893 Wireshark Jobs - Page 29

With over 17,000 employees worldwide, the mission of the Customer Experience & Success (CE&S) organization is to empower customers to accelerate business value through differentiated customer experiences that leverage Microsoft’s products and services, ignited by our people and culture. Come join CE&S and help us build a future where customers achieve their business outcomes faster with technology that does more. Within CE&S, the Customer Service & Support (CSS) organization builds trust and confidence for every person and organization through delivering a seamless support experience. In CSS, we are powered by Microsoft’s AI technology to help consumers, businesses, partners, and more, resolve their issues quickly and securely, helping prevent future problems from occurring and achieving more from their Microsoft investment. In the Customer Service & Support (CSS) team we are looking for people with a passion for delivering customer success. As a Technical Support Engineer, you will own, troubleshoot and solve customer technical issues. This opportunity will allow you to accelerate your career growth, hone your problem-solving, collaboration and research skills, and develop your technical proficiency. This role is flexible in that you can work up to 50% from home. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. Responsibilities Response and Resolution: You own, investigate and solve customer technical issues, collaborating within and across teams and leveraging troubleshooting tools and practices. Readiness: You lead or participate in building communities with peer delivery roles and, where appropriate, share your knowledge. You develop specific technical and professional proficiency to enable you to resolve customer issues, through training and readiness. Product/Process Improvement: You identify potential product defects and escalate appropriately to resolve, contributing to Microsoft product improvements. Qualifications Required Qualifications Language Qualification English Language: fluent in reading, writing and speaking. 2 to 5 years of experience in technical support, software development, or a related field. Hands-on experience with Web APIs, RESTful services, and API authentication mechanisms (OAuth, JWT, etc.). Proficiency in .NET development (C#) and ASP.NET, with experience in debugging and troubleshooting web applications. Understanding of networking concepts, including HTTP, DNS, TLS/SSL, firewalls, and proxy servers. Ability to analyse network traces and troubleshoot connectivity issues. Strong problem-solving, analytical, and debugging skills with a customer-focused mindset. Excellent verbal and written communication skills, with the ability to explain technical concepts to various audiences. Candidates must have strong customer service, accurate and logical problem solving, and communication skills, and the ability to work in a team environment. Must Have Technical Skills NET Framework & ASP.NET – Hands-on experience with .NET applications, debugging, and development. WebAPI & REST – Experience designing, consuming, and troubleshooting APIs. IIS & Web Hosting – Experience with web application deployment and configurations. Networking Fundamentals – Knowledge of HTTP, TCP/IP, SSL/TLS, firewalls, and proxies. Visual Studio & Debugging Tools – Familiarity with debugging .NET applications. Familiar with fundamentals of Cloud Computing and Windows Azure Technologies Familiar with Networking concepts and fundamentals Good To Have Technical Skills Programming knowledge in Java, Node.js, Python, PHP, or Ruby. Understanding of JavaScript Object Notation (JSON) and YAML. Experience with API security best practices and authentication mechanisms. Familiarity with containerized environments (Docker, Kubernetes) and API Gateways. Ability to work with network traces (Wireshark, Fiddler, etc.). Azure Services – Exposure to Azure services such as Application Gateway, APIM, App Services, and Virtual Networks. The ability to read and analyse network traces Soft Skills Customer-Centric Mindset – Passion for helping customers and providing high-quality support. Strong Troubleshooting Skills – Ability to diagnose and resolve complex technical issues. Collaboration & Teamwork – Ability to work effectively with global teams and escalate when needed. General Responsibilities Of An SE Represent Microsoft and communicate with corporate customers via telephone, written correspondence, or electronic service regarding technically complex escalated problems identified in Microsoft software products, and manage relationships with those customers. Frequently, these problems will not only be technically complex, but will be politically charged situations requiring the highest level of customer skill. Receive escalated, technically complex mission critical or politically hot customer issues, and maintain ownership of issue until resolved completely. Be flexible to work in different shifts which would span across EMEA/India business hrs. Use trace analysis, source code, and other sophisticated debugging tools to analyse problems and develop solutions to meet customer needs; may involve writing code. Acquire & coordinate resources from other groups as needed to resolve customer issues. Manage political issues by setting customer expectations, devising action plans, being available 24x7, and professionally communicating to all parties involved. Share knowledge with other engineers and develop customer solutions efficiently. Ability to report bugs and supportability concerns along with customer suggestions to the product teams. Empower Support engineers to do their best to help the customers. Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations. Show more Show less

We are looking for resources who have Very strong experience in C++ Development with Lead Experience(Min 3 yrs)and Troubleshooting skills for our project. Strong C++ development with python experience and Troubleshooting skills(Who can be able to take care of troubleshoot issues live and do the logs analysis. Experienced in Leading Role(Min.3 yrs) Excellent understanding of troubleshooting and debugging Experience in Linux commands , Github , wireshark ,jenkin etc Experience in Agile methodology , JIRA Good Experience in Telecom/Networking Domain/SIP Protocol Notice Period Required Max.30 days(Official NP) Mode of Work Hybrid(3 Days WFO) Mandatory Skills: Strong C++ development with Lead Experience(Minimum 3 yrs) with python experience & Troubleshooting skills(Who can be able to take care of troubleshoot issues live and do the logs analysis. Excellent understanding of troubleshooting and debugging Experience in Linux commands. Good Experience in Telecom/Networking Domain/SIP Protocol Primary Skills C++ Development, Lead Experience(3+ yrs),Python Scripting, Linux, Telecom/Networking Domain, Debugging and Troubleshooting

BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles and Responsibilities: Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills: 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Preferred Skills: Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.

Arista Networks is an industry leader in data-driven, client-to-cloud networking for large data center, campus and routing environments. Arista is a well-established and profitable company with over billion in revenue. Arista’s award-winning platforms, ranging in Ethernet speeds up to 800G bits per second, redefine scalability, agility, and resilience. Arista is a founding member of the Ultra Ethernet consortium. We have shipped over 100 million cloud networking ports worldwide with CloudVision and EOS, an advanced network operating system. Arista is committed to open standards, and its products are available worldwide directly and through partners. At Arista, we value the diversity of thought and perspectives each employee brings. We believe fostering an inclusive environment where individuals from various backgrounds and experiences feel welcome is essential for driving creativity and innovation. Our commitment to excellence has earned us several prestigious awards, such as the Great Place to Work Survey for Best Engineering Team and Best Company for Diversity, Compensation, and Work-Life Balance. At Arista, we take pride in our track record of success and strive to maintain the highest quality and performance standards in everything we do. Job Description Who You’ll Work With The TSE works in a non-silo environment, supporting all of Arista’s products and the many network protocols and features covered by EOS. He or she will work directly with both the customer and (when needed) the software and hardware development teams. The TSE team also performs all their own recreates in a dedicated lab environment. Giving customers direct access to a high-level engineer streamlines the support process and raises customer satisfaction. What You’ll Do Respond to customer product inquiries via telephone or in written, internet-based email. Resolve customer concerns raised during installation, operation, maintenance or product application or compatibility matters. Interpersonal skills and product knowledge and expertise are critical to responding to daily customer-centric activities. Troubleshoot problems with hardware equipment and software applications and recommends corrective action. Document customer communication and recurring technical issues to support product quality programs and product development. Qualifications The ideal candidate possesses the ability to troubleshooting complex and dynamic customer environments while balancing the communications needs of each case. A strong analytical mind is required, as is the ability to triage. As we are continually releasing new features and products, a high aptitude for both learning and teaching are required. Our engineers work closely with other members of Customer Engineering as well as both Software and Hardware development—both in diagnosing problems as well as communicating them in multiple technical contexts. Thus, excellent written and verbal communication skills are a must, as is a collaborative approach. Working knowledge of networking industry, products, and protocols Minimum of 1-5 years hands-on experience and a combination of the following; designing, deploying, configuring, supporting, trouble shooting, debugging and administering the following network protocols and technologies: AAA/TACACS , ACL , ARP , BGP (RFC 4271) , DHCP , 1G/10G Ethernet (IEEE 802.3ab & IEEE 802.3ae) , Flow Control , ICMP , IGMP , IPv4 & IPv6 , LACP , LLDP , MPLS , NAT , Open Flow , OSPF (RFC 2328) , PIM , QOS , RIP , Sflow , SNMP , STP / RSTP / MST (IEEE 802.1d) , VARP / VRRP , VLAN (IEEE 802.1q) , VRF Experience with troubleshooting tools such as IXIA, tcpdump, and Wireshark (or similar packet generation and analysis tools) is highly desired A strong comfort level with Linux is highly desired Familiarity with programming/scripting (C++, Java, Python, Perl, JavaScript, shell) a plus. Education: Minimum education is a MS in a technical field (CS/EE/ITP preferred). Industry certifications preferred. Prior TAC experience preferred. Additional Information Arista stands out as an engineering-centric company. Our leadership, including founders and engineering managers, are all engineers who understand sound software engineering principles and the importance of doing things right. We hire globally into our diverse team. At Arista, engineers have complete ownership of their projects. Our management structure is flat and streamlined, and software engineering is led by those who understand it best. We prioritize the development and utilization of test automation tools. Our engineers have access to every part of the company, providing opportunities to work across various domains. Arista is headquartered in Santa Clara, California, with development offices in Australia, Canada, India, Ireland, and the US. We consider all our R&D centers equal in stature. Join us to shape the future of networking and be part of a culture that values invention, quality, respect, and fun. Show more Show less

MS-EVPune Posted On 27 May 2025 End Date 26 Jul 2025 Required Experience 1 - 3 Years Basic Section No. Of Openings 1 Designation Test Engineer Closing Date 26 Jul 2025 Organisational MainBU EQPM Sub BU MS-EV Country India Region India State Maharashtra City Pune Working Location Pune Client Location NA Skills Skill TELECOM EV MANUAL TESTING Highest Education No data available CERTIFICATION No data available Working Language No data available JOB DESCRIPTION Functional Manual Testers execute manual testing to validate the business functionality of mobile telecom applications. This role focuses on ensuring that OSS/BSS, CRM, billing, and network applications meet user and business requirements. This role involves understanding functional requirements, designing test cases, and identifying and reporting defects. Key Responsibilities: Test Case Execution: Design and execute manual test cases according to test plans and scripts. Verify system behavior against functional requirements of mobile telco systems. Perform exploratory, smoke, and regression testing to identify defects. Collaborate with domain SMEs and Test Leads to ensure comprehensive functional coverage. Validate integration between telecom systems (e.g., CRM to billing, OSS to BSS). Work with telecom protocols such as SIP, RTP, SS7, Diameter, and SCTP. Use protocol analyzers like Wireshark for debugging and validation. Test Data Preparation: Prepare and maintain test data for test execution. Ensure data quality and consistency. Support user acceptance testing (UAT) by preparing test data and environments. Test Environment Setup: Set up and configure test environments. Install and configure necessary software and hardware. Defect Tracking and Reporting: Log and track defects using defect tracking tools like Jira or Bugzilla, ensuring timely resolution. Provide clear and concise defect reports. Work with development teams and operations teams to resolve defects promptly. Collaboration Collaborate with development and product teams to refine requirements and ensure test alignment with project goals, and timely delivery. Lead and mentor junior testers, sharing knowledge and best practices. Collaborate with product teams and operations to identify opportunities for process improvement. Provide regular updates on testing progress, risks, and issues. Key Expertise / Knowledge: In-depth knowledge of functional

MS-EVPune Posted On 27 May 2025 End Date 26 Jul 2025 Required Experience 1 - 3 Years Basic Section No. Of Openings 1 Designation Consultant Closing Date 26 Jul 2025 Organisational MainBU EQPM Sub BU MS-EV ParentCC COGS CostCenter COGS Legal Entity QualityKiosk Technologies Private Limited Legal Entity Location Navi Mumbai Country India Region India State Maharashtra City Pune Working Location Pune Client Location NA Skills Skill TELECOM EV MANUAL TESTING Highest Education No data available CERTIFICATION No data available Working Language No data available JOB DESCRIPTION Functional Manual Testers execute manual testing to validate the business functionality of mobile telecom applications. This role focuses on ensuring that OSS/BSS, CRM, billing, and network applications meet user and business requirements. This role involves understanding functional requirements, designing test cases, and identifying and reporting defects. Key Responsibilities: Test Case Execution: Design and execute manual test cases according to test plans and scripts. Verify system behavior against functional requirements of mobile telco systems. Perform exploratory, smoke, and regression testing to identify defects. Collaborate with domain SMEs and Test Leads to ensure comprehensive functional coverage. Validate integration between telecom systems (e.g., CRM to billing, OSS to BSS). Work with telecom protocols such as SIP, RTP, SS7, Diameter, and SCTP. Use protocol analyzers like Wireshark for debugging and validation. Test Data Preparation: Prepare and maintain test data for test execution. Ensure data quality and consistency. Support user acceptance testing (UAT) by preparing test data and environments. Test Environment Setup: Set up and configure test environments. Install and configure necessary software and hardware. Defect Tracking and Reporting: Log and track defects using defect tracking tools like Jira or Bugzilla, ensuring timely resolution. Provide clear and concise defect reports. Work with development teams and operations teams to resolve defects promptly. Collaboration Collaborate with development and product teams to refine requirements and ensure test alignment with project goals, and timely delivery. Lead and mentor junior testers, sharing knowledge and best practices. Collaborate with product teams and operations to identify opportunities for process improvement. Provide regular updates on testing progress, risks, and issues. Key Expertise / Knowledge: In-depth knowledge of functional

MS-EVPune Posted On 27 May 2025 End Date 26 Jul 2025 Required Experience 2 - 3 Years Basic Section No. Of Openings 1 Designation Consultant Closing Date 26 Jul 2025 Organisational MainBU EQPM Sub BU MS-EV ParentCC COGS CostCenter COGS Legal Entity QualityKiosk Technologies Private Limited Legal Entity Location Navi Mumbai Country India Region India State Maharashtra City Pune Working Location Pune Client Location NA Skills Skill TELECOM EV MANUAL TESTING Highest Education No data available CERTIFICATION No data available Working Language No data available JOB DESCRIPTION Functional Manual Testers execute manual testing to validate the business functionality of mobile telecom applications. This role focuses on ensuring that OSS/BSS, CRM, billing, and network applications meet user and business requirements. This role involves understanding functional requirements, designing test cases, and identifying and reporting defects. Key Responsibilities: Test Case Execution: Design and execute manual test cases according to test plans and scripts. Verify system behavior against functional requirements of mobile telco systems. Perform exploratory, smoke, and regression testing to identify defects. Collaborate with domain SMEs and Test Leads to ensure comprehensive functional coverage. Validate integration between telecom systems (e.g., CRM to billing, OSS to BSS). Work with telecom protocols such as SIP, RTP, SS7, Diameter, and SCTP. Use protocol analyzers like Wireshark for debugging and validation. Test Data Preparation: Prepare and maintain test data for test execution. Ensure data quality and consistency. Support user acceptance testing (UAT) by preparing test data and environments. Test Environment Setup: Set up and configure test environments. Install and configure necessary software and hardware. Defect Tracking and Reporting: Log and track defects using defect tracking tools like Jira or Bugzilla, ensuring timely resolution. Provide clear and concise defect reports. Work with development teams and operations teams to resolve defects promptly. Collaboration Collaborate with development and product teams to refine requirements and ensure test alignment with project goals, and timely delivery. Lead and mentor junior testers, sharing knowledge and best practices. Collaborate with product teams and operations to identify opportunities for process improvement. Provide regular updates on testing progress, risks, and issues. Key Expertise / Knowledge: In-depth knowledge of functional

We have openings in Network L2 Eng Total Exp : 6+ Years Work Timing: 24/7 Shift Work Mode: Onsite Location : Bangalore Immediate Candidates Preferred Interested candidates please share your updated resume with : Suneetha.d@truglobal.com Contact Number: 9513059942 -Suneetha D Required Hands-on Experience: Provide support for Cisco Meraki Switches in multiple locations. Assist in the management and troubleshooting of Cisco Firewalls to ensure network security and performance. Monitor, maintain, and troubleshoot APC UPS systems to ensure power reliability. WAN Link & ISP Coordination Manage MPLS, leased lines, and broadband connections, ensuring optimal connectivity. LAN Design & Optimization Ensure efficient local area networking for high availability and performance. SD-WAN Implementation & Management Deploy and maintain software-defined networking for flexibility and scalability. VPN Deployment & Secure Access Configure and maintain secure tunnels for remote users and site-to-site connectivity. Troubleshooting Connectivity Issues Diagnose and resolve IP conflicts, link failures, and other network disruptions. DNS, DHCP, & IP Address Management (IPAM) Ensure proper network addressing and name resolution. Packet Capture & Deep-Dive Analysis Utilize tools to diagnose and troubleshoot complex network issues. Incident Response for Network Outages Perform root cause analysis and corrective actions to prevent recurrence. Escalation to OEMs & ISPs Coordinate with vendors for complex issue resolution and hardware/software support. Provide documentation, training, and knowledge-sharing within the IT team to improve network troubleshooting efficiency. Participate in on-call rotations and assist in resolving critical network issues.

Position : Senior Network Engineer Location : Gurugram - Haryana Direct Hire Role Skills- Firewall and SaaS: Palo Alto, Prisma Access Load-Balancers and WAFs: F5 Big-IP, Cloud-Flare, A10 Networks (optional) Networking: Cisco, Arista, Aruba Silver-Peak (SD-WAN) DDOS: Cloud-Flare and Radware. Network Observability: cPacket, Viavi, Wireshark, Thousand-Eyes, Grafana, Elasticsearch, Telegraf, Logstash Clouds: AWS, Azure Wireless: Cisco and Juniper MIST Networking Protocols: BGP, MP-BGP, OSPF, Multicast, MLAG, VPC, MSTP, Rapid-PVST+, LACP, mutual route redistribution, VXLAN, eVPN. Programming and Automation: Python, JSON, Jinja, Ansible, YAML. Role & responsibilities 10+ years of technical experience in networking, network security and upgrades Working understanding of open-standard networking protocols and the ability to identify and implement these protocols at an enterprise level Performs complex installations, upgrades, and maintenance and technical duties supporting the operations internal and non-internal network Assist in the development/design of network/security policies, standards, guidelines, and procedures relevant to IT infrastructure and Architecture Communicates with the client, the team and NOC on a day to day basis to ensure quick turnaround times, resolutions and maintain a robust environment

Role Summary: RADWIN is seeking passionate Firmware engineer with 5–8 years of experience in developing Wi-Fi firmware. The role involves working on embedded software development for Wi-Fi 6/7 chipsets, focusing on Upper MAC/Lower MAC, Data and Control Paths, and performance optimization within RTOS environments. You will be part of the new RADWIN Firmware Innovation Centre in Chennai contributing to high performance wireless solutions. Key Responsibilities: Design, implement, and maintain Wi-Fi firmware modules related to: Data Path and Control Path Upper MAC/Lower MAC/PHY integration Wi-Fi 6 and Wi-Fi 7 protocol enhancements Debug critical firmware issues impacting performance, stability, and throughput. Collaborate with hardware, RF, and systems teams to ensure optimal firmware operation across layers. Develop and optimize firmware for real-time embedded environments, ensuring compliance with timing constraints and system KPIs. Participate in code reviews, bring-up, and delivery of firmware to production hardware. Support regulatory (FCC, ETSI etc.,) and feature compliance (e.g., DFS, CCA, Spectral Scan, etc.). Why Join RADWIN? Be part of a Firmware Innovation Group under experienced leadership. Work on next-generation wireless technologies with cross-functional teams in a global environment. Work on bleeding-edge platforms and direct engagement with chipset vendors. A growth-oriented, fast-paced R&D culture where firmware leads the product innovation Requirements: 5–8 years of embedded software development focused on Wi-Fi or Cellular firmware. Strong knowledge of IEEE 802.11 protocols, especially Wi-Fi 6 and Wi-Fi 7 (MAC/PHY level) or similar technologies in Cellular(LTE/5G) Experience in real-time embedded systems and RTOS environments. Solid debugging skills for firmware bottlenecks, stability issues, and low-level Wi-Fi/Cellular stack problems. Hands-on experience with Qualcomm and/or Broadcom or MediaTek or Intel (or any other chipsets) Experience with Debugging tools: Wireshark, GDB, iperf, Sniffer Advantage: Experience with Qualcomm Wifi/Cellular chipsets Basic experience in host-side driver development (cfg80211/nl80211, netlink communication). Familiarity with Linux wireless applications (e.g., hostapd, wpa_supplicant). Knowledge of OpenWRT, Yocto, QSDK, and user-space tools for embedded Wi-Fi platforms. Knowhow about TDD/TDMA, FDD/FDMA Basic understanding of bootloaders, BSP bring-up, and U-Boot configuration. Familiarity with RF-related features such as: DFS Spectral Scan Transmit power and channel calibration Exposure to RF equipment (e.g., spectrum analyzer) and calibration procedures. If you are passionate to learn and contributing, we encourage you to apply even if you do not meet every “Advantage” qualification listed above. RADWIN is an equal opportunity employer. We evaluate qualified applicants without regard to race, gender, disability or any other legally protected characteristics. Show more Show less

Job Summary: We are looking for an experienced and passionate Senior Software Engineer with deep expertise in VPN protocols, TLS security, and Quantum-Safe Cryptography to join our cybersecurity product team. In this role, you will lead the design, development, and integration of secure communication protocols, ensuring privacy and resilience against evolving cyber threats—including those posed by quantum computing. You’ll contribute to building next-generation secure networking systems for enterprise-grade deployments. Key Responsibilities: • Design, implement, and maintain secure VPN protocols (e.g., IPsec, OpenVPN, WireGuard, SSTP, L2TP,etc.) • Develop and enhance TLS-based secure communication channels • Integrate Quantum-Safe Cryptographic Algorithms like ML-KEM, ML-DSA, and SLH-DSA into secure protocol workflows • Collaborate with cross-functional teams to deliver high-performance and scalable security modules • Optimise performance and reliability of encrypted traffic handling in high-throughput environments • Conduct protocol-level debugging, vulnerability analysis, and patching of identified issues • Ensure compliance with modern cryptographic standards and best practices • Create comprehensive documentation for design, implementation, and testing • Mentor junior engineers and contribute to code reviews and architectural decisions • Work closely with security teams to evaluate threat models and ensure resilience. • Adhere to high-quality work standards • Responsible for maintaining the Confidentiality, Integrity and Availability information assets,including business-critical information. Skills and Experience: • BE/BTech in Computer Science, Cybersecurity, or a related field • 6+ years of hands-on software development experience in Python, C, and C++ • Strong understanding and practical experience with TLS and VPN protocols such as IPsec, OpenVPN,WireGuard, SSTP, L2TP, PPTP, SoftEther • Familiarity with Quantum-Safe Algorithms like ML-KEM, ML-DSA, SLH-DSA is highly preferred • Deep knowledge of cryptographic principles, public key infrastructure (PKI), and secure key exchange mechanisms • Experience working on Linux/Unix systems, including networking stack and kernel modules • Exposure to network security tools and traffic analysis (e.g., Wireshark, tcpdump) • Strong problem-solving, debugging, and optimization skills in secure systems development • Good understanding of secure coding practices, threat modeling, and vulnerability assessments • Familiarity with version control tools like Git, CI/CD pipelines, and Agile development practices • Excellent communication, documentation, and collaboration skills • Passion for building cutting-edge security solutions in a fast-paced environment • Knowledge of firewall technologies, packet filters, DPI (Deep Packet Inspection) or similar networking/security systems is a strong plus • Familiarity with packet capture tools (Wireshark/tcpdump) and network debugging techniques • Good grasp of cybersecurity principles, threat detection, and secure coding practices • Familiarity with Git, CI/CD pipelines, and modern development practices • Strong communication and collaboration skills • Bonus: Knowledge of MITRE ATT&CK, OWASP, or experience in building security-focused products Show more Show less

Position Summary JobDescription:CyberRiskApplication Security Senior Consultant Are you interested in improving the cyber and organizationalrisk profiles of leading companies? Do youwanttobeinvolvedindeliveringAttackSurfaceManagement(ASM)Services including identifying potentially vulnerable IT assets or weak security configurations within their networks in real time? Are you excited about rapidly changing operational environments, learning what you need to get the job done, and producing accurate and timely results? Ifyes,thenDeloitte’s Attack Surface Management (ASM) teamcould betheplaceforyou!Transparency, innovation,collaboration,sustainability:thesearethehallmarkissuesshaping cyberinitiativestoday. Deloitte’s ASM business is passionate about making an impact with lasting change.Delivering our industry leading services requires fresh thinking and a creative approach. We collaborate with teams from across our organization to bring the fullbreadth ofDeloitte, its commercialand public sector expertise, to best support our clients.Our aspiration is to be the premier integrated services provider in helping to transform the cyber security services marketplace. Ourteamisclientfocusedandmissiondriven.AsaCyberRiskAttackSurfaceSeniorConsultant inDeloitte'sAttackSurfaceManagement(ASM) Services,you’llworkwithourdiverseteamsofpassionateprofessionals to help solve for some of today’s toughest cybersecurity challenges to enable or clients to achieve business growth and manage risk. Workyou’ll do AsanAttackSurface Management SeniorConsultant,youwillassistourclientswithdiscoveringvulnerabilitiesand rogue assets (such as shadow IT)in their networks as part of a team of engineers and analysts around the world who specialize in the tactics, tools and proceduresused by cyber criminals. Conduct vulnerability assessments and manual penetration testing for Web, API, Thick Client and mobile applications. Perform Secure code review and false positive analysis for vulnerabilities reported by industry standard tools. Respond torequestsfor ad-hocreporting andresearchtopicsfrommanagementand analysts as required Develop and implement application security policies and procedures. Identify and prioritizes security vulnerabilities. Coordinate with the application development teams and operations teams to assist with the remediations plans and securing the applications Quicklyunderstandanddeliver oncompanyandclient requirements Aidinandparticipateindaily,weekly,quarterly,andyearlyreporting forclients, partners, and internal teams AdheretointernaloperationalsecurityandotherDeloitte policies Qualifications Required: Bachelor'sdegreeorhigherinComputer Science, or equivalent experience. 5-9 years of hands-on experience in application security, vulnerability assessment, penetration testing, mobile application security, Thick Client and Web API security assessments. Strong understanding of OWASP Top 10 vulnerabilities but not limited to. Strong experience in manual assessment and exploitation of vulnerabilities such as Blind SQLi, XXE, SSRF, Insecure Deserialization, HTTP Request Smuggling etc. Strong understanding of OAUTHv2/OpenID standards and associated vulnerabilities. Strong understanding of business logic vulnerabilities. Experience in Secure Code Review in-line with OWASP Secure Coding Practices. Proficiency in industry standard tools such as Burp Suite, Fiddler, Sysinternals suite, Veracode, DnSpy, Olly debugger, IDA Pro, EchoMirage, Wireshark, Apktool, Jadx-gui, Frida etc. Ability to perform manual penetration testing and security assessments using automated tools. Excellent technical report writing skillset. Knowledge of web application components like frontend, backend, databases and application servers. Understanding in web development technologies like HTML, CSS, JavaScript, PHP, JAVA, .Net and backend databases. Experience with reviewing application security architectures and threat modelling. Understand on the basic concepts of reverse engineering, memory analysis etc. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP/s Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professionals (OSCP), Offensive Security Web Expert (OSWE), Burp Suite Certified Practitioner (BSCP), Web Application Penetration Tester (GWAPT). Preferred: Proficiency in Web and Mobile application security assessments, penetration testing and secure code review. Relevant publications such as blogs, tools, conference presentations and CVEs are preferred. Offensive Security Web Expert (OSWE) and Burp Suite Certified Practitioner (BSCP) certifications are preferred. Experience with automation and scripting (Python) are preferred. OutstandingEnglishwrittenand oralcommunicationskillsand theabilitytoprioritize work Strongunderstandingofweb, mobile and microservices vulnerabilities. Workingknowledgeofhowmaliciouscodeoperatesandhowtechnicalvulnerabilitiesare exploited. Stronganalyticalandproblem-solving skills. Self-motivatedtoupskill and learn new attack vectors. Astrongdesiretounderstandthewhat aswellasthewhy andthehowof security vulnerabilities. The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth,innovation,andperformanceagendasthroughproactivemanagementoftheassociatedcyber risks.Our professionalsprovideadvisory and implementation servicesthat integraterisk,regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Howyou’ll grow AtDeloitte,ourprofessionaldevelopmentplanfocusesonhelpingpeopleateveryleveloftheircareer to identify and use their strengths todo their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpenskills in addition to hands-on experience in the global, fast-changing business world.From on-the-job learningexperiencestoformaldevelopmentprogramsatDeloitteUniversity,ourprofessionalshavea variety of opportunitiestocontinuetogrowthroughout their career. ExploreDeloitteUniversity,The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employeesabroadrangeofbenefits. LearnmoreaboutwhatworkingatDeloittecanmeanforyou. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them theflexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programsandarecontinuouslylookingfornewwaystomaintainaculturewhereourpeopleexceland lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters.This purposedefines who we are and extendsto relationships with our clients, our people and our communities.We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadershiptohelpdrivepositivesocialimpactinourcommunities. LearnmoreaboutDeloitte’simpact on the world. Recruiter tips WewantjobseekersexploringopportunitiesatDeloittetofeelpreparedandconfident.Tohelpyou with your interview, we suggest that you do your research: know some background about the organizationandthebusinessareayou’reapplyingto. CheckoutrecruitingtipsfromDeloitte professionals. #CA-LD Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301459 Show more Show less

Dear Connections. Greeting from ACL Digital !!! ACL Digital is hiring for C++ Developer(VoIP/Protocol/Telecom) Opportunity for Bangalore Location. Job Description: C++ Developer (Data Structures, TCP/IP, Networking) Work Location: Bangalore Notice Period: Immediate About the Role: We are seeking a highly motivated and skilled C++ Developer with a strong foundation in data structures, algorithms, and networking protocols (TCP/IP, UDP). The ideal candidate will be responsible for designing, developing, and maintaining high-performance, robust applications. You will work on challenging projects involving network communication, data processing, and system optimization. This is an excellent opportunity to contribute to cutting-edge technologies and work in a dynamic and collaborative environment. Responsibilities: Development: Design, develop, and maintain high-performance C++ applications. Networking: Implement and optimize network communication using TCP/IP and UDP protocols. Data Structures & Algorithms: Utilize advanced data structures and algorithms to solve complex problems and optimize performance. Protocol Implementation: Implement and debug various networking protocols. Debugging & Troubleshooting: Identify and resolve complex software defects and performance bottlenecks. Code Review: Participate in code reviews to ensure code quality and maintainability. Documentation: Create and maintain technical documentation. Collaboration: Work closely with cross-functional teams, including QA, product, and other engineering teams. Performance Optimization: Profile and optimize code for performance and efficiency. System Design: Contribute to the design and architecture of software systems. Required Skills and Experience: Bachelor's or Master's degree in Computer Science or a related field. Strong proficiency in C++ programming. Solid understanding of data structures and algorithms. In-depth knowledge of TCP/IP and UDP networking protocols. Experience in network programming and socket programming. Familiarity with network protocol analysis and debugging tools (e.g., Wireshark). Experience with multi-threading and concurrent programming. Strong debugging and problem-solving skills. Excellent communication and teamwork skills. Ability to work in an agile environment. Immediate availability to join. Interested candidate can share their resume to amit.k@acldigital.com. You can also refer your friends & colleagues. Thanks & Regards Amit Kumar ACL Digital Show more Show less

Job Summary : We are seeking a highly skilled and curious Security Researcher to join our cybersecurity team. As a Security Researcher, you will investigate vulnerabilities, analyze malware, and uncover emerging threats to protect our infrastructure and products. This role is ideal for someone passionate about offensive and defensive security, reverse engineering, and continuous learning. Key Responsibilities : Research and discover new vulnerabilities in software, systems, and protocols (zero-day and known CVEs) Analyze malware samples, APT techniques, and exploit kits to understand their behavior and implications Monitor threat intelligence sources to identify trends, TTPs (tactics, techniques, and procedures), and threat actors Develop and refine detection signatures, proof-of-concepts (PoCs), and mitigation strategies Contribute to open-source tools, whitepapers, or technical blogs on cybersecurity topics Participate in bug bounty programs and responsible disclosure initiatives Stay up to date with the latest security technologies, exploits, and research trends Cloud security best practices and CIS benchmark Required Skills & Qualifications: Solid understanding of operating system internals (Windows, Linux, macOS) 5+ years in cybersecurity or related field . Strong knowledge of network protocols, encryption standards, and web/app security Experience with scripting/programming languages (e.g., Python, C/C++, Go, Bash) Familiarity with vulnerability research, fuzzing, and exploit development Comfortable with tools such as Wireshark, Burp Suite, Metasploit, and custom scripts Understanding of MITRE ATT&CK, threat modeling, and IOC analysis Experience with static and dynamic analysis of malware Experience with AWS, Azure, GCP Preferred Qualifications: Contributions to security research communities (e.g., CVEs, open-source tools, DEF CON/Black Hat presentations) Familiarity with cloud security (AWS, Azure, GCP) Exploitation Kubernetes cluster security best practices Experience with binary exploitation, ROP chains, and sandbox evasion techniques Offensive Security certifications (e.g., OSCP, OSCE, OSEP) or GIAC (e.g., GREM, GXPN) Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field or equivalent practical experience Show more Show less

Education: BE/BTech/MCA/MTech (Preferably CS/IT) Experience Level: 2-8 years Open to travel from Delhi to any Client location Technical Skills Required Mandatory: Product and Application Support a) Good experience in product and application support with sound knowledge of networking and IT Infrastructure b) How typically big enterprise support product installation and upgrades are managed and how the patch management is done Windows / Linux System Administration a) Expertise in Windows Administration (2012 / R2, 2016, 2019,2k22) or Linux System Administration (Red hat, Ubuntu, CentOS) b) Strong skill sets of Windows Services and Linux Daemons c) Knowledge in Mac operating systems d) Hands on experience in implementing Group Policies & Active Directory Server Roles, Knowledge in ADFS, SAML, Certification services e) Manage and Troubleshoot AD environment, AD components, AD Roles & Functions f) Good knowledge in different server roles (Webservers (IIS), DHCP servers, DNS, Remote Desktop services, FSMO, SCCM, SMTP) g) Product installation, Upgrades and Patch Management Networking a) Strong fundamentals in networking b) Hands on troubleshooting experiencing in Networking (Layer2 and Layer3) c) Experience with firewalls, Internet VPN’s, IPSec tunneling d) Remote implementation and troubleshooting e) Good knowledge about different VPN technologies f) Knowledge about TCP/IP, DNS, Proxy servers g) Basic understanding of IPTables, TLS, SSL, netstat, nslookup h) Knowledge about security software such as DLP, firewalls (End point security are add-on) Tools and Expertise a) Experience in debugging tools like Prefmon, Procmon, Process explorer, Resource monitor & Windows Sysinternal tools b) Hands on experience on Windows Sysinternal Tools, TCP Dump / Wireshark trace analysis c) Knowledge in TCPView & crash dump analysis knowledge d) Experience on Wireshark, Nmap, http analyzer, Debug view etc. (add on) e) Knowledge in VAPT analysis & Security (Desirable) f) Security - Knowledge in TLS, SSL, Encryptions, PKI Concepts, Basic understanding about Vulnerability assessments and penetration tests g) Knowledge of Power-shell scripting, Linux shell scripting and Python is add-on Virtualization and Cloud a) Expertise in Virtualization Technologies – VMWARE, Hyper-V or XenHypervisor b) Cloud technology - understanding of Azure, AWS & GCP (or Certified) Good to have: Knowledge in VDI (Citrix, Parallels, VMware Horizon), Nginx Support Management and Tools Knowledge: a) Knowledge of L1 and L2 Ticket tracking tools b) Should be able to provide reports for any escalations, Root cause Analysis (RCA) and Productivity reports Soft Skills Required Clarity of thought Sincere Proactive Self-motivated Logical bent of mind (Analytical) Team player Flexible/adaptable Good communication skills (both written and verbal) Role and Responsibilities: Providing customer delight Offering excellent technical support experience to customers Good listener to customers, provides on-time deliveries Attending tickets and emails (Proactively involved in escalations and making sure customer commitments are met) Make sure support deliveries are under defined TATs and SLAs Involve appropriate authorities when escalations are required Coordinate with Sr. System Administrators, SME (Subject Matter Expert) Cross-functional team discussions (QA – Quality Analysts, Security Analysts, Development team) - On-time internal escalations Adapt and implement new technologies related to Zero trust network & Virtualization verticals Implementation and Configuration of Products on Cloud Technologies and On-prem virtualization environment Provide solution documents, KB articles, Incident/Preliminary analysis Document & RCAs Reproduce customer issues and if required, analyze the root cause; check and verify any viable solutions available other than development, such as creating scripts, simple solutions, etc Documentations Ready to learn and groom Open to travel for business Founded in 2012, Accops is a leading provider of secure remote access and digital workspace solutions, enabling organizations to maintain control and governance while offering flexibility to work from any device. Accops offers a comprehensive Digital Workspace suite that includes Zero Trust-based Application Access Gateway, End-User Computing (EUC) Virtualization via VDI, robust Identity & Access Management (IAM) solutions such as Multi-Factor Authentication (MFA) and Single Sign-On (SSO), and thin client hardware and software solutions. Accops addresses modern remote work challenges by delivering secure, instant access to business applications. Its solutions protect against network threats and unauthorized access, critical in today’s work-from-anywhere environment. Unlike traditional, multi-product approaches, Accops' pre-integrated suite reduces complexity and deployment time, ensuring faster and more agile implementation. Headquartered in Pune, Accops has become a significant player in the End-User Computing (EUC) virtualization domain, offering a one-stop solution for organizations seeking to deploy secure remote work infrastructures. Its products, including the Nano OS for secure containerization on BYOD devices, and extensive MFA and SSO capabilities, ensure robust data protection and strong identity management. Part of Jio Platforms Ltd, Accops continues to innovate and enhance digital workspace solutions with a focus on security, user experience, and operational efficiency. 𝘈𝘤𝘤𝘰𝘱𝘴 𝘪𝘴 𝘢𝘯 𝘦𝘲𝘶𝘢𝘭 𝘰𝘱𝘱𝘰𝘳𝘵𝘶𝘯𝘪𝘵𝘺 𝘦𝘮𝘱𝘭𝘰𝘺𝘦𝘳 𝘤𝘰𝘮𝘮𝘪𝘵𝘵𝘦𝘥 𝘵𝘰 𝘣𝘶𝘪𝘭𝘥𝘪𝘯𝘨 𝘢 𝘤𝘶𝘭𝘵𝘶𝘳𝘦 𝘸𝘩𝘦𝘳𝘦 𝘢𝘭𝘭 𝘦𝘮𝘱𝘭𝘰𝘺𝘦𝘦𝘴 𝘢𝘳𝘦 𝘷𝘢𝘭𝘶𝘦𝘥, 𝘳𝘦𝘴𝘱𝘦𝘤𝘵𝘦𝘥 𝘢𝘯𝘥 𝘰𝘱𝘪𝘯𝘪𝘰𝘯𝘴 𝘤𝘰𝘶𝘯𝘵. 𝘞𝘦 𝘦𝘯𝘤𝘰𝘶𝘳𝘢𝘨𝘦 𝘢𝘱𝘱𝘭𝘪𝘤𝘢𝘵𝘪𝘰𝘯𝘴 𝘧𝘳𝘰𝘮 𝘢𝘭𝘭 𝘴𝘶𝘪𝘵𝘢𝘣𝘭𝘺 𝘲𝘶𝘢𝘭𝘪𝘧𝘪𝘦𝘥𝘱𝘦𝘳𝘴𝘰𝘯𝘴 𝘪𝘳𝘳𝘦𝘴𝘱𝘦𝘤𝘵𝘪𝘷𝘦 𝘰𝘧, 𝘣𝘶𝘵 𝘯𝘰𝘵 𝘭𝘪𝘮𝘪𝘵𝘦𝘥 𝘵𝘰, 𝘵𝘩𝘦𝘪𝘳 𝘨𝘦𝘯𝘥𝘦𝘳 𝘰𝘳 𝘨𝘦𝘯𝘦𝘵𝘪𝘤 𝘪𝘯𝘧𝘰𝘳𝘮𝘢𝘵𝘪𝘰𝘯, 𝘴𝘦𝘹𝘶𝘢𝘭 𝘰𝘳𝘪𝘦𝘯𝘵𝘢𝘵𝘪𝘰𝘯, 𝘦𝘵𝘩𝘯𝘪𝘤𝘪𝘵𝘺, 𝘳𝘦𝘭𝘪𝘨𝘪𝘰𝘯, 𝘴𝘰𝘤𝘪𝘢𝘭 𝘴𝘵𝘢𝘵𝘶𝘴, 𝘮𝘦𝘥𝘪𝘤𝘢𝘭 𝘤𝘢𝘳𝘦 𝘭𝘦𝘢𝘷𝘦 𝘳𝘦𝘲𝘶𝘪𝘳𝘦𝘮𝘦𝘯𝘵𝘴, 𝘱𝘰𝘭𝘪𝘵𝘪𝘤𝘢𝘭 𝘢𝘧𝘧𝘪𝘭𝘪𝘢𝘵𝘪𝘰𝘯, 𝘱𝘦𝘰𝘱𝘭𝘦 𝘸𝘪𝘵𝘩 𝘥𝘪𝘴𝘢𝘣𝘪𝘭𝘪𝘵𝘪𝘦𝘴, 𝘤𝘰𝘭𝘰𝘳, 𝘯𝘢𝘵𝘪𝘰𝘯𝘢𝘭 𝘰𝘳𝘪𝘨𝘪𝘯, 𝘷𝘦𝘵𝘦𝘳𝘢𝘯 𝘴𝘵𝘢𝘵𝘶𝘴, 𝘦𝘵𝘤. 𝘞𝘦 𝘤𝘰𝘯𝘴𝘪𝘥𝘦𝘳 𝘢𝘭𝘭 𝘢𝘱𝘱𝘭𝘪𝘤𝘢𝘵𝘪𝘰𝘯𝘴 𝘣𝘢𝘴𝘦𝘥 𝘰𝘯 𝘮𝘦𝘳𝘪𝘵 𝘢𝘯𝘥 𝘴𝘶𝘪𝘵𝘢𝘣𝘪𝘭𝘪𝘵𝘺 𝘵𝘰 𝘵𝘩𝘦 𝘳𝘰𝘭𝘦. Show more Show less

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like you? Then it seems like you’d make a great addition to our vibrant team. Siemens founded the new business unit Siemens Foundational Technologies (formerly known as Siemens IoT Services) on April 1, 2019 with its headquarter in Munich, Germany. It has been crafted to unlock the digital future of its clients by offering end-to-end support on their outstanding digitalization journey. Siemens Foundational Technologies is a strategic advisor and a trusted implementation partner in digital transformation and industrial IoT with a global network of more than 8000 employees in 10 countries and 21 offices. Highly skilled and experienced specialists offer services which range from consulting to craft & prototyping to solution & implementation and operation – everything out of one hand. We are looking for a Senior Software Engineer You’ll make a difference by: We are looking for a highly skilled Software Development Engineer with 5 to 8 years of experience in software development to join our team working on safety-critical systems in the Railway Automation domain. The ideal candidate will have a strong background in software and hardware integration, Linux systems, and network protocol analysis, with hands-on experience in hardware configuration and validation. Key Responsibilities: Design, develop, and maintain software for embedded and application-level systems in safety-critical environments. Perform hardware-software integration, including setup, configuration, and validation of embedded systems and networked devices. Configure and validate hardware test benches, including I/O modules, communication interfaces, and simulation tools. Conduct system-level and integration testing across software and hardware components. Analyze and debug issues using tools like Wireshark, Tcpdump, and nmap. Work with Debian-based Linux systems, including package management, service configuration, and system-level debugging. Collaborate with cross-functional teams including development, systems engineering, and safety assurance. Ensure compliance with industry safety standards and maintain detailed documentation for traceability and audits. Required Skills & Competencies: Programming Languages: Proficient in C, C++, and Python. Operating Systems: Strong experience with Linux OS, especially Debian-based distributions; knowledge of package management (.deb, apt, dpkg). Software Development: Proven experience in developing and maintaining software for embedded systems. Hardware Testing: Exposure to hardware configuration, I/O validation, and embedded system testing. Networking Protocols: Deep understanding of IP, TCP, UDP, and NTP. Debugging Tools: Proficient with Wireshark, Tcpdump, nmap, and other standard network analysis tools. Domain Knowledge: Experience in Railway Automation or other safety-critical domains (e.g., automotive, aerospace). Soft Skills: Strong analytical and problem-solving skills, excellent communication, and a collaborative mindset. Preferred Qualifications: Experience with real-time operating systems and embedded Linux. Familiarity with protocol layer testing, network simulation, and hardware-in-the-loop (HIL) testing. Knowledge of safety standards such as EN 50128, IEC 61508, or ISO 26262. Desired Skills: 5-8 years of experience is required. Great Communication skills. Analytical and problem-solving skills Join us and be yourself! We value your unique identity and perspective and are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Pune and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow. Find out more about Siemens careers at: www.siemens.com/careers & more about mobility at https://new.siemens.com/global/en/products/mobility.html Show more Show less

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like you? Then it seems like you’d make a great addition to our vibrant team. Siemens founded the new business unit Siemens Foundational Technologies (formerly known as Siemens IoT Services) on April 1, 2019 with its headquarter in Munich, Germany. It has been crafted to unlock the digital future of its clients by offering end-to-end support on their outstanding digitalization journey. Siemens Foundational Technologies is a strategic advisor and a trusted implementation partner in digital transformation and industrial IoT with a global network of more than 8000 employees in 10 countries and 21 offices. Highly skilled and experienced specialists offer services which range from consulting to craft & prototyping to solution & implementation and operation – everything out of one hand. We are looking for a Senior Software Test Engineer You’ll make a difference by: We are looking for a highly skilled Software Testing Engineer with 5 to 8 years of experience in test automation to join our team working on safety-critical systems in the Railway Automation domain. The ideal candidate will have a strong background in software and hardware integration testing, Linux systems, and network protocol analysis, with hands-on experience in hardware configuration and validation. Key Responsibilities: Design, develop, and execute automated and manual test cases for embedded and application-level software in safety-critical environments. Perform hardware-software integration testing, including setup, configuration, and validation of embedded systems and networked devices. Configure and validate hardware test benches, including I/O modules, communication interfaces, and simulation tools. Conduct system-level and integration testing across software and hardware components. Analyze and debug issues using tools like Wireshark, Tcpdump, and nmap. Work with Debian-based Linux systems, including package management, service configuration, and system-level debugging. Collaborate with cross-functional teams including development, systems engineering, and safety assurance. Ensure compliance with industry safety standards and maintain detailed documentation for traceability and audits. Required Skills & Competencies: Programming Languages: Proficient in C, C++, and Python. Operating Systems: Strong experience with Linux OS, especially Debian-based distributions; knowledge of package management (.deb, apt, dpkg). Test Automation: Proven experience in developing and maintaining automated test frameworks. Hardware Testing: Exposure to hardware configuration, I/O validation, and embedded system testing. Testing Standards: ISTQB Certified (Foundation or Advanced Level preferred). Testing Types: Expertise in integration testing, system testing, regression testing, and hardware-software co-validation. Networking Protocols: Deep understanding of IP, TCP, UDP, and NTP. Debugging Tools: Proficient with Wireshark, Tcpdump, nmap, and other standard network analysis tools. Domain Knowledge: Experience in Railway Automation or other safety-critical domains (e.g., automotive, aerospace). Soft Skills: Strong analytical and problem-solving skills, excellent communication, and a collaborative mindset. Preferred Qualifications: Experience with real-time operating systems and embedded Linux. Familiarity with protocol layer testing, network simulation, and hardware-in-the-loop (HIL) testing. Knowledge of safety standards such as EN 50128, IEC 61508, or ISO 26262. Desired Skills: 5-8 years of experience is required. Great Communication skills. Analytical and problem-solving skills Join us and be yourself! We value your unique identity and perspective and are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Pune and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 379,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit and business need. Bring your curiosity and imagination and help us shape tomorrow. Find out more about Siemens careers at: www.siemens.com/careers & more about mobility at https://new.siemens.com/global/en/products/mobility.html Show more Show less

Position Summary JobDescription:CyberRiskApplication Security Senior Consultant Are you interested in improving the cyber and organizationalrisk profiles of leading companies? Do youwanttobeinvolvedindeliveringAttackSurfaceManagement(ASM)Services including identifying potentially vulnerable IT assets or weak security configurations within their networks in real time? Are you excited about rapidly changing operational environments, learning what you need to get the job done, and producing accurate and timely results? Ifyes,thenDeloitte’s Attack Surface Management (ASM) teamcould betheplaceforyou!Transparency, innovation,collaboration,sustainability:thesearethehallmarkissuesshaping cyberinitiativestoday. Deloitte’s ASM business is passionate about making an impact with lasting change.Delivering our industry leading services requires fresh thinking and a creative approach. We collaborate with teams from across our organization to bring the fullbreadth ofDeloitte, its commercialand public sector expertise, to best support our clients.Our aspiration is to be the premier integrated services provider in helping to transform the cyber security services marketplace. Ourteamisclientfocusedandmissiondriven.AsaCyberRiskAttackSurfaceSeniorConsultant inDeloitte'sAttackSurfaceManagement(ASM) Services,you’llworkwithourdiverseteamsofpassionateprofessionals to help solve for some of today’s toughest cybersecurity challenges to enable or clients to achieve business growth and manage risk. Workyou’ll do AsanAttackSurface Management SeniorConsultant,youwillassistourclientswithdiscoveringvulnerabilitiesand rogue assets (such as shadow IT)in their networks as part of a team of engineers and analysts around the world who specialize in the tactics, tools and proceduresused by cyber criminals. Conduct vulnerability assessments and manual penetration testing for Web, API, Thick Client and mobile applications. Perform Secure code review and false positive analysis for vulnerabilities reported by industry standard tools. Respond torequestsfor ad-hocreporting andresearchtopicsfrommanagementand analysts as required Develop and implement application security policies and procedures. Identify and prioritizes security vulnerabilities. Coordinate with the application development teams and operations teams to assist with the remediations plans and securing the applications Quicklyunderstandanddeliver oncompanyandclient requirements Aidinandparticipateindaily,weekly,quarterly,andyearlyreporting forclients, partners, and internal teams AdheretointernaloperationalsecurityandotherDeloitte policies Qualifications Required: Bachelor'sdegreeorhigherinComputer Science, or equivalent experience. 5-9 years of hands-on experience in application security, vulnerability assessment, penetration testing, mobile application security, Thick Client and Web API security assessments. Strong understanding of OWASP Top 10 vulnerabilities but not limited to. Strong experience in manual assessment and exploitation of vulnerabilities such as Blind SQLi, XXE, SSRF, Insecure Deserialization, HTTP Request Smuggling etc. Strong understanding of OAUTHv2/OpenID standards and associated vulnerabilities. Strong understanding of business logic vulnerabilities. Experience in Secure Code Review in-line with OWASP Secure Coding Practices. Proficiency in industry standard tools such as Burp Suite, Fiddler, Sysinternals suite, Veracode, DnSpy, Olly debugger, IDA Pro, EchoMirage, Wireshark, Apktool, Jadx-gui, Frida etc. Ability to perform manual penetration testing and security assessments using automated tools. Excellent technical report writing skillset. Knowledge of web application components like frontend, backend, databases and application servers. Understanding in web development technologies like HTML, CSS, JavaScript, PHP, JAVA, .Net and backend databases. Experience with reviewing application security architectures and threat modelling. Understand on the basic concepts of reverse engineering, memory analysis etc. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP/s Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professionals (OSCP), Offensive Security Web Expert (OSWE), Burp Suite Certified Practitioner (BSCP), Web Application Penetration Tester (GWAPT). Preferred: Proficiency in Web and Mobile application security assessments, penetration testing and secure code review. Relevant publications such as blogs, tools, conference presentations and CVEs are preferred. Offensive Security Web Expert (OSWE) and Burp Suite Certified Practitioner (BSCP) certifications are preferred. Experience with automation and scripting (Python) are preferred. OutstandingEnglishwrittenand oralcommunicationskillsand theabilitytoprioritize work Strongunderstandingofweb, mobile and microservices vulnerabilities. Workingknowledgeofhowmaliciouscodeoperatesandhowtechnicalvulnerabilitiesare exploited. Stronganalyticalandproblem-solving skills. Self-motivatedtoupskill and learn new attack vectors. Astrongdesiretounderstandthewhat aswellasthewhy andthehowof security vulnerabilities. The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth,innovation,andperformanceagendasthroughproactivemanagementoftheassociatedcyber risks.Our professionalsprovideadvisory and implementation servicesthat integraterisk,regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Howyou’ll grow AtDeloitte,ourprofessionaldevelopmentplanfocusesonhelpingpeopleateveryleveloftheircareer to identify and use their strengths todo their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpenskills in addition to hands-on experience in the global, fast-changing business world.From on-the-job learningexperiencestoformaldevelopmentprogramsatDeloitteUniversity,ourprofessionalshavea variety of opportunitiestocontinuetogrowthroughout their career. ExploreDeloitteUniversity,The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employeesabroadrangeofbenefits. LearnmoreaboutwhatworkingatDeloittecanmeanforyou. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them theflexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programsandarecontinuouslylookingfornewwaystomaintainaculturewhereourpeopleexceland lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters.This purposedefines who we are and extendsto relationships with our clients, our people and our communities.We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadershiptohelpdrivepositivesocialimpactinourcommunities. LearnmoreaboutDeloitte’simpact on the world. Recruiter tips WewantjobseekersexploringopportunitiesatDeloittetofeelpreparedandconfident.Tohelpyou with your interview, we suggest that you do your research: know some background about the organizationandthebusinessareayou’reapplyingto. CheckoutrecruitingtipsfromDeloitte professionals. #CA-LD Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301459 Show more Show less

Position Summary JobDescription:CyberRiskApplication Security Senior Consultant Are you interested in improving the cyber and organizationalrisk profiles of leading companies? Do youwanttobeinvolvedindeliveringAttackSurfaceManagement(ASM)Services including identifying potentially vulnerable IT assets or weak security configurations within their networks in real time? Are you excited about rapidly changing operational environments, learning what you need to get the job done, and producing accurate and timely results? Ifyes,thenDeloitte’s Attack Surface Management (ASM) teamcould betheplaceforyou!Transparency, innovation,collaboration,sustainability:thesearethehallmarkissuesshaping cyberinitiativestoday. Deloitte’s ASM business is passionate about making an impact with lasting change.Delivering our industry leading services requires fresh thinking and a creative approach. We collaborate with teams from across our organization to bring the fullbreadth ofDeloitte, its commercialand public sector expertise, to best support our clients.Our aspiration is to be the premier integrated services provider in helping to transform the cyber security services marketplace. Ourteamisclientfocusedandmissiondriven.AsaCyberRiskAttackSurfaceSeniorConsultant inDeloitte'sAttackSurfaceManagement(ASM) Services,you’llworkwithourdiverseteamsofpassionateprofessionals to help solve for some of today’s toughest cybersecurity challenges to enable or clients to achieve business growth and manage risk. Workyou’ll do AsanAttackSurface Management SeniorConsultant,youwillassistourclientswithdiscoveringvulnerabilitiesand rogue assets (such as shadow IT)in their networks as part of a team of engineers and analysts around the world who specialize in the tactics, tools and proceduresused by cyber criminals. Conduct vulnerability assessments and manual penetration testing for Web, API, Thick Client and mobile applications. Perform Secure code review and false positive analysis for vulnerabilities reported by industry standard tools. Respond torequestsfor ad-hocreporting andresearchtopicsfrommanagementand analysts as required Develop and implement application security policies and procedures. Identify and prioritizes security vulnerabilities. Coordinate with the application development teams and operations teams to assist with the remediations plans and securing the applications Quicklyunderstandanddeliver oncompanyandclient requirements Aidinandparticipateindaily,weekly,quarterly,andyearlyreporting forclients, partners, and internal teams AdheretointernaloperationalsecurityandotherDeloitte policies Qualifications Required: Bachelor'sdegreeorhigherinComputer Science, or equivalent experience. 5-9 years of hands-on experience in application security, vulnerability assessment, penetration testing, mobile application security, Thick Client and Web API security assessments. Strong understanding of OWASP Top 10 vulnerabilities but not limited to. Strong experience in manual assessment and exploitation of vulnerabilities such as Blind SQLi, XXE, SSRF, Insecure Deserialization, HTTP Request Smuggling etc. Strong understanding of OAUTHv2/OpenID standards and associated vulnerabilities. Strong understanding of business logic vulnerabilities. Experience in Secure Code Review in-line with OWASP Secure Coding Practices. Proficiency in industry standard tools such as Burp Suite, Fiddler, Sysinternals suite, Veracode, DnSpy, Olly debugger, IDA Pro, EchoMirage, Wireshark, Apktool, Jadx-gui, Frida etc. Ability to perform manual penetration testing and security assessments using automated tools. Excellent technical report writing skillset. Knowledge of web application components like frontend, backend, databases and application servers. Understanding in web development technologies like HTML, CSS, JavaScript, PHP, JAVA, .Net and backend databases. Experience with reviewing application security architectures and threat modelling. Understand on the basic concepts of reverse engineering, memory analysis etc. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP/s Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professionals (OSCP), Offensive Security Web Expert (OSWE), Burp Suite Certified Practitioner (BSCP), Web Application Penetration Tester (GWAPT). Preferred: Proficiency in Web and Mobile application security assessments, penetration testing and secure code review. Relevant publications such as blogs, tools, conference presentations and CVEs are preferred. Offensive Security Web Expert (OSWE) and Burp Suite Certified Practitioner (BSCP) certifications are preferred. Experience with automation and scripting (Python) are preferred. OutstandingEnglishwrittenand oralcommunicationskillsand theabilitytoprioritize work Strongunderstandingofweb, mobile and microservices vulnerabilities. Workingknowledgeofhowmaliciouscodeoperatesandhowtechnicalvulnerabilitiesare exploited. Stronganalyticalandproblem-solving skills. Self-motivatedtoupskill and learn new attack vectors. Astrongdesiretounderstandthewhat aswellasthewhy andthehowof security vulnerabilities. The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth,innovation,andperformanceagendasthroughproactivemanagementoftheassociatedcyber risks.Our professionalsprovideadvisory and implementation servicesthat integraterisk,regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Howyou’ll Grow AtDeloitte,ourprofessionaldevelopmentplanfocusesonhelpingpeopleateveryleveloftheircareer to identify and use their strengths todo their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpenskills in addition to hands-on experience in the global, fast-changing business world.From on-the-job learningexperiencestoformaldevelopmentprogramsatDeloitteUniversity,ourprofessionalshavea variety of opportunitiestocontinuetogrowthroughout their career. ExploreDeloitteUniversity,The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employeesabroadrangeofbenefits. LearnmoreaboutwhatworkingatDeloittecanmeanforyou. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them theflexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programsandarecontinuouslylookingfornewwaystomaintainaculturewhereourpeopleexceland lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters.This purposedefines who we are and extendsto relationships with our clients, our people and our communities.We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadershiptohelpdrivepositivesocialimpactinourcommunities. LearnmoreaboutDeloitte’simpact on the world. Recruiter tips WewantjobseekersexploringopportunitiesatDeloittetofeelpreparedandconfident.Tohelpyou with your interview, we suggest that you do your research: know some background about the organizationandthebusinessareayou’reapplyingto. CheckoutrecruitingtipsfromDeloitte professionals. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301462 Show more Show less

Position Summary JobDescription:CyberRiskApplication Security Consultant Are you interested in improving the cyber and organizationalrisk profiles of leading companies? Do youwanttobeinvolvedindeliveringAttackSurfaceManagement(ASM)Services including identifying potentially vulnerable IT assets or weak security configurations within their networks in real time? Are you excited about rapidly changing operational environments, learning what you need to get the job done, and producing accurate and timely results? Ifyes,thenDeloitte’s Attack Surface Management (ASM) teamcould betheplaceforyou!Transparency, innovation,collaboration,sustainability:thesearethehallmarkissuesshaping cyberinitiativestoday. Deloitte’s ASM business is passionate about making an impact with lasting change.Delivering our industry leading services requires fresh thinking and a creative approach. We collaborate with teams from across our organization to bring the fullbreadth ofDeloitte, its commercialand public sector expertise, to best support our clients.Our aspiration is to be the premier integrated services provider in helping to transform the cyber security services marketplace. Ourteamisclientfocusedandmissiondriven.AsaCyberRiskAttackSurfaceSeniorConsultant inDeloitte'sAttackSurfaceManagement(ASM) Services,you’llworkwithourdiverseteamsofpassionateprofessionals to help solve for some of today’s toughest cybersecurity challenges to enable or clients to achieve business growth and manage risk. Workyou’ll do AsanAttackSurface Management Consultant,youwillassistourclientswithdiscoveringvulnerabilitiesand rogue assets (such as shadow IT)in their networks as part of a team of engineers and analysts around the world who specialize in the tactics, tools and proceduresused by cyber criminals. Conduct vulnerability assessments and manual penetration testing for Web, API, Thick Client and mobile applications. Perform Secure code review and false positive analysis for vulnerabilities reported by industry standard tools. Respond torequestsfor ad-hocreporting andresearchtopicsfrommanagementand analysts as required Develop and implement application security policies and procedures. Identify and prioritizes security vulnerabilities. Coordinate with the application development teams and operations teams to assist with the remediations plans and securing the applications Quicklyunderstandanddeliver oncompanyandclient requirements Aidinandparticipateindaily,weekly,quarterly,andyearlyreporting forclients, partners, and internal teams AdheretointernaloperationalsecurityandotherDeloitte policies Qualifications Required: Bachelor'sdegreeorhigherinComputer Science, or equivalent experience. 3-5 years of hands-on experience in application security, vulnerability assessment, penetration testing, mobile application security, Thick Client and Web API security assessments. Strong understanding of OWASP Top 10 vulnerabilities but not limited to. Strong experience in manual assessment and exploitation of vulnerabilities such as Blind SQLi, XXE, SSRF, Insecure Deserialization, HTTP Request Smuggling etc. Strong understanding of OAUTHv2/OpenID standards and associated vulnerabilities. Strong understanding of business logic vulnerabilities. Experience in Secure Code Review in-line with OWASP Secure Coding Practices. Proficiency in industry standard tools such as Burp Suite, Fiddler, Sysinternals suite, Veracode, DnSpy, Olly debugger, IDA Pro, EchoMirage, Wireshark, Apktool, Jadx-gui, Frida etc. Ability to perform manual penetration testing and security assessments using automated tools. Excellent technical report writing skillset. Knowledge of web application components like frontend, backend, databases and application servers. Understanding in web development technologies like HTML, CSS, JavaScript, PHP, JAVA, .Net and backend databases. Experience with reviewing application security architectures and threat modelling. Understand on the basic concepts of reverse engineering, memory analysis etc. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP/s Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professionals (OSCP), Offensive Security Web Expert (OSWE), Burp Suite Certified Practitioner (BSCP), Web Application Penetration Tester (GWAPT). Preferred: Proficiency in Web and Mobile application security assessments, penetration testing and secure code review. Relevant publications such as blogs, tools, conference presentations and CVEs are preferred. Offensive Security Web Expert (OSWE) and Burp Suite Certified Practitioner (BSCP) certifications are preferred. Experience with automation and scripting (Python) are preferred. OutstandingEnglishwrittenand oralcommunicationskillsand theabilitytoprioritize work Strongunderstandingofweb, mobile and microservices vulnerabilities. Workingknowledgeofhowmaliciouscodeoperatesandhowtechnicalvulnerabilitiesare exploited. Stronganalyticalandproblem-solving skills. Self-motivatedtoupskill and learn new attack vectors. Astrongdesiretounderstandthewhat aswellasthewhy andthehowof security vulnerabilities. The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth,innovation,andperformanceagendasthroughproactivemanagementoftheassociatedcyber risks.Our professionalsprovideadvisory and implementation servicesthat integraterisk,regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Howyou’ll Grow AtDeloitte,ourprofessionaldevelopmentplanfocusesonhelpingpeopleateveryleveloftheircareer to identify and use their strengths todo their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpenskills in addition to hands-on experience in the global, fast-changing business world.From on-the-job learningexperiencestoformaldevelopmentprogramsatDeloitteUniversity,ourprofessionalshavea variety of opportunitiestocontinuetogrowthroughout their career. ExploreDeloitteUniversity,The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employeesabroadrangeofbenefits. LearnmoreaboutwhatworkingatDeloittecanmeanforyou. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them theflexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programsandarecontinuouslylookingfornewwaystomaintainaculturewhereourpeopleexceland lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters.This purposedefines who we are and extendsto relationships with our clients, our people and our communities.We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadershiptohelpdrivepositivesocialimpactinourcommunities. LearnmoreaboutDeloitte’simpact on the world. Recruiter tips WewantjobseekersexploringopportunitiesatDeloittetofeelpreparedandconfident.Tohelpyou with your interview, we suggest that you do your research: know some background about the organizationandthebusinessareayou’reapplyingto. CheckoutrecruitingtipsfromDeloitte professionals. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 302277 Show more Show less

Position Summary JobDescription:CyberRiskApplication Security Senior Consultant Are you interested in improving the cyber and organizationalrisk profiles of leading companies? Do youwanttobeinvolvedindeliveringAttackSurfaceManagement(ASM)Services including identifying potentially vulnerable IT assets or weak security configurations within their networks in real time? Are you excited about rapidly changing operational environments, learning what you need to get the job done, and producing accurate and timely results? Ifyes,thenDeloitte’s Attack Surface Management (ASM) teamcould betheplaceforyou!Transparency, innovation,collaboration,sustainability:thesearethehallmarkissuesshaping cyberinitiativestoday. Deloitte’s ASM business is passionate about making an impact with lasting change.Delivering our industry leading services requires fresh thinking and a creative approach. We collaborate with teams from across our organization to bring the fullbreadth ofDeloitte, its commercialand public sector expertise, to best support our clients.Our aspiration is to be the premier integrated services provider in helping to transform the cyber security services marketplace. Ourteamisclientfocusedandmissiondriven.AsaCyberRiskAttackSurfaceSeniorConsultant inDeloitte'sAttackSurfaceManagement(ASM) Services,you’llworkwithourdiverseteamsofpassionateprofessionals to help solve for some of today’s toughest cybersecurity challenges to enable or clients to achieve business growth and manage risk. Workyou’ll do AsanAttackSurface Management SeniorConsultant,youwillassistourclientswithdiscoveringvulnerabilitiesand rogue assets (such as shadow IT)in their networks as part of a team of engineers and analysts around the world who specialize in the tactics, tools and proceduresused by cyber criminals. Conduct vulnerability assessments and manual penetration testing for Web, API, Thick Client and mobile applications. Perform Secure code review and false positive analysis for vulnerabilities reported by industry standard tools. Respond torequestsfor ad-hocreporting andresearchtopicsfrommanagementand analysts as required Develop and implement application security policies and procedures. Identify and prioritizes security vulnerabilities. Coordinate with the application development teams and operations teams to assist with the remediations plans and securing the applications Quicklyunderstandanddeliver oncompanyandclient requirements Aidinandparticipateindaily,weekly,quarterly,andyearlyreporting forclients, partners, and internal teams AdheretointernaloperationalsecurityandotherDeloitte policies Qualifications Required: Bachelor'sdegreeorhigherinComputer Science, or equivalent experience. 5-9 years of hands-on experience in application security, vulnerability assessment, penetration testing, mobile application security, Thick Client and Web API security assessments. Strong understanding of OWASP Top 10 vulnerabilities but not limited to. Strong experience in manual assessment and exploitation of vulnerabilities such as Blind SQLi, XXE, SSRF, Insecure Deserialization, HTTP Request Smuggling etc. Strong understanding of OAUTHv2/OpenID standards and associated vulnerabilities. Strong understanding of business logic vulnerabilities. Experience in Secure Code Review in-line with OWASP Secure Coding Practices. Proficiency in industry standard tools such as Burp Suite, Fiddler, Sysinternals suite, Veracode, DnSpy, Olly debugger, IDA Pro, EchoMirage, Wireshark, Apktool, Jadx-gui, Frida etc. Ability to perform manual penetration testing and security assessments using automated tools. Excellent technical report writing skillset. Knowledge of web application components like frontend, backend, databases and application servers. Understanding in web development technologies like HTML, CSS, JavaScript, PHP, JAVA, .Net and backend databases. Experience with reviewing application security architectures and threat modelling. Understand on the basic concepts of reverse engineering, memory analysis etc. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP/s Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professionals (OSCP), Offensive Security Web Expert (OSWE), Burp Suite Certified Practitioner (BSCP), Web Application Penetration Tester (GWAPT). Preferred: Proficiency in Web and Mobile application security assessments, penetration testing and secure code review. Relevant publications such as blogs, tools, conference presentations and CVEs are preferred. Offensive Security Web Expert (OSWE) and Burp Suite Certified Practitioner (BSCP) certifications are preferred. Experience with automation and scripting (Python) are preferred. OutstandingEnglishwrittenand oralcommunicationskillsand theabilitytoprioritize work Strongunderstandingofweb, mobile and microservices vulnerabilities. Workingknowledgeofhowmaliciouscodeoperatesandhowtechnicalvulnerabilitiesare exploited. Stronganalyticalandproblem-solving skills. Self-motivatedtoupskill and learn new attack vectors. Astrongdesiretounderstandthewhat aswellasthewhy andthehowof security vulnerabilities. The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth,innovation,andperformanceagendasthroughproactivemanagementoftheassociatedcyber risks.Our professionalsprovideadvisory and implementation servicesthat integraterisk,regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Howyou’ll grow AtDeloitte,ourprofessionaldevelopmentplanfocusesonhelpingpeopleateveryleveloftheircareer to identify and use their strengths todo their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpenskills in addition to hands-on experience in the global, fast-changing business world.From on-the-job learningexperiencestoformaldevelopmentprogramsatDeloitteUniversity,ourprofessionalshavea variety of opportunitiestocontinuetogrowthroughout their career. ExploreDeloitteUniversity,The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employeesabroadrangeofbenefits. LearnmoreaboutwhatworkingatDeloittecanmeanforyou. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them theflexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programsandarecontinuouslylookingfornewwaystomaintainaculturewhereourpeopleexceland lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters.This purposedefines who we are and extendsto relationships with our clients, our people and our communities.We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadershiptohelpdrivepositivesocialimpactinourcommunities. LearnmoreaboutDeloitte’simpact on the world. Recruiter tips WewantjobseekersexploringopportunitiesatDeloittetofeelpreparedandconfident.Tohelpyou with your interview, we suggest that you do your research: know some background about the organizationandthebusinessareayou’reapplyingto. CheckoutrecruitingtipsfromDeloitte professionals. #CA-LD Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301459 Show more Show less

Position Summary JobDescription:CyberRiskApplication Security Senior Consultant Are you interested in improving the cyber and organizationalrisk profiles of leading companies? Do youwanttobeinvolvedindeliveringAttackSurfaceManagement(ASM)Services including identifying potentially vulnerable IT assets or weak security configurations within their networks in real time? Are you excited about rapidly changing operational environments, learning what you need to get the job done, and producing accurate and timely results? Ifyes,thenDeloitte’s Attack Surface Management (ASM) teamcould betheplaceforyou!Transparency, innovation,collaboration,sustainability:thesearethehallmarkissuesshaping cyberinitiativestoday. Deloitte’s ASM business is passionate about making an impact with lasting change.Delivering our industry leading services requires fresh thinking and a creative approach. We collaborate with teams from across our organization to bring the fullbreadth ofDeloitte, its commercialand public sector expertise, to best support our clients.Our aspiration is to be the premier integrated services provider in helping to transform the cyber security services marketplace. Ourteamisclientfocusedandmissiondriven.AsaCyberRiskAttackSurfaceSeniorConsultant inDeloitte'sAttackSurfaceManagement(ASM) Services,you’llworkwithourdiverseteamsofpassionateprofessionals to help solve for some of today’s toughest cybersecurity challenges to enable or clients to achieve business growth and manage risk. Workyou’ll do AsanAttackSurface Management SeniorConsultant,youwillassistourclientswithdiscoveringvulnerabilitiesand rogue assets (such as shadow IT)in their networks as part of a team of engineers and analysts around the world who specialize in the tactics, tools and proceduresused by cyber criminals. Conduct vulnerability assessments and manual penetration testing for Web, API, Thick Client and mobile applications. Perform Secure code review and false positive analysis for vulnerabilities reported by industry standard tools. Respond torequestsfor ad-hocreporting andresearchtopicsfrommanagementand analysts as required Develop and implement application security policies and procedures. Identify and prioritizes security vulnerabilities. Coordinate with the application development teams and operations teams to assist with the remediations plans and securing the applications Quicklyunderstandanddeliver oncompanyandclient requirements Aidinandparticipateindaily,weekly,quarterly,andyearlyreporting forclients, partners, and internal teams AdheretointernaloperationalsecurityandotherDeloitte policies Qualifications Required: Bachelor'sdegreeorhigherinComputer Science, or equivalent experience. 5-9 years of hands-on experience in application security, vulnerability assessment, penetration testing, mobile application security, Thick Client and Web API security assessments. Strong understanding of OWASP Top 10 vulnerabilities but not limited to. Strong experience in manual assessment and exploitation of vulnerabilities such as Blind SQLi, XXE, SSRF, Insecure Deserialization, HTTP Request Smuggling etc. Strong understanding of OAUTHv2/OpenID standards and associated vulnerabilities. Strong understanding of business logic vulnerabilities. Experience in Secure Code Review in-line with OWASP Secure Coding Practices. Proficiency in industry standard tools such as Burp Suite, Fiddler, Sysinternals suite, Veracode, DnSpy, Olly debugger, IDA Pro, EchoMirage, Wireshark, Apktool, Jadx-gui, Frida etc. Ability to perform manual penetration testing and security assessments using automated tools. Excellent technical report writing skillset. Knowledge of web application components like frontend, backend, databases and application servers. Understanding in web development technologies like HTML, CSS, JavaScript, PHP, JAVA, .Net and backend databases. Experience with reviewing application security architectures and threat modelling. Understand on the basic concepts of reverse engineering, memory analysis etc. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP/s Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professionals (OSCP), Offensive Security Web Expert (OSWE), Burp Suite Certified Practitioner (BSCP), Web Application Penetration Tester (GWAPT). Preferred: Proficiency in Web and Mobile application security assessments, penetration testing and secure code review. Relevant publications such as blogs, tools, conference presentations and CVEs are preferred. Offensive Security Web Expert (OSWE) and Burp Suite Certified Practitioner (BSCP) certifications are preferred. Experience with automation and scripting (Python) are preferred. OutstandingEnglishwrittenand oralcommunicationskillsand theabilitytoprioritize work Strongunderstandingofweb, mobile and microservices vulnerabilities. Workingknowledgeofhowmaliciouscodeoperatesandhowtechnicalvulnerabilitiesare exploited. Stronganalyticalandproblem-solving skills. Self-motivatedtoupskill and learn new attack vectors. Astrongdesiretounderstandthewhat aswellasthewhy andthehowof security vulnerabilities. The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth,innovation,andperformanceagendasthroughproactivemanagementoftheassociatedcyber risks.Our professionalsprovideadvisory and implementation servicesthat integraterisk,regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Howyou’ll Grow AtDeloitte,ourprofessionaldevelopmentplanfocusesonhelpingpeopleateveryleveloftheircareer to identify and use their strengths todo their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpenskills in addition to hands-on experience in the global, fast-changing business world.From on-the-job learningexperiencestoformaldevelopmentprogramsatDeloitteUniversity,ourprofessionalshavea variety of opportunitiestocontinuetogrowthroughout their career. ExploreDeloitteUniversity,The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employeesabroadrangeofbenefits. LearnmoreaboutwhatworkingatDeloittecanmeanforyou. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them theflexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programsandarecontinuouslylookingfornewwaystomaintainaculturewhereourpeopleexceland lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters.This purposedefines who we are and extendsto relationships with our clients, our people and our communities.We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadershiptohelpdrivepositivesocialimpactinourcommunities. LearnmoreaboutDeloitte’simpact on the world. Recruiter tips WewantjobseekersexploringopportunitiesatDeloittetofeelpreparedandconfident.Tohelpyou with your interview, we suggest that you do your research: know some background about the organizationandthebusinessareayou’reapplyingto. CheckoutrecruitingtipsfromDeloitte professionals. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301462 Show more Show less

Position Summary JobDescription:CyberRiskApplication Security Consultant Are you interested in improving the cyber and organizationalrisk profiles of leading companies? Do youwanttobeinvolvedindeliveringAttackSurfaceManagement(ASM)Services including identifying potentially vulnerable IT assets or weak security configurations within their networks in real time? Are you excited about rapidly changing operational environments, learning what you need to get the job done, and producing accurate and timely results? Ifyes,thenDeloitte’s Attack Surface Management (ASM) teamcould betheplaceforyou!Transparency, innovation,collaboration,sustainability:thesearethehallmarkissuesshaping cyberinitiativestoday. Deloitte’s ASM business is passionate about making an impact with lasting change.Delivering our industry leading services requires fresh thinking and a creative approach. We collaborate with teams from across our organization to bring the fullbreadth ofDeloitte, its commercialand public sector expertise, to best support our clients.Our aspiration is to be the premier integrated services provider in helping to transform the cyber security services marketplace. Ourteamisclientfocusedandmissiondriven.AsaCyberRiskAttackSurfaceSeniorConsultant inDeloitte'sAttackSurfaceManagement(ASM) Services,you’llworkwithourdiverseteamsofpassionateprofessionals to help solve for some of today’s toughest cybersecurity challenges to enable or clients to achieve business growth and manage risk. Workyou’ll do AsanAttackSurface Management Consultant,youwillassistourclientswithdiscoveringvulnerabilitiesand rogue assets (such as shadow IT)in their networks as part of a team of engineers and analysts around the world who specialize in the tactics, tools and proceduresused by cyber criminals. Conduct vulnerability assessments and manual penetration testing for Web, API, Thick Client and mobile applications. Perform Secure code review and false positive analysis for vulnerabilities reported by industry standard tools. Respond torequestsfor ad-hocreporting andresearchtopicsfrommanagementand analysts as required Develop and implement application security policies and procedures. Identify and prioritizes security vulnerabilities. Coordinate with the application development teams and operations teams to assist with the remediations plans and securing the applications Quicklyunderstandanddeliver oncompanyandclient requirements Aidinandparticipateindaily,weekly,quarterly,andyearlyreporting forclients, partners, and internal teams AdheretointernaloperationalsecurityandotherDeloitte policies Qualifications Required: Bachelor'sdegreeorhigherinComputer Science, or equivalent experience. 3-5 years of hands-on experience in application security, vulnerability assessment, penetration testing, mobile application security, Thick Client and Web API security assessments. Strong understanding of OWASP Top 10 vulnerabilities but not limited to. Strong experience in manual assessment and exploitation of vulnerabilities such as Blind SQLi, XXE, SSRF, Insecure Deserialization, HTTP Request Smuggling etc. Strong understanding of OAUTHv2/OpenID standards and associated vulnerabilities. Strong understanding of business logic vulnerabilities. Experience in Secure Code Review in-line with OWASP Secure Coding Practices. Proficiency in industry standard tools such as Burp Suite, Fiddler, Sysinternals suite, Veracode, DnSpy, