79 jobs found

Your mission As a Security Analyst, you oversee incoming security vulnerability reports from our researchers' community, while continuously sharpening your cybersecurity skills. All of this happens through dedicated interaction with the researcher's community and with the goal of offering the best possible service to both companies and researchers. For this role, you will be working US hours, 2pm - 10pm GMT. What you'll be doing Challenge and support both researchers and security teams using your entire security skillset. Research, POC, and evaluate reports that come in through our platform (ensure they're unique, concrete, and actionable for our clients). Assess the severity of reported issues in relation to how they can disrupt business, including financial and managerial implications. Familiarity with and ability to calculate CVSS ratings. Review and provide feedback on reports in a constructive and supportive manner. Motivate and engage security researchers to continuously outperform themselves. Build positive relationships with our community and customers in collaboration with success management. Provide remediation advice and help customers maximize the value of received reports. Proactively identify and solve issues, and respond quickly to delegated work. Communicate, document, and share your findings. Stay updated on the latest malware and security threats. Perform penetration tests and security validation on computer systems, networks, and applications. Create new testing methods to identify vulnerabilities. What you'll bring Knowledge/skills/experience: Outstanding interpersonal abilities, and strong written and verbal communication skills. Fluent in English, both written and spoken. At least 2 years of experience in pen testing, security testing, or vulnerability assessments. Stress resistant & able to maintain focus during incidents. A strong understanding of the (Ethical) Hacker culture. Attention to detail, analytical, and problem-solving skills. Able to independently find solutions to technical and non-technical problems (e.g., googling, Stack Overflow). Flexible working hours, willing to participate in a 24x7 support organization. Positive service-oriented personality. Proven technology skills, including proficiency with Mac, Windows, Linux, knowledge of OWASP top 10, web and mobile application security. Nice to haves: Your own bug bounty profile. Certificates such as CEH, CPT, CEPT, CPEN, OSWE, EWPT, or EWPTX are a plus. What is in it for you? Competitive salary 26 days of annual leave and Bank Holidays Top-notch Private Healthcare and Health Cash Plan Hybrid working model Initial home office budget 2-month work abroad policy Great training and yearly learning budget Employer pension scheme Enhanced maternity pay Social activities and team outings Referral bonus Employee Assistance Program Great hardware and access to the best tools Mobile subscription contribution Your team Why join us? Here are some benefits of joining our team: Cybersecurity is a great place to be! The security industry is fast-paced and growing, even during economic uncertainty. We provide a clear career path and learning budget to help you succeed. Join a company making a real impact, supporting sustainability goals, and empowering ethical hackers from diverse backgrounds. Be yourself! Our international team celebrates individuality and values diversity and inclusion. We are proud winners of the Deloitte Rising Star award in 2020 and the Deloitte Fast 50 award in 2021. Backed by top investors enabling international growth.

Trust in digital transactions and financial technologies is crucial for the smooth functioning of modern society. Neelam Kadbane, our next pathbreaker, Senior Vulnerability Analyst at Mastercard, identifies and addresses security vulnerabilities within Mastercard's environment & products by conducting network penetration tests. Neelam talks to Shyam Krishnamurthy fromThe Interview Portal about the innumerable challenges and the satisfacation of her work in preventing potential breaches that could lead to financial loss, identity theft, or disruption of services. For students, no matter what field you choose, develop your fundamentals, stay curious and keep learning, because the world is full of opportunities! Neelam, can you explain your background to our young readers? I'm from Pune, and I've spent my entire life here. I did my schooling and college in Pune and being a "Punekar" has had a big influence on who I am today. Growing up in a Marathi household, our culture played an important role in shaping my values and outlook on life. In my free time, I love trekking, with monsoon treks being my absolute favourite. I also enjoy reading and often pick up a book or two, though not as often as I'd like. Solo bike rides are my form of meditation-they give me the space to reflect and recharge. When I was a kid, I was always fascinated by movies that showcased technology, whether it was about hacking, futuristic gadgets, or complex computer systems. Even though I didn't fully understand everything at the time, I was drawn to the world of technology and innovation. I guess, in hindsight, that attraction was an early indicator of where my interests would eventually lead me, even though I didn't realize it back then. My father is now a retired government servant. Throughout his career, he was known for his unwavering dedication-he never took a day off from work. His commitment went beyond the ordinary, and even today, people still talk about his work ethic and the impact he had on those around him. His hard work anddedication have always been a source of inspiration for our family, motivating us to keep pushing forward no matter the challenges. My mother, on the other