1. JOB SUMMARY:
We are seeking a skilled and experienced Threat and Vulnerability contractor to oversee and coordinate the identification, assessment, and remediation of security vulnerabilities across systems and applications in the region. This role requires a deep understanding of cyber threats, risk management frameworks, and modern security technologies, along with strong communication and coordination skills.
2. REQUIREMENTS and RESPONSIBILITIES:
As part of APAC Technology team, perform Threat and Vulnerability activities including but not limited to:
• Validate security control coverage against identified IOCs based on emerging cyber threat intelligence
• Conduct application, cloud, network, and infrastructure penetration tests to identify and/or validate vulnerabilities and attack chains.
• Effectively communicate findings, attack paths, and recommendations to technical and executive stakeholders through written reports and verbal presentations.
• Coordinate with Business, IT Operations, DevOps, Cloud teams, and application owners to ensure timely mitigation of vulnerabilities.
• Monitor and assess threat intelligence feeds, identifying regional threats and mapping them to existing vulnerabilities and risks.
• Able to take on special assignments that may require additional on-the-fly learning.
• Ability to multi-task with various engagements that range in technical and non-technical capabilities.
• Serve as a resource for engineering teams to consult on effective cyber practices
• Consult with engineering or other stakeholders during threat model engagements
• Investigate application vulnerabilities to confirm validity or exploitability
• Investigate and report on cyber threat hunt findings, including recommendations to improve security posture across detective and preventive controls
• Partner with 3rd party security organizations to continually test and remediate the security of the work grid platform
• Support incident response activities, providing insights into exploited vulnerabilities and attack vectors
• Maintain vulnerability KPIs, dashboards, and executive reporting to measure and communicate risk posture
• Drive continuous improvement in the regional threat vulnerability processes and technologies
• Stay current on IT security trends and news.
3. QUALIFICATIONS:
• 5+ years of total technology experience, with 3+ years of experience in IT Security.
• Strong ability to collaborate a team environment, across several teams.
• Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.
• Knowledge of authentication mechanisms like SAML, OAuth, etc.
• Knowledge of threat frameworks like MITRE ATT&CK, CVSS, and cyber kill chain.
• Industry certifications such as CEH, GIAC, OSCP or similar preferred.
• Familiarity with cloud security in AWS, Azure. AWS Certified Security Specialty.
• Application development background and know programing language is an advantage.
• Experience in vulnerability assessment & penetration testing at infrastructure, application and cloud, threat hunting, red/blue team activities.
• Strong analytical, communication, and project management skills.
• Have positive attitude, self-leadership.
Responsibilities
1. JOB SUMMARY:
We are seeking a skilled and experienced Threat and Vulnerability contractor to oversee and coordinate the identification, assessment, and remediation of security vulnerabilities across systems and applications in the region. This role requires a deep understanding of cyber threats, risk management frameworks, and modern security technologies, along with strong communication and coordination skills.
2. REQUIREMENTS and RESPONSIBILITIES:
As part of APAC Technology team, perform Threat and Vulnerability activities including but not limited to:
• Validate security control coverage against identified IOCs based on emerging cyber threat intelligence
• Conduct application, cloud, network, and infrastructure penetration tests to identify and/or validate vulnerabilities and attack chains.
• Effectively communicate findings, attack paths, and recommendations to technical and executive stakeholders through written reports and verbal presentations.
• Coordinate with Business, IT Operations, DevOps, Cloud teams, and application owners to ensure timely mitigation of vulnerabilities.
• Monitor and assess threat intelligence feeds, identifying regional threats and mapping them to existing vulnerabilities and risks.
• Able to take on special assignments that may require additional on-the-fly learning.
• Ability to multi-task with various engagements that range in technical and non-technical capabilities.
• Serve as a resource for engineering teams to consult on effective cyber practices
• Consult with engineering or other stakeholders during threat model engagements
• Investigate application vulnerabilities to confirm validity or exploitability
• Investigate and report on cyber threat hunt findings, including recommendations to improve security posture across detective and preventive controls
• Partner with 3rd party security organizations to continually test and remediate the security of the work grid platform
• Support incident response activities, providing insights into exploited vulnerabilities and attack vectors
• Maintain vulnerability KPIs, dashboards, and executive reporting to measure and communicate risk posture
• Drive continuous improvement in the regional threat vulnerability processes and technologies
• Stay current on IT security trends and news.
3. QUALIFICATIONS:
• 5+ years of total technology experience, with 3+ years of experience in IT Security.
• Strong ability to collaborate a team environment, across several teams.
• Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.
• Knowledge of authentication mechanisms like SAML, OAuth, etc.
• Knowledge of threat frameworks like MITRE ATT&CK, CVSS, and cyber kill chain.
• Industry certifications such as CEH, GIAC, OSCP or similar preferred.
• Familiarity with cloud security in AWS, Azure. AWS Certified Security Specialty.
• Application development background and know programing language is an advantage.
• Experience in vulnerability assessment & penetration testing at infrastructure, application and cloud, threat hunting, red/blue team activities.
• Strong analytical, communication, and project management skills.
• Have positive attitude, self-leadership.
Salary : As per industry standard.
Industry :IT-Software / Software Services
Functional Area : IT Software - Application Programming , Maintenance
As a Packaged or Software as a Service Application Engineer, a typical day involves configuring and supporting packaged or cloud-based applications to meet evolving business requirements. This role includes managing software releases, ensuring the stability and performance of systems, and utilizing various tools and platforms to customize solutions. The engineer collaborates with different teams to maintain compatibility across systems while adapting features to align with organizational goals. Attention to detail and proactive problem-solving are essential to sustain seamless application operations and deliver consistent value to users. Roles & Responsibilities: - Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Coordinate cross-functional efforts to ensure timely delivery of application updates and enhancements.- Monitor application performance and implement improvements to optimize user experience.- Mentor junior team members to support their professional growth and skill development. Professional & Technical Skills: - Must To Have Skills: Proficiency in Python (Programming Language).- Good To Have Skills: Experience with A&D Aftermarket.- Strong knowledge of application configuration and customization techniques.- Familiarity with APIs and integration methods to connect various software components.- Experience working with low-code platforms to streamline application development and deployment.- Ability to troubleshoot and resolve issues related to software releases and system stability.
Responsibilities
As a Packaged or Software as a Service Application Engineer, a typical day involves configuring and supporting packaged or cloud-based applications to meet evolving business requirements. This role includes managing software releases, ensuring the stability and performance of systems, and utilizing various tools and platforms to customize solutions. The engineer collaborates with different teams to maintain compatibility across systems while adapting features to align with organizational goals. Attention to detail and proactive problem-solving are essential to sustain seamless application operations and deliver consistent value to users. Roles & Responsibilities: - Expected to be an SME, collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Coordinate cross-functional efforts to ensure timely delivery of application updates and enhancements.- Monitor application performance and implement improvements to optimize user experience.- Mentor junior team members to support their professional growth and skill development. Professional & Technical Skills: - Must To Have Skills: Proficiency in Python (Programming Language).- Good To Have Skills: Experience with A&D Aftermarket.- Strong knowledge of application configuration and customization techniques.- Familiarity with APIs and integration methods to connect various software components.- Experience working with low-code platforms to streamline application development and deployment.- Ability to troubleshoot and resolve issues related to software releases and system stability.
Salary : Rs. 0.0 - Rs. 2,40,000.0
Industry :IT-Software / Software Services
Functional Area : IT Software - Application Programming , Maintenance
