11+ Vulnerability management Jobs in Bangalore (Bengaluru) | Vulnerability management Job openings in Bangalore (Bengaluru)
Apply to 11+ Vulnerability management Jobs in Bangalore (Bengaluru) on CutShort.io. Explore the latest Vulnerability management Job opportunities across top companies like Google, Amazon & Adobe.
Security Monitoring and Operations (SIEM)
Security Solutions design and deployment
IDAM - Identity and Access Management Experience
Network Monitoring and Management Experience
VAPT - Vulnerability Assessment and Penetration Assessment
Experience on DLP and Endpoint Security
Knowledge on Encryption
Experience in performing Maturity Assessment for identifying the security gaps and recommending measures to fix the gaps
Experience in Audit controls and applying security measures (ISO, PCI etc..)
Knowledge in automation and scripting
1.Triage of security alerts that includes but not limited to malware, denial of service, unauthorized access, etc.
2. Conduct incident investigations on SIEM tools.
3. Perform threat hunting on networks to detect and isolate threats.
4. Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM and intrusion detection systems)
5. Continuous optimization, tuning and monitoring of SIEM solution
6. Hands on experience around administrating and threat hunting on EDR, XDR, DLP and SIEM tools.
7. Ability to analyze endpoint, network, and application logs
8. Identify false positives, analyse reported spam, phishing, and suspicious emails and understanding of email security concepts: SPF, DMARC, DKIM
9. Immediate Joiners
KubernetesAt F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation.
Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.
F5 is looking for a Sr. Security Engineer with experience in building, integrating, operating, and maintaining robust security monitoring and auditing systems. F5’s Edge 2.0 platform provides global, scalable, and secure way to deploy applications. In this position, you will build and maintain monitoring and audit systems across the platform that provide necessary visibility and alerts to effectively defend the platform.
Responsibilities:
- Collaborate with software architects, security defenders, Operations, SRE, compliance experts, and business leaders to understand the logical boundaries of the systems and identify the events to monitor, audits to maintain, alerts to tweak, as well as systems to integrate with
- You will continuously hunt for areas and metrics to be added into monitoring systems for better operational visibility, incident response capability, availability, and forensics capability of the overall platform
- You will participate in the definition of processes around change and inventory management and develop solutions to audit the changes
- You will work with other teams within security organization to define communication and alerting protocols for effective and timely actions
- You will participate in defining and executing the Incident Response Plan for the platform and be responsible for providing necessary information during the response and forensics
- Demonstrate technical leadership in multiple domain areas, providing mentorship to other team members
Minimum qualifications:
- BS degree in Computer Science or equivalent with 5+ years of security operation and monitoring experience
- Experience with logging, monitoring, SIEM, dashboarding tools like AWS GuardDuty, Sumo, Grafana, SolarWinds, DataDog, Splunk, etc.
- Working knowledge of at least one Cloud Computing platform (e.g. Amazon AWS, Microsoft Azure, Google Compute etc.)
- Good understanding of how to handle logs from various systems, integrate with systems handling logs and metrics, how to setup and tune alerts based on thresholds and policies
- Hands on experience with computer programming languages and/or scripting languages such as Python, Java, Shell
- Good understanding of complexities and security challenges in large-scale distributed systems
- Working knowledge of Cloud orchestration systems such as Kubernetes, Openstack etc.
- Self-motivated and willing to delve into new areas and take on new challenges in an enthusiastic manner
- Excellent written and verbal communication skills
- Strong interpersonal, team building, and mentoring skills
Amazon Web Services (AWS)About The Company -
OYO Hotels & Homes is the world’s third largest and fastest-growing chain of leased and franchised hotels, homes & spaces managing over 1 million exclusive rooms across 800 cities and 80 countries. OYO was founded on the mission that everyone deserves a quality living and working space and we are very passionate about this mission. Technology and Innovation plays a critical role in this mission and therefore today we employ World Class engineers, product managers and designers across core markets & geographies. If you are looking for a high pace environment, itching to create a large impact through technology impacting 100s of millions of customers across the globe, we love to hear from you.
Key Responsibilities:
- Conducting application(Web & Mobile) and infrastructure penetration testing assessments.
- Deploy, improve and utilize SAST/DAST/SCA and other cybersecurity solutions to detect & prevent security vulnerabilities.
- Work closely with the business, product and Development/engineering teams to provide input and guidance on developing secure products and help teams adopt shift-security-to-left practices.
- Work closely with the DevOps team to secure the cloud environment.
