870 Penetration Testing Jobs - Page 13

Position Overview: We are seeking dedicated and detail-oriented individuals to join our team as Software Testers. The ideal candidate will undergo a 3-month assessment on manual and/or automated testing of our web application. This role offers a unique opportunity to develop your testing skills in a practical environment, with the potential to secure a permanent position based on performance and demonstrated technical and interpersonal abilities. Responsibilities: Participate in practical training sessions on different modules of our proprietary web application. Develop a deep understanding of application features and functionalities. Develop and maintain effective test cases. Execute manual test cases and accurately report results. Learn and execute automated testing scripts, and review and report results. Identify, report and track bugs throughout the software development lifecycle. Develop and maintain automated testing scripts using TestComplete(or similar tools). Work closely with developers and other team members to ensure product quality. Requirements: Basic understanding of software testing methodologies and practices. Basic understanding of software development methodologies (Agile, Waterfall, etc.) Basic understanding of web automation concepts and familiarity with tools such as Selenium, TestComplete, JMeter etc. Experience in performance and security testing Completion of any software testing certification or course. Basic knowledge of JavaScript. Excellent verbal and written communication skills in ENGLISH. Ability to prepare detailed and effective test cases. Quick learner with an interest in learning new technologies and best practices in software testing. Honest, modest, friendly, patient, and a team player. Positive attitude with a willingness to learn and adapt. Ability to work effectively under guidance and independently when required. Strong analytical, problem-solving skills and attention to detail. Demonstrate core and soft skills required for the position during the assessment period. Assessment Highlights: Probation : 3 months Focus : Practical exposure to manual and/or automated web application testing Outcome : Opportunity to secure a permanent role based on performance and soft skills Benefits : Above Industry Average (for those who move to a permanent role) If you're passionate about software quality and believe in working with integrity, kindness and respect for others, we encourage you to apply. We're looking for individuals who value ethics, collaboration and continuous learning. We offer a stable environment where you can build a rewarding career. We also have positions open for experienced testers .

Role & responsibilities We are looking to add a VAPT specialist to our team! This position will be conducting vulnerability assessments, penetration testing, and security audits to identify, report, and mitigate security weaknesses across applications, networks, and systems. Conduct vulnerability assessments and penetration tests on internal and external applications, networks, and systems. Develop, document, and implement testing methodologies based on industry standards and compliance requirements (e.g., OWASP, NIST, ISO 27001). Identify security risks, potential threats, and vulnerabilities and provide detailed reports with actionable recommendations. Collaborate with development, infrastructure, Network, SOC and application teams to guide them in remediating identified security issues. Perform re-testing to validate remediation actions taken to address vulnerabilities. Stay updated on emerging security threats, vulnerabilities, and tools related to penetration testing. Ensure testing activities comply with relevant security policies, regulatory requirements, and standards. Support the development of VAPT policies, standards, and guidelines. Prepare regular reports and dashboards for management and stakeholders, summarizing findings and status updates. Preferred candidate profile At least 1+ years of experience in vulnerability assessment and penetration testing in both application and network environments. In-depth knowledge of security standards, frameworks, and methodologies, such as OWASP, PTES, and MITRE ATT&CK. Proficiency with security testing tools like Burp Suite, Nessus, Metasploit, Nmap, and Wireshark. Strong understanding of network protocols, application security, and secure coding practices. Familiarity with regulatory standards, such as GDPR, HIPAA, and PCI-DSS, and how they impact VAPT requirements. Ability to communicate complex technical information to both technical and non-technical stakeholders. Relevant certifications (e.g., CEH, OSCP, GIAC GPEN, or GWAPT) are preferred. Vulnerability scanning and penetration testing Threat modeling and risk assessment Security auditing and report writing Collaboration and communication Analytical and problem-solving skills

Job Summary As a Cyber Security Specialist you will play a crucial role in safeguarding our organizations digital assets. With a focus on LDAP Ping Directory and a hybrid work model you will ensure the integrity and confidentiality of sensitive information. Your expertise will contribute to maintaining a secure environment supporting our mission to protect data and enhance trust in our services. Responsibilities Develop and implement security measures to protect the organizations digital infrastructure. Monitor and analyze security alerts to identify potential threats and vulnerabilities. Collaborate with IT teams to integrate security protocols into existing systems. Conduct regular security audits and assessments to ensure compliance with industry standards. Provide guidance and support to staff on security best practices and protocols. Investigate security breaches and incidents to determine root causes and implement corrective actions. Maintain and update security policies and procedures to reflect current threats and technologies. Utilize LDAP expertise to manage and secure directory services effectively. Work closely with stakeholders to address security concerns and implement solutions. Ensure the confidentiality integrity and availability of sensitive information. Stay informed about the latest cybersecurity trends and technologies to enhance security measures. Contribute to the development of security awareness programs for employees. Support the organizations mission by ensuring a secure and trustworthy digital environment. Qualifications Possess strong experience in LDAP and its application in cybersecurity. Have a solid understanding of cybersecurity principles and practices. Demonstrate proficiency in conducting security audits and assessments. Exhibit excellent problem-solving skills to address security challenges. Show ability to work collaboratively with cross-functional teams. Display knowledge of industry standards and compliance requirements. Have experience in developing and implementing security policies. Be familiar with security incident response and investigation techniques. Possess strong communication skills to convey security concepts effectively. Have a proactive approach to identifying and mitigating security risks. Show commitment to continuous learning and staying updated on cybersecurity trends. Demonstrate ability to manage and secure directory services using LDAP.

