221 Metasploit Jobs

Job Title: Cloud Cybersecurity Specialist Location: Bangalore, India Experience: 5–8 Years Notice Period: Immediate to 30 Days Salary: Up to ₹25 LPA Job Overview: We are seeking a skilled Cloud Cybersecurity Specialist with 3+ years of focused experience in application and cloud security. The ideal candidate will be proficient in leading security tools and familiar with regulatory compliance and emerging AI/ML security practices. This role will play a key part in ensuring the integrity, confidentiality, and availability of systems deployed on cloud platforms. Key Responsibilities: Conduct vulnerability assessments and penetration testing on cloud applications and services. Utilize tools like Burp Suite , Metasploit , Nessus , OWASP ZAP , and SonarQube for security analysis. Implement and enforce security best practices for cloud infrastructure. Ensure compliance with data privacy regulations such as GDPR and CCPA . Provide guidance on secure coding practices and application hardening. Monitor systems for security breaches and investigate violations. Contribute to the development of security policies and incident response plans. Stay updated with the latest trends in cybersecurity, including AI/ML security frameworks . Technical Requirements: 3+ years of hands-on experience in cybersecurity , especially in cloud and application security . Strong knowledge of security tools : Burp Suite, Metasploit, Nessus, OWASP ZAP, SonarQube. Understanding of data protection regulations (e.g., GDPR, CCPA). Basic familiarity with AI/ML security tools and frameworks . Solid grasp of cloud platforms (AWS, Azure, GCP) and secure deployment principles. Soft Skills: Strong analytical and troubleshooting abilities. Excellent communication and documentation skills. Ability to work in cross-functional teams and fast-paced environments. Be a key defender of digital trust—apply now to secure tomorrow's cloud. Job Types: Full-time, Permanent Pay: ₹2,300,000.00 - ₹2,500,000.00 per year Schedule: Day shift Work Location: In person

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE, while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia Location: Pune https://isa.ae/ Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8/1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045 Job Title: Security Engineer (Penetration Tester) Job Type: Full-time Reports To: Security Architect Job Overview: We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture. Key Responsibilities: 1. Firewall, Endpoint & WAF Security Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point). Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF). Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne . Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles . 2. Microsoft Security Layer Implementation a. Microsoft Email Security Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats. Implement Safe Links, Safe Attachments, and Anti-Phishing policies . Monitor and respond to email security alerts in Microsoft Security Portal . Conduct email security threat hunting using Defender for O365 and advanced hunting queries. b. Microsoft Endpoint Security Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices. Enforce attack surface reduction (ASR) rules for endpoint protection. Configure endpoint compliance policies using Microsoft Intune . Implement DLP (Data Loss Prevention) policies to prevent data exfiltration. c. Compliance & Risk Management Implement and monitor Microsoft Purview Compliance Manager for risk assessment. Enforce Information Protection & Encryption Policies using Microsoft Purview. Configure and manage Conditional Access Policies in Microsoft Entra ID . Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR . 3. Dark Web Monitoring & Brand Protection Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats. Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence. Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains . Collaborate with legal and compliance teams to enforce takedowns of malicious content. 4. Fraudulent Incident Investigation & Threat Hunting Investigate fraud incidents, phishing attempts, and business email compromise (BEC) . Conduct forensic analysis on compromised endpoints, servers, and email accounts. Develop and implement threat intelligence and threat hunting processes. Work closely with SOC teams for incident response and mitigation . 5. VAPT & IT Security Operations Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments. Implement and manage intrusion detection/prevention systems (IDS/IPS) . Monitor, analyze, and mitigate vulnerabilities from external and internal security scans . Work with teams to remediate vulnerabilities and harden IT assets. 6. IT Security & Compliance Management Develop and enforce security policies, standards, and procedures . Implement Zero Trust Architecture and IAM policies . Conduct security awareness training and phishing simulations. Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards . Required Qualifications & Skills: Technical Skills: ✅ Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point ✅ Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance ✅ Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne ✅ WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare ✅ VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP ✅ SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK ✅ Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center ✅ IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM ✅ Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence Soft Skills: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to work independently and in cross-functional teams. Proactive security mindset with attention to detail. Certifications (Preferred, but not mandatory): ✔️ CISSP – Certified Information Systems Security Professional ✔️ CEH – Certified Ethical Hacker ✔️ OSCP – Offensive Security Certified Professional ✔️ CISM/CISA – Certified Information Security Manager/Auditor ✔️ Microsoft Certified: Cybersecurity Architect (SC-100) ✔️ Microsoft Certified: Security Operations Analyst (SC-200) ✔️ Microsoft Certified: Information Protection Administrator (SC-400) Experience Required: 🔹 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence . 🔹 Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance . 🔹 Strong experience in fraud investigation, dark web monitoring, and brand protection . 🔹 Proven ability to secure cloud, hybrid, and on-premise environments . . Please send resumes to careers@isa.ae

