This job offer is not available in your country.
Cyber Security Specialist
Tech MahindraBengaluru, Karnataka, India8 days ago
Job description4+ years of hands-on experience with Sonatype Nexus IQ Server in an enterprise environment. Strong understanding of Software Development Life Cycle (SDLC) with a focus on security. Strong expertise in open-source Software security, vulnerability management, and license compliance. Proficiency in DevSecOps practices, including CI / CD integration (Jenkins, GitLab, GitHub Actions, etc.) Experience with software composition analysis (SCA) tools and dependency management (Maven, npm, pip, etc.) Knowledge of OWASP Top 10, CVE, and MITRE ATT&CK frameworks related to OSS risks. Familiarity with container security (Docker, Kubernetes) and SBOM (Software Bill of Materials) generation. Good to have scripting skills (Bash, Python, Groovy) for automation and tool customization. Excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders. 7+ years of experience into cybersecurity, Information security or security engineering. Strong DevSecOps and Software security background. Desirable to have one or more industry-recognised cybersecurity-related certifications including CISSP, CRISC, CISM, OSCP. Bachelor or Masters degree in Computer Science, Information Technology, Cybersecurity or equivalent.
About the Company
We are seeking a highly skilled and self-driven FOSS Sonatype IQ Subject Matter Expert (SME) to join our Secure Development Cybersecurity team. This role is crucial to strengthening our software supply chain security and ensuring open-source compliance across development teams in Global business and functions.
About the Role
The ideal candidate will possess deep expertise in Sonatype IQ Server along with other OSS scanning tools (like Snyk, Black Duck, Dependency-Track, Crowd Strike), a strong grasp of modern DevSecOps practices, and hands-on experience in establishing FOSS usage policies in enterprise environments. In this role, you will be responsible for ensuring the secure code adoption, governance, and compliance of open-source software security across the organization. You will work closely with development, security, and technology teams to mitigate risks, enforce policies, and enhance the security posture of open-source software.
Responsibilities
- Serve as the primary advisor and technical expert for Sonatype Nexus IQ Server and open-source dependency vulnerability scanning.
- Implement and maintain Sonatype IQ integrations within CI / CD pipelines to automate security and compliance checks.
- Analyze and remediate vulnerabilities, license risks, and policy violations in open-source dependencies.
- Develop and enforce software composition analysis (SCA) best practices across development teams.
- Collaborate with security teams to prioritize and mitigate OSS vulnerabilities based on risk assessments.
- Create and maintain custom policy configurations in Sonatype IQ to align with organizational security standards.
- Train and mentor engineering teams on secure OSS usage, dependency management, and DevSecOps best practices.
- Work to uplift the vulnerability scanning and remediation capabilities to meet enhanced Service Level Agreements (SLAs), ensuring timely and effective resolution of security vulnerabilities.
- Monitor and report on FOSS risk metrics, providing actionable insights to leadership.
- Stay updated on emerging software supply chain threats and recommend proactive security measures.
- Support SBOM interlock and proactively participate in wider SBOM program.
- To perform security assessment and identify potential risk with open source LLMs.
Qualifications
Required Skills
Job Title : FOSS Sonatype IQ SME
Location : India (Bengaluru, Hyderabad, Pune)
CSAT- Cybersecurity
Create a job alert for this search
Cyber Security Specialist • Bengaluru, Karnataka, India
Related jobs
We are looking for a proactive and experienced.In this role, you will design, implement, and maintain.The ideal candidate will have deep.
Monitor cloud environments for.AWS-native and third-party to...Show moreLast updated: 11 hours ago
)
![AVP - Cyber Security Specialist [T500-20014]](https://cdn-logos.talent.com/v1/logo/image?feedcode=whatjobs-in&company_name=MUFG)
- Promoted
Cyber Security Engineer
YASH Technologieshosur, tamil nadu, in The AppSec Engineer is a specialized cybersecurity role focused on DevOps engineering principles.While the expectation of their sibling role – SAE – is to have practical working security knowledge,...Show moreLast updated: 24 days ago
- Promoted
Cyber Security Analyst
Madre Integrated EngineeringBengaluru, Karnataka, India As a Cyber Security Analyst, they will be responsible for safeguarding the digital infrastructure of our clients.Following the protocols and services put forward by global cybersecurity leaders you...Show moreLast updated: 18 days ago
- Promoted
Cyber Security Specialist
FlipkartBengaluru, Karnataka, India We are hiring Cyber Security Engineers at Flipkart.Investigate, document, and report on information security issues and emerging threats.