Job Summary IAM Architect Develop the overarching vision principles and architecture for the workload identity and access management system across all environments like Azure GCP hybrid on premises Responsibilities Define the types of workload identities e.g. Managed Identities Service Accounts SPIFFE identities their attributes and their lifecycle management processes. Design the framework and specific policies for controlling workload access to resources based on the principle of least privilege. Define and design secure methods for workloads to authenticate and communicate with each other. Design the integration points and processes for connecting the workload IAM system with Fords current IAM infrastructure e.g. Entra ID Drive the creation of the long-term workload IAM governance framework ensuring alignment with industry best practices and Fords policies. Serve as the subject matter expert on workload identity concepts technologies e.g. Entra Workload Identity SPIFFE-SPIRE and best practices. Assess and recommend appropriate workload identity features and tools available in Azure GCP and other relevant platforms. Design the system to meet relevant security and compliance requirements

Location: Noida Berger Tower, India Thales people architect identity management and data protection solutions at the heart of digital security. Business and governments rely on us to bring trust to the billons of digital interactions they have with people. Our technologies and services help banks exchange funds, people cross borders, energy become smarter and much more. More than 30,000 organizations already rely on us to verify the identities of people and things, grant access to digital services, analyze vast quantities of information and encrypt data to make the connected world more secure. We re looking for a Experienced Test Automation Engineer to help take our automated testing capabilities to the next level. Responsibilities: Plan, design and execute manual tests as a step towards automation. Plan, design, develop and execute Java-based automation tests for functional, acceptance, system, performance and penetration testing Write maintain, and improve automation tests for frontend, backend, and API s Demonstrate a high ability to deeply understand complex products, anticipate potential customer use cases, and design comprehensive tests to ensure these scenarios are thoroughly validated. Develop, extend, and maintain test automation frameworks such as TestNG, JUnit, or Cucumber, ensuring scalability and reusability Create test plans and perform manual testing Collaborate with cross-functional teams to define, design, and ship new features Collaborate with team members to enable continuous testing and delivery Drive the adoption of continuous testing and delivery practices within the team, integrating automated tests with CI/CD pipelines using tools like Jenkins or Github action Stay updated on industry trends, emerging technologies, and best practices to enhance your skills and contribute to the team s success Qualifications: B.Sc. in Computer Science or Software Engineering At least 5 years experience as a Test Automation engineer At least 3 years experience programming in Java Deep understanding of test automation frameworks such as TestNG, JUnit, or Cucumber, and the ability to build and extend them Proven experience in designing and maintaining Selenium Grid for parallel test execution Experience in manual testing and building test plans Experience with deployment cycle and tools like Jenkins, Github action,etc. Experience working with DB, writing SQL queries, and/or NoSQL DBs Experience with Linux scripting and fundamentals Solid understanding of Cloud technologies (AWS, Azure) - an advantage Attention to details, Strong analytical skills with the ability to solve complex problems under tight deadlines. Excellent time management and multi-tasking skills Highly self-motivated person, fast learner and independent Can do attitude with strong interpersonal and communication skills

Rapid7 s Managed Detection and Response (MDR) team is built from the ground up to bring motivated and passionate security talent face to face with emerging threats, practical challenges, and evil at scale. Our MDR service uses an impact-driven mindset to focus efforts on effective solutions, encouraging personal and technical innovation within the SOC. MDR provides 24/7/365 monitoring, threat hunting, incident response, and more with a focus on endpoint detection and behavioral intelligence. About the Role As a Detection and Response Analyst in Rapid7 s SOC, you will be responsible for identifying and analyzing malicious activity in a multitude of customer environments. You will be enabled to complete investigation scaling in complexity from simple account compromises and commodity malware infections, to complex web server compromises and zero-day vulnerability exploitation. Your Customer Advisor colleagues will be responsible for direct communication with the customers, enabling you to dedicate your efforts to analysis. Your fellow analyst colleagues will be available to answer questions, provide guidance, and assist you in investigations if you need help. In this role, you will: Utilize Rapid7 s world-class software and threat intelligence to identify potential compromises in customer environments. Conduct investigations into a variety of malicious activity on workstations, servers, and in the cloud. Write an Incident Report for each investigation you complete, which follows MITRE s ATT&CK Framework and includes your own forensic, malware, and root-cause analysis. Communicate with Customer Advisors regarding investigation findings, Requests For Information from clients, and remediation and mitigation recommendations. Communicate with other analysts to share new intelligence regarding tactics, techniques, and trends utilized by threat actors. Provide continuous input to Rapid7 s Threat Intelligence and Detection Engineering team regarding new detection opportunities. The skills you ll bring include: Understanding of core operating system concepts in Windows, MacOS/Darwin, and Linux. This includes at least a basic understanding of common internal system tools and directory structures. A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration. Practical experience gained through CTF and HTB challenges, as well as personal or professional usage of common penetration testing tools such as Mimikatz, Metasploit modules, BloodHound, etc. Experience with hands-on analysis of forensic artifacts and/or malware samples. Passion for continuous learning and growth in the cybersecurity world. Effective collaboration within the SOC and between departments. Dedication to putting each customer s needs and concerns at the forefront of all decision making. We know that the best ideas and solutions come from multi-dimensional teams. That s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don t be shy - apply today. About Rapid7 At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what s possible and drive extraordinary impact. Here, we re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 10,000 global customers ahead of whatever s next. Join us and bring your unique experiences and perspectives to tackle some of the world s biggest security challenges. Security and Compliance Rapid7 is committed to keeping customers secure. As a first line of defense, all employees are expected to uphold the highest standards of security and privacy, ensuring the protection of sensitive information and compliance with relevant regulations.

Cloud Security Test Engineer This role has been designed as Onsite with an expectation that you will primarily work from an HPE office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today s complex world. Our culture thrives on finding new and better ways to accelerate what s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. : Aruba is an HPE Company, and a leading provider of next-generation network access solutions for the mobile enterprise. Helping some of the largest companies in the world modernize their networks to meet the demands of a digital future, Aruba is redefining the Intelligent Edge - and creating new customer experiences across intelligent spaces and digital workspaces. Join us redefine what s next for you. What you ll do: Design and execute complex penetration tests against cloud-native applications, infrastructure, and data stores. Exploit vulnerabilities in cloud platforms, such as AWS, Azure, and GCP, using advanced techniques and tools. Assess the security posture of cloud-native applications, microservices, and serverless architectures. Develop and execute attack scenarios that simulate real-world threats, including supply chain attacks, privilege escalation, and lateral movement. Lead and mentor a team of experienced penetration testers, providing guidance and support on advanced techniques and tools. Assign tasks, review deliverables, and ensure project timelines are met. Develop and maintain standard operating procedures for complex penetration testing activities. Must have B.E / B.Tech / M.Tech / MCA in Computer Science or Information Technology Must have a minimum of 2 to 6 years penetration testing, with a strong focus on cloud environments. In-depth understanding of cloud technologies (AWS, Azure, GCP) and their security implications. Proficiency in advanced penetration testing tools and techniques, such as Burp ,ZAP,Metasploit, Cobalt Strike, and PowerSploit. Experience with container technologies (Docker, Kubernetes) and serverless architectures. Strong scripting skills (Python, PowerShell) for automation and custom tool development. Experience with security orchestration, automation, and response (SOAR) platforms. Active security certifications such as OSCP, CSSLP or related is strongly desired . Ability to work well under minimal supervision. Requires strong interpersonal, organizational, written and verbal communication skills. What you need to bring: 4-8 years ofexperience Experience with threat hunting, red team assessments and intelligence gathering techniques. Knowledge of emerging security threats and vulnerabilities. Experience with cloud-native security controls and best practices. Strong understanding of cryptography and network protocols. Ability to think critically and creatively to identify and exploit vulnerabilities Additional Skills: Cloud Architectures, Cross Domain Knowledge, Design Thinking, Development Fundamentals, DevOps, Distributed Computing, Microservices Fluency, Full Stack Development, Release Management, Security-First Mindset, User Experience (UX) What We Can Offer You: Health Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Lets Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #aruba Job: Engineering Job Level: TCP_03 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity . Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Skills: Strong understanding of web application security and OWASP Top 10 Hands-on experience with VAPT and application security tools (e.g., Burp Suite Pro, Nessus, Acunetix) Proficient in writing technical reports and documentation Familiar with secure coding practices and patch management Experience with bug bounty programs and cybersecurity incident response Education: B.Tech / B.E. / BCA / BAC in Computer Science or IT Experience: 0-1 year in Vulnerability Assessment, Penetration Testing (VAPT), and Bug Bounty (professional experience preferred) Certifications: CEH or equivalent (preferred)

Roles : IoT/Embedded Security Engineer Location: Whitefield Bangalore Position Overview: We are seeking a highly skilled and motivated IoT / Embedded Security Engineer to join our team. The ideal candidate must have a strong background in IoT / embedded systems security, with a proven track record in identifying vulnerabilities and implementing robust security measures. Roles and Responsibilities: Conduct security assessments and risk analysis of embedded medical devices. Develop and implement security protocols and solutions for medical devices. Design and execute penetration testing and vulnerability assessments. Research and stay updated on emerging threats, vulnerabilities, and security trends in IoT and embedded systems. Collaborate with cross-functional teams to integrate security measures into the development lifecycle of products. Provide technical guidance and support to internal teams on security best practices. Participate in the design and architecture of secure IoT and embedded systems. Mandatory Skills: Bachelor's or Master's degree in Electrical Engineering, Computer Science or Electronic field. Proven experience (5 years) in IoT and embedded systems security. Strong knowledge of IoT protocols (e.g., UART, I2C, JTAG, MQTT, CoAP, HTTP) and embedded system architecture Experience with reverse engineering ARM/MIPS/x86 code architecture. Hands on with hardware attacks such as PCB reversing, Component identification,Side channel attacks,memory extraction methods. Knowledge of radio frequency (RF) protocols and related security implications such as BLE, WIFI, LoRa,DSP, SDR, etc. Understanding of industrial IoT (IIoT) security considerations. Experience with various hardware security assessment tools/frameworks. Familiarity with hardware security concepts such as secure boot, encryption, and secure firmware updates. Proficiency in programming languages commonly used in embedded systems (C/C++, Python). Proactive, problem-solver and the ability to work independently and within a team. Good to Have: Understanding of cryptographic algorithms and protocols. Knowledge of exploit development techniques, buffer overflows, and other memory corruption vulnerabilities applicable to embedded systems. Knowledge of secure coding practices and principles specific to embedded systems, including memory management and input validation. Familiarity with regulatory compliance and standards in IoT security. Any certification in IoT security, Embedded device security or similar, is a plus. Notice Period- Immediate Joiner to 15 Days Maximum Interested candidates kindly share your updated cv at sanchit@mounttalent.com

Job Title: Senior Security Specialist - Physical Security Assignment Manager Location: Bengaluru, Hyderabad, Pune Vacancies: 9 (3 per location) Salary: 50,000 to 55,000 (Based on interview performance) About the Role G4S Security Solutions is seeking experienced and dynamic Senior Security Specialists to lead security operations for corporate offices. The role requires a proactive and strategic approach to maintaining safety, ensuring compliance, and enhancing operational security across assigned locations. The position is integral to creating a secure work environment, managing incidents, and ensuring seamless operations in collaboration with internal and external stakeholders. Key Responsibilities 1. Security Operations Management Supervise and manage security shifts to ensure smooth operations and adherence to protocols.Provide leadership and guidance to security teams during routine duties and emergencies.Oversee compliance with security protocols for employees, contractors, and visitors. 2. Incident Management and Reporting Act as the first responder for security and safety incidents, ensuring swift and effective actions.Investigate incidents, prepare detailed reports, and coordinate follow-up measures with Site Security Managers.Maintain accurate records of incidents, audits, and risk assessments. 3. Risk Assessment and Mitigation Conduct regular security audits and vulnerability assessments to identify risks.Develop and implement mitigation strategies to address identified threats.Perform penetration testing and preventive checks to ensure system robustness. 4. Policy Implementation and Compliance Design and implement physical security strategies aligned with organizational objectives.Ensure compliance with local, state, and federal regulations.Collaborate with HR and legal teams to align security practices with company policies. 5. Team Leadership and Training Lead and mentor junior team members to foster a culture of continuous improvement.Organize and conduct training sessions on emergency preparedness, crisis management, and best practices in security. 6. Technology Integration and Oversight Leverage advanced technologies like biometric systems, surveillance tools, and cybersecurity measures to enhance security operations.Work closely with IT teams to ensure physical and digital security integration. 7. Emergency Preparedness and Crisis Management Oversee emergency drills and ensure all personnel are trained in evacuation and crisis management protocols.Develop and test comprehensive emergency response plans for various scenarios. 8. Vendor and Budget Management Evaluate and manage relationships with security vendors and service providers.Prepare and monitor budgets for security operations, ensuring cost-effective solutions. 9. Executive and Event Security Develop security protocols for executive travel and high-profile events.Coordinate logistics and manage security during sensitive situations. Candidate Profile Education Bachelor’s degree (preferably in Security Management, Criminal Justice, or related fields).Advanced certifications such as CPP (Certified Protection Professional) or PSP (Physical Security Professional) are highly preferred. Experience 8+ years of experience in corporate security, with 3-5 years in a supervisory role. Skills and Attributes Strong leadership, decision-making, and team management abilities.Expertise in security systems, incident management platforms, and workplace safety standards.Excellent verbal and written communication skills for reporting and stakeholder engagement.Analytical mindset to evaluate threats and implement preventive measures.Physically fit and able to respond to emergencies effectively. Language Requirements Fluency in English, Hindi, and local languages based on deployment (e.g., Kannada for Bengaluru). What We Offer Weekly offProvident FundMedical InsuranceGratuityLeave wages and bonus (as per company policy) Application Process Submit an updated resume via WhatsApp (include date of birth, height, and weight).Resume screening followed by a telephonic interview.Attend an in-person interview at the duty location if shortlisted.Receive an offer letter and undergo training at the G4S Training Center. Contact Information Contact Person: Abhay MulikMobile: +91 9972877452WhatsApp: +91 9113627282Email: abhay.mulik@in.g4s.com

Join Strategy s IT Security group as an Application Security Engineer and play a crucial role in safeguarding Strategy s software applications while using modern security and AI tooling. In this position, you will be responsible for integrating security practices throughout the software development lifecycle, ensuring that our software products are resilient against vulnerabilities. Secure SDLC Integration: Work closely with development teams to integrate security into the SDLC, including threat modeling, secure code reviews, and security testing . Vulnerability Management: Identify, triage, and remediate security vulnerabilities through static and dynamic application security testing (SAST/DAST) and software composition analysis (SCA ) tools. Security Assessments Penetration Testing: Conduct manual and automated penetration testing of web, mobile, and cloud applications to detect security flaws. Secure Code Review: Analyze source code and provide security recommendations to developers to ensure adherence to secure coding best practices. Threat Modeling Risk Analysis: Perform threat modeling to anticipate potential attack vectors and improve security architecture. DevSecOps Enablement: Support and enhance DevSecOps initiatives by integrating security automation within CI/CD pipelines. Incident Response Remediation: Assist in investigating security incidents related to applications and work with engineering teams to remediate threats. Security Awareness Training: Educate and mentor developers on OWASP Top 10, SANS 25, and other security best practices . Job Location Application Security Engineer Pune, India Full-time in person from Strategy Office Bachelor s degree in Computer Science, Engineering, or related field Minimum 2 years of software development or software security experience in an agile environment Hands-on experi

