694 Penetration Testing Jobs - Page 2

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills.- Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Good To Have Skills: Experience with SailPoint IdentityNow.- Strong understanding of cloud security principles and best practices.- Experience in designing and implementing security frameworks.- Familiarity with compliance standards such as ISO 27001 and NIST. Additional Information:- The candidate should have minimum 5 years of experience in SailPoint IdentityIQ.- This position is based at our Jaipur office.- A 15 years full time education is required. Qualification 15 years full time education

Job_Description":" About Us SecurityBoat is a cybersecurity consulting firm that specializes in offensive security services such as penetration testing, red teaming, cloud security assessments, and secure SDLC implementation. Our mission is to help organizations identify, understand, and fix security vulnerabilities proactively, thereby building long-term resilience. Alongside our service offerings, we are proud to have built and nurtured the SecurityBoat Community one of Indiafastest-growing cybersecurity communities with 5000+ members, including researchers, professionals, and students. The community is focused on knowledge sharing, peer learning, and elevating the collective cybersecurity mindset through meetups, panel discussions, technical sessions, and open conversations. We are now looking for a Community Manager who will take ownership of this growing ecosystem and lead it into its next stage of impact and scale. Job Brief We are seeking a passionate and strategic Community Manager to take full ownership of SecurityBoatcommunity initiatives. This is a leadership role where you will be responsible for growing, engaging, and managing the entire SecurityBoat Community both online and offline. From organizing events and driving engagement to collaborating with industry experts and creating valuable content, you will be the face of the community, working closely with internal teams and external partners to turn the SecurityBoat Community into the go-to cybersecurity hub in the country. Key Responsibilities Lead, grow, and manage the entire SecurityBoat Community initiative end-to-end. Develop and implement a community growth strategy aligned with SecurityBoatbroader goals. Plan, host, and scale recurring events such as monthly meetups, panel discussions, webinars, AMAs, and workshops. Build and manage relationships with community contributors, speakers, ambassadors, and partner organizations. Manage community platforms (e.g., LinkedIn, Discord, Slack, Telegram) and ensure high member engagement and responsiveness. Maintain and execute a content and engagement calendar including newsletters, updates, community stories, and event recaps. Collect and analyze community feedback and engagement metrics to improve the experience continuously. Coordinate with the SecurityBoat team to align community messaging with product updates, services, and company milestones. Requirements 2-4 years of experience in community building, ecosystem development, or program management. Strong ownership mindset with proven ability to grow and engage a tech-focused community. Excellent communication, relationship-building, and public-facing skills. Strong project management capabilities; ability to handle multiple initiatives in parallel. Proficiency with tools such as Notion, Discord, LinkedIn, Canva, and newsletter/email tools. Passion for cybersecurity, tech learning, and empowering communities. Prior experience in a cybersecurity company or developer community. Familiarity with community metrics and performance tracking tools. Experience running ambassador or advocacy programs. Benefits Competitive compensation and long-term growth potential. A chance to lead one of Indiamost impactful cybersecurity communities. Work directly with the founders and senior cybersecurity professionals. Freedom to experiment, innovate, and build your own legacy within the community. Flexible work environment and collaborative team culture. ","

We are looking for a Penetration Tester to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Primary Roles and Responsibilities: Lead security assessments of applications and solutions deployed on IBM z/OS-based environments. Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems.. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure youre set up for success, you will bring the following skillset & experience: 6+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to senior stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes.

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Preferred candidate profile : Breach & Attack Simulation, Cloud Security Assessment & Red Teaming Location : Bangalore Immediate joiner to 15 days only Role & responsibilities Penetration Testing, Manual Penetration Testing using OWASP checklists,OWASP Top 10,OWASP ZAP,Static/dynamic testing of mobile applications,Vulnerability Assessment,Cyber Resilience,Cyber Security Assessment & Consulting, Cybersecurity Thanks and regards, Ankita

Seeking a skilled Vendor Assessment and Penetration Tester to join our Cyber Security team. The individual in this role will be responsible for evaluating the overall security posture of third-party vendors, conducting penetration tests on external systems, applications, and services, and ensuring compliance with security standards KEY RESPONSIBILITIES 1. Representative from Security across the organization for performing Risk Assessments for any new projects from IT/Infrastructure/Security point of view. 2. Work with the AppSec team for the Vulnerability Assessment and Penetration Testing on Web Applications, APIs, Mobile Apps and Cloud Environment. Also ensure Application Source Code is scanned as per Security Best Practices. 3. Work along with the Server & Application team for Vulnerability & Configuration Assessment, Firewall Rule Review and Baseline Standards review. 4. Work Along with endpoint and server team for Freeware and License Softwares/applications assessment and installation. 5. Collaborate with the Development Team, IT and Business Stakeholders for tracking, remediation of the open issues and bring to closure. 6. Ensure adherence to Compliance Standards such as ISO 27001, NIST, OWASP, etc. 7. Provide technical guidance and mentor ship to VAPT team. 8. Review the Security Assessment Reports, escalate and follow up with stakeholders for mitigation. 9. Understand the organizations infrastructure and perform deep dive analysis of the processes, tools & technologies and identify the associated risks. 10. Document the risks and associated controls in place (risk register). 11. Knowledge on Attack Surface Management, Breach Attack Simulation & Bitsight Monitoring. 12. Knowledge of WAF with OWASP Top 10 vulnerabilities and Virtual Patching for reducing the Risk Exposure. 13. Hands on experience on Security Tools such as Tenable Security SC, Nessus, Qualys VMDR etc. 14. Assist in other BAU activities based on the feasibility. 15. Manage Vendor Relationship and security assessments for third party applications. 16. Stay updated with emergency cybersecurity threats, exploits and security trends to enhance the security posture. MANDATORY SKILLS REQUIRED 1. Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience). 2. Proven experience in performing penetration tests and security assessments, with a strong understanding of common attack vectors. 3. Strong knowledge of web application security, network security, and common vulnerabilities (e.g., OWASP Top 10). 4. Hands-on experience with penetration testing tools (e.g., Burp Suite, Kali Linux, Metasploit, Nmap, etc.). 5. Familiarity with risk management frameworks (e.g., NIST, ISO 27001, CIS). 6. Familiar with Web Application Firewall, Incident troubleshooting and Virtual Patching. 7. Knowledge of vendor risk management processes and frameworks. 8. Understanding of cloud security, network infrastructure, and security compliance regulations. 9. Ability to analyze complex security issues and clearly communicate them to non-technical stakeholders. 10. Certifications such as OSCP, CEH, CISSP, or similar are a plus.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : One Identity Manager Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to identify potential vulnerabilities and recommend improvements.- Collaborate with cross-functional teams to ensure alignment of security practices with business objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in One Identity Manager.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR.- Ability to analyze security incidents and develop effective response strategies. Additional Information:- The candidate should have minimum 3 years of experience in One Identity Manager.- This position is based at our Jaipur office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Application Developer Project Role Description : Design, build and configure applications to meet business process and application requirements. Must have skills : Python (Programming Language) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Application Developer, you will be responsible for designing, building, and configuring applications to meet business process and application requirements. Your typical day will involve collaborating with teams to develop innovative solutions and ensure seamless application functionality. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead the application development process- Conduct code reviews and ensure coding standards are met- Implement best practices for application security Professional & Technical Skills: - Must To Have Skills: Proficiency in Python (Programming Language)- Strong understanding of software development lifecycle- Experience with database management systems- Knowledge of cloud computing platforms- Hands-on experience with application testing methodologies Additional Information:- The candidate should have a minimum of 5 years of experience in Python (Programming Language)- This position is based at our Hyderabad office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Palo Alto Networks Prisma Access Secure Access Service Edge (SASE) Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills.- Monitor and evaluate the effectiveness of implemented security measures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- Strong understanding of cloud security principles and frameworks.- Experience with security architecture design and implementation.- Knowledge of compliance standards such as ISO 27001, NIST, or GDPR.- Familiarity with risk assessment methodologies and tools. Additional Information:- The candidate should have minimum 12 years of experience in Palo Alto Networks Prisma Access Secure Access Service Edge (SASE).- This position is based at our Chennai office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityIQ Good to have skills : SailPoint IdentityNowMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Additionally, you will assess and refine security protocols to adapt to evolving threats and compliance requirements, contributing to a secure and resilient cloud infrastructure. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security practices.- Conduct regular assessments of cloud security measures to identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Good To Have Skills: Experience with SailPoint IdentityNow.- Strong understanding of cloud security frameworks and best practices.- Experience in risk assessment and management related to cloud environments.- Familiarity with compliance standards and regulations relevant to cloud security. Additional Information:- The candidate should have minimum 12 years of experience in SailPoint IdentityIQ.- This position is based at our Kolkata office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 3 year(s) of experience is required Educational Qualification : BE or MCA or MSc with Good Computer Science Background with good academic record. Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work-related problems.- Develop and implement security architecture solutions.- Conduct security assessments and define security requirements.- Collaborate with cross-functional teams to ensure security measures are integrated.- Stay updated on the latest security trends and technologies.- Provide guidance and mentorship to junior security professionals. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles.- Experience in implementing security controls in cloud environments.- Knowledge of identity and access management concepts.- Hands-on experience with security tools and technologies.- Good To Have Skills: Experience with cloud security certifications. Additional Information:- The candidate should have a minimum of 3 years of experience in SailPoint IdentityNow.- This position is based at our Chennai office.- A BE or MCA or MSc with Good Computer Science Background with good academic record is required. Qualification BE or MCA or MSc with Good Computer Science Background with good academic record.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Oracle Advanced Access Controls Good to have skills : Oracle Governance Risk and Compliance (GRC), Oracle SecurityMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary As an Oracle Security Manager, you will work with our clients in defining their Fusion FIN / HCM / SCM security posture by creating custom roles as required.Work on RMC cloud - AAC, AFC, FRC as required. Roles & Responsibilities:-Manage a team of Cloud Security Administrators, ensuring they have the resources, training, and support needed to excel. -Partner with key stakeholders across the organization to understand and address security risks and compliance requirements. -Develop and implement comprehensive incident response plans and procedures. -Drive continuous improvement of the security program through regular audits, assessments, and risk management practices. Professional & Technical Skills: - Must Have Skills: Proficiency in Oracle Security in FIN / HCM / SCM.- Strong knowledge of Oracle ERP architecture, with hands-on experience in role customization.- String knowledge of RMC modules of AAC, AFC & FRC.- Solid experience in design discussions, creating design documents, and performing unit testing- Ability to troubleshoot and resolve technical issues within the team and in collaboration with Oracle support.- Proficiency in Segregation of Duties (SOD) and custom role creation, maintenance- Familiarity with identity governance processes, role management, and security protocols is essential. Experience in troubleshooting and optimizing complex systems is a must.- Detail-oriented, strong problem-solving abilities, excellent collaboration and communication skills, proactive, and able to work effectively in team-oriented environments. Focused on delivering projects on time and to specification. Additional Information:- The candidate should have a minimum of 7 years of experience in Oracle Security & RMC. Overall IT work experience should be 12 years or above- A 15 years full time education is required.- Bachelors degree in Computer Science, Information Technology, or a related field. Oracle RMC Certifications are a plus. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Develop and implement security policies and procedures- Conduct security assessments and audits- Stay updated on the latest security trends and technologies Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow- Good To Have Skills: Experience with SailPoint IdentityIQ- Strong understanding of identity and access management- Knowledge of cloud security best practices- Experience in designing and implementing security solutions- Ability to communicate complex security concepts to non-technical stakeholders Additional Information:- The candidate should have a minimum of 5 years of experience in SailPoint IdentityNow- This position is based at our Bengaluru office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME- Collaborate and manage the team to perform- Responsible for team decisions- Engage with multiple teams and contribute on key decisions- Provide solutions to problems for their immediate team and across multiple teams- Lead security assessments and provide recommendations- Develop security architecture standards and guidelines- Conduct security reviews and audits Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow- Strong understanding of cloud security principles- Experience with security architecture design- Knowledge of identity and access management- Hands-on experience with security tools and technologies- Ability to communicate complex security concepts to non-technical stakeholders Additional Information:- The candidate should have a minimum of 5 years of experience in SailPoint IdentityNow- This position is based at our Noida office- A 15 years full time education is required Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. You will also document the implementation of the cloud security controls and transition to cloud security-managed operations. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Develop and implement security solutions for cloud environments.- Conduct security assessments and audits to identify vulnerabilities.- Provide guidance on security best practices and compliance requirements. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles.- Experience with security architecture design and implementation.- Knowledge of security technologies and tools.- Hands-on experience with security assessments and audits. Additional Information:- The candidate should have a minimum of 12 years of experience in SailPoint IdentityNow.- This position is based at our Pune office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture DesignMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem. Roles & Responsibilities:Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements.Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity.Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces.Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle.Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular).Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules.Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification.Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning.Lead red team exercises and security reviews in coordination with product security and development teams.Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262.Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements. Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis.Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces.Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular.In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications.Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments.Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434.Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards.Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering.Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment.Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams.Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information:7+ years experience implementing and performing Automotive CybersecurityThis position is based at our Bengaluru officeA 15-year full time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Job Description: We are seeking a highly skilled and experienced Cyber Defense Incident Responder to join our team. The ideal candidate will have over 12 years of extensive experience in the field of cyber security, possessing a strong background in identifying, analyzing, and responding to cyber threats and incidents. Mandatory requirements: Certification Combination: The candidate should hold one of the following certification combinations: OSCP (Offensive Security Certified Professional) and CISSP (Certified Information Systems Security Professional) CEH (Certified Ethical Hacker) and CISSP (Certified Information Systems Security Professional) Vulnerability Assessment and Penetration Testing (VAPT): Proficiency in conducting comprehensive VAPT assessments to identify vulnerabilities and weaknesses within information systems. Application Security: A deep understanding of application security, including the ability to assess, secure, and monitor applications for potential threats and vulnerabilities. Network Architecture: In-depth knowledge of network architecture, protocols, and security measures to effectively safeguard network infrastructure. India Centric Pre-Sales Experience: The candidate should have experience in client interaction, proposal building, and crafting complex security solutions tailored to the Indian market. India Centric Project Delivery Experience: Proven track record in successfully delivering cybersecurity projects for Indian clients. Team Management: Demonstrated expertise in managing large teams involved in incident response and cybersecurity operations. Additional Information: Not Looking for SOC Candidates: This position is not suited for candidates primarily focused on Security Operations Center (SOC) roles. The company is seeking a specialized incident responder. No GCC Candidates: The organization is not considering candidates from the Global Capability Center (GCC) background. If you meet the mandatory requirements and have a passion for proactively defending against cyber threats, we encourage you to apply for this challenging and rewarding role. Apply for this position Full Name * Email * Phone * Cover Letter * Upload CV/Resume * Upload CV/Resume * Allowed Type(s): .pdf, .doc, .docx By using this form you agree with the storage and handling of your data by this website. *

BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles and Responsibilities: Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills: 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Optional : Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.

Who are we? FalconX is a pioneering team of operators, investors, and builders committed to revolutionising institutional access to the crypto markets. Operating at the intersection of traditional finance and cutting-edge technology, FalconX addresses the industry's foremost challenges: Navigating the digital asset market can be complex and fragmented, with limited products and services that support trading strategies, structures, and liquidity found in conventional financial markets. As a comprehensive solution for all digital asset strategies from start to scale, FalconX operates as the connective tissue empowering clients with seamless navigation through the ever-evolving cryptocurrency landscape. Who is on the team? We are entrepreneurs. Many in our company have been founders or have aspirations to eventually start their own company. We take these ambitions and experiences to bring a solutions-oriented mindset to the problems we encounter day-to-day. We have been fortunate to have learned from mentors and peers at institutions such as Google, LinkedIn, JUMP Trading, Citadel, PEAK6 Investments, Goldman Sachs, JP Morgan, Harvard Business School, Carnegie Mellon, IIT, IIM +more. The team you would report to all have technical backgrounds in Application Security and Product Security. They cover a wide variety of products that fall within Cryptocurrency, High-Frequency Trading, and AI systems. In this role, youll dive deeply into these product lines and provide guidance as well as implementation when needed. Responsibilities : Engineer systems and internal security tools to improve application security across all of FalconX via SSDLC improvements; Interface with the rest of Engineering on the security of Falconxs software products (Cryptocurrency; High Frequency Trading; AI systems). Youll provide guidance / recommendations / and drive the Engineers to implement your recommendations. Review and provide eng-design / architectural guidance for application systems Occasional Vulnerability Management Occasional Pentesting Educate and Train Engineers on Application Security fundamentals Execute and improve security reviews and consulting processes with runbooks and automation. Knowledge, Skills & Abilities : Strong software engineering skills in Python, Golang or Ruby. You have a past of writing production-grade code and can comfortably interact with SWEs throughout FalconX. Bonus points if you have a background of security exposure in the contexts of cryptocurrency, high-frequency trading system, or AI development Proven impact in two or more of the following AppSec domains: AppSec Education and Training, API Security, Implementation of a SSDLC, App-Layer Pentesting (BurpSuite), Manual / Automated Secure Code Reviews (SAST Tools, DAST Tools), Application Security Architecture and Design, Implementation of Security Controls (Encryption; MFA / RBAC Permissions; etc), OWASP Top Ten, BSIMM / OpenSAMM Proficiency in threat modeling risks to product applications / associated infrastructure and driving the implementation of preventative controls in partnership with Engineering. Technical Project Management Strong familiarity with what a secure SDLC should look like and tools / techniques to implement an SSDLC Ability to collaborate with internal and external stakeholders while prioritizing tasks and work independently under minimal supervision. Vulnerability management, incident response Qualifications : Minimum of 6+ years of direct experience as a Software Engineer / Software Architect in Python, Ruby, Go, etc Minimum of 6+ years of direct experience in Product or Application Security as a hands-on-keyboard AppSec or ProdSec Engineer / Consultant Practical experience performing detailed application-layer risk assessments, performing secure code reviews, doing eng-design reviews with Engineers Exceptional written and verbal communication skills Strong technical curiosity within the spaces of Cryptocurrency, AI, and High Frequency Trading Systems

Role & responsibilities Responsibilities: Oversee and conduct tests for system vulnerabilities, such as: SOE Security Assessments Source Code Review Security Risk (ISO27k) & Privacy Impact (APP) Assessments NCSC Cyber Essentials Plus Assessments Red Team Attack Simulations Firewall and Password Audits Vulnerability Assessments (Internal, External, Web Application, and Database) Penetration Testing (Internal, External, Web Application, Database, Mobile, and Wireless) Preferred candidate profile Requirements: Minimum 3 years experience as a security consultant or penetration tester An existing penetration testing certification, such as OSCP, OSCE, or CREST is mandatory

This position is responsible for executing and troubleshooting test cases between lab systems, performing test-affected lookups, maintaining ancillary databases, and analyzing data impacts. This role requires advanced analytical skills and the ability to execute complex test plans. Duties and Responsibilities: Execute Secondary Interface and complex processing system test plans, including creating accessions, entering results, generating processing labels, reviewing results, and performing retesting. Perform test-affected analysis, document findings, and assess the impact of system changes. Conduct quality control reviews of database updates and ensure data integrity. Handle draw fee updates and modifications, including site-specific draw fee changes. Review and update SHLs (sample handling logic) in QTIM database. Manage eDBR cases and oversee database modifications in QTIM database. Perform Y-site updates and database maintenance in ancillary systems. Create interface test plans and oversee their execution. Review and process custom panel request, ensuring accuracy and compliance. Follow established processes and procedures to meet Service Level Agreements (SLAs) and Service Level Objectives (SLOs). Provide troubleshooting support for database-related issues. Ensure compliance with database policies, procedures, conventions, and guidelines. Perform additional database-related tasks as assigned.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Reinvent your world.We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: SAP Security. Experience5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: Active Directory. Experience5-8 Years.

Job Summary Assist in implementing, maintaining and testing SOX controls supporting the Application Managers for custom applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Pre-Implementation Quality CheckConduct a thorough review of controls design and implementation before product/functional go-live, based on evidence submitted by engineering and application management teams. SOX ITGC and Automated Controls EvaluationTest and evaluate the effectiveness of SOX IT General Controls (ITGC) and automated controls using audit checklists prepared by the Controls team to: Maintain SOX controls for internal and third-party products Support internal and external audits related to SOX compliance Control Testing DocumentationDocument control testing procedures and findings in a clear and concise manner. Control Deficiency Identification and ReportingIdentify and report any control deficiencies or weaknesses to ensure prompt remediation. SOX Compliance ReportingPrepare comprehensive reports and documentation for SOX compliance activities, including testing results and control evaluations. Cross-Functional CollaborationCollaborate with cross-functional teams to ensure the thoroughness and accuracy of controls implementation and testing. Educational Qualifications: Bachelor's degree in engineering, finance, or a related field CIA, CISA or CISSP certification Experience: 5-7 years of experience in SOX compliance testing, internal controls, or auditing Knowledge: Strong understanding of SOX regulations, internal controls, and accounting principles. Familiarity with auditing Oracle, Workday and/or Salesforce suite of applications. Skills: Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team CertificationCISA preferred Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: GRC Consulting. Experience5-8 Years.

We are looking for someone who has good hands on experience in VAPT. This role is with one of the government department of Maharashtra. Education: B.E/B. Tech / M.Sc. (Comp. Sci) / MCA / MBA/ M. Tech degree or equivalent. Should be a certified auditor. 6 or more years of overall experience with at least 6 years of relevant experience in Vulnerability Analysis, Penetration Testing and/or forensics. Must have experience in managing at least 3 projects for large, enterprise scale Clients. should have at least two industry certifications as mentioned below: 1. Licensed Penetration Tester (LPT) 2. Certified Penetration Testing Professional (CPENT) 3. Certified Expert Penetration Tester (CEPT) 4. GIAC Penetration Tester (GPEN) 5. CompTIA PenTest+ 6. Certified Ethical Hacker (CEH) 7. Certified Mobile and Web App Penetration Tester (CMWAPT) 8. Computer Hacking Forensic Investigator (CHFI) 9. Certified Information System Auditor (CISA) 10. Certified Information Security Manager (CISM) 11. Other acceptable industry related certification in VAPT. 12. OSCP