228 Metasploit Jobs

Job Title: VAPT Consultant Location: Gurgaon, Delhi NCR (Work from Office) Experience: 4+ Years Certifications: OSCP - Mandatory Joining: Immediate joiners preferred Job Description: We are seeking a highly skilled and motivated VAPT Consultant with a strong background in Vulnerability Assessment and Penetration Testing. The ideal candidate must hold an OSCP certification and possess hands-on experience in identifying and mitigating security vulnerabilities in networks, web applications, and infrastructure. Key Responsibilities: Perform Vulnerability Assessments and Penetration Testing (Web, Mobile, Network, APIs, Cloud, etc.) Simulate real-world attacks to identify and exploit vulnerabilities Prepare detailed technical reports , risk ratings, and remediation recommendations Collaborate with development and infrastructure teams to close security gaps Stay updated with the latest vulnerabilities, hacking techniques, and threat vectors Assist in security audits , threat modeling, and risk assessments Contribute to red team/blue team security exercises and internal security knowledge building Required Skills: Minimum 4 years of hands-on VAPT experience OSCP Certification is mandatory Strong knowledge of OWASP Top 10, MITRE ATT&CK framework Proficient in using tools like Burp Suite, Nmap, Nessus, Metasploit, Kali Linux, Wireshark, etc. Experience in scripting (Python, Bash, or PowerShell) is an added advantage Understanding of network protocols, firewalls, and security controls Excellent analytical, communication, and reporting skills Preferred Qualifications: Experience with cloud security assessments (AWS, Azure, GCP) Exposure to red teaming or purple teaming engagements Ability to clearly communicate findings to both technical and non-technical stakeholders

Job Description: About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it. About the Job: As part of the AT&T Governance Enforcement, Assessment and Testing, Third Party Risk, and Emerging Technology Cyber Organization (GATE), you will lead and support the Assessment and Testing Team by designing and executing Red team engagements to simulate advanced attack scenarios, identify vulnerabilities, and assess security measures. The functional leader in this role will be responsible for leading and managing a team of 10+ experienced Red Team professionals in AT&T India. The leader in this role oversees, manages and supports day-to-day operations, including various projects, tasks and initiatives. Continuously collaborates with US and India Cyber Security leadership teams and other stakeholders on engineering and operational matters. In this role, you will lead and participate in sophisticated Red Team exercises aimed at uncovering vulnerabilities across our networks, systems, applications, and processes. As an innovative thinker, you will go beyond standard vulnerability assessments, developing and utilizing unique tools and techniques to identify and exploit security gaps. Your functional responsibilities will include leading comprehensive Red Team exercises to identify vulnerabilities in diverse environments such as cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks, and IoT devices and systems. You will design and develop custom tools and methodologies to enhance our security testing capabilities and employ creative tactics to uncover weaknesses, including poor user practices and weak security methods. Working collaboratively with other Red Team members and Security Analysts, you will identify and exploit security issues, characterize cyber-attack vectors, and discover related vulnerabilities, providing actionable recommendations for remediation. In addition, you will be required to stay abreast of the latest vulnerabilities and exploit techniques, continuously adapting your tools and methodologies to address emerging threats and evolving security landscapes. Your role will also involve documenting and communicating security findings in both written and verbal formats, using your insights to inform leadership, drive security strategies, notify affected customers, and advise network operations and other business units on security issues and recommended solutions. Experience Level: 15+ years. Location: Hyderabad Responsibilities Include: Functionally lead and manage a team of 10+ experienced Red Team professionals in AT&T India Lead and perform formal and informal targeted “Hunts” to identify vulnerabilities. Actively building and participating in Red Team exercises. Design and execute red team engagements, simulating advanced attack scenarios to identify vulnerabilities and assess the effectiveness of security measures. Conduct penetration tests on networks, applications, and physical security controls. Employing tactics to uncover security holes in user practices and procedures. Develop and execute red team strategies and methodologies to uncover potential security gaps. Analyze and report on findings from red team exercises, including detailed recommendations for remediation. Providing feedback and verification as security issues are fixed. Stay current with the latest security threats, attack techniques, and industry trends. Communicate complex security concepts to both technical and non-technical stakeholders. Collaborate with other security teams to improve overall security practices and incident response capabilities. Be proactive and demonstrate the ability to analyze issues, generate ideas, and initiate action while achieving results. Effectively manages multiple tasks / projects with close attention to detail and meets short turnarounds and deadlines. Collaborate with leadership teams, provide subject matter expertise and insights. Support and guide team members in providing high-quality and actionable intelligence products / deliverables. Support, guide and mentor team members in technical and functional matters The expert in this role will perform analysis of complex security issues and corresponding activities to help mitigate risk. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats and attacks, and enhancing our mitigation techniques, processes, and technology solutions. Required skills: At least 15+ years of experience in penetration testing and red team operations, At least 10+ years leading and managing diverse technical teams Expert level understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate. Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits. Expert knowledge of attack vectors, exploitation techniques, and vulnerability assessment methodologies. Experience with industry-standard penetration testing tools and frameworks. Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.) Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, PowerShell, curl, Web application development (PHP, ASP.NET, etc.) Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment. Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively in teams of individuals with a variety of skills and backgrounds. Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials. Highly self-motivated requiring little direction. Demonstrates creative/out-of-the-box thinking and good problem-solving skills. Demonstrates strong ethical behavior. Sense of urgency and attention to detail Flexible to provide coverage in US morning hours on a need-basis, and as required Desirable skills: Strong knowledge of an enterprise architecture Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols. Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. Understanding of cloud-based architectures and highly distributed big data architectures Experience with application security testing tools, such as the Metasploit framework and Burp Suite One or more of these certifications CEH: Certified Ethical Hacker CPT: Certified Penetration Tester CEPT: Certified Expert Penetration Tester GPEN: GIAC Certified Penetration Tester OSCP: Offensive Security Certified Professional BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field Prior experience with Telecom sector. Additional information (if any): Need to be flexible to provide coverage in US morning hours. Weekly Hours: 40 Time Type: Regular Location: IND:AP:Hyderabad / Atria Building, Plot 17 - Adm: Atria Building, Plot No 17 It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.