- Developing and maintaining cybersecurity process activities including security requirements engineering, threat modelling, code reviews and cyber risk assessment.
- Improve and automate cybersecurity processes within the CI/CD pipelines.
- Continuously review and identify security improvement opportunities in existing products, processes, services and workflows to ensure the people, products and technology in the organization are protected against current and future cybersecurity threats.
- Deliver awareness sessions on Secure Development to engineering/development teams
- Drive continuous improvement activities to define, measure, visualize and improve key cyber security metrics related to Application Security.
- Preparing and launching social engineering campaigns;
Key Skills:
- Expertise in application(Web & Mobile) and infrastructure penetration testing.
- Strong experience with Azure or AWS cloud environments and its security controls.
- Experience with microservices architectures & distributed Platforms
- Strong experience with using Agile software development and securing CI/CD pipeline.
- Coding Experience in Scripting & programming languages (such as Terraform, Java, Python, Ruby, etc.)
- Knowledge of how modern web & mobile apps are designed, developed and deployed across different platforms;
- Knowledge of common exploitation techniques and mitigations.
- Experience in implementing and managing a vulnerability management program (process and technology).
- Experience and knowledge of implementing a DevSecOps ecosystem and strong understanding of Dynamic and Static Application Security Testing (DAST & SAST).
- Understanding of the main cybersecurity tools (SIEM, IPS, XDR, etc.).
- Strong understanding of OWASP, PTES and other penetration testing methodologies.
- Understanding of global security frameworks and standards like NIST, ISO 27001, GDPR, PCI etc.
- Strong knowledge in preparing and launching social engineering campaigns.
- Ability to program or script in your preferred language
- Good understanding of network and OS principles
- Strong written and spoken English skills and ability to write high-quality reports
- An Information Security qualification e.g CSSLP, CEH, OSCP, or similar certification
Cultural Traits common to all OYO Leaders -
● Dealing with Ambiguity and Adaptability – we are a large, but fast-growing company today with not enough existing process or rules of engagements; and environment changes rapidly due to new businesses, geographies and strategic partnerships etc. You need to be able to create organization out of chaos, operate in an environment with minimal structure and adapt to change quickly while maintaining high velocity
● Ownership – anything between you and your job is also your job
● Bias for Action – speed matters a lot, so does quality. Ideal leader will be pragmatic, action-oriented and know the right balance between competing priorities
● Hunger to change the world – you need to be ambitious and willing to do more. If you believe you have already achieved your best and primarily looking to impart that vast knowledge, we aren’t the right place for you
Job Locations: We have a Pan India presence with Tech centers based out of Gurugram, Bangalore & Hyderabad. However currently we are working from our home.
project.
• Deploying required database assets on production (DDL, DML)
• Good understanding of MySQL Replication (Master-slave, Master-Master, GTID-based)
• Understanding of MySQL partitioning.
• A better understanding of MySQL logs and Configuration.
• Ways to schedule backup and restoration.
• Good understanding of MySQL versions and their features.
• Good understanding of InnoDB-Engine.
• Exploring ways to optimize the current environment and also lay a good platform for new
projects.
• Able to understand and resolve any database related production outages
Information Security Specialist
Notice Period: 45 days / Immediate Joining
Banyan Data Services (BDS) is a US-based data-focused Company that specializes in comprehensive data solutions and services, headquartered in San Jose, California, USA.
We are looking Information Security Specialist who has the expertise and deep knowledge of Information security regulations, compliance, and SIEM tools, and the ability to develop, describe and implement Security Baselines and Policies.
It's a once-in-a-lifetime opportunity to join our rocket ship startup run by a world-class executive team. We are looking for candidates that aspire to be a part of the cutting-edge solutions and services we offer that address next-gen data evolution challenges.
Key Qualifications
· Design, deploy, and support Information Security Solutions provided by BDS
· Assist clients to carry out the IT Risk Management assessment on both on-prem and cloud platforms
· Provide subject matter expertise on IT security compliances during the security audits to meet various security governances.
· Research and strategic analysis of existing, and evolving all IT and data security technologies
· Establish baselines to define required security controls for all infrastructure components and application stack
· Follow latest vulnerabilities and threats intelligence updates across a wide range of technologies and make recommendations for improvements in the security baselines.