hand, started her business at a very young age. While most teenage girls were busy choosing fancy dresses for parties, she was already a proud business owner. Even now, she hasn't stopped. Her passion for her work and her profession is truly remarkable. The way she continues to learn new things, even at this age, is inspiring to everyone around her. They always taught me that whatever you do, give it your best effort. They also emphasized that it doesn't matter what you do as long as it makes you happy.These lessons have guided me throughout my career and personal life. What did you do for graduation /post graduation? I completed my bachelor's degreein Computer Engineering from PuneUniversity. What made you choose such an offbeat, unconventional and cool career in Cybersecurity? My journey into IT and Cybersecurity has been shaped by a mix of curiosity, inspiration, and pivotal experiences. Growing up, I was always fascinated by technology. I remember being the one in the family who would eagerly explore how gadgets worked. This curiosity naturally led me to pursue a degree in computer engineering. During my college years, I was fortunate to haveprofessors who not only taught me technical skills butalso encouraged me to think critically and pushboundaries. Their influence sparked a deeper interest intechnology, particularly in the area of security. I vividlyrecall working on a project that involved securing anetwork. That hands-on experience was a turning point, it made me realize how much I enjoyed the challenge of solving complex problems related to cybersecurity. The decision to pursue a PG diploma in IT Infrastructure and System Security at CDAC ACTS Pune was another significant moment in my journey. I wanted to specialize in an area that I found both challenging and rewarding. This program was intense, but it equipped me with the skills and confidence I needed to carve out a career in cybersecurity. Looking back, it wasn't just one thing but a series of influences, and experiences that guided me towards this path. And I'm grateful for each one of them. Tell us about your career path After graduating with a degree in computer engineering, I found myself at a crossroads. The field of computer engineering isincredibly vast, and every part of itfascinated me. But I wasn't sure whichdirection to take. To clear my head andfigure out what I really wanted to do, I took a job in a non-technical role at an MNC. That was my first job, and I stayed there foralmost a year. Working in that environment gave me valuable insights into the corporate world and helped me understand the kind of work I wanted to pursue. While working there, I started preparing for the CDAC entrance exam. Once I cleared it, I left my job to focus entirely on my PG diploma. The course was intense and challenging, but it was also incredibly rewarding. My professors and batchmates played a huge role in shaping my knowledge and skills, and by the end of the course, I was certain that I wanted to build my career in information security. My determination paid off when I landed my first technical job as a Security Engineer at Qualys, an Enterprise Cyber Risk & Security Platform . It was a significant achievement for me, especially since it's rare for companies to hire freshers directly into the InfoSec domain. At Qualys, I worked with the Vulnerability Management team, where we researched new CVEs and zero-day vulnerabilities, and developed signatures for vulnerability scanners. A zero-day vulnerability is a security flaw in software or hardware that is unknown to the vendor or developer. Since the vendor is unaware of the vulnerability, no patch or fix is available, making it highly dangerous. The term "zero-day" comes from the fact that once the vulnerability is discovered by malicious actors, the vendor has zero days to fix it before it can be exploited. e.g. suppose Chrome released a new version but it has a small flaw that allows a hacker to bypass security checks and access users' data. If hackers discover and exploit this flaw before the Chrome's developers are aware of it, this is a zero-day vulnerability. A vulnerability scanner is a tool used to identify knownsecurity weaknesses in systems, networks, or applications. These tools scan the target environment,looking for vulnerabilities like misconfigurations, missingpatches or outdated software. They compare thefindings against a database of known vulnerabilities togenerate a report with the details.e.g. mostly every organization runs a vulnerabilityscanner on its network, which identifies known security flaws. The scanner reports these issues so the IT team can prioritize and fix them to secure the network. Thereare tools like Nessus, Qualys, OpenVAS, Nexpose, Astra etc. CVE stands for Common Vulnerabilities and Exposures and is a standardized identifier for known security vulnerabilities. Each CVE entry includes a uniqueidentifier (e.g., CVE-2024-XXXX), a brief description of the vulnerability, and references to further information. CVE helps security professionals share and discussvulnerabilities consistently. How They Relate: • A zero-day vulnerability would not have a CVE initially because it is unknown. • Once a zero-day is discovered and documented, it may be assigned a CVE. • Vulnerability scanners use CVE databases to identify known vulnerabilities in systems, but they might not detect a zero-day vulnerability until it's publicly disclosed and assigned a CVE. This combination of concepts is key in managing andmitigating security risks in any environment. This experience piqued my interest in penetrationtesting, leading me to my current role as a Pen Tester at Mastercard. My career path wasn't linear, but each step taught me something valuable and brought me closer to where I am today. How did you get your first break? My first big break came while I was pursuing my PG diploma at CDAC. The institute has a placementprogram where companies shortlist candidates basedon their merit. When I was selected for an interview, I knew it was going to be a tough day. The interviewprocess was intense. Since companies were hiringfreshers without any prior experience, they needed tomake sure we were the right fit through a series of technical and scenario-based questions. The day of the interview was a rollercoaster of emotions. I had to go through three rounds of technical interviews followed by a HR round, all in one day. Each round wasmore challenging than the last. I was scared, nervous and anxious, constantly wondering what questions I would face and how the interviewers would be. The waiting was nerve-wracking, but when my turn finally came, I gave it everything I had. When I finally walked out of that last interview, I felt a mixture of relief and disbelief. It was hard to tell if I wasdreaming or if this was real. But when I got the news that I had been selected, I was overjoyed. It was one of the happiest moments of my life, and I knew that all the hard work and preparation had paid off. What were some of the challenges you faced? How did you address them? One of the most significant challenges I faced was when I decided to pursue my PG diploma. At that time, my family was going through a financial crisis, and we didn't have the money for the course fees. I was working at an MNC, but the salary was too low to secure a loan . click apply for full job details

Join a team that protects more than systems - help safeguard the financial well-being of thousands. This is your chance to make a real impact as a key defender against cyber threats in a fast-moving, highly regulated industry. If you're passionate about protecting people, data, and infrastructure, this role is calling your name. C2C is not an option with this job opening and all applicants should be able work for any US Employer without sponsorship. Sponsorship is not provided and this person will not need to require sponsorship in the future. Benefits & Extras Work for a mission-driven organization that values cybersecurity at the executive level High-impact role with visibility across multiple departments Fast-paced, challenging environment that rewards proactive thinkers Opportunity to mentor junior analysts and drive operational strategy Compensation $100,000 - $115,000 depending on experience and skillset What You'll Be Doing Leading incident response and managing containment, analysis, and resolution Monitoring security systems (SIEM, EDR, threat intel) to identify and respond to threats Conducting vulnerability assessments and supporting remediation for financial systems Ensuring compliance with GLBA, PCI, FFIEC, and other regulatory frameworks Supporting risk reviews, vendor assessments, and internal audits Participating in security exercises and documentation maintenance Collaborating across compliance, risk, and audit teams What You'll Need to be Considered 3-5+ years of relevant experience Prior experience in financial services, banking, or fintech cybersecurity Expertise with SIEM, EDR, NGFW, and vulnerability management tools Familiarity with scripting (Python, PowerShell) for automation and threat detection Experience conducting third-party risk reviews and regulatory reporting ITAC Solutions firstName lastName Email Address Phone Number Attach Resume Accepted file types: pdf, doc, docx, Max. file size: 16 MB. This field is hidden when viewing the form This field is hidden when viewing the form This field is hidden when viewing the form CAPTCHA Email This field is for validation purposes and should be left unchanged.

About Us Integrity360 is the largest independent cyber security provider in Europe, with a growing international presence spanning the UK, Ireland, mainland Europe, Africa and the Caribbean. With over 700 employees, across 12 locations, and six Security Operations Centres (SOCs)-including locations in Dublin, Sofia, Stockholm, Madrid, Naples and Cape Town-we support more than 2,500 clients across a wide range of industries. Over 80% of our team are technical experts, focused on helping clients proactively identify, protect, detect and respond to threats in an ever-evolving cyber landscape. Our security-first approach positions cyber resilience as a business enabler, empowering organisations to operate with confidence. At Integrity360, people come first. We invest heavily in learning, development and progression, fostering a dynamic culture where innovation, collaboration and continuous growth are at the heart of what we do. If you're ready to take your cyber security career to the next level, we'd love to hear from you. Job role As a Cloud Security Consultant, you'll play a key role in delivering cloud-native security consulting, onboarding threat detection platforms and translating complex security insights into actionable reports, enabling clients to understand risk, prioritise remediation, and strengthen their overall cloud security posture. You'll work with a variety of leading cloud security platforms including Orca Security, Microsoft Defender XDR, Microsoft Sentinel, Microsoft Purview and the broader Microsoft 365 security suite. In this role, you will support the design and implementation of cloud-native security solutions, perform in-depth security assessments across cloud workloads, and contribute to the continuous enhancement of detection and response strategies. This is a dynamic, customer-facing role within a fast-paced and rapidly evolving security practice. It is ideally suited for a seasoned Cloud Security professional with proven experience in delivering cloud security solutions across complex, enterprise-scale environments. You will be expected to lead engagements, contribute to the design and implementation of cloud-native security architectures, and advise clients with confidence across a broad range of threat detection and security posture initiatives. As the practice continues to grow, you'll play a key role in shaping service offerings, driving delivery excellence, and adapting to the evolving needs of our clients and the business. Reporting into the Senior Microsoft & Cloud Security Architect, you will be part of a supportive and experienced team within Professional Services that values growth and continuous learning. You'll have access to ongoing training, certification support, and hands-on exposure to cutting-edge cloud security technologies, empowering you to deepen your expertise and advance your career within a high-performing security practice. Key Responsibilities Lead technical delivery and onboarding of Cloud Native Security Solutions such as CSPM/CNAPP/XDR/SOAR /SIEM platforms. Perform cloud security assessments (e.g., posture review, CSPM, identity risk, threat exposure) Deliver customer workshops, high- and low-level designs, and technical documentation. Contribute to the development of internal methodologies for cloud threat detection and managed services. Perform on site or remote assessments, consultancy and HLD and LLD design services featuring the M365 security stack and other cloud security technology. Stay current with emerging threats, tools, and technologies to ensure the delivery of up-to-date security advice and service offerings. Contribute to internal procedures, and documentation to support the maturity and scalability of the practice. Collaborate with cross-functional teams (Sales, SOC, Architecture, Engineering) to align technical solutions with client business needs. Provide strategic guidance to clients, helping them prioritise security improvements based on risk, business impact, and cloud-native best practices. Develop and deliver tailored security roadmaps, aligning with regulatory, compliance, or cloud governance frameworks (e.g. NIST, ISO, CIS). Conduct gap analysis and risk assessments aligned to cloud security frameworks (e.g., CIS Benchmarks, Azure Well-Architected Framework). Support pre-sales efforts, including solution scoping, client demos, and bid/tender responses where required. While this is a hybrid role, there may be local or global travel requirements from time to time, dependent on customer needs. Requirements Strong experience with the Microsoft 365 Security Stack, including Defender for Endpoint, Defender for Identity, Defender for Office 365, Microsoft Defender for Cloud Apps, and Microsoft Defender for Cloud. Hands-on experience with Microsoft Azure security controls and services; equivalent exposure to GCP or AWS is also acceptable. Proficiency with CSPM, CNAPP, or vulnerability management platforms. Sound understanding of cloud security design principles, including identity, access, data protection, threat detection, and monitoring. Ability to translate technical risk into business context and communicate effectively with both technical and non-technical audiences. Excellent written and verbal communication skills, including documentation, reporting, and presentation. Client-facing experience, with a track record of contributing to successful project delivery Ability to work independently in a fast-paced environment, while also collaborating effectively with wider teams. Strong analytical mindset, self-motivated learner, and passionate about cloud security trends and technologies. Good understanding of security frameworks and methodologies such as MITRE ATT&CK, NIST, ISO/IEC 27001, CIS Benchmarks. Desired 5+ years of experience in a similar role such as Cloud Security Consultant, Cloud Security Engineer, or Cloud Security Architect. Minimum of 3 years' experience in Professional Services. managed security services, preferably in a next generation SOC environment or in an MSSP or MDR provider Experience with SIEM and SOAR platforms, particularly Microsoft Sentinel or Google Chronicle, including rule tuning, KQL, and automation. Knowledge of infrastructure-as-code and security automation (e.g., Bicep, Terraform, Logic Apps, PowerShell). Exposure to compliance-driven environments (e.g. ISO 27001, PCI-DSS, GDPR). Desired Qualifications Microsoft Certified: Azure Security Engineer Associate (AZ-500) Microsoft Certified: Security Operations Analyst (SC-200) Identity & Access Administrator (SC-300) Cybersecurity Architect Expert (SC-100) ISC Certified Cloud Security Professional (CCSP) CISSP CompTIA N+ CompTIA Security+ What we will provide for you: Opportunity to enhance your skills, knowledge and gain experience in key leading technology and security services. An opportunity to attend conferences held by leading Security Vendors / Organisations. Opportunities to expand your experience by learning new products with further opportunity to influence product/service strategy for the group. A leadership team who has a worthwhile mission and who excel at that mission. A chance to work with one of the market leaders in Information Security (Winner of Managed Security Service Provider 2017, Winner of Best Place to work in IT 2016, Nominated for EY, EOY 2015, Winner of the AIB Enterprise of the Year Award 2013). Join a Company that has been awarded the Elite Award for Growth Strategy of the Year, Ireland 2018. Opportunity to gain experience and knowledge in a key field of expertise. Exposure to many different verticals in Ireland and the UK - Govt, Financial, Pharma and SMEs. A team of highly experienced technology and security professionals to work with, learn and receive support from.