Job Title: Penetration Tester/ Red Team Ops/ VAPT Location: Bangalore, India (Onsite) About ColorTokens At ColorTokens , we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen—but with our cutting-edge ColorTokens Xshield™ platform , companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to continue operating while breaches are contained, ensuring critical assets remain protected. Our innovative platform provides unparalleled visibility into traffic patterns between workloads, OT/IoT/IoMT devices, and users, allowing businesses to enforce granular micro-perimeters, swiftly isolate key assets, and respond to breaches with agility. Recognized as a Leader in the Forrester Wave™: Microsegmentation Solutions (Q3 2024) , ColorTokens safeguards global enterprises and delivers significant savings by preventing costly disruptions. Join us in transforming cybersecurity. Learn more at www.colortokens.com. Our culture We foster an environment that values customer focus, innovation, collaboration, mutual respect, and informed decision-making. We believe in alignment and empowerment so you can own and drive initiatives autonomously. Self-starters and high-motivated individuals will enjoy the rewarding experience of solving complex challenges that protect some of world’s impactful organizations – be it a children’s hospital, or a city, or the defense department of an entire country. Job Description Skills Required: Red Team Operations Certified, Red Team Ops Certified, OSCP, Offensive Security Certified Professional, MITRE ATT&CK, OPSEC, Operational Security Key Responsibilities: Plan and execute red team exercises simulating real-world threat actor behaviors. Conduct comprehensive penetration tests on internal and external networks, applications (web, mobile, APIs), and cloud environments. Identify and exploit security flaws to assess the effectiveness of preventive and detective controls. Develop custom tools, scripts, and techniques to aid in assessments and evade detection. Collaborate with blue teams to improve detection and response capabilities. Prepare detailed reports outlining findings, proof-of-concepts, and recommended mitigations. Stay current on emerging threats, offensive tactics, tools, and vulnerabilities. Assist with purple teaming and adversary emulation exercises. Requirements: Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience). 6+ years of hands-on experience in red teaming, offensive security, Infrastructure web application, API, Cloud Pen testing. Proficient in tools such as Cobalt Strike, Metasploit, Nessus, Burp Suite, Nmap, Active directory assessment, and custom scripting (Python, PowerShell, Bash). Strong understanding of MITRE ATT&CK framework, threat and adversary emulation. Knowledge of Windows and Linux internals, Active Directory, and cloud platforms (AWS/Azure/GCP). Familiarity with social engineering tactics and phishing and physically security (a plus). Having experience in creating documentations for services Certifications (Preferred):OSCP (mandatory)CRTP , OSCE, OSEP, CRTE, GPEN, GXPN, or equivalent.

Job Title: Senior SOC Analyst (L2/L3) – Threat Detection | SIEM Experience: 8+ Years Key Skills / Keywords: SOC Analyst | Threat Detection | SIEM (ArcSight, Splunk) | Incident Response | EDR (CrowdStrike, SentinelOne) SOAR Automation | Malware Analysis | RCA | CHFI | MITRE ATTCCK | VAPT | Cybersecurity Operations | Red/Blue Team | L3/L4 Security Support | GovTech Cybersecurity | ISO 27001 | NIST CSF Roles and Responsibilities Security Monitoring & Threat Detection: Operate SIEM platforms (ArcSight, Splunk, ELK) for real-time threat visibility Build and tune custom correlation rules, use cases, and threat detection dashboards Perform IOC analysis, log correlation, and malware behavior inspection Incident Response & RCA Ownership: Lead incident triage, containment, and recovery processes Conduct deep forensic investigations using CHFI methodologies (host, network, memory) Document RCA reports, incident timelines, and post-mortem summaries Act as L2/L3 escalation point within the SOC Threat Hunting & Vulnerability Management: Execute threat hunts using MITRE ATTCCK, anomaly baselines, and behavioral analytics Collaborate with VAPT teams on identifying and closing security gaps Analyze exploits and simulated attacks using Metasploit, Burp Suite, OpenVAS, Nessus Automation & Knowledge Sharing: Use or contribute to SOAR platforms and response playbook development Mentor junior analysts and lead security awareness initiatives (KnowBe4) Contribute to internal cyber threat intelligence practices and secure configurations Candidate Profile Experience: 8–12 years in SOC, Threat Detection, and Cybersecurity Operations Role Type: Individual Contributor, L2 Hands-On Specialist Strong communication skills: Able to document, articulate, and coordinate effectively with technical and non-technical stakeholders. Location: Onsite – Manesar, Haryana (Government Sector Deployment) Availability: Immediate or within 1 month Engagement: Full-time via VVNT SEQUOR LLP Preferred Qualifications Bachelor’s in Cybersecurity, Information Security, or IT Certifications preferred: CHFI, CEH, Security+, GCIA, GCFA Splunk Certified Analyst, PCNSE, AWS Security Essentials Experience with: Tripwire, KnowBe4, or Azure Sentinel / AWS GuardDuty

Description What We Are Looking For: Meltwater’s collaborative Security Team needs a passionate Security Engineer to continue to advance Meltwater’s security. Working with a group of fun loving people who are genuinely excited and passionate about security, there will be more laughs than facepalms! If you believe that improving security is about constantly moving technology forward to be more secure, and shifting security tools and checks earlier in the development lifecycle, then you’ll feel at home on Meltwater’s Security Team! At Meltwater we want to ensure that we can have autonomous, empowered and highly efficient teams. Our Security Team charges head on into the challenge of ensuring our teams can maintain their autonomy without compromising the security of our systems, services and data. Through enablement and collaboration with teams, Security Engineers ensure that our development and infrastructure practices have security defined, integrated and implemented in a common-sense manner that reduces risk for our business. Security Engineers define best practices, build tools, implement security checks and controls together with the broader Engineering and IT teams to ensure that our employees and our customers' data stays safe. As part of this, we leverage AWS as a key component of our cloud infrastructure. Security Engineers play a critical role in securing and optimizing AWS environments by implementing best practices, automating security controls, and collaborating with teams to ensure scalability, resilience, and compliance with industry standards. What You’ll do: In this role, you will be designing and implementing security functions ranging from checks on IaC (Infrastructure as Code) to SAST/DAST scanners in our CI/CD pipelines. You will be collaborating closely with almost every part of the Meltwater organization and help create security impact across all teams with strong support from the business. Collaborate closely with teams to help identify and implement frictionless security controls throughout the software development lifecycle Propose and implement solutions to enhance the overall cloud infrastructure and toolset. Perform ongoing security testing, including static (SAST), dynamic (DAST), and penetration testing, along with code reviews, vulnerability assessments, and regular security audits to identify risks, improve security, and develop mitigation strategies. Educate and share knowledge around secure coding practices Identify applicable industry best practices and consult with development teams on methods to continuously improve the risk posture. Build applications that improve our security posture and monitoring/alerting capabilities Implement and manage security technologies including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and security information and event management (SIEM) tools. Conduct vulnerability assessments, penetration testing, and regular security audits to identify risks and develop mitigation strategies. Monitor and respond to security incidents and alerts, performing root cause analysis and incident handling. Participate in incident response and disaster recovery planning, testing, and documentation. Manage identity and access management (IAM) solutions to enforce least privilege and role-based access controls (RBAC). Assist in the development of automated security workflows using scripting (Python, Bash, or similar). What You'll Bring: Strong collaboration skills with experience working cross functionally with a diverse group of stakeholders Strong communication skills with the ability to provide technical guidance to both technical and non-technical audiences Experience in implementing security controls early in the software development life cycle Knowledge of industry accepted security best practices/standards/policies such as NIST, OWASP, CIS, MITRE&ATT@CK Software developer experience in one or more of the following languages: JavaScript, Java, Kotlin or Python Experience in at least one public cloud provider, preferably AWS, with experience in security, infrastructure, and automation. Hands-on experience with SIEM platforms such as Splunk, QRadar, or similar. Proficiency in Linux operating system, network security, including firewalls, VPNs, IDS/IPS, and monitoring tools. Experience with vulnerability management tools (Snyk, Nessus, Dependabot) and penetration testing tools (Kali Linux, Metasploit). Experience in forensics and malware analysis. Self-motivated learner that continuously wants to share knowledge to improve others The ideal candidate is someone from a Software Development background with a passion for security. If you’re someone who understands the value of introducing security early in the software development lifecycle, and want to do so by enabling and empowering teams by building tools they WANT to use, we want to hear from you! What We Offer: Enjoy flexible paid time off options for enhanced work-life balance. Comprehensive health insurance tailored for you. Employee assistance programs cover mental health, legal, financial, wellness, and behaviour areas to ensure your overall well-being. Complimentary CalmApp subscription for you and your loved ones, because mental wellness matters. Energetic work environment with a hybrid work style, providing the balance you need. Benefit from our family leave program, which grows with your tenure at Meltwater. Thrive within our inclusive community and seize ongoing professional development opportunities to elevate your career. Where You'll Work: Hitec city, Hyderabad. When You'll Join: As per the offer letter Our Story At Meltwater, we believe that when you have the right people in the right environment, great things happen. Our best-in-class technology empowers our 27,000 customers around the world to make better business decisions through data. But we can’t do that without our global team of developers, innovators, problem-solvers, and high-performers who embrace challenges and find new solutions for our customers. Our award-winning global culture drives everything we do and creates an environment where our employees can make an impact, learn every day, feel a sense of belonging, and celebrate each other’s successes along the way. We are innovators at the core who see the potential in people, ideas and technologies. Together, we challenge ourselves to go big, be bold, and build best-in-class solutions for our customers. We’re proud of our diverse team of 2,200+ employees in 50 locations across 25 countries around the world. No matter where you are, you’ll work with people who care about your success and get the support you need to unlock new heights in your career. We are Meltwater. We love working here, and we think you will too. "Inspired by innovation, powered by people." Equal Employment Opportunity Statement Meltwater is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: At Meltwater, we are dedicated to fostering an inclusive and diverse workplace where every employee feels valued, respected, and empowered. We are committed to the principle of equal employment opportunity and strive to provide a work environment that is free from discrimination and harassment. All employment decisions at Meltwater are made based on business needs, job requirements, and individual qualifications, without regard to race, color, religion or belief, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, veteran status, or any other status protected by the applicable laws and regulations. Meltwater does not tolerate discrimination or harassment of any kind, and we actively promote a culture of respect, fairness, and inclusivity. We encourage applicants of all backgrounds, experiences, and abilities to apply and join us in our mission to drive innovation and make a positive impact in the world.

Job Title: Cloud Cybersecurity Specialist Location: Bangalore, India Experience: 5–8 Years Notice Period: Immediate to 30 Days Salary: Up to ₹25 LPA Job Overview: We are seeking a skilled Cloud Cybersecurity Specialist with 3+ years of focused experience in application and cloud security. The ideal candidate will be proficient in leading security tools and familiar with regulatory compliance and emerging AI/ML security practices. This role will play a key part in ensuring the integrity, confidentiality, and availability of systems deployed on cloud platforms. Key Responsibilities: Conduct vulnerability assessments and penetration testing on cloud applications and services. Utilize tools like Burp Suite , Metasploit , Nessus , OWASP ZAP , and SonarQube for security analysis. Implement and enforce security best practices for cloud infrastructure. Ensure compliance with data privacy regulations such as GDPR and CCPA . Provide guidance on secure coding practices and application hardening. Monitor systems for security breaches and investigate violations. Contribute to the development of security policies and incident response plans. Stay updated with the latest trends in cybersecurity, including AI/ML security frameworks . Technical Requirements: 3+ years of hands-on experience in cybersecurity , especially in cloud and application security . Strong knowledge of security tools : Burp Suite, Metasploit, Nessus, OWASP ZAP, SonarQube. Understanding of data protection regulations (e.g., GDPR, CCPA). Basic familiarity with AI/ML security tools and frameworks . Solid grasp of cloud platforms (AWS, Azure, GCP) and secure deployment principles. Soft Skills: Strong analytical and troubleshooting abilities. Excellent communication and documentation skills. Ability to work in cross-functional teams and fast-paced environments. Be a key defender of digital trust—apply now to secure tomorrow's cloud. Job Types: Full-time, Permanent Pay: ₹2,300,000.00 - ₹2,500,000.00 per year Schedule: Day shift Work Location: In person

Roles and Responsibility human resources number : 9315611995 1.Monitor computer networks for security issues. 2. Investigate security breaches and other cyber security incidents. 3. Knowledge of Infrastructure, including firewalls and data encryption programs. 4. Fix detected vulnerabilities to maintain a high-security standard. 5. Stay current on IT security trends and news. 6. Perform penetration testing 7. Hands-on practice on Kali Linux & other tools, curl, Nikto, Nmap, Metasploit, Burp, ZAP 8. Help colleagues install security software and understand information security management. 9. Research security enhancements and make recommendations to management. 10. Stay up-to-date on information technology trends and security standards. 11. Analyzing security breaches to identify the root cause 12. Network Security (multi-vendor) experience 13. Knowledge of scripting languages (Perl, Python, HTML, Java, Shell) 14. Hands-on experience in dynamic analysis, container testing, fuzzing, OWASP top 10 and vulnerability scanning 15. Knowledge of SQL Injection, XSS, Click Jacking, CSRF & SSRF 16. if have any certificate ( CEH, ethical hacking , cisco) Job Types: Full-time, Fresher Pay: ₹16,500.00 - ₹18,000.00 per month Benefits: Paid sick time Paid time off Schedule: Day shift Monday to Friday Supplemental Pay: Performance bonus Education: Master's (Required) Experience: total work: 1 year (Preferred) Location: Noida Sector 62, Noida, Uttar Pradesh (Required) Shift availability: Day Shift (Required) Work Location: In person

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE, while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia Location: Pune https://isa.ae/ Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8/1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045 Job Title: Security Engineer (Penetration Tester) Job Type: Full-time Reports To: Security Architect Job Overview: We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture. Key Responsibilities: 1. Firewall, Endpoint & WAF Security Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point). Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF). Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne . Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles . 2. Microsoft Security Layer Implementation a. Microsoft Email Security Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats. Implement Safe Links, Safe Attachments, and Anti-Phishing policies . Monitor and respond to email security alerts in Microsoft Security Portal . Conduct email security threat hunting using Defender for O365 and advanced hunting queries. b. Microsoft Endpoint Security Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices. Enforce attack surface reduction (ASR) rules for endpoint protection. Configure endpoint compliance policies using Microsoft Intune . Implement DLP (Data Loss Prevention) policies to prevent data exfiltration. c. Compliance & Risk Management Implement and monitor Microsoft Purview Compliance Manager for risk assessment. Enforce Information Protection & Encryption Policies using Microsoft Purview. Configure and manage Conditional Access Policies in Microsoft Entra ID . Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR . 3. Dark Web Monitoring & Brand Protection Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats. Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence. Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains . Collaborate with legal and compliance teams to enforce takedowns of malicious content. 4. Fraudulent Incident Investigation & Threat Hunting Investigate fraud incidents, phishing attempts, and business email compromise (BEC) . Conduct forensic analysis on compromised endpoints, servers, and email accounts. Develop and implement threat intelligence and threat hunting processes. Work closely with SOC teams for incident response and mitigation . 5. VAPT & IT Security Operations Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments. Implement and manage intrusion detection/prevention systems (IDS/IPS) . Monitor, analyze, and mitigate vulnerabilities from external and internal security scans . Work with teams to remediate vulnerabilities and harden IT assets. 6. IT Security & Compliance Management Develop and enforce security policies, standards, and procedures . Implement Zero Trust Architecture and IAM policies . Conduct security awareness training and phishing simulations. Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards . Required Qualifications & Skills: Technical Skills: ✅ Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point ✅ Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance ✅ Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne ✅ WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare ✅ VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP ✅ SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK ✅ Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center ✅ IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM ✅ Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence Soft Skills: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to work independently and in cross-functional teams. Proactive security mindset with attention to detail. Certifications (Preferred, but not mandatory): ✔️ CISSP – Certified Information Systems Security Professional ✔️ CEH – Certified Ethical Hacker ✔️ OSCP – Offensive Security Certified Professional ✔️ CISM/CISA – Certified Information Security Manager/Auditor ✔️ Microsoft Certified: Cybersecurity Architect (SC-100) ✔️ Microsoft Certified: Security Operations Analyst (SC-200) ✔️ Microsoft Certified: Information Protection Administrator (SC-400) Experience Required: 🔹 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence . 🔹 Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance . 🔹 Strong experience in fraud investigation, dark web monitoring, and brand protection . 🔹 Proven ability to secure cloud, hybrid, and on-premise environments . . Please send resumes to careers@isa.ae

Job Description: Application Security Analyst Position Overview: We are seeking a skilled and motivated VAPT Analyst to join our dynamic team. The ideal candidate will have a strong background in performing Security Assessment and Testing (SAST, DAST), along with expertise in Mobile Application Testing for both Android and iOS platforms. The role involves identifying, assessing, and remediating security vulnerabilities across various systems and applications to ensure the integrity and confidentiality of our organization's data. Key Responsibilities: - Conduct comprehensive vulnerability assessments and penetration tests on web applications, networks, and systems to identify security weaknesses and potential threats. - Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) using industry-standard tools and methodologies. - Evaluate mobile applications for security vulnerabilities and conduct both manual and automated testing on Android and iOS platforms. - Collaborate with cross-functional teams to analyze and interpret security assessment results, prioritize findings, and recommend remediation strategies. - Develop detailed reports documenting assessment findings, risk levels, and recommended mitigation measures for stakeholders. - Stay current with emerging security threats, vulnerabilities, and best practices in the field of information security. - Participate in security incident response activities and contribute to the development and enhancement of security policies and procedures. Required Qualifications: - Bachelor's degree in Computer Science, Information Security, or related field. - Minimum of 3 years of experience in performing vulnerability assessments and penetration testing. - Hands-on experience with industry-leading security assessment tools such as Burp Suite, Nessus, Metasploit, and OWASP ZAP. - Proficiency in conducting Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) using tools like Checkmarx, Fortify, or Veracode. - Strong understanding of common web application vulnerabilities (e.g., SQL injection, XSS, CSRF) and mobile application security principles. - Experience in testing mobile applications on both Android and iOS platforms, including knowledge of platform-specific security controls and vulnerabilities. - Excellent analytical and problem-solving skills with the ability to prioritize and manage multiple tasks in a fast-paced environment. - Effective communication skills with the ability to convey technical information to non-technical stakeholders. - Relevant industry certifications such as eWPT, eMAPT, Certified Mobile Pentester – Android (CMPen-Android), the Certified Mobile Pentester – iOS (CMPen-iOS) are preferred. Preferred Qualifications: - Experience in conducting Red Team exercises and simulated attacks. - Familiarity with DevSecOps practices and integrating security into the software development lifecycle (SDLC). - Understanding of regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS) and their implications for security assessments.

Role Overview As AVP/VP – Cybersecurity Operations, you will provide strategic and technical leadership for NopalCyber’s Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery. You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development. Key Responsibilities Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction. Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments. Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies. Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations. Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement. Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages. Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility. Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded. Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces. Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services. Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity. Required Qualifications Bachelor's degree in Engineering, Computer Science, or a related field; a Master’s is preferred. 12–18 years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains. Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs. Preferred Certifications Mandatory: OSCP, CEH Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP Desired Skills In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques. Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect. Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments. Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines. Capability to present complex technical findings in clear, business-relevant language to executive stakeholders. Leadership Attributes Strategic thinker with a track record of scaling cybersecurity programs or service lines. Proven ability to lead, mentor, and retain high-performing technical teams. Exceptional client engagement and communication skills. Ability to influence and collaborate across teams and functions to drive security outcomes. #PenetrationTesting #RedTeamOperations #ApplicationSecurity #OffensiveSecurity #CybersecurityLeadership #CloudSecurity #ThreatModeling #OWASP #StakeholderManagement #OSCP #MITREATTACK

Why Join SecureLayer7? At SecureLayer7, you’re not just an employee—you’re part of a team that thrives on solving tough challenges, exploring the unknown, and making an impact. If you’re excited about breaking systems to make them stronger and securing the future of technology, we’d love to have you onboard. As part of our offensive security team, you’ll work with cutting-edge tools, innovative techniques, and an experienced team to challenge the status quo and strengthen the digital landscape. Key Responsibilities - Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Work closely with Blue Teams in Purple Team exercises to enhance detection and response capabilities. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Required Skills & Experience - Deep understanding and extensive experience in penetration testing methodologies and tools. Strong technical knowledge of various technologies and the ability to quickly learn and adapt to new ones. A passion for learning new technologies and breaking them apart is essential. Expertise in Active Directory attacks and defenses. Proficiency with tools such as Metasploit, Cobalt Strike, BloodHound, and similar offensive security frameworks. Knowledge of hacking methods and frameworks like MITRE ATT&CK. Strong scripting skills (Python, PowerShell, Bash) and experience in manual exploitation techniques. Certifications such as OSCP, OSEP, CRTO, or equivalent are highly valued. What We Offer Competitive salary and benefits package. Exciting projects that challenge your skills and creativity. A collaborative environment where you’ll learn and grow alongside top talent. Access to cutting-edge tools and resources to stay ahead in the cybersecurity field. Opportunities to shape the future of offensive security and contribute to meaningful projects

Job Description Overview: § Research, learn, and continuously enhance your skills to replicate attacker tactics, techniques, and procedures. § Minimum 5 years of experience in web and embedded application penetration testing domains. § Detect exploitable security vulnerabilities in mobile applications, source code, thick-client applications, APIs, embedded devices, firmware, cloud technologies and IIoT devices. § Research and conduct fuzz test on products via communication interfaces such as Modbus, Wi-Fi, HTTP etc. § Familiarity with Wireshark and Metasploit, focusing on exploiting vulnerabilities across various communication protocols in embedded devices. § Capable of training product team and promoting security awareness. Qualifications Requirements § Strong communication skills – capable of explaining complex technical security issues to non-technical audiences. § Knowledge of programming languages such as C, C++, Java, .Net. § Preferred: relevant certifications such as OSCP, GWAPT, GXPN, GPEN, LPT, or other industry-recognized security certifications. § Ability to efficiently validate remediation of security vulnerabilities. Primary Location : IN-Karnataka-Bangalore Schedule : Full-time Unposting Date : Ongoing

Job Title: Senior SOC Analyst (L2/L3) – Threat Detection | SIEM Experience: 8+ Years Key Skills / Keywords: SOC Analyst | Threat Detection | SIEM (ArcSight, Splunk) | Incident Response | EDR (CrowdStrike, SentinelOne) SOAR Automation | Malware Analysis | RCA | CHFI | MITRE ATTCCK | VAPT | Cybersecurity Operations | Red/Blue Team | L3/L4 Security Support | GovTech Cybersecurity | ISO 27001 | NIST CSF Roles and Responsibilities Security Monitoring & Threat Detection: Operate SIEM platforms (ArcSight, Splunk, ELK) for real-time threat visibility Build and tune custom correlation rules, use cases, and threat detection dashboards Perform IOC analysis, log correlation, and malware behavior inspection Incident Response & RCA Ownership: Lead incident triage, containment, and recovery processes Conduct deep forensic investigations using CHFI methodologies (host, network, memory) Document RCA reports, incident timelines, and post-mortem summaries Act as L2/L3 escalation point within the SOC Threat Hunting & Vulnerability Management: Execute threat hunts using MITRE ATTCCK, anomaly baselines, and behavioral analytics Collaborate with VAPT teams on identifying and closing security gaps Analyze exploits and simulated attacks using Metasploit, Burp Suite, OpenVAS, Nessus Automation & Knowledge Sharing: Use or contribute to SOAR platforms and response playbook development Mentor junior analysts and lead security awareness initiatives (KnowBe4) Contribute to internal cyber threat intelligence practices and secure configurations Candidate Profile Experience: 8–12 years in SOC, Threat Detection, and Cybersecurity Operations Role Type: Individual Contributor, L2 Hands-On Specialist Strong communication skills: Able to document, articulate, and coordinate effectively with technical and non-technical stakeholders. Location: Onsite – Manesar, Haryana (Government Sector Deployment) Availability: Immediate or within 1 month Engagement: Full-time via VVNT SEQUOR LLP Preferred Qualifications Bachelor’s in Cybersecurity, Information Security, or IT Certifications preferred: CHFI, CEH, Security+, GCIA, GCFA Splunk Certified Analyst, PCNSE, AWS Security Essentials Experience with: Tripwire, KnowBe4, or Azure Sentinel / AWS GuardDuty

