and other AWS-native tools. Develop and maintain Infrastructure as Code (IaC) using Terraform for IAM, Cloudflare, and other AWS components to automate and enhance security practices. Automation and Scripting Design, develop, and maintain automation scripts and workflows to streamline security operations and incident response. Create and update Ansible playbooks to ensure consistent and secure configurations across all cloud resources. Compliance and Best Practices Ensure our cloud infrastructure aligns with industry security standards and compliance requirements. Stay ahead of the curve on emerging cloud security threats and proactively implement measures to mitigate risks. Collaboration and Documentation Collaborate closely with DevOps and development teams to integrate security practices into the CI/CD pipeline. Maintain clear, comprehensive documentation on security processes, configurations, and incident response procedures. What You Need to Bring: Qualifications Bachelor s degree in Computer Science, Information Security, or a related field. 5+ years of experience in cloud engineering, with a focus on AWS technologies. Hands-on expertise with Terraform, Ansible, and key AWS services like EC2, IAM, Cloudflare, Kubernetes (K8s), etc. Proficiency in scripting languages such as Python or Bash. In-depth Knowledge Strong understanding of cloud security best practices and common vulnerabilities within cloud environments. Experience using cloud security tools to enhance security posture. Skills Excellent problem-solving skills with a sharp attention to detail, especially in high-pressure situations. Strong ability to implement scalable and reliable cloud infrastructure solutions with a focus on security. Preferred Qualifications: Certifications AWS Certified Security - Specialty or other cloud security certifications. Experience with multi-cloud environments (AWS, Azure, GCP). Familiarity with container security and Kubernetes. Knowledge of compliance frameworks such as SOC 2, ISO 27001, or PCI DSS. At FalconX, we are at the forefront of institutional crypto trading, constantly innovating to stay ahead of market trends and technological advancements. By joining us, you'll be an integral part of shaping the future of crypto markets and cloud security. You ll work with cutting-edge tools and technologies, tackling complex challenges and making a significant impact in an evolving industry. If you're passionate about cloud security and want to be part of a fast-paced, forward-thinking team, we d love to hear from you! Notice at Collection and Privacy Policy Applicants located in California or applying to a role based in California should review our Notice at Collection and Privacy Policy [here]. Qualification : Bachelor's degree in Computer Science, Information Security, or related field.

Job Title: Lead Engineer Software Test & Release Location: Bangalore Job Summary We are looking for a skilled Security Test and Automation Engineer with 7-9 years of experience in Security Verification and Validation, particularly on Embedded Systems. The ideal candidate will have 3-4 years of leadership experience in managing a team of security test engineers and hands-on expertise in scripting languages like Python, Java, and AI/ML-based tools. The primary responsibility will be to develop and execute security testing strategies across various domains including Devices, Automotive, Medical Devices, and Telecom Infrastructure (Wireless and Wired). Key Responsibilities Security Test Strategy: Develop and execute a comprehensive security test and automation strategy across multiple domains like Devices, Automotive, Medical Devices, and Telecom Infrastructure. Collaborate with project teams to capture best practices, share knowledge about the latest tools and technologies, and identify opportunities for new solution development. Understand client requirements for security testing and prepare proposals related to Security and Penetration Testing. Penetration Testing: Work with clients to understand their testing needs (e.g., number and types of systems for testing). Plan, create, and execute penetration methods, scripts, and tests to assess the security of systems. Perform remote or on-site security testing of a client s network or infrastructure to uncover vulnerabilities. Simulate security breaches to test system vulnerabilities and identify potential threats. Generate detailed reports outlining security issues, the level of risk, and recommendations for remediation. Team Leadership and Development: Lead and mentor a team of security test engineers, providing guidance on technical challenges and professional growth. Conduct reviews of designs, code, and test plans to identify risks and ensure quality deliverables. Identify training needs for the team and provide support for their technical development. Risk Analysis and Requirement Management: Conduct requirement analysis and feasibility studies, considering risk identification and mitigation. Perform system-level work estimation and ensure timely delivery of high-quality work. Ensure traceability of requirements from design to delivery, while optimizing code and ensuring test coverage. Continuous Improvement: Participate in technical initiatives within the project and organization, delivering training and maintaining a high level of technical competence through ongoing self-study and technical assessments. Identify and implement improvements in security testing practices and tools. Required Skills and Experience 7-9 years in Security Verification and Validation on Embedded Systems. 