Provide Incident Response (IR) support when analysis confirm...Show moreLast updated: 26 days ago
- Promoted
Technical Specialist-Fortinet SASE
NTT DATA, Inc.Bengaluru, Karnataka, India Senior L3+ Network Security Engineer (Fortinet SASE).Certifications (Preferred) : FCSS – SASE, FCSS - SD-WAN.We are seeking a Senior L3+ Network Security Engineer with 6+ years of hands-on implement...Show moreLast updated: 4 days ago
- Promoted
Cyber Security Senior Architect
Jaguar Land Rover Indiabangalore, karnataka, in Knowledge, Skills and Experience.Proven track record of leading a development team on the architectural / technical side delivering software.
Minimum of a Bachelor degree in a technological engineer...Show moreLast updated: 26 days ago
- Promoted
Cyber Security Engineer with Splunk
IntraEdgehosur, tamil nadu, in This role will lead the development and implementation of intelligent security solutions using SIEM, SOAR, and machine learning to enhance detection, response, and operational efficiency across the...Show moreLast updated: 8 days ago
- Promoted
Lead Security Engineer
interface.aihosur, tamil nadu, in Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 26 days ago
- Promoted
- New!
Network Security Engineer
Next Digital RecruitmentBengaluru, Karnataka, India Job Title : Cyber Security Engineer L3 and Team Leads.Design, deploy, and manage security architectures focusing on SSE, SASE, and Identity Management solutions.
Operate and maintain security tools a...Show moreLast updated: 15 hours ago
- Promoted
Cyber Security Engineer
L&T Technology ServicesBengaluru, Karnataka, India Domain : Automotive Cybersecurity.Security feature development - Secure boot, Secure diagnostics, Secure JTAG, Secure Flashing, Secure FOTA / AOTA, AUTOSAR (CSM / Cryif / Crypto / DCM), HSM / HSE based servic...Show moreLast updated: 8 days ago
- Promoted
Cyber Security Engineer
Vista Applied Solutions Group Inchosur, tamil nadu, in Hiring Sr Cyber Security Engineer | Long Term Contract | Remote.Job Title : Sr Cyber Security Engineer – Product Security.
Location : Mostly Indian business hours, some cross over with US and EU teams...Show moreLast updated: 8 days ago
- Promoted
- New!
Security Engineer (Remote)
DigiHelic Solutions Pvt. Ltd.hosur, tamil nadu, inRemote
- Promoted
- New!
Cyber Security Consultant
Dautomhosur, tamil nadu, in Act as the technical consultant for assigned cybersecurity tasks and milestones.Plan, deploy, and manage Trellix products : .
Trellix DLP (Data Loss Prevention).Trellix ePO (ePolicy Orchestrator).Trel...Show moreLast updated: 11 hours ago
- Promoted
Cyber Security Engineer
CUS Techhosur, tamil nadu, in We are seeking a highly skilled and detail-oriented.The ideal candidate will have strong technical expertise in security tools, frameworks, and compliance standards, along with a proactive approach...Show moreLast updated: 25 days ago
- Promoted
Cyber Security Specialist
Obrimo TechnologiesBangalore, IN We are looking for an experienced.This role involves working closely with clients to.Analyze business requirements, define.
ServiceNow best practices, and guide teams through technical challenges.Co...Show moreLast updated: 5 days ago
- Promoted
Security Technology Lifecycle Analyst
HR PLACEMENT CONSULTANTS (HRPC)Bangalore Rural, Karnataka, India Position - Analyst - Security Technology Lifecycle Analyst.Job Type - Full-time (Third party payroll •).The Security Technology Lifecycle Analyst plays a critical role in supporting the Corporate Se...Show moreLast updated: 20 days ago
- Promoted
AVP - Cyber Security Specialist [T500-20014]
MUFGBengaluru, India Japan’s premier bank, with a global network spanning in more than 40 markets.Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to busin...Show moreLast updated: 6 days ago
- Promoted
Network Security Engineer
RSEChosur, tamil nadu, in RSEC is a cybersecurity research and development company known for its advanced solutions and expert consultation services.
We specialize in offering cutting-edge cybersecurity technologies to prote...Show moreLast updated: 30+ days ago
- Promoted
Lead Security Engineer
Arcanahosur, tamil nadu, in As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between.
You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago