269 Nmap Jobs

Job Title: ISMS (Information Security Management System) Location: Airoli, Navi Mumbai Key Responsibilities: ISMS Implementation & Management: Develop, implement, and maintain the ISMS framework, including policies, procedures, and guidelines based on ISO 27001 and other relevant standards. Conduct regular risk assessments to identify vulnerabilities and recommend appropriate controls to mitigate information security risks. Coordinate with other departments to ensure adherence to ISMS protocols and align information security with business goals. Compliance & Audits: Ensure the organization complies with regulatory requirements related to information security, privacy, and data protection. Lead internal and external audits to assess the effectiveness of the ISMS, manage audit processes, and work towards continuous improvement. Documentation & Reporting: Maintain comprehensive documentation for all ISMS processes, policies, controls, and audit activities. Prepare reports for senior management, detailing the effectiveness of the ISMS and recommending improvements. Continuous Improvement: Monitor industry best practices and emerging security trends to enhance the organizations security posture. Recommend improvements to the ISMS based on audit findings, risk assessments, and new business requirements. Desired Traits: Proactive and self-driven. Ability to work independently as well as part of a team. Strong collaboration and interpersonal skills to engage with stakeholders at all levels.

A Technical Support Representatives at IBM is a front-line position supporting our products and making sure they are at their best for our customers. With over 100 years in technology, IBM has built a strong reputation of quality service and this role ensures we continue to deliver on that promise. If you enjoy helping people with technical issue, you’ll love your career at IBM Application Security group is responsible for ensuring that Fidelity applications are designed, developed and deployed securely. The role will involve working closely with development groups to ensure secure design, development and implementation of services and components. As Technical Specialist, person would be responsible to understand complex technical and architectural issues from security perspective and the ability to understand the implications associated with the chosen technical strategy * Conduct Vulnerability Assessments of Network and Security Devices using various open source and commercial tools * Map out a network, discover ports and services running on the different exposed network and security devices * Analyze scan reports and suggest remediation / mitigation plan * Keep track of new vulnerabilities on various network and security devices for different vendors * Review software posture and work with operations to plan code version upgrade requirements of supported security and network devices * Advanced technical analysis on intrusions * Audit configuration of Network and Security devices * Providing rich client specific reports Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 1-2 years’ experience in Cybersecurity * Knowledge on VA tool such as Tenable * Should be able scan devices using VA tool * Should be able to prepare report based on VA tool * Should be able to explain the report to client based on the findings * Should have knowledge on Web Penetration & Network Penetration testing. Should have a skill to conduct Gray box & black box testing * Should worked on various PT tools such as Burp Suite, Acunetix, etc. * Should be able do SCD scanning for Windows & Linux * Should have good knowledge on OS such as Windows, Linux * Experience on network vulnerability scanning penetration testing * Experience with Nessus NetCat, NMAP Backtrack, Metasploit, , HPing, and similar tools set like RetinaCS, Qualys, McAfee (Foundstone) * Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) * In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database * Analytical thinker willing to "think outside the box" to resolve customer impacting situations on first contact; understand customer risk profile. * Self-starter and ability to deliver under defined time lines Preferred technical and professional experience Integrate Security into DevOps and enable security automation in CI/CD pipeline Professional Qualification CEH, ECSA, LPT or Any other equivalent certification. Focused and versatile team player that is comfortable under pressure Ability to remove barriers and enable teams to complete their objectives Understanding of emerging technologies and corresponding security threats Self-motivated, flexible, with a ‘can do’ attitude. Ability to pick up business knowledge, new technology areas, new processes/methodologies and apply these changes in the day-to-day working to improve Security organization.

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired by a collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. Join us and help the world’s leading organizations unlock the value of technology and build a more sustainable, more inclusive world. Your Role We’re hiring a skilled VAPT Engineer to strengthen our cybersecurity team! If you have hands-on experience in Vulnerability Assessment & Penetration Testing , and a passion for securing digital infrastructure, apply now for Pan India locations . Experience in Cyber Security Penetration Testing (Manual PT, VAPT, DAST, SAST, MAST, API). Experience in Vulnerability Assessment and Penetration Testing of web applications, mobile applications, API networks, and thick client applications. Manual Penetration Testing skills and techniques, with hands-on experience in identifying false positives from automated tool results. Hands-on knowledge of tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, SQLmap, Checkmarx, etc. Strong knowledge of tools for mobile application security, including Appuse, MOBSF, Geny Motion, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify on Demand, etc Your Profile Vulnerability Assessment and Penetration Testing (VAPT) experience range 3 to 9 years Cyber Security Penetration Testing Manual Penetration Testing skills Knowledge of security tools Mobile application security tools What You'll Love About Working Here You can shape your career with us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work on cutting-edge projects in tech and engineering with industry leaders or create solutions to overcome societal and environmental challenges. Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.

Software Engineer Associate Advisor - HIH - Evernorth Position Overview The Provider Technology Shared Services Engineering team is seeking a Software Engineer Associate Advisor for a Band 3 Contributor Career Track position. The Software Engineer Associate Advisor will play a critical role in system development within the broader Provider Technology Solutions and Engineering organization, significantly influencing Operations and Technology Product Management. This position will provide expertise in the engineering, design, installation, and startup of automated security testing solutions, including a self-service onboarding kit that enables users to begin utilizing the solution within minutes. The solutions developed will be accessible to individuals with minimal technical skills and will require no additional coding, ensuring zero maintenance is needed. As a member of our team, you will operate within a high-performance, high-frequency enterprise technology environment. This role entails collaborating closely with IT management and staff to identify automated solutions that leverage existing resources with tailored configurations for each security testing use case. The objective is to minimize redundancy in solutions while promoting an enterprise mindset focused on reusability and maintaining high standards, ultimately ensuring minimal future maintenance requirements. The Software Engineer Lead Analyst demonstrates significant creativity, foresight, and sound judgment in the conception, planning, and execution of security initiatives. Additionally, the Lead Analyst stays informed about the latest advancements in technology, including AI and machine learning, to enhance both existing and new automation solutions. These solutions are designed to optimize production costs while facilitating the addition or updating of features aimed at improving the overall software development lifecycle experiences. Responsibilities Provide comprehensive consultation to business unit and IT management, as well as personnel, regarding all facets of application development, security testing and automation solutions across diverse development, financial, operational, and computing environments. Responsible for performing vulnerability assessments, threat modeling, penetration testing, and team campaigns of the Provider's IT infrastructure and applications, while closely collaborating to identify, evaluate, and remediate potential weaknesses in provider systems utilizing automated methods. Provides strategic vision in architectural design and Security Test Automation guidance for the team, emphasizing a thorough evaluation of the quality attributes of a software system. This includes considerations for static, dynamic security tests rather than focusing solely on the functionality of individual features. Additionally, actively oversees and manages the design of supported automation solutions. Conduct comprehensive research and evaluation of all potential solutions to recommend the most efficient and cost-effective automation solution that can be reused with an enterprise mindset, facilitating scalability for both existing and new applications with minimal modifications. Ensures that engineering solutions are aligned with the overall Technology strategy while addressing all application requirements. Demonstrate industry-leading technical abilities that enhance product quality and optimize day-to-day operations. Understand how changes impact work upstream and downstream including various back end and front-end architectural modules. Enhance personnel effectiveness using heat matrices to prioritize Quality and Development Engineering resources on high-impact interfaces while identifying areas of lesser focus. Perform automated activities, including analysis of logs, memory, and disk artifacts, utilizing a variety of commercial and open-source security tools to respond to and triage security threats. Troubleshoot and optimize automated solutions and associated artifacts to ensure efficient operation within CI/CD pipelines and on local machines, reducing software and package dependencies or conflicts to improve cycle times. Execute on a strategy to hand over the automation solutions to every Agile teams for adoption and use within their areas of focus, requiring zero maintenance and minimal effort for any enhancements without delving into coding. Encouraging and building automated processes wherever possible. Recognized internally as a subject matter expert. Qualifications Required Skills: Lead and execute internal and external penetration tests against web applications, APIs, Desktop, networks, Windows and Unix variants to discover vulnerabilities. Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation. Develop scripts, tools or methodologies to enhance . penetration testing processes. Experience in application vulnerability assessment tools (e.g. Burp, Checkmarx, AppScan, WebInspect, Cenzic, etc.) Experience with network and server assessment tools (e.g. Nessus, Metasploit, Nmap, Nikto, etc.) Understanding of web application frameworks (React, Spring boot, Ruby on Rails, J2EE, PHP, ASP.NET) Strong experience in manual and automated techniques for penetration testing and executing vulnerability assessments. Knowledge of Windows and *nix-based operating systems. Knowledge of networking fundamentals and common attacks. Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell). Mobile application coding experience with Android/iOS based platforms (e.g. Java, Swift, Objective C). Exploit development and validation skills. Ability to analyse vulnerabilities, appropriately characterize threats, and provide remediation recommendations. Understanding of core Internet protocols (e.g. DNS, HTTP, TCP, UDP, TLS, IPsec) Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.) Demonstrated ability to coordinate people and lead teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Required Experience & Education: A Bachelor's degree in Computer Science or a related field is required. 8 - 11 years of professional experience in security and penetration testing experience. At least 3 years of experience in Agile methodologies is required. Passionate about security and finding new ways to break into systems as well as defend them Strong analytical and problem solving skills with the ability to “think outside the box” Familiarity with an onshore/offshore operational model is essential. Demonstrated experience in the architecture, design, and development of large-scale enterprise application solutions is required. Desired Experience: Proficient in Security and Penetration Test Automation and automation methodologies. Proficient in triaging and identifying security issues, including root cause analysis, connection problems, and application bottlenecks. Providing coaching and guidance to team members. Location & Hours of Work < >Full-time position, working 40 hours per week. Expected overlap with US hours as appropriatePrimarily based in the Innovation Hub in Hyderabad, India in a hybrid working model (3 days WFO and 2 days WAH) Equal Opportunity Statement Evernorth is an Equal Opportunity Employer actively encouraging and supporting organization-wide involvement of staff in diversity, equity, and inclusion efforts to educate, inform and advance both internal practices and external work with diverse client populations. About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Hi, Greetings from the IDESLABS, Urgent Requirement for Vulnerability Management, Location:Bangalore Employment Type:C2H Notice Period:Immediate JD: Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Ethical Hacking Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Performance-Based) About INLIGHN TECH INLIGHN TECH is a leading edtech platform focused on providing hands-on, project-based virtual internships. Our Ethical Hacking Internship offers students and freshers the opportunity to dive deep into cybersecurity and gain real-world experience in identifying and patching system vulnerabilities. 🚀 Internship Overview As an Ethical Hacking Intern , you will learn how to ethically test and secure systems, networks, and web applications. You'll work on simulated attack environments, use industry-standard tools, and understand how real-world exploits work — and how to defend against them. 🔧 Key Responsibilities Perform vulnerability assessments and penetration testing on simulated environments Use tools such as Nmap, Metasploit, Burp Suite, Nikto, OWASP ZAP , and Wireshark Learn and practice techniques to test for SQLi, XSS, CSRF, RCE , and more Explore and document the OWASP Top 10 vulnerabilities Assist in developing security reports and suggest remediation strategies Stay updated on the latest security threats, exploits, and patches Participate in ethical hacking labs, capture-the-flag (CTF) exercises, and red team–blue team simulations ✅ Qualifications Pursuing or recently completed a degree in Cybersecurity, Computer Science, IT , or a related field Basic understanding of networking, Linux commands, and web technologies Familiarity with common vulnerabilities and penetration testing tools Strong problem-solving skills and curiosity about how systems can be exploited Eagerness to learn, explore, and ethically test system security Bonus: knowledge of scripting languages like Python or Bash 🎓 What You’ll Gain Practical experience in ethical hacking and penetration testing A portfolio of vulnerability assessments and reports Internship Certificate upon successful completion Letter of Recommendation for high-performing interns Opportunity for a Full-Time Offer based on performance Exposure to real-world red teaming and threat analysis techniques

Ethical Hacking Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Performance-Based) About INLIGHN TECH INLIGHN TECH is a leading edtech platform focused on providing hands-on, project-based virtual internships. Our Ethical Hacking Internship offers students and freshers the opportunity to dive deep into cybersecurity and gain real-world experience in identifying and patching system vulnerabilities. 🚀 Internship Overview As an Ethical Hacking Intern , you will learn how to ethically test and secure systems, networks, and web applications. You'll work on simulated attack environments, use industry-standard tools, and understand how real-world exploits work — and how to defend against them. 🔧 Key Responsibilities Perform vulnerability assessments and penetration testing on simulated environments Use tools such as Nmap, Metasploit, Burp Suite, Nikto, OWASP ZAP , and Wireshark Learn and practice techniques to test for SQLi, XSS, CSRF, RCE , and more Explore and document the OWASP Top 10 vulnerabilities Assist in developing security reports and suggest remediation strategies Stay updated on the latest security threats, exploits, and patches Participate in ethical hacking labs, capture-the-flag (CTF) exercises, and red team–blue team simulations ✅ Qualifications Pursuing or recently completed a degree in Cybersecurity, Computer Science, IT , or a related field Basic understanding of networking, Linux commands, and web technologies Familiarity with common vulnerabilities and penetration testing tools Strong problem-solving skills and curiosity about how systems can be exploited Eagerness to learn, explore, and ethically test system security Bonus: knowledge of scripting languages like Python or Bash 🎓 What You’ll Gain Practical experience in ethical hacking and penetration testing A portfolio of vulnerability assessments and reports Internship Certificate upon successful completion Letter of Recommendation for high-performing interns Opportunity for a Full-Time Offer based on performance Exposure to real-world red teaming and threat analysis techniques

Responsible for identifying, assessing, and mitigating security vulnerabilities through automated and manual penetration testing. Develops remediation plans, conducts security audits, and ensures compliance with industry standards. Expertise in vulnerability scanners, ethical hacking, and cybersecurity frameworks is required.

Manage and implement security solutions within SAP Integrated Business Planning (IBP) systems. You will focus on securing data and ensuring proper access control across IBP applications. Expertise in IBP, SAP security, and role-based access control is required.

Network Vulnerability management. Occasional network pen testing Network security architect The scope of the consultant services is to assist IKEA in Understanding the network architecture of MP. Assessing the vulnerability of the infrastructure. Scanning through the various reports of network vulnerability scans. Mitigation plan and report of various network vulnerability. Guiding infrastructure team around OT security. Requirements for this position. Industry experience of around 10 to 15 yrs . Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with a focus on recommendations for enhancements or remediation Strong knowledge of: computer network defense, identity management, incident management, network security and infrastructure design Strong knowledge of cybersecurity activities associated with: requirements analysis, risk analytics and modeling, risk management; emerging issues, risks, vulnerabilities and vulnerability assessment Strong understanding of the following: networking fundamentals (all OSI layers, protocols), OS and software vulnerably and exploitation techniques, commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post exploitation (e.g. Metasploit, Nmap, Nessus, Burp Suite), and familiarity with interpreting log output from networking devices, operating systems, and infrastructure services experience or working knowledge with threat modeling methodologies such as Stride, Pasta, or comparable experience visually representing data and process flows in an enterprise environment

Immediate Openings on SIEM Engineer _Contract_Pan India Notice Period :Immediate. Type : Contract Key Accountabilities Building, maintaining, and operating Splunk Enterprise and Splunk Enterprise Security SaaS Solution Building Co-relation searches for Cyber Operation requirements Evaluating and analysing business requirements and designing suitable solutions, challenging requirements where necessary Managing, co-ordinating and implementing technical project activities and enhancements to services Conducting Incident/ Problem/ Recovery activities Supporting the Joint Operations Centre and incident response teams for detected security events. Creating and maintaining accurate and high-quality documentation Supporting Operational effectiveness audit Structure phased deliverables to link long term vision with time-boxed activities. Support the project delivery phase including testing and training, to ensure the agreed business solutions are delivered successfully. Work closely with developers and testers, to ensure delivery of the functionality on time and with quality. Stakeholder Management and Leadership Negotiate and solicit engagement and support at all levels of the organisation, particularly where support is low or challenging. Communicate clearly and regularly. Typically faces off to AVP VP level stakeholders. Considers the impact of their actions and decisions on key stakeholders, seeking to deliver a positive outcome for those involved. Decision-making and Problem Solving Apply evaluative judgement and analytical skills to operate effectively within a complex and changing environment. Understand the requirements and perspectives of stakeholders and integrate into their understanding of complex situations. Demonstrates a broad understanding of how the bank operates and the metrics used to measure performance Analyses problems and evaluates options in a logical and systematic way. Seeks the advice of stakeholders to better create clarity in complex situations, understand problems, evaluate options and make decisions What were looking for: Knowledge of Splunk Enterprise architecture, distributed components (indexer clusters, forwarders, search head clusters, deployment servers) , knowledge of Splunk Cloud Knowledge of Splunk Enterprise Security at administration and use case level Knowledge on on-boarding new data into Splunk, Splunk Forwarders - data ingestion, extraction. Knowledge of the Common Information Model, data models, enrichment, and automation Good experience on Splunk add-Ons installation configuration to bring security logs into Splunk. Good understanding of the Security Domain. Documentation skills in order to provide high quality documentation for internal customers and technical teams.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills To Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firm’s service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles and Responsibilities: Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills: 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Optional : Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.

Were looking for a hands-on architect to design, deploy, and manage Kubernetes clusters, ensuring high availability and performance. Youll lead the full lifecycle management of databasesautomating installs, upgrades, backups, and decommissionswhile actively contributing to open-source communities. This role involves driving security excellence by analyzing and remediating vulnerabilities (CVEs), conducting in-depth assessments using tools like Burp Suite and Anchore, and ensuring compliance with industry standards. Youll optimize workloads for resilience, troubleshoot complex issues across OS, containers, and databases, and deliver production-ready solutions. Strong debugging, observability, and collaboration skills are essential. You have: Bachelor's or Master's Engineering degree or equivalent with Over 12 years of experience in databases and Kubernetes with deep expertise in architecture, automation, and secure deployments; expert in MariaDB, Cassandra, and Redis, including tuning and troubleshooting in production. Strong programming skills in Python for automation and tooling, with hands-on experience in containerized environments using Docker, Kubernetes, Helm charts, and custom Operators. Proven track record in Microservices architecture, container orchestration, virtualization, and DevOps practices, including CI/CD pipeline development and deployment automation. Advanced knowledge of security protocols (TLS, SSH), encryption standards, and secure design principles, with experience in threat modeling, system hardening, and security-by-design methodologies. Skilled in security assessments and tooling, including vulnerability scanning, penetration testing, and robustness/DoS analysis using tools such as Anchore, Tenable, Netsparker, Codenomicon, and Nmap; familiarity with SBOM generation and integration in CI/CD workflows. It would be nice if you also had: Working knowledge of Infrastructure as Code tools like Terraform or Pulumi, along with GitOps workflows Familiarity with Prometheus, Grafana, ELK/EFK stacks, or OpenTelemetry for end-to-end observability, especially for performance tuning and incident response in distributed systems Design, deploy, and manage scalable, highly available MariaDB, Cassandra, and Redis databases within Kubernetes clusters, while continuously optimizing performance and reliability. Automate end-to-end lifecycle management workflowsincluding install, upgrade, backup, recovery, and decommissionwhile contributing technical improvements to open-source communities. Lead the response to security vulnerabilities across database stacks, collaborating with security and engineering teams to analyze, prioritize, and remediate CVEs. Conduct in-depth security assessments using tools like Burp Suite, Anchore, and Codenomicon, and map findings to risk levels to ensure compliance with security standards. Collaborate with cross-functional teams and customers to deliver secure, production-ready database solutions, troubleshoot complex issues across the stack, and stay current with trends in Kubernetes, OSS, and cloud security.

As an R&D Engineer, where you'll drive security and performance in cutting-edge cloud-native technologies. You'll take the lead in managing end-to-end responses for security vulnerabilities in Kafka, RabbitMQ, and Kubernetes ingress controllersanalyzing CVEs, prioritizing risks, and working closely with developers to deliver effective fixes. You'll also run advanced scans using tools like Burp, Anchore, and Malware scanners, ensuring open-source components meet the highest standards. Alongside security, you'll contribute to delivering robust Kafka, RabbitMQ, and Ingress Controller solutions as per CSF specifications. You Have: Bachelor's or Master's degree in Engineering or equivalent with 38 years of hands-on experience in software development or testing, with strong expertise in messaging open-source tools like Kafka, RabbitMQ, and Ingress Controllers. Proficient in Python programming, with the ability to build and automate robust test and development workflows Skilled in working with microservices architectures and container technologies such as Docker, Kubernetes, Helm charts, Operators, and virtualization platforms Experienced in implementing CI/CD pipelines and DevOps best practices for scalable, efficient software delivery Well-versed in security protocols (TLS, SSH), encryption techniques, and security principles including threat analysis, hardening, and vulnerability scanning (container/non-container, web apps, DoS, penetration testing) Good to have: Familiarity with security tools like Anchore, Tenable, Netsparker, Codenomicon, Nmap, etc. Experience in SBOM (Software Bill of Materials) generation. Lead the end-to-end response process for security vulnerabilities in Kafka, RabbitMQ, and Kubernetes ingress controllers. Analyze and prioritize Common Vulnerabilities and Exposures (CVEs), collaborating with development teams to implement timely and effective remediation. Execute security scans using tools like Burp, Anchore, Malware scanners, and Codenomicon, and assess severity based on open-source software usage. Ensure secure and stable integration of open-source components within the cloud-native platform. Develop and test Kafka, RabbitMQ, and Ingress Controller components in alignment with CSF specifications.

Ready to shape the future of work? At Genpact, we don’t just adapt to change—we drive it. AI and digital innovation are redefining industries, and we’re leading the charge. Genpact’s AI Gigafactory , our industry-first accelerator, is an example of how we’re scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to agentic AI , our breakthrough solutions tackle companies’ most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that’s shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions – we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at genpact.com and on LinkedIn , X , YouTube , and Facebook . Inviting applications for the role of Senior Manager - Threat Modelling Analyst We are looking for a Threat Modeling Sr.Analyst/Architect to join our Global Information Security Team at Genpact. In this role, the candidate will be provided with an opportunity to research, analyse, design threat models and report on the emerging applicable cyber threats. In addition, this position seeks the candidate to notify the stakeholders with ontime, accurate findings on the targeted/sophisticated cyber threats and guide the leadership with practical approaches to thwart such attacks. The Threat Modeling Sr.Analyst/Architect is expected to work independently and produce effective mitigation strategies so that the organisation stays a step ahead of the ever-evolving cyber threats. The Threat Modeling Sr.Analyst/Architect needs to collect, analyse, and generate finished Threat Intelligence products and further leverage it to design and deliver relevant Threat Models to support Genpact LLC, its subsidiaries and additional lines of businesses. Responsibilities: The Threat Modelling Sr.Analyst/Architect role will require significant expertise from attack and/or intelligence domains. The successful candidate should be highly technical and will likely come from an attack background (red team, pen testing etc) or intelligence background (if also having hands-on network/systems experience). Candidates with threat modelling experience in tandem with previous attack/intelligence experience will be considered, as will candidates who do not have a threat modelling background and are presently working in attack/intelligence capacity & interested in transitioning to more of a hybrid role with threat modelling and controls responsibilities. The responsibilities for this position include, but are not limited to: developing threat modeling processes that analyze the firm’s ability to mitigate cyber-attacks across business and technology environments; developing cyber threat scenarios to enable risk management and the secure deployment of key organizational initiative; identifying areas for potential attacks and systemic security issues as they relate to threats and vulnerabilities, including recommendations for enhancements or remediation; preparing and delivering written and verbal briefings to message threat modeling findings across all levels of the enterprise; and monitoring the cyber threat environment to incorporate trends in potential attack activity.Maintain awareness of the cyber threat landscape and provide key/relevant updates to the leadership and InfoSec teams Qualifications we seek in you! Minimum Qualifications Bachelor’s degree or equivalent experience. Excellent command of cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies. Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with a focus on recommendations for enhancements or remediation. Strong knowledge of: cloud computing, computer network defense, external organizations and academic institutions dealing with cybersecurity issues, financial authorities and regulations, identity management, incident management, information assurance, information management, information systems and network security and infrastructure design. Strong knowledge of cybersecurity activities associated with: requirements analysis, risk analytics and modeling, risk management; emerging issues, risks, vulnerabilities and technologies; and vulnerability assessment. Demonstrated attack experience in previous positions in functions such as red team operator or penetration testing. In lieu of attack experience, threat intelligence experience in conjunction with hands on systems/network experience will be considered. The candidate should have a technical background Preferred Qualifications/ Skills Strong understanding of the following: networking fundamentals (all OSI layers, protocols), Windows/Linux/Unix/Mac operating systems, OS and software vulnerably and exploitation techniques, commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post exploitation (e.g. Cobalt Strike, Metasploit, Nmap, Nessus, Burp Suite), and familiarity with interpreting log output from networking devices, operating systems, and infrastructure services. Understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity. Foundational knowledge of: computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing. Nice to have: experience or working knowledge with threat modeling methodologies such as Stride, Pasta, or comparable experience visually representing data and process flows in an enterprise environment, and/or leveraging the MITRE ATT&CK Framework. Why join Genpact? Be a transformation leader – Work at the cutting edge of AI, automation, and digital innovation Make an impact – Drive change for global enterprises and solve business challenges that matter Accelerate your career – Get hands-on experience, mentorship, and continuous learning opportunities Work with the best – Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture – Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let’s build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a 'starter kit,' paying to apply, or purchasing equipment or training. Job Senior Manager Primary Location India-Gurugram Education Level Bachelor's / Graduation / Equivalent Job Posting Jun 25, 2025, 9:12:23 AM Unposting Date Ongoing Master Skills List Operations Job Category Full Time

Ready to shape the future of work? At Genpact, we don’t just adapt to change—we drive it. AI and digital innovation are redefining industries, and we’re leading the charge. Genpact’s AI Gigafactory , our industry-first accelerator, is an example of how we’re scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to agentic AI , our breakthrough solutions tackle companies’ most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that’s shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions – we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at genpact.com and on LinkedIn , X , YouTube , and Facebook . Inviting applications for the role of Senior Manager - Threat Modelling Analyst We are looking for a Threat Modeling Sr.Analyst/Architect to join our Global Information Security Team at Genpact. In this role, the candidate will be provided with an opportunity to research, analyse, design threat models and report on the emerging applicable cyber threats. In addition, this position seeks the candidate to notify the stakeholders with ontime, accurate findings on the targeted/sophisticated cyber threats and guide the leadership with practical approaches to thwart such attacks. The Threat Modeling Sr.Analyst/Architect is expected to work independently and produce effective mitigation strategies so that the organisation stays a step ahead of the ever-evolving cyber threats. The Threat Modeling Sr.Analyst/Architect needs to collect, analyse, and generate finished Threat Intelligence products and further leverage it to design and deliver relevant Threat Models to support Genpact LLC, its subsidiaries and additional lines of businesses. Responsibilities: The Threat Modelling Sr.Analyst/Architect role will require significant expertise from attack and/or intelligence domains. The successful candidate should be highly technical and will likely come from an attack background (red team, pen testing etc) or intelligence background (if also having hands-on network/systems experience). Candidates with threat modelling experience in tandem with previous attack/intelligence experience will be considered, as will candidates who do not have a threat modelling background and are presently working in attack/intelligence capacity & interested in transitioning to more of a hybrid role with threat modelling and controls responsibilities. The responsibilities for this position include, but are not limited to: developing threat modeling processes that analyze the firm’s ability to mitigate cyber-attacks across business and technology environments; developing cyber threat scenarios to enable risk management and the secure deployment of key organizational initiative; identifying areas for potential attacks and systemic security issues as they relate to threats and vulnerabilities, including recommendations for enhancements or remediation; preparing and delivering written and verbal briefings to message threat modeling findings across all levels of the enterprise; and monitoring the cyber threat environment to incorporate trends in potential attack activity.Maintain awareness of the cyber threat landscape and provide key/relevant updates to the leadership and InfoSec teams Qualifications we seek in you! Minimum Qualifications Bachelor’s degree or equivalent experience. Excellent command of cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies. Ability to identify network attacks and systemic security issues as they relate to threats and vulnerabilities, with a focus on recommendations for enhancements or remediation. Strong knowledge of: cloud computing, computer network defense, external organizations and academic institutions dealing with cybersecurity issues, financial authorities and regulations, identity management, incident management, information assurance, information management, information systems and network security and infrastructure design. Strong knowledge of cybersecurity activities associated with: requirements analysis, risk analytics and modeling, risk management; emerging issues, risks, vulnerabilities and technologies; and vulnerability assessment. Demonstrated attack experience in previous positions in functions such as red team operator or penetration testing. In lieu of attack experience, threat intelligence experience in conjunction with hands on systems/network experience will be considered. The candidate should have a technical background Preferred Qualifications/ Skills Strong understanding of the following: networking fundamentals (all OSI layers, protocols), Windows/Linux/Unix/Mac operating systems, OS and software vulnerably and exploitation techniques, commercial or open-source offensive security tools for reconnaissance, scanning, exploitation and post exploitation (e.g. Cobalt Strike, Metasploit, Nmap, Nessus, Burp Suite), and familiarity with interpreting log output from networking devices, operating systems, and infrastructure services. Understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity. Foundational knowledge of: computer forensics; legal, government and jurisprudence as they relate to cybersecurity; operating systems; and methods for intelligence gathering and sharing. Nice to have: experience or working knowledge with threat modeling methodologies such as Stride, Pasta, or comparable experience visually representing data and process flows in an enterprise environment, and/or leveraging the MITRE ATT&CK Framework. Why join Genpact? Be a transformation leader – Work at the cutting edge of AI, automation, and digital innovation Make an impact – Drive change for global enterprises and solve business challenges that matter Accelerate your career – Get hands-on experience, mentorship, and continuous learning opportunities Work with the best – Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture – Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let’s build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a 'starter kit,' paying to apply, or purchasing equipment or training. Job Senior Manager Primary Location India-Gurugram Education Level Bachelor's / Graduation / Equivalent Job Posting Jun 25, 2025, 8:59:09 AM Unposting Date Ongoing Master Skills List Operations Job Category Full Time

Job Title: Cybersecurity Intern Location: Kolkata, Bangalore Duration: 3 months Company: Indian Cyber Security Solutions About Us: Indian Cyber Security Solutions is a leading cybersecurity service provider committed to securing digital assets and infrastructures. We specialize in ethical hacking, penetration testing, SOC services, and training. Join us to gain real-world experience in offensive security and make a measurable impact. Position Summary: We are looking for a passionate and motivated Cybersecurity Intern with foundational knowledge and practical experience in Web Application Penetration Testing (WAPT) . The intern will assist our VAPT team in identifying, analyzing, and reporting vulnerabilities in live web applications and gain valuable hands-on experience in real-time security engagements. Key Responsibilities: Assist in performing WAPT assessments on client-facing web applications. Use tools like Burp Suite, OWASP ZAP, Nmap, Nikto, and SQLmap for testing and scanning. Perform manual testing techniques to identify OWASP Top 10 vulnerabilities. Collect and document evidence of vulnerabilities and exploits found. Prepare structured vulnerability assessment and penetration testing reports. Coordinate with senior cybersecurity analysts for remediation steps and validation testing. Stay updated with the latest CVEs, exploits, and vulnerability trends. Participate in internal red team/blue team exercises if applicable. Required Skills & Knowledge: Basic understanding of OWASP Top 10 vulnerabilities (e.g., SQLi, XSS, CSRF, IDOR, etc.). Familiarity with WAPT tools : Burp Suite, OWASP ZAP, Nikto, etc. Knowledge of HTTP/HTTPS protocols, cookies, sessions, headers, and request/response cycles . Exposure to HTML, JavaScript, PHP, or other web technologies . Understanding of how web applications work and how to exploit weaknesses . Good analytical and documentation skills. Preferred Qualifications: Pursuing or completed a degree in Cybersecurity, Computer Science, or related fields . Completion of any course or certification related to Ethical Hacking or WAPT (CEH, eJPT, OSCP - a plus). Prior participation in CTFs, bug bounty programs , or security projects is a strong advantage. What You’ll Gain: Hands-on experience in professional penetration testing engagements . Exposure to real-world web vulnerabilities and enterprise security environments. Mentorship from industry experts. Certificate of internship completion. Potential for placement offer based on performance .

Job Description: VAPT lead with experience in vulnerability assessment and penetration testing is preferred The resource should mandatorily have minimum 4 Years experience in VAPT Responsible for planning executing and managing infrastructure level vulnerability assessments and penetration testing activities across the organization s IT landscape Key Responsibilities: Lead and manage end to end Vulnerability Assessment and Penetration Testing VAPT activities across infrastructure components including networks servers endpoints and cloud environments Design and implement VAPT strategies tailored to organizational risk profiles and compliance requirements Conduct thorough assessments to identify security vulnerabilities simulate attack scenarios and evaluate the effectiveness of existing security controls Collaborate with infrastructure network and application teams to validate findings and support remediation efforts Prepare detailed technical reports and executive summaries outlining identified risks impact analysis and recommended mitigation strategies Ensure VAPT activities align with industry standards such as ISO 27001 NIST OWASP and CIS Benchmarks Maintain up to date knowledge of emerging threats tools and techniques in the vulnerability assessment and penetration testing domain Technical Requirements: Proven experience in conducting infrastructure level Vulnerability Assessment and Penetration Testing VAPT across networks servers endpoints and cloud environments Strong hands on expertise with VAPT tools such as Nessus Qualys Nmap Metasploit Burp Suite etc In depth understanding of network protocols system configurations and common vulnerabilities in enterprise IT environments Ability to identify analyze and prioritize security vulnerabilities and provide detailed remediation guidance to technical teams Preferred Skills: Technology->Application Security->Vulnerability Management

1. Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Job description As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This position offers an exciting opportunity to work on challenging projects, collaborate with talented professionals, and contribute to the advancement of cybersecurity practices. Key Responsibilities: Perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) for clients' IT infrastructure, applications, and networks. Conduct thorough security assessments using industry-standard tools and methodologies, including but not limited to, Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Identify and exploit security vulnerabilities to assess the potential impact on clients' systems and data. Prepare detailed assessment reports outlining findings, risk levels, and recommended remediation measures. Collaborate with clients' IT teams to prioritize and address identified security issues in a timely manner. Develop and implement custom scripts or tools to enhance testing capabilities and automate repetitive tasks. Stay abreast of emerging security threats, vulnerabilities, and industry best practices to continually improve testing methodologies. Provide guidance and mentorship to junior security engineers, fostering a culture of knowledge sharing and skill development within the team. Requirements: Bachelor's degree in Computer Science, Information Technology, or related field. 5+ years of experience in cybersecurity, with a focus on Vulnerability Assessment and Penetration Testing. Proficiency in using tools such as Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Hands-on experience with various operating systems, including Windows, Linux, and Unix. Strong understanding of network protocols, web application architecture, and common security vulnerabilities. Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar certifications preferred. Excellent analytical skills and attention to detail, with the ability to prioritize and manage multiple tasks effectively. Effective communication skills, both verbal and written, with the ability to convey technical concepts to non-technical stakeholders. Proven track record of delivering high-quality security assessments and actionable recommendations

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! The Technical Account Manager (TAM) is responsible for actively driving the sales process with direct and channel customers. The TAM must be able to articulate the Company's technology and product positioning to both business and technical users. He/she must be able to identify all technical and business issues of aligned accounts to ensure customer satisfaction, through all stages of the sales process. Must be able to establish and maintain strong relationships throughout the sales cycle. Responsibilities: Provide product and technical support for assigned accounts. Support, manage and sell to SMB Customers with defined geographic territory. Drive a culture of success through product expertise and positive account management. Provide accurate forecasting on Sales pipeline. Carefully monitor the quality of all services Qualys delivers to the customer by conducting QBRs (Quarterly Business Reviews) and ensuring adoption of technology and discovering upsell opportunity. Engage with channel partners and provide accurate renewal quotes. Raise any necessary alert for the customer’s business or technical situation in a timely manner. Work closely with customers to grow and expand the implementation/integration of Qualys products and services. Act as customer advocate with focus on improving customer contentment. Qualification: The ideal candidate will come from a security and/or networking background while performing an engineering, administration, or support role with 3-6 years of experience. General knowledge of current IT security fields including Firewall, Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS, Vulnerability Management, Network Scanners (Nessus, nmap, Scan alert, ISS Internet Scanner), PCI, Policy Compliance/GRC-IT and Audit Tools is a plus. General knowledge of Desktop and Server operating system configuration, TCP/IP networking hardware, protocols, and LAN configuration, knowledge of LAN and WAN technologies, network design, and web security architectures is a plus. Ability to understand network and security infrastructure elements on advising how best to use Qualys products on cloud platforms. Must have a strong technical background and possess an excellent work ethic with a “make it happen” attitude. Excellent written and verbal communication skills. Works well in small group settings. A strong desire to be a customer-facing, technical solution expert. Extensive use of CRM (preferably salesforce.com) to maintain accurate activity, contact and account information of all customers. Ability to work rotational hours supporting global customers. Preferred Qualification: 3 - 6 years of equivalent experience in consulting or account management. Preferred pre-sales experience in computer networking or information security or public clouds. Candidates from STEM preferred.

Experience Required: - 6 to 8 Years Location:- Noida Role Overview- We are seeking a skilled and driven Sr. Security Engineer with a strong background in penetration testing (web, mobile, and network) and an understanding of security compliance standards such as SOC 2, ISO 27001, and GDPR. The ideal candidate will have hands-on experience identifying and exploiting vulnerabilities, preparing technical and compliance reports, and guiding clients or internal teams on remediation and governance. Key Responsibilities- • Conduct penetration testing of web applications, mobile apps (iOS/Android), and internal/external networks. • Perform vulnerability assessments and risk evaluations across client environments. • Create detailed technical and executive reports with prioritized remediation strategies. • Assist in SOC 2 readiness assessments, ISO 27001 implementation, and GDPR compliance checks. • Collaborate with cross-functional teams for remedial activities to improve the security posture. • Stay updated with the latest exploits, tools, and compliance updates. Required Qualifications- • 6-8 years of experience in cybersecurity with a focus on penetration testing and compliance. • Proficiency in tools like Burp Suite, Nmap, Metasploit, Nessus, MobSF, and manual testing techniques. • Strong knowledge of OWASP Top 10, secure coding practices, network protocols, and common attack vectors. • Understanding of SOC 2, ISO 27001, GDPR, and associated implementation or audit processes. Certifications (Preferred)- • CEH (Certified Ethical Hacker) • ISO/IEC 27001 Lead Auditor / Lead Implementer • Other relevant certs: e.g., CompTIA Security+, eWPT, eCPPT, GPEN Nice-to-Have Skills- • Familiarity with DevSecOps pipelines, source code reviews, or CI/CD security integration. • Client-facing consulting experience or report presentation skills. • Cyber Security vibe is a must.

Technical Skills Required: Mandatory: • Good knowledge in Networking and troubleshooting tools- DNS, DHCP, TLS, SSL, security Protocols, Routing, Packet data analysing, Prior experience in working with Wireshark, Nmap, http analyser, Debug view etc. • Knowledge in VAPT analysis & Security • knowledge about security software such as DLP, firewalls (End point security are add on) Product and Application Support a) Good experience in product and application support with sound knowledge of networking and IT Infrastructure b) Must have worked on supporting any enterprise security applications like zero trust, Identity Management solution, Multifactor Authentication Solution c) Any support experience in Virtualization products coming from Citrix, Microsoft, Dell, etc. d) Should have worked with any reverse proxy solutions e) Should understand how key web servers can be troubleshooted like Apache, NGINX, TOMCAT, IIS, etc. f) OWASP Application Security Guidelines g) How typically big enterprise support product installation and upgrades are managed and how the patch management is done h) Knowledge of Power-shell scripting, Linux shell scripting, and Python Infra Support a) Excellent knowledge in Windows Server operating systems & Roles - Active directory, Group policies, Remote Desktop services, IIS, FSMO roles. b) Process data analyzing, Windows sys- internals tools knowledge will be add on. Batch and PowerShell scripting will be desirable c) Work experience in Client-side operating systems - Windows 7,8,10 are must d) Very good Working knowledge in Linux & Mac operating systems Support Management and Tools knowledge a) Good knowledge of L1 and L2 Ticket tracking tools b) Good Knowledge of Service level management tools c) Should be able to manage escalations and the agreed and provided SLA for various clients d) Should be able to provide reports for any escalations, Root cause Analysis (RCA) , Productivity reports e) Must make sure escalations are managed at root level and there is zero repeat escalations f) Excellent knowledge on Server Operating systems (Win 2016/19/22, Linux flavors) g) Proficient in Networking - DNS, DHCP, basic routing concepts, network monitoring commands & tools, h) Good knowledge in IT Infrastructure & Security concepts -Storage, File servers, SSL certificates, VPNs gateways, VAPT analysis, UTMS etc i) Good knowledge in Azure Cloud, conceptual understanding in Desktop as service, working experience in Azure Virtual Desktop / equivalent products Role and Responsibilities: • To provide solutions, not workarounds • Good listener to customer, provide on time deliveries; Involve appropriate authorities when escalations are required • Make sure Support deliveries are under SLAs • Provide Solution documents, KB articles & RCAs and make sure team members are following the process • Proactively involve in escalations and make sure customer commitments are met • Coordinate with Product Management team for bug fixes, new feature escalations & development related items and make sure on time resolution • Good with Statistical data, analyze priorities and involve in the product improvement discussions • work as a leader of special or Ongoing requirements • Use appropriate judgement during critical environments. • Reproduce customer issues and if required, analyse the root cause; Check and verify any viable solutions available other than development – such as creating scripts, simple solutions etc.

Proven experience in conducting infrastructure-level Vulnerability Assessment and Penetration Testing (VAPT) across networks, servers, endpoints, and cloud environments. Strong hands-on expertise with VAPT tools such as Nessus, Qualys, Nmap, Metasploit, Burp Suite etc. In-depth understanding of network protocols, system configurations, and common vulnerabilities in enterprise IT environments. Ability to identify, analyze, and prioritize security vulnerabilities, and provide detailed remediation guidance to technical teams. Lead and manage end-to-end Vulnerability Assessment and Penetration Testing (VAPT) activities across infrastructure components including networks, servers, endpoints, and cloud environments. Design and implement VAPT strategies tailored to organizational risk profiles and compliance requirements. Conduct thorough assessments to identify security vulnerabilities, simulate attack scenarios, and evaluate the effectiveness of existing security controls. Collaborate with infrastructure, network, and application teams to validate findings and support remediation efforts. Prepare detailed technical reports and executive summaries outlining identified risks, impact analysis, and recommended mitigation strategies. Ensure VAPT activities align with industry standards such as ISO 27001, NIST, OWASP, and CIS Benchmarks. Maintain up-to-date knowledge of emerging threats, tools, and techniques in the vulnerability assessment and penetration testing domain.