3-4 years of experience leading a team of security test engineers. Hands-on experience with scripting languages like Python, Java, and AI/ML-based tools. Experience in penetration testing and security assessments for embedded systems and network infrastructures. Technical Expertise: Strong knowledge of security testing methodologies, vulnerability assessments, and penetration testing. Proficiency in scripting languages (Python, Java, Perl, Shell scripts, TCL). Experience in Automation Frameworks for security testing. Understanding of network protocols (2G, 3G, LTE, 5G) and security concerns within telecommunications and embedded systems. Certifications: Bachelor s degree in Engineering or equivalent. Certifications in Security Testing (e.g., Certified Ethical Hacker - CEH) are highly desirable. Tools and Technologies: Experience with test and trace/log collection tools such as QXDM, QCAT, QPST, Prism, and other telecom instruments (e.g., Anritsu, Keysight). Familiarity with automation scripting tools like RTD (for Anritsu) or equivalent. Knowledge of Linux host platforms and network simulation tools. Specialization: Expertise in 2G, 3G, 4G, 5G, Interop Testing, and VSAT-SATCOM technologies. Understanding of 3GPP specifications and network vendor tests. Desirable Skills Strong problem-solving and analytical skills to identify vulnerabilities and assess risks in systems. Ability to provide strategic and actionable insights based on security findings. Ability to communicate complex security issues to non-technical stakeholders. Leadership and mentoring capabilities to guide junior engineers and promote team development. Work Environment Location: Bangalore Opportunity to work in a dynamic environment with the latest tools and technologies in the security testing domain. If you have a passion for security testing and automation, along with a desire to lead and contribute to impactful projects, this is the perfect opportunity for you! Apply now to join our team and make a significant impact in the field of security testing.

Job Title: Application Security Engineer About PhonePe Group PhonePe is India s leading digital payments company with 500 million registered users and 37 million merchants, covering over 99% of India s postal codes. Building on its leadership in digital payments, PhonePe has expanded into financial services, including insurance, mutual funds, stock broking, and lending. It has also ventured into adjacent tech-enabled businesses such as Pincode for hyperlocal shopping and Indus App Store, India s first localized app store. The PhonePe Group is a portfolio of businesses aligned with the company s vision to offer every Indian an equal opportunity to accelerate their progress by unlocking the flow of money and access to services. Culture At PhonePe, we empower our people and trust them to do the right thing. We create an environment that enables you to give your best every day, from day one. If you are passionate about building technology that impacts millions, ideating with the brightest minds, and executing with purpose and speed, PhonePe is the place for you! Job Description We are looking for a skilled Application Security Engineer to join our team and strengthen our security posture. You will proactively identify and mitigate vulnerabilities across our web applications, APIs, and mobile apps. The ideal candidate will have a strong background in penetration testing, secure code review, and security automation. Roles & Responsibilities (What You Will Do) Penetration Testing: Perform penetration testing on web applications, APIs, and mobile apps, providing in-depth vulnerability analysis and remediation guidance. Secure Code Review: Conduct both manual and automated secure code reviews, primarily in Java, Python, and JavaScript. Security Automation: Develop security automation solutions using Python to streamline testing, improve coverage, and reduce manual effort. Collaborate with Development Teams: Work closely with development teams to ensure timely resolution of security issues within fast-paced release cycles. Threat Modeling: Create and maintain threat models, applying threat modeling techniques to proactively identify and mitigate design-level security risks. Security Education: Foster a security-first mindset by educating developers on secure coding practices, common vulnerabilities, and attack vectors. Effectively communicate security findings to stakeholders. What Makes You a Great Fit Experience: 1-5 years of experience in application security, penetration testing, or related fields. Penetration Testing Expertise: Strong penetration testing expertise with tools like Burp Suite, OWASP ZAP, semgrep, MobSF, Jadx-GUI, and other mobile security testing frameworks. DevSecOps Knowledge: Experience integrating security into the SDLC and familiarity with DevSecOps tools. Secure Coding Knowledge: Proficiency in secure coding principles, OWASP Top 10, CWE, and exploit techniques. Scripting Skills: Strong scripting skills (Python preferred) for security automation. Communication Skills: Excellent communication and stakeholder management abilities. Continuous Learning: Passion for continuous learning and staying updated on security trends. Certifications (Optional): Certifications like OSCP, OSWE, CRTP, or a proven Bug Bounty track record and/or CTF participation are a plus. PhonePe Full-Time Employee Benefits Insurance Benefits: Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance. Wellness Program: Employee Assistance Program, Onsite Medical Center, Emergency Support System. Parental Support: Maternity and Paternity Benefits, Adoption Assistance Program, Day-care Support. Mobility Benefits: Relocation Benefits, Transfer Support Policy, Travel Policy. Retirement Benefits: Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment. Other Benefits: Higher Education Assistance, Car Lease, Salary Advance Policy. Why Work at PhonePe Working at PhonePe is a rewarding experience. With great people, a work environment that thrives on creativity, and the opportunity to take on roles beyond your defined job description, PhonePe offers a chance to grow your career in an innovative, dynamic company.