· Overseeing security event monitoring, understand the impact, and coordinate remediation efforts
· Create and optimize the SIEM rules to adjust the specification of alerts in responding to incident follow up
· Must be able to work a flexible schedule during off-hours
Key Skills & Qualification
· Minimum of 4 years relevant work experience in information/cyber security, audit, and compliance
· Certifications in any of technical security specialty (e.g., CISA, CISSP, CISM)
· Experience in managing SIEM products like Arcsight, Qradar, Sumo Logic, RSA NetWitness Suite, ELK, Splunk
· Exposure of the security audit tools on public cloud platforms
· Solid understanding of the underlying LINUX/UNIX and Windows OS security architecture
· Certified Ethical Hacker would be a plus
· Handling of Security audits is a must
· Proven interpersonal skills while contributing to team effort by accomplishing related results
· Passion for learning new technologies and the ability to do so quickly.
http://www.banyandata.com" target="_blank">www.banyandata.com
What you will be doing:
- Participate in network and security initiatives, network designs, project plans, and deployments as well as coordinating technical issues with vendors and internal teams
- Contribute to design, installation, maintenance, vulnerability remediation, and monitoring of network and security systems
- Responsible for expert-level troubleshooting of any problems relating to global issues - participation in security incident management and response.
- Providing support and guidance to Technology teams across network and security technologies.
- Adhere to IT access-management incident response and change control procedures (ITIL)
- Continuous documentation of the IT network infrastructure including technical specifications, design documents, roll-out, and disaster recovery plans
What we are looking for:
A Network Security engineer with a solid comprehensive background in:
- Ability to manage, supervise and delegate multiple tasks
- Strong experience with SIEM and log management
- EDR (Endpoint Detection and Response - especially in Microsoft ATP, Defender or SentinelOne) configuration and management.
- Vendor management; including SOC (Security Operations Centre) providers
- Global Security Incident management support
- Experience in SD-WAN (Meraki) management and troubleshooting
- Knowledge of network security, hardening network equipment, and vulnerability scans
- Experience in Microsoft security and endpoint management tooling such as MCAS and MEM
- Excellent troubleshooting skills. Ability to rapidly identify respond to and resolve issues
- Proven experience in remote access technologies (ZScaler an advantage)
- Excellent communication skills (written and verbal).
- An ability to work under pressure and take ownership of tasks and customer issues.
- Ability to work individually and as part of a global Infrastructure Technology team with regional teams in India, UK and North America.
Why ToneTag :
ToneTag is the largest sound-wave communication technology platform on the
planet that enables payments & proximity customer engagement services in
different sectors like retail, mobility, restaurant ordering, and so on. It harnesses
the power of sound to empower and enrich various businesses around the globe.
ToneTag has touched more than 55 Million consumers & 500,00 merchants in the
payments space alone. It is an organization where innovation, hard work & fun go
hand in hand to invent experiences that are unique in every sense. Our people are
entrepreneurial & believe in going beyond today's problems to find tomorrow's
solution.
If you are a seasoned professional looking for your next challenge, or just starting
your career and looking for a company that created career-building opportunities,
we offer ample scope as well as training to ensure that your skills & abilities reach
their true potential. At ToneTag, we invite you to share our vision and
commitment to achieving excellence in everything that we do!
Who We are :
● While most people ignore sound, ToneTag harnesses it. Using the power of
sound, we have built a highly secure and robust channel of data
communication, enabling extraordinary experiences across businesses.
● Our core value lies in innovation. We also focus on empathy, inclusivity,
collaboration and creativity.
● Through our model of Enable-Engage-Empower, ToneTag aims at delivering
a unique experience to all.
NO CEILING TO GROWTH :
● Highly rewarding to those who want to experience a trailblazing career
growth, with exposure to new challenges and opportunities.
● ToneTag follows the principle of taking ownership and delivering. If you
conceptualize an idea, which could make a difference to the organization,
you will be the owner of it.
● With innovation at the heart of its solution, ToneTag offers a chance to think
outside the box and instill creativity into one's thinking.
BE PART OF THE FAST EXPANDING CHANNEL :
● ToneTag has already reached 50 million consumers and is expected to cross
100 million.
● Global companies such as Mastercard and Infosys Finacle are presenting
ToneTag as a technology offering to their banking customers.
● ToneTag is working with government initiatives, such as NHAI & NPCI to
deliver a seamless experience on a larger scale.
TONETAG CULTURE IS OPEN AND EMPOWERING :
● Whether you are a manager or an intern, transparency is maintained, and
your voice is heard.
● ToneTag exudes a vibrant atmosphere, where everyone is approachable and
supportive.
● There exists a diversity of talent, skills and passion. Such an exposure will
not only help an individual grow, but also enables one to think from a
different perspective.
