3 Common Vulnerabilities Jobs

As a Penetration Tester, you will be responsible for conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests, and Cloud on system and network levels using advanced ethical hacking techniques. Your role will involve Application Penetration Testing (Browser-based, API, Mobile, IoT), Threat Modeling, and Source Code Review. You will perform penetration testing on web applications and APIs to identify, assess, and report vulnerabilities. Additionally, you will conduct red team exercises to identify weaknesses in clients" infrastructure and provide remediation solutions. You will be required to organize and deliver technical security operational briefings for both technical and non-technical audiences. Setting scope, objectives, and timelines for penetration testing engagements, leveraging data to create useful metrics, and performing dynamic application security testing (DAST) scans are also part of your responsibilities. Furthermore, you will play a critical role in building an AppSec program with a wide scope and impact by researching open-source emerging technologies and developing required frameworks for red team exercises. To qualify for this role, you should have a Bachelor's degree in Engineering or a closely related field with certifications like OSCP, CEH, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN being desirable. A total of 4+ years of experience is required, along with knowledge and experience in offensive security certifications, secure development life cycle, common vulnerabilities, application attack vectors, security testing processes, and network security protocols. You should have familiarity with common threat tactics and tools such as Nmap, Metasploit, Kali Linux, Burp Suite Pro, CobaltStrike, App Detective, and Web Inspect. Experience in cloud service penetration testing, mobile platform penetration testing, and microservices testing will be beneficial. Additionally, you should possess the ability to find and exploit bugs in various programming languages and cloud platforms. Personal attributes required for this role include being a self-starter, quick learner, excellent analytical and communication skills, self-motivated, detail-oriented, and able to effectively prioritize tasks in a high-pressure environment. Strong interpersonal skills to collaborate cross-functionally across the organization are essential. This is a full-time contractual/temporary position with a duration of 6 months, requiring work to be conducted in person at the Hyderabad location. If you meet the qualifications and are interested in this opportunity, please contact the employer at +91 9966773665.,

About the internship: As an intern at Innobuzz Learning Solutions, your primary responsibilities will include conducting security assessments of web apps, mobile apps, and APIs. You will be required to research the latest cybersecurity trends and collaborate with the team to create cybersecurity user awareness sessions on social media. Additionally, you will assist senior cybersecurity professionals in Vulnerability Assessment and Penetration Testing (VAPT) projects, which involves performing vulnerability management and reporting. It will also be your responsibility to develop and maintain detailed documentation of security assessments, findings, and remediation efforts. Keeping yourself updated with the latest cybersecurity threats, vulnerabilities, and best practices is crucial. Furthermore, you will research critical Common Vulnerabilities and Exposures (CVEs) and develop Proofs of Concept (POCs) for the assessment teams. Who can apply: This internship is open to candidates who are available for a full-time, in-office commitment for a duration of 6 months. Applicants should possess relevant skills and interests in cybersecurity. Stipend: INR 10,000-20,000 per month Other perks: In addition to the stipend, interns will receive a certificate, letter of recommendation, and opportunities for industry visits. Location: NSP, Pitampura, Delhi About Company: Innobuzz Learning Solutions has been a leader in providing top skills in Ethical Hacking, Cybersecurity, CISE, ADIS, CEH, and CompTIA certifications for over 20 years. The expert-led courses in Delhi & NCR are designed to equip individuals with the necessary knowledge to protect against evolving cyber threats. The company also offers cybersecurity services, such as threat analysis, penetration testing, security audits, and vulnerability assessments, to assist businesses in maintaining their security in a digital world. Job Type: Internship Contract length: 6 months Benefits: - Commuter assistance - Flexible schedule - Paid time off - Work from home options Schedule: Day shift Performance bonus Work Location: In person Expected Start Date: 20/01/2025,

As a Lead Product Security Analyst expert, you will join the Product Security team at the forefront of the digital transformation within the global organization. Your role will involve leading security architecture reviews, threat modeling, and risk assessments for complex systems and products. You will define and drive the adoption of secure development practices across engineering teams, collaborate with various stakeholders to embed security into product roadmaps and design decisions, and develop scalable security frameworks, standards, and automation tools. In addition, you will be responsible for conducting advanced security testing, overseeing remediation efforts, evaluating and integrating security tools into CI/CD pipelines, and serving as a mentor and technical leader for junior analysts and engineers. Your expertise will be crucial in collaborating with incident response and vulnerability management teams to address product-related security issues and staying ahead of emerging threats and technologies to translate them into actionable strategies. To excel in this role, you should possess a Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field, along with at least 6 years of experience in application/product security. A deep understanding of secure coding, software architecture, common vulnerabilities, proficiency in multiple programming languages, experience with cloud-native security and containers, as well as strong communication and leadership skills are essential for success. Desired characteristics include industry certifications such as OSCP, CISSP, CSSLP, or GIAC, experience in threat modeling methodologies, familiarity with compliance and regulatory standards, and contributions to open-source security tools or research. By working with Baker Hughes, an energy technology company known for revolutionizing the energy industry, you will have the opportunity to innovate, grow, and contribute to a safer, cleaner, and more efficient future.,