Infosec Lead Experience: 5-7 Years | Location: Bengaluru About Gameskraft: Founded in 2017, Gameskraft is one of India s fastest-growing online gaming companies. Our mission is to build a safe, secure, and responsible gaming ecosystem while delivering unmatched experiences through innovation and technology. As the industry s only ISO 27001 and ISO 9001 certified company, we set the highest benchmarks in security, design, and performance. Job Summary: We are seeking an experienced Infosec Lead to drive our security strategy, ensuring robust web security, application security, and compliance across the organization. You will be responsible for leading a team of security professionals, implementing best-in-class security measures, and ensuring compliance with industry regulations such as HIPAA, PCI-DSS, ISO, and GDPR. Key Responsibilities: Security Strategy & Program Management: Develop, implement, and maintain a comprehensive security program to safeguard company assets, systems, and data. Collaborate with cross-functional teams to integrate security into product development and business operations. Conduct risk assessments and vulnerability analyses to identify and mitigate security threats. Compliance & Regulatory Adherence: Ensure compliance with HIPAA, PCI-DSS, ISO, GDPR, and other relevant security frameworks. Maintain security certifications and drive adherence to regulatory standards. Develop and enforce security policies, standards, and procedures. Incident Response & Risk Management: Lead incident response efforts, including investigation, containment, and remediation. Continuously monitor security threats, emerging trends, and vulnerabilities to strengthen cyber resilience. Provide security guidance and risk analysis during product launches and infrastructure changes. Team Leadership & Stakeholder Collaboration: Lead and mentor a team of security professionals, fostering a culture of security awareness across the organization. Work closely with engineering, IT, legal, and business teams to embed security best practices. Present regular security reports and key performance metrics to senior management. What You Bring to the Table: Education: Bachelor s or Master s degree in Computer Science, Information Security, or a related field. Experience: 5-7 years of experience in information security, with a strong focus on web security, application security, and compliance. Proven track record in leading security teams and managing enterprise security programs. Technical Expertise: Strong knowledge of security technologies such as firewalls, IDS/IPS, SIEM, encryption, authentication protocols, and penetration testing tools. Experience with cloud security (AWS, Azure, GCP) and DevSecOps methodologies. Familiarity with secure coding practices and application security frameworks (OWASP, NIST, CIS Controls). Hands-on expertise in risk assessment, vulnerability management, and security architecture design. Certifications (Preferred): CISSP, CISM, CISA, CEH, or equivalent industry-recognized security certifications. Soft Skills & Leadership: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to influence and drive security initiatives across multiple teams. Work Culture at Gameskraft: Startup Environment: Fast-paced, ownership-driven culture where innovation and agility thrive. Impactful Work: Direct contribution to securing one of India s largest gaming platforms. Collaboration: Work alongside some of the best minds in the gaming and consumer internet industry. Data-Driven: Leverage analytics to enhance security posture and decision-making. Compensation & Benefits: Attractive Compensation & ESOPs Competitive salary with equity options. Health Insurance 5 Lakh medical cover for you and your family. Car Lease Policy Exclusive leasing options for employees. Relocation Benefits Assistance with moving to Bengaluru. Free Lunch & Stocked Pantries Enjoy great food while you work! Performance-Based Growth Transparent appraisals and rapid career progression. Join Us & Secure the Future of Gaming! If you re passionate about cybersecurity, risk management, and building secure digital ecosystems, we d love to have you on board. Apply now and be part of an exciting journey at Gameskraft! Qualification : Bachelors or Masters degree in Computer Science, Information Security, or a related field.

