Security jobs in India

• Device Remediation and Management: Execute remediation of obsolete Windows workstations and mobile devices to ensure compliance with corporate standards.
• Oversee the deployment and remediation of Tanium on workstations, including patching compliance investigations.
• Monitor and report on Key Performance Indicators (KPIs) related to Crowdstrike Endpoint Detection and Response (EDR) deployment on workstations.

We are looking for a skilled Product Security Specialist to join our Technology department in Bengaluru. The role requires expertise in securing products and ensuring compliance with industry standards in the mechanical industry.

The Manager IT Security will be responsible for safeguarding the organisation's digital assets by implementing and managing security protocols and processes. This role in the financial services industry, specifically brokerage, requires a strong focus on IT security measures and compliance.

• We are seeking an experienced and highly skilled Cybersecurity Project Manager to lead projects across our vibrant North Asia and SAPMENA (South Asia Pacific, Middle East, and North Africa) regions. This pivotal role demands a proven leader with expertise in managing complex projects within the cybersecurity domain, ensuring robust security posture and seamless operational alignment across diverse platforms & markets.

Your Responsibilities * Design and maintain frameworks for product classification and automated security requirements mapping * Conduct TARAs (Threat Analysis and Risk Assessment) and security assessments for Festo products * Support product teams in automating the generation of SBOMs (Software Bill of Materials) * Develop and execute test specifications, test cases and test plans for vulnerability testing of Festo products * Conduct penetration testing and basic vulnerability assessment of Festo products * Support documentation of test results and collaborate with the development teams * Support the continuous improvement and automation of security testing * Establish and maintain DevSecOps practices within CI/CD environments and develop automation infrastructure * Support the provision of tools and documentation in the context of SAMM (Software Assurance Maturity Model) * Collaborate with product compliance and development teams to implement and maintain product security measures * Support investigation and mitigation of product-related security incidents (PSIRT) Our Requirements * Education: Bachelor's degree in engineering, Computer Science, Mechatronics, Information Science and Electronics, Cyber Security or equivalent * Mandatory Experience: o Min 2 years of experience in product security, ideally in Industrial Automation or automotive field o Programming knowledge in Python and JavaScript o Basic familiarity with different industrial protocols and PLC systems o Experience with CI/CD practices and DevOps o Basic knowledge of Linux * Nice-to-Have: o Understanding of Secure Development Lifecycle and standards like IEC 62443-3 / 62443-4 o Additional knowledge in programming languages such as C, C++ or Shell scripting o Experience with tools like OpenVAS, Nessus, Nmap, Wireshark, embedded or IOT penetration testing o Experience in embedded domain o Experience in Linux hardening

• We are seeking an experienced and highly skilled Cybersecurity Project Manager to lead projects across our vibrant North Asia and SAPMENA (South Asia Pacific, Middle East, and North Africa) regions. This pivotal role demands a proven leader with expertise in managing complex projects within the cybersecurity domain, ensuring robust security posture and seamless operational alignment across diverse platforms & markets.

The Hardware Security Engineer will focus on ensuring the security and integrity of hardware products through thorough testing and implementation of security measures. This role requires a strong technical background and expertise in the industrial/manufacturing sector, specifically within the mechanical industry.

The IoT Security - Product Security Specialist will be responsible for overseeing the security measures and protocols for products within the Industry Automation. This role involves ensuring the safety and integrity of products through advanced technological solutions and compliance with industry standards.

The Chief Information Security Officer (CISO) will be responsible for defining and executing the company's enterprise-wide cybersecurity strategy, ensuring the protection of IT, OT (Operational Technology), and AI-driven systems in a highly sensitive manufacturing environment

Role Summary The Zone Network and Security Project Manager will be responsible for the co-ordination of designing, implementing, and maintaining secure IT infrastructure solutions. The role's main responsibility is to ensure the organization's IT systems remain resilient, compliant, and aligned with business objectives. The ideal candidate will have a strong technical background in network engineering and cybersecurity coupled with hands-on experience in project management and cross-functional collaboration. Experience with retail and cloud infrastructure a plus.Key Responsibilities

Project Management

• Lead network and system migration projects.
• Collaborate with suppliers and stakeholders, including Retail IT, to design and test IT infrastructure solutions.
• Ensure timely delivery and successful execution of IT and security projects.

Network Engineering and Security

• Advise and co-ordinate the design, configuration, and management of company network security infrastructure (e.g., Meraki, Fortinet, Zscaler).
• Lead the implementation and maintenance of secure WAN solutions (ADSL, MPLS, SD-WAN).
• Develop and enforce security compliance measures, including IPSec VPN management.
• Support global connectivity solutions, such as Meraki, Cloudi-fi, and Zscaler.
• Design, implement, and manage Zscaler Private Access (ZPA) solutions for secure remote access to internal applications across our 3500 retail stores in the Zone.
• Configure and optimize Zscaler Secure Internet Access (ZIA) policies for web security, threat prevention, and data loss prevention for our 3500 retail stores in the Zone.
• Troubleshoot and resolve issues related to Zscaler ZPA and ZIA deployments, ensuring optimal performance and security.

Cloud Infrastructure and Automation

• Working knowledge of cloud-based systems in Azure and AliCloud, including AAD server migrations.

Cybersecurity and Compliance

• Implement and support data loss prevention (DLP) tools such as CrowdStrike.
• Lead cybersecurity IT training where needed.

IT Systems Administration

• Monitor and maintain system performance using tools like ThousandEyes.
• Strong analytical skills and high proficiency in using PowerBI and Excel.

Collaboration and Support

• Manage access controls using SharePoint.
• Provide project workflow customization and ServiceNOW and Confluence knowledge base access management.
• Support cross-functional teams with IT tools, meeting room setups, and collaboration platforms (Teams, SharePoint, ServiceNOW, Confluence).

Qualifications and Skills

Technical Certifications (bonus but not required)

• CCNP (Cisco Certified Network Professional).
• PMP (Project Management Professional).
• Zscaler Certifications (e.g., Zscaler Certified Administrator, Zscaler Certified Professional) are a significant plus.

Technical Expertise

• Proficient in network technologies: Cisco Meraki, Palo Alto Firewalls.
• Strong skills in cloud technologies: Azure, AliCloud.
• Advanced knowledge of cybersecurity tools: CrowdStrike, CyberArk.
• Extensive hands-on experience with Zscaler, specifically Zscaler Private Access (ZPA) and Zscaler Secure Internet Access (ZIA) modules.

Preferred Experience

• 5+ years of experience in network engineering and cybersecurity roles.
• Proven track record in IT infrastructure management and cloud migration projects.

Demonstrated experience in deploying, configuring, and maintaining Zscaler Private Access (ZPA) and Zscaler Secure Internet Access (ZIA) in an enterprise environment, particularly within a large-scale retail contextLocation- Hyderabad

Mode- Hybrid, 3 Days WFO

The role of AVP - Head SOC in the financial services industry involves leading and managing the Security Operations Center to safeguard the organization's systems and data. The position is based in Mumbai and requires a strong technical background in cybersecurity and team leadership.

CYBER DEFENSE CENTERDetection & Response

• Is responsible for managing all Monitoring and Security Operations Center (SOC) as well as CSIRT (Computer Security Incident Response Team).
• Ensure security events of all critical applications are properly collected by SIEM.
• Ensure security incidents are identified in a timely manner and properly managed.
• Oversee incident response plan and ensure its alignment with business resilience plan, disaster recovery and business impact analysis.
• Collaborate with Group Head of Cyber-resilience to support the disaster recovery plan, as well as the crisis management

Threat Intelligence & Vulnerability Management

o Collecting detailed, actionable threat information for preventing and fighting cybersecurity threats targeting an organization.

o Ensure performance of proper threat monitoring to identify threat impacting l'Oréal and ensure proper communication to impacted teams.

o Ensure vulnerabilities are identified, monitored and perform remediation follow-up. Ensure efficiency of the security scanning and code reviews of applications.Fraud Management

• Provide security services to enhance the protection of brand in the digital space

Offensive security

• Provide ethical hacker and red teaming capabilities for the whole group.
• Provide guidance's regarding Penetration testing and red teaming activities.
• Ensure follow-up of all ethical hacking activities at Group level.

CYBER CRISIS MANAGER



The cybersecurity crisis manager works closely with CSIRT teams.

It analyzes the scope of the cyber crisis, coordinates the necessary actions to resolve the cyber crisis and coordinates the teams to implement decided recommendations.

It advises the business units to manage cyber crisis.

He organizes the organization's capacity to face new threats in terms of cybersecurity.· Advise the organization to have a capability to manage cyber crisis

· Define the necessary means for cyber crisis management: plans, procedures, resources, tools,etc.

· Verify that all elements of cyber crisis preparedness are present

· Ensure the training and education of business and support staff likely to intervene in the event of a cyber crisis ; test and validate the organization's ability to react to an attack

· Organize the management to act and deal with the cyber crisis

· Leading the decision-making cyber crisis cell and contributing to the operational cyber crisis cells

· Coordinate the action of the various parties involved and the dissemination of information to stakeholders

· Monitor and coordinate action plans for investigation and remediation

· Ensure relations with the authorities, insurance companies and any external experts

· Ensure the consistency of the cyber crisis communication strategy with stakeholders

· Organize post-mortem reviews and feedback to follow up on incidents and propose improvements to prevention, detection and response systems

Governance

• Define and maintain client Group Cybersecurity Framework and communicate on those requirements.
• Ensure with CISO Office & Transformation teams the run of the cybersecurity governance bodies (roles and committees).
• Manage cybersecurity in M&A.

• Ensure Cybersecurity is included into induction trainings (or equivalent) for all new joiners (internal & external).
• Regularly perform some targeted awareness session to specific populations (Top Management, PAs, CDMO, Purchasing, Legal, Project Manager…).
• Ensure all Group initiatives on Cybersecurity awareness (newsletter, e-learning, phishing campaign, Cyberweek or Cybermonth) are correctly deployed.

The Network - Tech Lead Zscaler will be responsible for implementing, managing, and maintaining network security solutions to support business operations. This role requires expertise in technology and network systems, with a focus on Zscaler solutions within the FMCG industry, specifically in the cosmetics/toiletries sector.