Job Description: Application Security Analyst Position Overview: We are seeking a skilled and motivated VAPT Analyst to join our dynamic team. The ideal candidate will have a strong background in performing Security Assessment and Testing (SAST, DAST), along with expertise in Mobile Application Testing for both Android and iOS platforms. The role involves identifying, assessing, and remediating security vulnerabilities across various systems and applications to ensure the integrity and confidentiality of our organization's data. Key Responsibilities: - Conduct comprehensive vulnerability assessments and penetration tests on web applications, networks, and systems to identify security weaknesses and potential threats. - Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) using industry-standard tools and methodologies. - Evaluate mobile applications for security vulnerabilities and conduct both manual and automated testing on Android and iOS platforms. - Collaborate with cross-functional teams to analyze and interpret security assessment results, prioritize findings, and recommend remediation strategies. - Develop detailed reports documenting assessment findings, risk levels, and recommended mitigation measures for stakeholders. - Stay current with emerging security threats, vulnerabilities, and best practices in the field of information security. - Participate in security incident response activities and contribute to the development and enhancement of security policies and procedures. Required Qualifications: - Bachelor's degree in Computer Science, Information Security, or related field. - Minimum of 3 years of experience in performing vulnerability assessments and penetration testing. - Hands-on experience with industry-leading security assessment tools such as Burp Suite, Nessus, Metasploit, and OWASP ZAP. - Proficiency in conducting Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) using tools like Checkmarx, Fortify, or Veracode. - Strong understanding of common web application vulnerabilities (e.g., SQL injection, XSS, CSRF) and mobile application security principles. - Experience in testing mobile applications on both Android and iOS platforms, including knowledge of platform-specific security controls and vulnerabilities. - Excellent analytical and problem-solving skills with the ability to prioritize and manage multiple tasks in a fast-paced environment. - Effective communication skills with the ability to convey technical information to non-technical stakeholders. - Relevant industry certifications such as eWPT, eMAPT, Certified Mobile Pentester – Android (CMPen-Android), the Certified Mobile Pentester – iOS (CMPen-iOS) are preferred. Preferred Qualifications: - Experience in conducting Red Team exercises and simulated attacks. - Familiarity with DevSecOps practices and integrating security into the software development lifecycle (SDLC). - Understanding of regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS) and their implications for security assessments.

Role Overview As AVP/VP – Cybersecurity Operations, you will provide strategic and technical leadership for NopalCyber’s Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery. You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development. Key Responsibilities Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction. Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments. Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies. Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations. Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement. Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages. Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility. Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded. Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces. Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services. Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity. Required Qualifications Bachelor's degree in Engineering, Computer Science, or a related field; a Master’s is preferred. 12–18 years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains. Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs. Preferred Certifications Mandatory: OSCP, CEH Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP Desired Skills In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques. Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect. Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments. Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines. Capability to present complex technical findings in clear, business-relevant language to executive stakeholders. Leadership Attributes Strategic thinker with a track record of scaling cybersecurity programs or service lines. Proven ability to lead, mentor, and retain high-performing technical teams. Exceptional client engagement and communication skills. Ability to influence and collaborate across teams and functions to drive security outcomes. #PenetrationTesting #RedTeamOperations #ApplicationSecurity #OffensiveSecurity #CybersecurityLeadership #CloudSecurity #ThreatModeling #OWASP #StakeholderManagement #OSCP #MITREATTACK

Why Join SecureLayer7? At SecureLayer7, you’re not just an employee—you’re part of a team that thrives on solving tough challenges, exploring the unknown, and making an impact. If you’re excited about breaking systems to make them stronger and securing the future of technology, we’d love to have you onboard. As part of our offensive security team, you’ll work with cutting-edge tools, innovative techniques, and an experienced team to challenge the status quo and strengthen the digital landscape. Key Responsibilities - Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Work closely with Blue Teams in Purple Team exercises to enhance detection and response capabilities. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Required Skills & Experience - Deep understanding and extensive experience in penetration testing methodologies and tools. Strong technical knowledge of various technologies and the ability to quickly learn and adapt to new ones. A passion for learning new technologies and breaking them apart is essential. Expertise in Active Directory attacks and defenses. Proficiency with tools such as Metasploit, Cobalt Strike, BloodHound, and similar offensive security frameworks. Knowledge of hacking methods and frameworks like MITRE ATT&CK. Strong scripting skills (Python, PowerShell, Bash) and experience in manual exploitation techniques. Certifications such as OSCP, OSEP, CRTO, or equivalent are highly valued. What We Offer Competitive salary and benefits package. Exciting projects that challenge your skills and creativity. A collaborative environment where you’ll learn and grow alongside top talent. Access to cutting-edge tools and resources to stay ahead in the cybersecurity field. Opportunities to shape the future of offensive security and contribute to meaningful projects

Job Title: Senior SOC Analyst (L2/L3) – Threat Detection | SIEM Experience: 8+ Years Key Skills / Keywords: SOC Analyst | Threat Detection | SIEM (ArcSight, Splunk) | Incident Response | EDR (CrowdStrike, SentinelOne) SOAR Automation | Malware Analysis | RCA | CHFI | MITRE ATTCCK | VAPT | Cybersecurity Operations | Red/Blue Team | L3/L4 Security Support | GovTech Cybersecurity | ISO 27001 | NIST CSF Roles and Responsibilities Security Monitoring & Threat Detection: Operate SIEM platforms (ArcSight, Splunk, ELK) for real-time threat visibility Build and tune custom correlation rules, use cases, and threat detection dashboards Perform IOC analysis, log correlation, and malware behavior inspection Incident Response & RCA Ownership: Lead incident triage, containment, and recovery processes Conduct deep forensic investigations using CHFI methodologies (host, network, memory) Document RCA reports, incident timelines, and post-mortem summaries Act as L2/L3 escalation point within the SOC Threat Hunting & Vulnerability Management: Execute threat hunts using MITRE ATTCCK, anomaly baselines, and behavioral analytics Collaborate with VAPT teams on identifying and closing security gaps Analyze exploits and simulated attacks using Metasploit, Burp Suite, OpenVAS, Nessus Automation & Knowledge Sharing: Use or contribute to SOAR platforms and response playbook development Mentor junior analysts and lead security awareness initiatives (KnowBe4) Contribute to internal cyber threat intelligence practices and secure configurations Candidate Profile Experience: 8–12 years in SOC, Threat Detection, and Cybersecurity Operations Role Type: Individual Contributor, L2 Hands-On Specialist Strong communication skills: Able to document, articulate, and coordinate effectively with technical and non-technical stakeholders. Location: Onsite – Manesar, Haryana (Government Sector Deployment) Availability: Immediate or within 1 month Engagement: Full-time via VVNT SEQUOR LLP Preferred Qualifications Bachelor’s in Cybersecurity, Information Security, or IT Certifications preferred: CHFI, CEH, Security+, GCIA, GCFA Splunk Certified Analyst, PCNSE, AWS Security Essentials Experience with: Tripwire, KnowBe4, or Azure Sentinel / AWS GuardDuty

About Workafy: Join Workafy, a freelance marketplace connecting 500,000+ professionals with global opportunities. Work on projects that match your skills, anytime, anywhere. Job Description: Seeking expert Cyber Security Engineers to help clients protect digital assets, perform audits, and strengthen security frameworks. Responsibilities: Identify vulnerabilities and perform penetration testing. Implement firewalls, encryption, and secure protocols. Monitor threats and respond to incidents. Requirements: Proven experience in cybersecurity and network protection. Familiarity with tools like Wireshark, Metasploit, or Splunk. Understanding of compliance standards (ISO, GDPR, etc.). Why Join Us? Work on mission-critical security projects. Flexible freelance opportunities. Be part of a thriving professional network. Apply now at workafy.com and grow your freelance career as a Cyber Security Engineer!

We are seeking an experienced and passionate Cybersecurity Trainer to join our team. The ideal candidate will have strong technical expertise in cybersecurity domains and a passion for teaching and mentoring. You will be responsible for delivering engaging, practical training sessions to students or professionals, preparing them for industry-recognized certifications and real-world challenges. Key Responsibilities: Design and deliver cybersecurity training programs (online/offline) Create course content, labs, quizzes, and study materials Provide guidance on certification paths like CEH, CompTIA Security+, CISSP, etc. Conduct assessments and provide feedback to learners Stay updated with the latest cybersecurity trends and tools Support learners in resolving queries and understanding concepts Assist in curriculum updates and improvements Required Skills & Qualifications: Minimum 5 years of experience in cybersecurity or related fields In-depth knowledge of cybersecurity fundamentals, network security, ethical hacking, vulnerability assessment, and risk management Hands-on experience with tools like Wireshark, Nmap, Metasploit, Burp Suite, etc. Familiarity with common cyber threats and mitigation strategies Strong communication and presentation skills Experience in mentoring or training others (formal or informal) Industry certifications preferred: CEH, CompTIA Security+, CISSP, CISA, etc. Job Type: Full-time Pay: ₹30,000.00 - ₹60,000.00 per month Application Question(s): Have you previously worked as a trainer or delivered technical workshops? Are you fluent in English and comfortable conducting technical sessions? Experience: teaching: 5 years (Preferred)

Job requisition ID :: 81577 Date: Jun 21, 2025 Location: Chennai Designation: Consultant Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Position: Cybersecurity Intern Company: INLIGHN TECH Location: Remote (100% Virtual) Duration: 3 months Top Interns Stipend: 15,000 Potential for Full-Time Employment: Based on performance; Certificate of Internship provided About INLIGHN TECH: INLIGHN TECH provides hands-on experience to students and recent graduates. Our unpaid Cybersecurity Internship offers practical exposure to threat analysis, vulnerability assessment, and security operations. Responsibilities: Assist in identifying and mitigating security vulnerabilities. Conduct penetration testing and ethical hacking assessments. Monitor and analyze security incidents and threats. Support in developing security policies and best practices. Qualifications: Enrolled in/recent graduate of Cybersecurity, Computer Science, or a related field. Basic knowledge of cybersecurity concepts, network security, and threat analysis. Familiarity with ethical hacking tools (Metasploit, Burp Suite, Wireshark, etc.) (preferred). Strong analytical and problem-solving skills. Benefits: ✅ Hands-on experience with real cybersecurity projects. ✅ Internship Certificate & Letter of Recommendation. ✅ Build your cybersecurity portfolio and gain industry exposure. 🚀 Apply now and start your journey in Cybersecurity!

Responsibilities Deliver engaging and informative cybersecurity courses to college students covering topics such as network security, ethical hacking, cybersecurity fundamentals, and more. Facilitate hands-on lab exercises, simulations, and practical projects to enhance students' practical skills. Provide timely feedback to students on their performance and offer support to those who may be struggling with the course material. Foster a positive and inclusive learning environment that promotes student participation and discussion. Collaborate with colleagues and cybersecurity professionals to stay aligned with industry standards and share best practices. Qualification: Minimum 1 year of experience Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related field. Industry certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), Ejpt etc Experience with various security tools and technologies such as Metasploit, Kali Linux, Wireshark, and more Strong passion for cybersecurity and educating others. Excellent communication and presentation skills Ability to adapt to various teaching methodologies. Patience and a commitment to student success.

Job Title: Faculty – Cyber Security & Machine Learning Location: Mira Road, Thane Position Type: Visiting Faculty Job Summary: We are seeking an experienced and passionate faculty member to teach and mentor undergraduate students in the field of Cyber Security and Machine Learning. The selected candidate will be responsible for delivering course content, designing assessments, mentoring students on practical implementations, and driving academic excellence in the subjects Ethical Hacking and Machine Learning I, as outlined by the University of Mumbai syllabus. Key Responsibilities: Academic Delivery ● Conduct theory and practical sessions for: ○ Ethical Hacking (including network security, cryptography, web security, hardware security) ○ Machine Learning I (including supervised & unsupervised learning, ensemble techniques, SVM, dimensionality reduction) ● Create lesson plans, lecture notes, and assessment tools aligned with syllabus ● Use tools such as Cisco Packet Tracer, Kali Linux, Metasploit, SQLMap, Wireshark, Jupyter Notebooks, Scikit-learn, and others during practical sessions ● Assign and evaluate laboratory work, tutorials, and case studies ● Encourage students to use digital tools and platforms (e.g., DVWA, OWASP, Kaggle, UCI datasets) Assessment & Evaluation ● Conduct internal assessments as per academic guidelines ● Prepare, administer, and grade exams, assignments, and projects ● Maintain timely and accurate records of grades and student progress Qualifications & Experience: Minimum Qualifications: ● Master’s degree in Computer Science / Cyber Security / Information Technology / Data Science / Artificial Intelligence or equivalent Experience: ● Minimum 2–5 years of teaching or industry experience in ethical hacking, information security, or applied machine learning Preferred Skills: ● Hands-on with penetration testing tools (e.g., Wireshark, John the Ripper, Metasploit) ● Familiarity with ML libraries: Scikit-learn, TensorFlow, etc. ● Experience with classroom and lab-based instruction ● Strong communication and mentoring skills Desirable Certifications: ● CEH (Certified Ethical Hacker) ● CompTIA Security+ ● Offensive Security Certified Professional (OSCP) ● Machine Learning or AI certifications (Coursera, edX, etc.) Remuneration: Rs. 2000 per hour (Negotiable)

Company - Our client is a global leader in business services and customer experience solutions, ranked among the Fortune 500 and recognized for its culture-first approach and commitment to innovation and velocity. With a rapidly growing security division following recent acquisitions, this company offers a dynamic and fast-paced environment for tech professionals. Job Title - Application Security Analyst Location - Remote in India Role Type - Contract, 6 months with potential 6-month extension Must Have Skills: Application security testing experience, including penetration testing Web application testing expertise Proficiency with static code analysis (SAST) Proficiency with dynamic application security testing (DAST) Ability to communicate effectively in English Responsibilities and Job Details: Perform vulnerability assessments and penetration testing on web applications, APIs, databases, mobile, and cloud environments. Conduct secure code reviews to identify critical flaws and ensure secure coding practices. Utilize tools such as Burp Suite, Fortify, Checkmarx, WebInspect, Acunetix, and Metasploit for assessments and exploitation. Schedule and prioritize security assessments using SAST/DAST methodologies. Implement and maintain CI/CD pipelines with integrated security testing. Collaborate with governance teams to align security tools with organizational policies. Monitor and evaluate Generative AI risks in application security contexts. Ensure compliance with internal security policies and industry standards. Provide feedback to developers and report vulnerabilities and mitigations to management. Reproduce, document, and retest identified vulnerabilities. Drive continuous improvements in security assessment processes and tooling. Analyze scan results and recommend remediation plans to stakeholders.

Responsibilities Cybersecurity Analyst – Job Description Monitor and respond to security incidents across networks and systems. Conduct vulnerability assessments and penetration testing. Implement and manage security tools like firewalls, IDS/IPS, and antivirus. Ensure compliance with security standards (e.g., ISO 27001, NIST). Prepare reports and recommend mitigation strategies. Tools Often Used Nessus for vulnerability scanning. Metasploit for exploit development and testing. Burp Suite and OWASP ZAP for web application security testing. Skills:- Cyber Security, cloud Security, Nessus, Burp suite, Metasploit, OWASP ZAP, GDPR and CCPA

Cybersecurity Consultant - VAPT Location : Bhopal, Madhya Pradesh, India Job Type : Full-time, Permanent Experience Level : 1 - 5 Years Salary : ₹2,50,000 - ₹5,00,000 per annum (based on experience and certifications) Position Overview We are seeking a skilled and motivated Cybersecurity Consultant specializing in Vulnerability Assessment and Penetration Testing (VAPT). The ideal candidate will have a passion for ethical hacking and a strong desire to identify and remediate security weaknesses. In this hands-on role, you will be responsible for performing security assessments on our clients' web applications, mobile applications, and network infrastructure to help them strengthen their security posture. Key Responsibilities & Duties Perform comprehensive Vulnerability Assessments and Penetration Testing (VAPT) on web applications, mobile applications (iOS/Android), network infrastructure, and APIs. Utilize a combination of automated scanning tools (e.g., Nessus, Burp Suite Pro, Acunetix) and manual testing techniques to identify vulnerabilities. Apply standard testing methodologies such as OWASP Top 10, SANS Top 25, and NIST frameworks. Analyze findings, perform root cause analysis, and assess the level of risk associated with each vulnerability. Prepare detailed, high-quality VAPT reports that clearly outline findings, identified risks, and provide actionable remediation recommendations for both technical and non-technical audiences. Collaborate with client development and IT teams to explain vulnerabilities and advise on effective mitigation strategies. Perform re-testing to validate the successful closure of reported vulnerabilities. Stay updated with the latest cybersecurity threats, attack vectors, vulnerabilities, and ethical hacking techniques. Required Skills & Qualifications Education: Bachelor's degree (B.Tech/B.E.) in Computer Science, Information Technology, or a related field. Experience: 1 to 5 years of hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT). Technical Skills: o Strong understanding of network protocols (TCP/IP), system architecture, and fundamental security concepts. o Proficiency with VAPT tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, etc. o Solid knowledge of OWASP Top 10 vulnerabilities and other common security flaws. o Experience in manual penetration testing of web and mobile applications. o Excellent report writing, documentation, and communication skills. Preferred Certifications & Skills Holding one or more of the following certifications is highly desirable: o Certified Ethical Hacker (CEH) o Offensive Security Certified Professional (OSCP) o Offensive Security Certified Expert (OSCE) Experience with scripting languages (e.g., Python, Bash, PowerShell) for automation and testing. Familiarity with cloud security concepts and testing in environments like AWS, Azure, or GCP. Basic knowledge of secure code review. What We Offer A competitive salary package and benefits. The opportunity to work on challenging and diverse security projects. A culture of continuous learning with support for professional development, training, and certifications. A collaborative and supportive team environment where your contributions are valued. Job Types: Full-time, Permanent Pay: ₹250,000.00 - ₹500,000.00 per year Benefits: Cell phone reimbursement Health insurance Paid sick time Provident Fund Schedule: Day shift Fixed shift Work Location: In person

Role Description Job Description We are seeking a skilled and passionate Penetration Tester with hands-on experience in identifying vulnerabilities across mobile applications (iOS/Android) , web applications , infrastructure , and thick client environments . The ideal candidate will have a strong background in assessing the security posture of applications, systems, and networks, especially in a fast-paced fintech environment . Key Responsibilities Conduct penetration tests on web and mobile applications, networks, thick clients, and systems to identify vulnerabilities. Perform manual and automated testing to simulate cyberattacks and exploit potential security flaws. Create detailed reports of vulnerabilities including descriptions, proof of concepts, business impact, and actionable remediation steps. Perform retesting to validate fixes and confirm mitigations. Analyze security issues related to web apps, network protocols, OSs, and cloud platforms. Stay updated with the latest cybersecurity threats, vulnerabilities, and attack techniques. Coordinate with application and infrastructure teams during the assessment lifecycle and deliver clear, comprehensive reports. Requirements Proven experience as a Penetration Tester or in a cybersecurity role. Strong understanding of: OWASP Mobile Top 10 OWASP Web Top 10 MITRE ATT&CK framework Proficiency in tools such as: Burp Suite, Frida, MobSF, Nmap, Wireshark, Metasploit Hands-on experience with: SSL pinning bypass Jailbreak/root detection bypass Certificate validation flaws Mobile app reverse engineering Familiarity with operating systems like Windows, Kali Linux, and macOS Exposure to cloud platforms such as AWS, Azure, or GCP Knowledge of scripting/programming languages such as Python, Bash, or PowerShell (preferred) Relevant certifications are a strong advantage: CEH, OSCP, or similar Preferred Skills Prior experience in mobile application penetration testing Ability to work independently and manage time effectively Excellent communication skills, especially in conveying technical findings to non-technical stakeholders Skills Information Security,Data Analysis,Penetration Testing

Job Description 4: Sr. Information Security Consultant/ Information Security ConsultantOverview: eSec Forte Technologies is a distinguished cybersecurity service provider specializing in client-side infrastructure security. We are looking for a skilled Senior Infrastructure Security Engineer to join our client-side security team. The ideal candidate will have advanced experience in network vulnerability assessment and penetration testing (VAPT) and using Qualys for vulnerability management. Key Responsibilities: · Conduct advanced network vulnerability assessments and penetration tests on client-side infrastructure. · Utilize Qualys for comprehensive vulnerability scanning and management. · Identify and remediate security vulnerabilities in client environments. · Perform detailed security configuration reviews of network devices, servers, and other infrastructure components. · Collaborate with client IT teams to enhance their security posture. · Provide detailed reports and recommendations based on assessment findings. · Stay up-to-date with the latest security threats and best practices. Qualifications: · Bachelor's degree in Information Security, Computer Science, or related field. · 2+ years of experience in infrastructure security. · Proficiency in using Qualys and other vulnerability scanning tools. · Strong understanding of network security principles and advanced penetration testing techniques. · Experience with security tools such as Metasploit, Nmap. · Excellent communication and interpersonal skills. · Relevant certifications such as OSCP, CEH or equivalent are a plus. Skills: · Network Vulnerability Assessment and Penetration Testing (VAPT) · Qualys · Vulnerability Management · Security Configuration Review · Metasploit, Nmap

Cybersecurity Consultant - VAPT Location : Bhopal, Madhya Pradesh, India Job Type : Full-time, Permanent Experience Level : 1 - 5 Years Salary : ₹2,50,000 - ₹5,00,000 per annum (based on experience and certifications) Position Overview We are seeking a skilled and motivated Cybersecurity Consultant specializing in Vulnerability Assessment and Penetration Testing (VAPT). The ideal candidate will have a passion for ethical hacking and a strong desire to identify and remediate security weaknesses. In this hands-on role, you will be responsible for performing security assessments on our clients' web applications, mobile applications, and network infrastructure to help them strengthen their security posture. Key Responsibilities & Duties Perform comprehensive Vulnerability Assessments and Penetration Testing (VAPT) on web applications, mobile applications (iOS/Android), network infrastructure, and APIs. Utilize a combination of automated scanning tools (e.g., Nessus, Burp Suite Pro, Acunetix) and manual testing techniques to identify vulnerabilities. Apply standard testing methodologies such as OWASP Top 10, SANS Top 25, and NIST frameworks. Analyze findings, perform root cause analysis, and assess the level of risk associated with each vulnerability. Prepare detailed, high-quality VAPT reports that clearly outline findings, identified risks, and provide actionable remediation recommendations for both technical and non-technical audiences. Collaborate with client development and IT teams to explain vulnerabilities and advise on effective mitigation strategies. Perform re-testing to validate the successful closure of reported vulnerabilities. Stay updated with the latest cybersecurity threats, attack vectors, vulnerabilities, and ethical hacking techniques. Required Skills & Qualifications Education: Bachelor's degree (B.Tech/B.E.) in Computer Science, Information Technology, or a related field. Experience: 1 to 5 years of hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT). Technical Skills: o Strong understanding of network protocols (TCP/IP), system architecture, and fundamental security concepts. o Proficiency with VAPT tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, etc. o Solid knowledge of OWASP Top 10 vulnerabilities and other common security flaws. o Experience in manual penetration testing of web and mobile applications. o Excellent report writing, documentation, and communication skills. Preferred Certifications & Skills Holding one or more of the following certifications is highly desirable: o Certified Ethical Hacker (CEH) o Offensive Security Certified Professional (OSCP) o Offensive Security Certified Expert (OSCE) Experience with scripting languages (e.g., Python, Bash, PowerShell) for automation and testing. Familiarity with cloud security concepts and testing in environments like AWS, Azure, or GCP. Basic knowledge of secure code review. What We Offer A competitive salary package and benefits. The opportunity to work on challenging and diverse security projects. A culture of continuous learning with support for professional development, training, and certifications. A collaborative and supportive team environment where your contributions are valued. Job Types: Full-time, Permanent Pay: ₹250,000.00 - ₹500,000.00 per year Benefits: Cell phone reimbursement Health insurance Paid sick time Provident Fund Schedule: Day shift Fixed shift Work Location: In person

Job Description We are seeking a skilled and experienced Cybersecurity Specialist to join our dynamic team. The ideal candidate will have 3-7 years of experience in cybersecurity roles and a strong technical background in information security. If you're passionate about protecting data, identifying vulnerabilities, and implementing robust security Responsibilities : Develop, implement, and maintain cybersecurity policies, firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint security solutions, and data encryption. Conduct regular security assessments, risk analyses, and vulnerability assessments to identify potential weaknesses and mitigate risks. Experience in Web/Mobile/Network Penetration Testing and/or Vulnerability Assessment. Experience with web application vulnerability scanner (BurpSuite, AppScan, Acunetix, Web Inspect, etc). Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25. Deep knowledge of HTTP protocol and the ability to construct/manipulate HTTP requests. Ability to suggest/recommend remediation to fix vulnerability. Manual Penetration Testing skills and techniques are required besides automated tools and frameworks. Knowledge on Tools : Nmap, Kali Linux, Metasploit, Maltego, Burp Suite, Nessus, nexpose, Wireshark, sqlmap etc. Proficiency in Conducting API (REST, SOAP, XML, JSON) Security testing activities to identify and mitigate security 3-7 years of experience in cyber security or a related field. Bachelor's degree in Computer Science, Information Security, Cyber Operations, or a related field (or equivalent experience). Strong understanding of networking concepts, security principles, and cyber threats. Proven experience with vulnerability scanning and penetration testing tools. Knowledge of regulatory requirements and compliance frameworks (eg, PCI DSS, NIST, CIS Controls). Experience in Information security controls, and doing IT audits, ISO certifications is preferred. (ref:hirist.tech)

Job Description The major focus will be on Application Penetration testing followed by Network Penetration Testing and Mobile Security assessments, Red Team Assessment, Phishing, IoT, Cloud Pen testing (Azure and AWS, Google Cloud), Cloud Configuration Audit, Architecture Review. The work involves Test Case Creation, Penetration Testing, Source code reviews, Report Creation & presentation to stakeholders along with operation and construction of tools to assist in these tasks. Well versed with OWASP Top Ten and WASC Threat Classifications. Expertise in Vulnerability Assessment and Penetration Testing of Web Applications. Business‐Logic based application testing. Penetration testing of Mobile applications and websites. Exploitation of the issues found and presenting the impact occurred. Source Code Reviews Well versed in Java Secure Code Review. Well versed in OWASP Code Review concepts & identifiers. Familiar With Popular Tools Application Proxy: Burp suite, Paros, OWASP ZAP, WireShark, Vulnerability Scanners: IBM AppScan, HP WebInspect, Nessus, NTO Spider. Exploit Toolkits: Metasploit, Exploit DB etc Understanding of the nature and sources of security vulnerabilities, how to identify and exploit Sound Knowledge of TCP/IP protocol Stack, HTTP protocol, encoding standards, encryption technologies and development frameworks. Skills Mandatory Application Security Testing/Penetration Testing (Web-based, Thick client, web services, Mobile. Network Security Testing/Penetration Testing (Network, OS, Databases etc). Static Code Analysis/ Secure Code Review.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary : We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall , web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory skill sets: Bachelor’s degree ( minimum requirement). 2 -8 years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite , Mimikatz , Cobalt Strike, PowerSploit , Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years of experience required : 2 - 12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Learning Agility, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture {+ 8 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

🔐 Cyber Security Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Based on Performance) About INLIGHN TECH INLIGHN TECH is focused on equipping students and graduates with practical, hands-on experience in emerging tech fields through structured virtual internships. Our Cyber Security Internship is designed to build a strong foundation in ethical hacking, threat detection, and system defense , making you industry-ready for a high-demand domain. 🚀 Internship Overview As a Cyber Security Intern , you will work on projects that simulate real-world cyber threats, learn to identify and mitigate vulnerabilities, and explore techniques used by security professionals to protect systems and data. 🔧 Key Responsibilities Conduct vulnerability assessments and basic penetration testing Analyze logs and traffic to identify potential threats or breaches Assist in incident response and threat mitigation activities Learn and work with tools such as Kali Linux, Burp Suite, Nmap, Metasploit, and Wireshark Study and apply the OWASP Top 10 and other security standards Support the development of security protocols and documentation Stay updated on emerging cyber threats and protection mechanisms ✅ Qualifications Currently pursuing or recently completed a degree in Cybersecurity, IT, Computer Science , or a related field Basic knowledge of networking concepts, operating systems, and system vulnerabilities Familiarity with ethical hacking techniques and cybersecurity tools Understanding of firewalls, encryption, and authentication methods Strong problem-solving skills and a desire to learn more about cyber defense Passion for cybersecurity and protecting digital environments 🎓 What You’ll Gain Hands-on experience with real-world cybersecurity tools and challenges Insight into threat analysis, penetration testing, and security compliance Internship Certificate upon successful completion Letter of Recommendation for high performers Opportunity for a Full-Time Offer based on performance A strong foundation for pursuing careers like Ethical Hacker, SOC Analyst, or Penetration Tester

Key Responsibilities: Conduct red team exercises to simulate sophisticated, real-world attacks and evaluate the effectiveness of security controls. Perform targeted penetration tests and vulnerability assessments to uncover and exploit security weaknesses. Develop and execute complex attack scenarios to challenge the organization's defenses. Collaborate with defensive security teams to remediate identified vulnerabilities and enhance security measures. Utilize and integrate advanced offensive security tools, such as Metasploit, Burp Suite, and Kali Linux, into the red team testing framework. Provide expert analysis and interpretation of red team tools and their results. Create and maintain detailed documentation related to red team activities, including test plans, attack scenarios, and incident response procedures. Contribute to the development and delivery of specialized security training and awareness programs focused on red team techniques. Ensure design and implementation of security controls and best practices from a red team perspective. Support the Offensive Security Lead in developing and refining the red team program. Assist with the evaluation and implementation of new red team technologies and improvements to existing processes. Qualifications: Bachelor’s degree in computer science, Information Security, or a related technical field. 4+ years of experience in offensive security, with a focus on penetration testing and red teaming. In-depth understanding of encryption technologies, authentication protocols, and other security mechanisms. Preferred Skills: Relevant security certifications (e.g., OSCP, OSCE, CEH, GPEN). Key Responsibilities: Conduct red team exercises to simulate sophisticated, real-world attacks and evaluate the effectiveness of security controls. Perform targeted penetration tests and vulnerability assessments to uncover and exploit security weaknesses. Develop and execute complex attack scenarios to challenge the organization's defenses. Collaborate with defensive security teams to remediate identified vulnerabilities and enhance security measures. Utilize and integrate advanced offensive security tools, such as Metasploit, Burp Suite, and Kali Linux, into the red team testing framework. Provide expert analysis and interpretation of red team tools and their results. Create and maintain detailed documentation related to red team activities, including test plans, attack scenarios, and incident response procedures. Contribute to the development and delivery of specialized security training and awareness programs focused on red team techniques. Ensure design and implementation of security controls and best practices from a red team perspective. Support the Offensive Security Lead in developing and refining the red team program. Assist with the evaluation and implementation of new red team technologies and improvements to existing processes. Qualifications: Bachelor’s degree in computer science, Information Security, or a related technical field. 4+ years of experience in offensive security, with a focus on penetration testing and red teaming. In-depth understanding of encryption technologies, authentication protocols, and other security mechanisms. Preferred Skills: Relevant security certifications (e.g., OSCP, OSCE, CEH, GPEN).