Job Role: SIEM Specialist The SIEM Specialist will be responsible for implementing, managing, and optimizing Security Information and Event Management (SIEM) solutions to enhance the organization's security posture. The role involves onboarding new security data sources, collaborating with cross-functional teams, and continuously improving SIEM performance to support proactive threat detection and incident response. Experience and Qualifications: Educational Background: Bachelor s degree in Computer Science, Information Technology, or a related field (preferred). Total Experience: 7 8 years of experience in IT security with a minimum of 3 years in SIEM implementation and security data source onboarding. Experience working in large organizations or global service providers with complex infrastructures. Proficiency in deploying, configuring, and managing SIEM solutions such as Splunk, ArcSight, Chronicle (Google Security Operations), and ELK Stack. Familiarity with Cribl and regex is required. Strong knowledge of log management solutions, log parsing, and normalization techniques. Experience integrating SIEM with various data sources, including firewalls, IDS/IPS, antivirus, and endpoint solutions. Proficiency in scripting languages (e.g., Python, PowerShell) for automating SIEM tasks and data analysis. Understanding of cloud platforms (GCP, AWS, Azure) and cloud databases is desirable. Good grasp of cybersecurity principles, including threat detection, incident response, and vulnerability assessment. Strong knowledge of networking protocols, firewall rules, and network security practices for onboarding and monitoring network traffic. Excellent verbal and written communication skills for collaborating with cross-functional teams and documenting onboarding procedures. Strategic and analytical mindset with outstanding problem-solving skills to navigate complex cybersecurity landscapes. Key Responsibilities: Lead the onboarding process of new data sources into the SIEM platform, ensuring proper data normalization and correlation. Continuously improve SIEM performance, efficiency, and scalability. Maintain detailed documentation of SIEM configurations, onboarding procedures, and incident response playbooks. Collaborate with cross-functional teams to identify security requirements and integrate new security technologies into the SIEM environment. Stay informed about emerging threats, vulnerabilities, and security best practices and incorporate this knowledge into SIEM operations. Ensure that SIEM configurations and operations comply with relevant industry regulations and standards. Qualification : Bachelors degree in Computer Science, Information Technology, or a related field (preferred).

Job Role: Vulnerability Assessment Specialist The Vulnerability Assessment Specialist will be responsible for managing vulnerability scanners, executing security assessments, and proactively identifying vulnerabilities across Vodafone s IT environments. This role requires collaboration with various teams to address and mitigate risks, ensuring a secure infrastructure. Experience and Skills Required Experience: 5+ years of relevant experience in vulnerability management and vulnerability assessment. Proven expertise in vulnerability scanning tools like Qualysguard VMDR, WAS, and cloud scanning management. Industry-recognized security certification such as CEH (Certified Ethical Hacker). Hands-on experience with scanning and penetration testing tools such as Retina, ACUNETIX, Nessus, Open VAS, Metasploit framework, NMAP, and Nagios. Familiarity with operating systems like Linux and Windows, web application security, virtualization platforms (VMware), and network/infrastructure security assessments. Knowledge of OWASP, Sandbox, Kali Linux, Burp Suite, CVE, SSL PKI, 2FA, IAM, Perimeter Security, and SIEM solutions. Experience compiling VAPT (Vulnerability Assessment and Penetration Testing) reports and conducting penetration testing on test environments. (Optional but preferred) Knowledge of advanced penetration testing techniques and tools. Key Responsibilities: Execute security assessments to highlight and articulate risks to the business. Participate in defining the scope of security scanning and vulnerability assessment activities. Act as a technical subject matter expert for security scanning tools and processes. Manage the overall scanning infrastructure and ensure the quality and accuracy of scanning activities and deliverables. Proactively identify vulnerabilities across Vodafone environments and ensure timely mitigation actions. Continuously improve security assessment services and processes. Perform vulnerability research to discover new and previously unknown vulnerabilities. Prepare detailed technical reports on vulnerability scanning results and communicate findings to resolver teams. Respond to technical queries related to reports and findings.