The Assistant Manager - HSSE will be responsible for implementing and maintaining Health, Safety, Security, and Environmental (HSSE) standards to ensure compliance and operational excellence. This role is based in Mumbai and requires expertise in the energy and natural resources industry, specifically in power generation.

The Windows Admin will be responsible for managing and maintaining Windows-based systems, ensuring their optimal performance and security. This role is based in Gurgaon and focuses on delivering high-quality technology services within the Technology & Telecoms industry.

Candidate with LLB qualification with 7-12 years of PQE who has an experience in drafting and negotiating securities/derivatives agreements and legal advisory for a fast-paced global financial services in Pune/willing to relocate to group should apply.

The role ensures smooth, secure, and efficient daily technology operations by managing end‑user support, application support, device services, IT security, and service performance. It also serves as a central coordination point between internal teams and external service providers while supporting strategic initiatives, compliance, and continuous improvement in technology service delivery.

The VP-DevSecOps will lead and oversee the integration of security practices into the DevOps processes within the financial services consultancy industry. This role based in Mumbai requires a strategic thinker with a deep understanding of technology and security.

The Technical Change Manager will lead and govern the entire change management lifecycle for critical IT systems, ensuring changes are implemented securely and with minimal business risk. This role involves risk assessment, compliance with regulatory standards, and collaboration across infrastructure, cloud, and security teams to drive continuous improvement and automation.

The role of DevSecOps Engineer involves ensuring the seamless integration of security practices within the software development lifecycle. This position is ideal for candidates with a passion for technology and expertise in secure development practices.

The Vulnerability Management Specialist will be responsible for identifying, assessing, and managing security vulnerabilities within the organisation's technology environment. This role requires expertise in vulnerability analysis, remediation strategies, and collaboration with cross-functional teams to ensure a secure infrastructure.

• The incoming CISO will bring in deep expertise in CyberSecurity, Risk Management, and Information Protection, with a background in defence services, government agencies, or enterprise security leadership
• The CISO will be responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.

The role of Client Vulnerability Management involves identifying, assessing, and mitigating vulnerabilities in IT systems to ensure robust security protocols. This position is ideal for candidates with a strong understanding of technology and a keen eye for detail, based in Bengaluru.

• Design and implementation of OT network solutions, considering the specific requirements of the production environment
• Configuration and optimization of network components such as switches, routers, and firewalls
• Monitoring network performance and carrying out network tests and audits as well as ensuring network security

As a Senior Automation Engineer, you will design, maintain, and execute automated tests for cloud and air-gapped environments, ensuring FedRAMP and security compliance. You'll develop frameworks, optimize system performance, and troubleshoot Kubernetes clusters, agents, and backend services, leveraging PyTest, Robot Framework, Selenium, and advanced automation practices.

Embedded Software Engineer

Your Job

• Develop, maintain, and test an embedded software platform used in a broad range of our new products.
• Create technical specifications for new features.
• Deliver detailed designs of software components.
• Review and document the code, utilizing peer-review tools.
• Support projects during the integration and application of the software platform.
• Support the qualification and certification of products.

Professional Competencies and Requirements:

• Proven expertise and practical experience in the design of embedded systems with a solid background in real-time systems.
• Excellent coding skills in C/C++ with programming experience.
• Solid experience with RTOS and real-time analysis.
• Good knowledge of embedded hardware (ARM development boards, Single-Board Computers).
• Previous experience in cyber security and/or functional safety is an advantage.
• Excellent written and spoken English; knowledge of the German language will be considered an advantage.
• Experience with Agile development methodologies

Job Responsibilities:
Design, implement, and maintain robust and scalable CI/CD pipelines.
* Implement and maintain infrastructure as code (IaC) for CI/CD environments.
* Automate build, test, and deployment processes using industry-standard tools and best practices.
* Develop and maintain pipeline scripts for Jenkins using Groovy and Java.
* Maintain and develop tools used in the development infrastructure.
* Evaluate software updates and ensure version changes do not impact existing functionality.
* Consulting of application developers on the usage of the development environment and to troubleshoot and resolve issues related to CI/CD pipelines.
* Collaborate with development, QA, and operations teams to ensure smooth and efficient software releases.
* Monitor and optimize pipeline performance and reliability.
* Develop and maintain scripts and tools for automation tasks.
* Research and evaluate new CI/CD technologies and tools.
* Contribute to the improvement of our DevOps practices and processes.
* Document CI/CD processes and configurations.
* Ensure security best practices are implemented throughout the CI/CD pipeline.
SKILLS REQUIRED
* Strong know-how in Jenkins with experience in Groovy and Java.
* In-depth understanding of DevSecOps.
* Extensive hands-on experience in using git.
* Gitlab, Jenkins, Artifactory, SonarQube and Pact are your favourite friends.
* You know Docker, Podman and Kubernetes, preferably in conjunction with AWS.
* You are familiar with bash scripting and have a basic knowledge of HTTP.
* Independent and proactive way of working.
* Service-oriented and responsible - your contributions to the system can have very big impact.