Key Responsibilities Penetration Testing (Primary Focus): Perform manual and automated penetration testing on web applications, APIs, infrastructure, and cloud-hosted environments. Conduct red team/purple team exercises to simulate advanced threat actor behavior using frameworks like MITRE ATT&CK. Identify security flaws, misconfigurations, and business logic vulnerabilities across hybrid and cloud environments. Use tools such as Burp Suite, Nmap, Metasploit, Cobalt Strike, and custom scripts to simulate attacks. Provide detailed reports with risk ratings, technical impact, and remediation recommendations. Collaborate with DevOps and application teams to validate, reproduce, and remediate identified issues. Continuously research and adopt emerging offensive techniques, vulnerabilities, and toolsets. Cloud Security (Secondary but Required): Assess cloud environments (Azure, AWS, GCP) for security weaknesses, including exposed services, misconfigured IAM, and insecure storage. Assist in secure design reviews and threat modeling for cloud-native workloads. Use tools like Microsoft Defender for Cloud, Prisma Cloud, Wiz, or ScoutSuite to identify misconfigurations. Automate detection of insecure infrastructure via Infrastructure-as-Code (Terraform, Bicep, etc.). Support incident response activities related to cloud-based threats and unauthorized access. Compliance and Governance Support: Understand and apply security testing methods aligned with: HIPAA (for healthcare application testing), PCI-DSS (for applications storing/processing cardholder data), and NESA (UAE-specific cybersecurity baseline). Participate in security audits and assessments by providing technical evidence and findings. Maintain documentation for vulnerability management, security testing scope, and remediation tracking. Required Skills and Experience 2+ years of hands-on experience in penetration testing and offensive security engagements. Deep understanding of application security testing, OWASP Top 10, and real-world exploit techniques. Experience testing cloud workloads (Azure, AWS, or GCP) from an attacker's perspective. Familiarity with red/purple teaming, lateral movement, privilege escalation, and post-exploitation techniques. Strong proficiency with tools like Burp Suite Pro, Nmap, Metasploit, Cobalt Strike, etc. Scripting experience with Python, PowerShell, or Bash to develop custom tools and automate testing. Exposure to SIEM, CSPM, and EDR platforms for identifying and responding to test detections. Preferred Certifications (Offensive & Cloud Focused) Penetration Testing / Offensive Security: OSCP (Offensive Security Certified Professional) OSEP / OSCE / GPEN / GWAPT / CRTO CEH (Certified Ethical Hacker – practical) Cloud Security (Supplementary): Microsoft Certified: Azure Security Engineer Associate AWS Certified Security – Specialty Google Cloud Professional Security Engineer Compliance (Optional but Useful): CISSP, CCSP, or CISM Certified HIPAA Professional (CHP), PCI ISA Familiarity with UAE’s NESA compliance standards Show more Show less

Role: Infosec Lead Location: Noida, India www.SEW.ai Who We Are SEW, with its innovative and industry-leading cloud platforms, delivers the best Digital Customer Experiences (CX) and Workforce Experiences (WX), powered by AI, ML, and IoT Analytics to the global energy, water, and gas providers. At SEW, the vision is to Engage, Empower, and Educate billions of people to save energy and water . We partner with businesses to deliver platforms that are easy-to-use, integrate seamlessly, and help build a strong technology foundation that allows them to become future- ready. Searching for your dream job? We are a true global company that values building meaningful relationships and maintaining a passionate work environment while fostering innovation and creativity. At SEW, we firmly believe that each individual contributes to our success and in return, we provide opportunities from them to learn new skills and build a rewarding professional career. A Couple of Pointers • We are the fastest growing company with over 420+ clients and 1550+ employees. • Our clientele is based out in the USA, Europe, Canada, Australia, Asia Pacific, Middle East • Our platforms engage millions of global users, and we keep adding millions every month. • We have been awarded 150+ accolades to date. Our clients are continually awarded by industry analysts for implementing our award-winning product. • We have been featured by Forbes, Wall Street Journal, LA Times for our continuous innovation and excellence in the industry. Who we are looking A successful Application Penetration Tester working at SEW should possess a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications, operating system functionality, application manipulation, vulnerability discovery, and analysis, as well as exploit development. This job requires strong critical thinking skills and an analytical mindset; this career is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on extremely technical and challenging work. A typical job could involve penetration testing of both software and network to breach the security of a target system or reverse-engineering an application and encryption method to gain access to sensitive data. If you have experience performing penetration tests against web applications, mobile applications and can present your findings while demonstrating strong analytical skills, then you’re the type of Penetration Tester we’re looking for. Requirements • Perform penetration tests of websites, services, infrastructure, networks, IoT Devices, and mobile applications to discover and exploit vulnerabilities • Recognize and safely utilize attacker tools, tactics, and procedures used to perform analysis and identify vulnerabilities • Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, etc. • Detect, identify, and exploit vulnerabilities across various operating systems, applications, and hardware • Develop comprehensive and accurate reports and presentations for both technical and executive audiences • Effectively communicate findings and strategy to stakeholders Qualifications • 5-8 years experience in: Web Application Assessments, Mobile Application Assessments • Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, Kali Linux etc. • Possess understanding of various penetration testing and hacking methodologies such as OWASP, PTES, NIST SP800- 115 • Source Code Review & Reverse Engineering • Relevant application penetration testing certifications such as Offensive Security Web Expert (OSWE) certification, GIAC Web Application Penetration Tester (GWAPT), or equivalent mobile/web certification preferred • Demonstrated experience in one or more computer programming and scripting languages such as Python, Bash, PHP, Java, C#, .NET, Swift, Kotlin, JavaScript, Perl, Ruby • Reverse engineering malware, data obfuscators, or ciphers • Experience with methodologies pertaining to both static and dynamic analysis for different application types and platforms • Strong knowledge of tools used for application testing and testing of different platforms, including those used in both static and dynamic analysis • Thorough understanding of network protocols, data on the wire, application desi Show more Show less