THE NEXT BIG THING :
● We are here to play a role in enabling our society and economy leap
towards cashless ecosystem, bringing millions of people into the financial
world like never before and at the same time enable innovative experiences
of tomorrow.
● ToneTag has a global clientele and is backed by some of the biggest names
in terms of management and investors.
● A technology delivering wide applicability, ToneTag has received numerous
awards and recognition for its innovative technology.
The challenge for you :
As a Content writer in the Marketing team, you will be delivering quality writing
pieces that appeal to our clients & stakeholders, attract customers and boost
brand awareness.
Roles & Responsibilities :
● Create and draft content for ToneTag’s content properties such as blogs,
websites, social media etc
● Contribute towards developing and executing the monthly content calendar
for Social Media
● Maintain and update website content regularly
● Draft scripts to develop product demo videos
● Follow and implement best practices for content optimization such as using
relevant keywords, etc
● Draft copy for user communication, engagement, and education
● Familiarity with keyword placement and other SEO best practices
● Create Presentations and Product documents
● Collaborating and working closely with PR and Digital agencies, sharing
ideas, reviewing the articles and posts.
● Writing clear marketing copy to promote our products/services
● Preparing well-structured drafts using Content Management Systems
● Coordinate with marketing and design teams
● Ensure all-around consistency (style, fonts, images and tone)
● Applications for awards & events
What you need :
● A bachelor's degree or higher in Journalism, Mass Media and
Communications.
● 3+ years- work experience as a Content Writer, Copywriter or Similar roles
● Should have excellent writing skills with unblemished grammar expertise.
● Should be keen in learning new technology
● Portfolio of published articles/Blogs
● Hands-on experience with Content Management Systems (e.g. WordPress)
● Ability to meet deadlines
● Well versed with creative web content, blogs, articles, and press releases
according to the requirements.
● Experience in SEO writing with online marketing and lead generation is
added advantage
Great to have :
● Experience doing research using multiple sources
● Familiarity with web publications
● A born-talent for understanding and analyzing human behavior
● Basic understanding of Keyword relevancy and keyword density and should
also be familiar with Keyword placement and other SEO best practices
● Someone whose presence reflects energy, dynamism and passion
● A strong believer in equality and teamwork
● An individual with strong ethics, principles and courage
The Role
● Building compelling long-term strategies on how to scale content.
● Build a deep understanding of the company’s products and unique
differentiators
● Work with product managers to understand and help refine the evolving
brand voice and tone
● Collaborate with cross-functional teams to bring impactful content to market
quickly and at scale
● Create articles, eBooks, whitepapers, infographics, video scripts, interactive
assets, build a content calendar for social media, in line with the content
strategy.
● Understand the buyers’ journey and use that knowledge to create the most
impactful top, middle, and bottom-of-the-funnel content assets for different
products
● Optimize social media content (language, message, tone) on the basis of the
behavior of our target audience
● Understand our SEO goals and strategy in order to produce optimized
content.
The Skills
● Prior experience in crafting content & product experiences from scratch, in
an instructional and long-form content setting.
● Must be able to write content that’s relevant, catchy, and easy to understand
● Should have excellent command over the English language and grammar
● Should be willing to and capable of creating technology-related content that
requires extensive research
● Should be able to understand, conceptualize, and convey marketing
messages in an acceptable international style.
● Must keep up-to-date with the best practices in writing for the web, social
media trends, web usability, and business/industry trends
● Prior experience in advertising agency is preferred.
Programming
Requirements:
- Overall experience in the field of Information risk and security related initiatives/ projects.
- Experience in the areas of Infrastructure Security Audit, IT Security, Vulnerability Assessment, Risk Assessment, Web Application Security, Network Security Review, Network Architecture Review, Mobile Application Security Testing, Configuration Review, Source Code Review, Wireless Pentest, Process Review etc.
- Ability to understand business concepts and integrate business risk elements into security operations.
- Experience in conducting VAPT.
- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Web inspect, Acunetix, NTO Spider, BurpSuite Pro).
- Strong ethics and understanding of ethics in business and information security.
- Should have exposure to Code review, Network VA/PT and App VA/PT work.
- Understanding and familiarity with common code review methods and standards.
- Experience with code scanning toolsets such as Fortify and Ounce.
- Understanding of HTTP and web programming.
- Knowledge of OWASP tools and methodologies, common security requirements within ASP.NET application, standard SDLC practices.
- Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering).
- In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database.
Follow Cutshort