Job Description Join Strategy s IT Security group as an Application Security Engineer and play a crucial role in safeguarding Strategy s software applications while using modern security and AI tooling. In this position, you will be responsible for integrating security practices throughout the software development lifecycle, ensuring that our software products are resilient against vulnerabilities. Secure SDLC Integration: Work closely with development teams to integrate security into the SDLC, including threat modeling, secure code reviews, and security testing . Vulnerability Management: Identify, triage, and remediate security vulnerabilities through static and dynamic application security testing (SAST/DAST) and software composition analysis (SCA ) tools. Security Assessments Penetration Testing: Conduct manual and automated penetration testing of web, mobile, and cloud applications to detect security flaws. Secure Code Review: Analyze source code and provide security recommendations to developers to ensure adherence to secure coding best practices. Threat Modeling Risk Analysis: Perform threat modeling to anticipate potential attack vectors and improve security architecture. DevSecOps Enablement: Support and enhance DevSecOps initiatives by integrating security automation within CI/CD pipelines. Incident Response Remediation: Assist in investigating security incidents related to applications and work with engineering teams to remediate threats. Security Awareness Training: Educate and mentor developers on OWASP Top 10, SANS 25, and other security best practices . Job Location Application Security Engineer Pune, India Full-time in person from Strategy Office Qualifications Bachelor s degree in Computer Science, Engineering, or related field Minimum 2 years of software development or software security experience in an agile environment

Techgen Cyber Solution Pvt. Ltd. is offering an exciting Cybersecurity Internship for aspiring professionals eager to gain hands-on experience in the world of ethical hacking, system hardening, and threat analysis. This internship is ideal for students or recent graduates looking to kickstart their career in cybersecurity under the mentorship of industry experts. Key Responsibilities Assist in conducting vulnerability assessments and penetration testing. Monitor and report suspicious network activity under supervision. Support in securing web applications, APIs, and backend infrastructure. Research and stay updated with the latest cyber threats and tools. Help draft basic security reports and recommendations. Learn and follow company protocols for threat detection and response. Requirements Basic knowledge of cybersecurity principles and concepts. Understanding of networks, firewalls, and operating systems (Windows/Linux). Familiarity with tools like Wireshark, Burp Suite, Nmap, or Kali Linux. Awareness of OWASP Top 10 vulnerabilities. Strong willingness to learn and adapt quickly. Preferred Qualifications Pursuing or recently completed a degree in Cybersecurity, IT, or related field. Certifications like CEH, CompTIA Security+, or any online course completion is a plus. Good communication skills and ability to document findings clearly. Job Category: Cyber Security Job Type: Job Location: Apply for this position Allowed Type(s): .pdf, .doc, .docx By using this form you agree with the storage and handling of your data by this website. *

YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation. At YASH, we re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth - bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future. We are looking forward to hire Cyber Security Professionals in the following areas : Job Description: Experience required - 5+ years Security Defect Management - Analyzing, validating, communicating, and consulting on security defects identified by both automated and manual sources such as CodeQL, Rapid7 Web Application Security, penetration testing, bug bounty, etc. In other words, our security engineers are partners to software engineers who require accurate information on why a vulnerability exists and what they can do about it. Engineering Consulting - Serving as a best friend to software engineers, architects, product owners, and leaders, provide contextually-aware guidance to help these groups make good decisions when implementing new features and remediating existing issues. Tool Enablement - Enabling and monitoring automated defect detection tooling (CodeQL, Rapid7, etc.) at the repository or application level according to established process. Security Test Onboarding Management - Collecting and communicating required scope and access information for penetration testing and security assurance assessments, as well as handling the output of these assessments via our Defect Management Process. Maturity Measurement - Consulting with software engineers on practices which will improve their application s security maturity according to scorecards and maturity models established by Cat Digital. Correction of Error - Authoring, in close partnership with software engineers, correction of error reports which help engineers and architects across Cat Digital avoid similar mistakes in their own applications. Basic Qualifications Two of three: 5+ years of experience as a software engineer (in any language or framework) or software engineering manager 5+ years of experience as a software development-focused cybersecurity professional 5+ years of experience working on a major cloud platform (AWS, Azure, GCP, or Salesforce) as a software engineer, cloud/DevOps engineer, security engineer, or architect. As well as: Experience analyzing and remediating security findings from automated and manual sources such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), penetration testing, Software Composition Analysis (SCA), etc. Experience leveraging one or more of the following resources to support secure coding and decision-making: OWASP Top 10 MITRE Common Weakness Enumeration (CWE) Top 25 OWASP Application Security Verification Standard (ASVS) Other industry-standard best practice guides or frameworks Experience building or supporting web applications and API s including Single Page Applications (SPA) and RESTful API s. Proficiency in one or more programming languages. Candidates must also demonstrate the following attributes: Decision-Making Ability - Our engineers make sound, justifiable, customer-first decisions to determine which security issues to raise to software engineers/leaders and support work prioritization decisions. Strong Communication - Our engineers relate complex technical concepts to non-technical audiences and technical audiences without a security background. Additionally, the Cat Digital team spans the globe, and our engineers must collaborate effectively with engineers from a number of locations and cultural backgrounds. Active Participation - Software engineering is not a spectator sport . The input and experience our engineers bring to the table are valued and should be shared freely. Similarly, engineers are relied upon to complete complex assignments at a high level of quality with limited supervision. At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale. Our Hyperlearning workplace is grounded upon four principles Flexible work arrangements, Free spirit, and emotional positivity Agile self-determination, trust, transparency, and open collaboration All Support needed for the realization of business goals, Stable employment with a great atmosphere and ethical corporate culture

Responsibilities Hands-on knowledge of Security testing methodologies like OWASP Top 10, SANS 25 etc., Ability to perform automated and manual hands-on penetration security testing e.g. DAST, SAST and SCA, identifying security risks within applications, cloud infrastructure, security controls and Network systems. Experience with penetration testing tools (e.g. Burp) Extensive knowledge of attack payloads for discovering security vulnerabilities Plan, execute, and report on all testing activities and outcomes Create findings reports and communicate to stakeholders Must possess at least 5 years of experience in delivering VAPT in Web(Thin and Thick Client), Mobile and APIs Should have good and effective communication skills in English. (Oral and written) Additional Responsibilities: The successful candidate must be highly motivated, fast learner, flexible, willing to assume responsibility and deliver quality work on time Constantly identify opportunities for enhancing productivity using automation and process improvements. Exposure to scripting languages(e.g. Shell) Knowledge on DevSecOps Technical and Professional Requirements: Any certifications CEH(Mandatory), OSCP, CCSP Preferred Skills: Technology->Security Testing->Security Testing - ALL Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering

We are looking for a skilled and motivated Penetration Tester to join our DART (Detection and Response Team) and help deliver high-impact Penetration Testing as a Service (PTaaS) engagements to our global clients. This is a hands-on role focused on continuous testing, real-world simulations, and providing actionable insights using industry-leading tools like Metasploit Pro and CIS-CAT Pro. Youll be part of a CREST-aligned team helping financial institutions, government bodies, and mid-market clients secure their infrastructure, web applications, cloud platforms, and internal networks. Key Responsibilities Perform internal and external network penetration testing Conduct web application and API testing using OWASP and custom test cases Simulate real-world attack vectors including privilege escalation and lateral movement Execute configuration audits using CIS-CAT Pro for hardening validation Design and run automated and manual exploit campaigns using Metasploit Pro Prepare detailed reports with technical findings, business risk, and remediation guidance Participate in client scoping sessions and debriefs Collaborate with the development and infrastructure teams to validate remediations Contribute to continuous improvements of our PTaaS platform and methodology What Were Looking For 36 years in penetration testing, red teaming, or offensive security Strong knowledge of security testing methodologies (OWASP, PTES, MITRE ATT&CK) Hands-on experience with Metasploit Pro, Burp Suite, CIS-CAT Pro, or similar tools Certifications preferred : OSCP, CREST CRT, CRTO, or equivalent Preferred candidate profile Familiarity with cloud security (Azure, AWS, M365) and Active Directory attacks Strong report writing and client communication skills

Role & responsibilities Application Penetration testing Knowledge OWASP Vulnerabilities Experience with Secure Source Code Review using tools like Snyk , Checkmarx Experience with DAST tools like BrightSec Preferably having Development background and understanding of Multiple Coding language for Vulns eg .Net , Java, Python etc

Hi We have the below opening with one of our prestigious client. If you are interested and willing to explore opportunity, Please shared your CV to vivitha.d@randstad,in Exp: 3+ Years Location: Bangalore Mode of work: 5 Days Work from office Shift time- 5:30 am or 7:30 am ( 9 Hours) Need only OSCP Certified candidates Role Description Responsibilities: Oversee and conduct tests for system vulnerabilities, such as: SOE Security Assessments Source Code Review Security Risk (ISO27k) & Privacy Impact (APP) Assessments NCSC Cyber Essentials Plus Assessments Red Team Attack Simulations Firewall and Password Audits Vulnerability Assessments (Internal, External, Web Application, and Database) Penetration Testing (Internal, External, Web Application, Database, Mobile, and Wireless) Provide complex technical advice, recommendations, and consultancy on networks, products, and services supplied to our managed service customers Compiling and presenting reports on the test results. Lead the design, implementation, operation, and maintenance of security management systems. Support internal security initiatives or mentoring junior team members Role Description Requirements: Minimum 3 years experience as a security consultant or penetration tester An existing penetration testing certification, such as OSCP, OSCE, or CREST is mandatory Experience delivering at least 6 of the different types of engagements listed above Extensive knowledge and experience within the IT Security industry Knowledge of a range of consulting and security vendor solution offerings Nice-to-have: Defence Force experience is desirable Hold a current active security clearance (NV-1 or NV-2) is desirable

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Primary Skills : Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cybersecurity, Security Configuration Review, Source Code Review Job Description: 4 to 6 years of experience conducting Application Security assessments Experienced in conducting Manual and Automated DAST for Web, API & Thick client covering OWASP Top 10 Experienced in conducting Manual code review Experienced in Mobile VAPT (Both static and Dynamic) Knowledge of Infra VAPT or at least VA and configuration review Knowledge in Container / Docker security / Cloud Audit is a plus Certifications suck as CEH, CRTP, OSCP is preferred Good communication skills, ability to explain vulnerabilities to business users in simple terms. Notice: Immediate to 15 days Location: ENBD Bangalore or ENBD Chennai or Dubai Location: Bangalore/Chennai/Dubai Experience: 4-6 Years Thanks & Regards, Ankita Ghosh

Job Title : Cybersecurity Test Engineer About the Role : Looking for Cybersecurity Test Engineer who will be working closely with Hardware, Software and Systems engineering teams to deliver the next generation of Automotive SOC's. Ideal candidate is someone who has strong knowledge and hands on experience with Cybersecurity ISO 21434 standards. He/she should be able to Validate Cybersecurity features for Automotive SOC's and its applications. Responsibilities : - Perform penetration testing of SoC Automotive products. - Establish the Security goals and requirements. - Verification strategies in compliance with ISO 21434. - Develop test specifications, test cases, and test plans for security vulnerability testing. - Scan vulnerabilities with regards to CVSS levels and patch fixing from NIST database. - Perform code-level fuzz testing using open source tools. - Support documentation of test results and collaborate with the development team. - Participate in automating test process within CI/CD environments. - Setup and maintain traceability in compliance with Automotive SPICE requirements. - Experience in tools like OpenVAS, Nmap , wireshark, penetration testing for embedded systems. - Experience in Automotive domain is a must. - Practical experience performing TARA, security concepts and other Cybersecurity Artefacts mentioned in IS021434.

Sales Specialist Meet the Team Indian enterprise sector is going through huge digital transformation. Areas like Cloud adaption, Sophisticated Analytics, AI, IOT, Block chain & Robotic Process Automation, Information Security are key building block towards this transformation. You would be responsible for Building Cisco Security Business pipeline & achieve the Security Annual targets in the large enterprise segment Your Impact Lead Large Customer Engagement with CISO level conversation within Ciscos top enterprises and conglomerate. Support Sales Account Management (AMs) as Cyber Security Sales Specialist in large sophisticated projects (comprising of Zero Trust Architecture, Securing cloud work loads, transforming SOC, Micro segmentation and others) Understand the client/sector requirements and Map Cisco Security products & Services & Build Solution Stack for Sales Account Managers Understand NIST, CERTIN guidelines, mitre att&ck framework, OT Security. Good understanding of Cisco Security products. Well engaged with Tier-1 & Tier-2 SI Drive Cisco Security product sales within commercial segment in Manufacturing, PSU, ITeS, Digital Native and Pharma Who You'll Work With GSSO SE team Account Manager Product Engineering BU across vertical Regional SE Team Regional Channel Team Minimum Qualifications 8-10 Years of experience in Security OEM / Service Provider Environment in managing Sales/ Pre-Sales/Product Management function Good understanding of business scenarios with solution expertise to formulate a realistic and executable strategy for Security adoption among enterprises. Possess blend of technology expertise across various cyber security vendors, enterprise networks, datacenter, cloud networking and Information systems security. Good connects with Cybersecurity decision makers in enterprises

Project description Security is a global organization within Group Technology Infrastructure and Security Engineering. Our services focus on preventing and detecting cyber threats and securing our IT systems. We provide consolidated and reliable security services that implement secure design principles and create best-fit solutions. You will be working in the Cyber Technology service team, providing security products and services for the Cyber Hygiene space - specifically for Infrastructure Scanning and vulnerability assessment. We provide consolidated and reliable security hygiene controls to our clients using the latest technology. As a Cyber Security Engineer, you will play a vital role in creating Infrastructure Scanning and Security Remediation capabilities, determining required IT business solutions, and assisting in implementing them. We offer flexibility in the workplace and equal opportunities to all our team members. Responsibilities Perform vulnerability scanning to discover and analyze vulnerabilities and characterize risks to networks, OS, application, databases etc. (to meet scan coverage targets) Stakeholder engagement to recommend appropriate remedial actions to mitigate risks and validate remedial actions and ensure compliance with regulatory requirements. Perform vulnerability management system administration functions, as required Maintain proficiency in vulnerability management best practices Onboarding new attack surface to vulnerability scanning process Documentation management and continuous service improvement Skills Must have - 5-10 years relevant experience Degree in related discipline or qualified by experience Well-developed oral and written English communication skills Team player with ability to work collaboratively with others and aptitude for self-development Experience using commercial vulnerability scanning solutions such as Rapid7, Qualys, Tenable etc. Expertise with administration of networks, windows and or Linux operating systems An understanding of IT Security Risk, attack vector Nice to have N/A Other Languages EnglishC1 Advanced Seniority Regular

As SIEM Analyst, you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation. If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here. * Responsible for security researcher to provide insight and understanding of new and existing information security threats * Responsible to participate in recommending improvements to SOC security process, procedures, policies, security incident management and vulnerability management processes * You will be involved in evaluating, recommending, implementing, and solving problems related to security solutions and evaluating IT security of the new IT Infrastructure systems * Keep yourself up-to-date with emerging security threats including applicable regulatory security requirements * Work in a 24x7 Security Operation Centre (SOC) environment Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * Minimum 2+ years’ experience in SIEM. * Proven expertise in handling the daily monitoring of Information Security events on the QRadar / ArcSight / Splunk console platform * Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone), based on the security event severity to handle the service support teams, tier2 information security specialists * Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach. Preferred technical and professional experience * Preferred OEM Certified SOAR specialist + CEH * Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work * Intuitive individual with an ability to manage change and proven time management * Proven interpersonal skills while contributing to team effort by accomplishing related results as needed * Up-to-date technical knowledge by attending educational workshops, reviewing publications

As an Associate Developer at IBM, you'll work with clients to co-create solutions to major real-world challenges by using best practice technologies, tools, techniques, and products to translate system requirements into the design and development of customized systems. In your role, you will be responsible for: Your primary responsibilities include: Working on the end to end feature development and solving challenges faced in the implementation. Collaborate with key stakeholders, internal and external, to understand the problems, issues with the product and features and solve the issues as per SLAs defined. Being eager to learn new technologies and implementing the same in feature development Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Hands on extensive experience on RPG language on AS/400 System I and have worked on Production system and Application Development. 3+ years of relevant experience working on mainframes. Should have technical expertise/hands on - Assembler, COBOL, JCL, CICS, VSAM, Inter-test, Fault Analyser, File-Manager, Control-M/Any other Scheduler etc. Should have expertise working on JIRA/Confluence/SharePoint/Any Change management tool (Remedy/Myservice/Service now etc.) Message Types and Transaction flows Preferred technical and professional experience Processing between Acquirers, Issuer & Acquiring gateways etc. Interact with different stake holders , gather and articulate the . Good communications skills to deal with the clients directly and set up calls to bring the Business and Delivery inline

Job Title: Client Data Protection Opportunity Support (CDPOS) Specialist + Level 09/10 + CF Location: India Management Level: 09 Specialist/10 Senior Analyst Must have skill :Information Security process and procedures As part of the CDPOS Client Response team, the CDPOS RFP Specialist is primarily responsible for supporting Accenture business development teams to respond to a) client Information Security (IS) and Vendor questionnaires (which are commonly issued as part of Request for Proposal (RFP) process), b) reviewing client Information Security policies / standards, c) completing client Risk Management market surveys, and d) supporting IS and DP conversations with both Client and Accenture Account teams. The role sits within the pre-contract, business development space interfacing with multiple stakeholders common to the contract development process (Solution Architects, Legal, Contract Management and Security leads). The Specialist will act as an Information Security Subject Matter Expert who will support multiple Accenture business development teams (operating across multiple countries) to respond to client information security and data privacy requests related to Accenture IS policies / standards / processes and recognized security frameworks. Key Responsibilities: Respond to client security questionnaires and management market surveys Liaise with account business development team, IT and technical teams to understand specific client security requirements set out in security questionnaire / market survey and determine appropriate responses that meet both client technical requirements and Accenture Information Security standards. Agree a project schedule to respond to requirements and communicate progress with key stakeholders. Perform quality checks on final information security submission Participate in client meetings focused on Information Security controls (if required) Establish and maintain effective working relationships across multiple stakeholders who interact with the Accenture business development process - account management, business development, technical / solution leads, Information Security, Legal and Finance representatives Contribute to the creation of high-quality and reusable IS solutions by updating the CDPOS RFP database with new information security related proposal data (new product release documents / new responses created / changes to Accenture IS Standards & Policies and other Accenture wide developments) Continually build own knowledge on the features of Accenture products, IS practice, services and commonly used IT concepts to respond to client and account questions that are technical in nature Skills and Experience: Possess an understanding and awareness of typical information security framework and common information security standards Demonstrate working knowledge of the Accenture business development process (with practical experience working with stakeholders in the process being an advantage) Be comfortable challenging account executives who are most commonly above peer group - influencing executive decisions and addressing conflicts and challenges Developed an appreciation of Information security best practices, auditing, and overall risk management Possess strong organizational skills with the ability to handle multiple work activities under tight, short-term deadlines (whilst meeting account and qualitative expectations) Demonstrate effective prioritization and time management capability Achieved work experience assessing and implementing information security and data protection controls Strong relationship development skills with an ability to influence and interact with organizational leadership and account executive across multiple countries Preferably hold at least one recognized security certification such as ISO 27001 LA, CISSP, CISA, CISM or CRISC Demonstrate good verbal and written communication skills Possess a good knowledge of MS Office applications (Excel, Word, Power Point) About Our Company | AccentureQualification Good to have skill: Overview on ITIL Experience: Minimum of 1yr