About Workafy: Join Workafy, a freelance marketplace connecting 500,000+ professionals with global opportunities. Work on projects that match your skills, anytime, anywhere. Job Description: Seeking expert Cyber Security Engineers to help clients protect digital assets, perform audits, and strengthen security frameworks. Responsibilities: Identify vulnerabilities and perform penetration testing. Implement firewalls, encryption, and secure protocols. Monitor threats and respond to incidents. Requirements: Proven experience in cybersecurity and network protection. Familiarity with tools like Wireshark, Metasploit, or Splunk. Understanding of compliance standards (ISO, GDPR, etc.). Why Join Us? Work on mission-critical security projects. Flexible freelance opportunities. Be part of a thriving professional network. Apply now at workafy.com and grow your freelance career as a Cyber Security Engineer!

We are seeking an experienced and passionate Cybersecurity Trainer to join our team. The ideal candidate will have strong technical expertise in cybersecurity domains and a passion for teaching and mentoring. You will be responsible for delivering engaging, practical training sessions to students or professionals, preparing them for industry-recognized certifications and real-world challenges. Key Responsibilities: Design and deliver cybersecurity training programs (online/offline) Create course content, labs, quizzes, and study materials Provide guidance on certification paths like CEH, CompTIA Security+, CISSP, etc. Conduct assessments and provide feedback to learners Stay updated with the latest cybersecurity trends and tools Support learners in resolving queries and understanding concepts Assist in curriculum updates and improvements Required Skills & Qualifications: Minimum 5 years of experience in cybersecurity or related fields In-depth knowledge of cybersecurity fundamentals, network security, ethical hacking, vulnerability assessment, and risk management Hands-on experience with tools like Wireshark, Nmap, Metasploit, Burp Suite, etc. Familiarity with common cyber threats and mitigation strategies Strong communication and presentation skills Experience in mentoring or training others (formal or informal) Industry certifications preferred: CEH, CompTIA Security+, CISSP, CISA, etc. Job Type: Full-time Pay: ₹30,000.00 - ₹60,000.00 per month Application Question(s): Have you previously worked as a trainer or delivered technical workshops? Are you fluent in English and comfortable conducting technical sessions? Experience: teaching: 5 years (Preferred)

Job requisition ID :: 81577 Date: Jun 21, 2025 Location: Chennai Designation: Consultant Entity: Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Position: Cybersecurity Intern Company: INLIGHN TECH Location: Remote (100% Virtual) Duration: 3 months Top Interns Stipend: 15,000 Potential for Full-Time Employment: Based on performance; Certificate of Internship provided About INLIGHN TECH: INLIGHN TECH provides hands-on experience to students and recent graduates. Our unpaid Cybersecurity Internship offers practical exposure to threat analysis, vulnerability assessment, and security operations. Responsibilities: Assist in identifying and mitigating security vulnerabilities. Conduct penetration testing and ethical hacking assessments. Monitor and analyze security incidents and threats. Support in developing security policies and best practices. Qualifications: Enrolled in/recent graduate of Cybersecurity, Computer Science, or a related field. Basic knowledge of cybersecurity concepts, network security, and threat analysis. Familiarity with ethical hacking tools (Metasploit, Burp Suite, Wireshark, etc.) (preferred). Strong analytical and problem-solving skills. Benefits: ✅ Hands-on experience with real cybersecurity projects. ✅ Internship Certificate & Letter of Recommendation. ✅ Build your cybersecurity portfolio and gain industry exposure. 🚀 Apply now and start your journey in Cybersecurity!

Responsibilities Deliver engaging and informative cybersecurity courses to college students covering topics such as network security, ethical hacking, cybersecurity fundamentals, and more. Facilitate hands-on lab exercises, simulations, and practical projects to enhance students' practical skills. Provide timely feedback to students on their performance and offer support to those who may be struggling with the course material. Foster a positive and inclusive learning environment that promotes student participation and discussion. Collaborate with colleagues and cybersecurity professionals to stay aligned with industry standards and share best practices. Qualification: Minimum 1 year of experience Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related field. Industry certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), Ejpt etc Experience with various security tools and technologies such as Metasploit, Kali Linux, Wireshark, and more Strong passion for cybersecurity and educating others. Excellent communication and presentation skills Ability to adapt to various teaching methodologies. Patience and a commitment to student success.

Job Title: Faculty – Cyber Security & Machine Learning Location: Mira Road, Thane Position Type: Visiting Faculty Job Summary: We are seeking an experienced and passionate faculty member to teach and mentor undergraduate students in the field of Cyber Security and Machine Learning. The selected candidate will be responsible for delivering course content, designing assessments, mentoring students on practical implementations, and driving academic excellence in the subjects Ethical Hacking and Machine Learning I, as outlined by the University of Mumbai syllabus. Key Responsibilities: Academic Delivery ● Conduct theory and practical sessions for: ○ Ethical Hacking (including network security, cryptography, web security, hardware security) ○ Machine Learning I (including supervised & unsupervised learning, ensemble techniques, SVM, dimensionality reduction) ● Create lesson plans, lecture notes, and assessment tools aligned with syllabus ● Use tools such as Cisco Packet Tracer, Kali Linux, Metasploit, SQLMap, Wireshark, Jupyter Notebooks, Scikit-learn, and others during practical sessions ● Assign and evaluate laboratory work, tutorials, and case studies ● Encourage students to use digital tools and platforms (e.g., DVWA, OWASP, Kaggle, UCI datasets) Assessment & Evaluation ● Conduct internal assessments as per academic guidelines ● Prepare, administer, and grade exams, assignments, and projects ● Maintain timely and accurate records of grades and student progress Qualifications & Experience: Minimum Qualifications: ● Master’s degree in Computer Science / Cyber Security / Information Technology / Data Science / Artificial Intelligence or equivalent Experience: ● Minimum 2–5 years of teaching or industry experience in ethical hacking, information security, or applied machine learning Preferred Skills: ● Hands-on with penetration testing tools (e.g., Wireshark, John the Ripper, Metasploit) ● Familiarity with ML libraries: Scikit-learn, TensorFlow, etc. ● Experience with classroom and lab-based instruction ● Strong communication and mentoring skills Desirable Certifications: ● CEH (Certified Ethical Hacker) ● CompTIA Security+ ● Offensive Security Certified Professional (OSCP) ● Machine Learning or AI certifications (Coursera, edX, etc.) Remuneration: Rs. 2000 per hour (Negotiable)

Company - Our client is a global leader in business services and customer experience solutions, ranked among the Fortune 500 and recognized for its culture-first approach and commitment to innovation and velocity. With a rapidly growing security division following recent acquisitions, this company offers a dynamic and fast-paced environment for tech professionals. Job Title - Application Security Analyst Location - Remote in India Role Type - Contract, 6 months with potential 6-month extension Must Have Skills: Application security testing experience, including penetration testing Web application testing expertise Proficiency with static code analysis (SAST) Proficiency with dynamic application security testing (DAST) Ability to communicate effectively in English Responsibilities and Job Details: Perform vulnerability assessments and penetration testing on web applications, APIs, databases, mobile, and cloud environments. Conduct secure code reviews to identify critical flaws and ensure secure coding practices. Utilize tools such as Burp Suite, Fortify, Checkmarx, WebInspect, Acunetix, and Metasploit for assessments and exploitation. Schedule and prioritize security assessments using SAST/DAST methodologies. Implement and maintain CI/CD pipelines with integrated security testing. Collaborate with governance teams to align security tools with organizational policies. Monitor and evaluate Generative AI risks in application security contexts. Ensure compliance with internal security policies and industry standards. Provide feedback to developers and report vulnerabilities and mitigations to management. Reproduce, document, and retest identified vulnerabilities. Drive continuous improvements in security assessment processes and tooling. Analyze scan results and recommend remediation plans to stakeholders.

Responsibilities Cybersecurity Analyst – Job Description Monitor and respond to security incidents across networks and systems. Conduct vulnerability assessments and penetration testing. Implement and manage security tools like firewalls, IDS/IPS, and antivirus. Ensure compliance with security standards (e.g., ISO 27001, NIST). Prepare reports and recommend mitigation strategies. Tools Often Used Nessus for vulnerability scanning. Metasploit for exploit development and testing. Burp Suite and OWASP ZAP for web application security testing. Skills:- Cyber Security, cloud Security, Nessus, Burp suite, Metasploit, OWASP ZAP, GDPR and CCPA

Cybersecurity Consultant - VAPT Location : Bhopal, Madhya Pradesh, India Job Type : Full-time, Permanent Experience Level : 1 - 5 Years Salary : ₹2,50,000 - ₹5,00,000 per annum (based on experience and certifications) Position Overview We are seeking a skilled and motivated Cybersecurity Consultant specializing in Vulnerability Assessment and Penetration Testing (VAPT). The ideal candidate will have a passion for ethical hacking and a strong desire to identify and remediate security weaknesses. In this hands-on role, you will be responsible for performing security assessments on our clients' web applications, mobile applications, and network infrastructure to help them strengthen their security posture. Key Responsibilities & Duties Perform comprehensive Vulnerability Assessments and Penetration Testing (VAPT) on web applications, mobile applications (iOS/Android), network infrastructure, and APIs. Utilize a combination of automated scanning tools (e.g., Nessus, Burp Suite Pro, Acunetix) and manual testing techniques to identify vulnerabilities. Apply standard testing methodologies such as OWASP Top 10, SANS Top 25, and NIST frameworks. Analyze findings, perform root cause analysis, and assess the level of risk associated with each vulnerability. Prepare detailed, high-quality VAPT reports that clearly outline findings, identified risks, and provide actionable remediation recommendations for both technical and non-technical audiences. Collaborate with client development and IT teams to explain vulnerabilities and advise on effective mitigation strategies. Perform re-testing to validate the successful closure of reported vulnerabilities. Stay updated with the latest cybersecurity threats, attack vectors, vulnerabilities, and ethical hacking techniques. Required Skills & Qualifications Education: Bachelor's degree (B.Tech/B.E.) in Computer Science, Information Technology, or a related field. Experience: 1 to 5 years of hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT). Technical Skills: o Strong understanding of network protocols (TCP/IP), system architecture, and fundamental security concepts. o Proficiency with VAPT tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, etc. o Solid knowledge of OWASP Top 10 vulnerabilities and other common security flaws. o Experience in manual penetration testing of web and mobile applications. o Excellent report writing, documentation, and communication skills. Preferred Certifications & Skills Holding one or more of the following certifications is highly desirable: o Certified Ethical Hacker (CEH) o Offensive Security Certified Professional (OSCP) o Offensive Security Certified Expert (OSCE) Experience with scripting languages (e.g., Python, Bash, PowerShell) for automation and testing. Familiarity with cloud security concepts and testing in environments like AWS, Azure, or GCP. Basic knowledge of secure code review. What We Offer A competitive salary package and benefits. The opportunity to work on challenging and diverse security projects. A culture of continuous learning with support for professional development, training, and certifications. A collaborative and supportive team environment where your contributions are valued. Job Types: Full-time, Permanent Pay: ₹250,000.00 - ₹500,000.00 per year Benefits: Cell phone reimbursement Health insurance Paid sick time Provident Fund Schedule: Day shift Fixed shift Work Location: In person

Role Description Job Description We are seeking a skilled and passionate Penetration Tester with hands-on experience in identifying vulnerabilities across mobile applications (iOS/Android) , web applications , infrastructure , and thick client environments . The ideal candidate will have a strong background in assessing the security posture of applications, systems, and networks, especially in a fast-paced fintech environment . Key Responsibilities Conduct penetration tests on web and mobile applications, networks, thick clients, and systems to identify vulnerabilities. Perform manual and automated testing to simulate cyberattacks and exploit potential security flaws. Create detailed reports of vulnerabilities including descriptions, proof of concepts, business impact, and actionable remediation steps. Perform retesting to validate fixes and confirm mitigations. Analyze security issues related to web apps, network protocols, OSs, and cloud platforms. Stay updated with the latest cybersecurity threats, vulnerabilities, and attack techniques. Coordinate with application and infrastructure teams during the assessment lifecycle and deliver clear, comprehensive reports. Requirements Proven experience as a Penetration Tester or in a cybersecurity role. Strong understanding of: OWASP Mobile Top 10 OWASP Web Top 10 MITRE ATT&CK framework Proficiency in tools such as: Burp Suite, Frida, MobSF, Nmap, Wireshark, Metasploit Hands-on experience with: SSL pinning bypass Jailbreak/root detection bypass Certificate validation flaws Mobile app reverse engineering Familiarity with operating systems like Windows, Kali Linux, and macOS Exposure to cloud platforms such as AWS, Azure, or GCP Knowledge of scripting/programming languages such as Python, Bash, or PowerShell (preferred) Relevant certifications are a strong advantage: CEH, OSCP, or similar Preferred Skills Prior experience in mobile application penetration testing Ability to work independently and manage time effectively Excellent communication skills, especially in conveying technical findings to non-technical stakeholders Skills Information Security,Data Analysis,Penetration Testing

Job Description 4: Sr. Information Security Consultant/ Information Security ConsultantOverview: eSec Forte Technologies is a distinguished cybersecurity service provider specializing in client-side infrastructure security. We are looking for a skilled Senior Infrastructure Security Engineer to join our client-side security team. The ideal candidate will have advanced experience in network vulnerability assessment and penetration testing (VAPT) and using Qualys for vulnerability management. Key Responsibilities: · Conduct advanced network vulnerability assessments and penetration tests on client-side infrastructure. · Utilize Qualys for comprehensive vulnerability scanning and management. · Identify and remediate security vulnerabilities in client environments. · Perform detailed security configuration reviews of network devices, servers, and other infrastructure components. · Collaborate with client IT teams to enhance their security posture. · Provide detailed reports and recommendations based on assessment findings. · Stay up-to-date with the latest security threats and best practices. Qualifications: · Bachelor's degree in Information Security, Computer Science, or related field. · 2+ years of experience in infrastructure security. · Proficiency in using Qualys and other vulnerability scanning tools. · Strong understanding of network security principles and advanced penetration testing techniques. · Experience with security tools such as Metasploit, Nmap. · Excellent communication and interpersonal skills. · Relevant certifications such as OSCP, CEH or equivalent are a plus. Skills: · Network Vulnerability Assessment and Penetration Testing (VAPT) · Qualys · Vulnerability Management · Security Configuration Review · Metasploit, Nmap

Cybersecurity Consultant - VAPT Location : Bhopal, Madhya Pradesh, India Job Type : Full-time, Permanent Experience Level : 1 - 5 Years Salary : ₹2,50,000 - ₹5,00,000 per annum (based on experience and certifications) Position Overview We are seeking a skilled and motivated Cybersecurity Consultant specializing in Vulnerability Assessment and Penetration Testing (VAPT). The ideal candidate will have a passion for ethical hacking and a strong desire to identify and remediate security weaknesses. In this hands-on role, you will be responsible for performing security assessments on our clients' web applications, mobile applications, and network infrastructure to help them strengthen their security posture. Key Responsibilities & Duties Perform comprehensive Vulnerability Assessments and Penetration Testing (VAPT) on web applications, mobile applications (iOS/Android), network infrastructure, and APIs. Utilize a combination of automated scanning tools (e.g., Nessus, Burp Suite Pro, Acunetix) and manual testing techniques to identify vulnerabilities. Apply standard testing methodologies such as OWASP Top 10, SANS Top 25, and NIST frameworks. Analyze findings, perform root cause analysis, and assess the level of risk associated with each vulnerability. Prepare detailed, high-quality VAPT reports that clearly outline findings, identified risks, and provide actionable remediation recommendations for both technical and non-technical audiences. Collaborate with client development and IT teams to explain vulnerabilities and advise on effective mitigation strategies. Perform re-testing to validate the successful closure of reported vulnerabilities. Stay updated with the latest cybersecurity threats, attack vectors, vulnerabilities, and ethical hacking techniques. Required Skills & Qualifications Education: Bachelor's degree (B.Tech/B.E.) in Computer Science, Information Technology, or a related field. Experience: 1 to 5 years of hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT). Technical Skills: o Strong understanding of network protocols (TCP/IP), system architecture, and fundamental security concepts. o Proficiency with VAPT tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, etc. o Solid knowledge of OWASP Top 10 vulnerabilities and other common security flaws. o Experience in manual penetration testing of web and mobile applications. o Excellent report writing, documentation, and communication skills. Preferred Certifications & Skills Holding one or more of the following certifications is highly desirable: o Certified Ethical Hacker (CEH) o Offensive Security Certified Professional (OSCP) o Offensive Security Certified Expert (OSCE) Experience with scripting languages (e.g., Python, Bash, PowerShell) for automation and testing. Familiarity with cloud security concepts and testing in environments like AWS, Azure, or GCP. Basic knowledge of secure code review. What We Offer A competitive salary package and benefits. The opportunity to work on challenging and diverse security projects. A culture of continuous learning with support for professional development, training, and certifications. A collaborative and supportive team environment where your contributions are valued. Job Types: Full-time, Permanent Pay: ₹250,000.00 - ₹500,000.00 per year Benefits: Cell phone reimbursement Health insurance Paid sick time Provident Fund Schedule: Day shift Fixed shift Work Location: In person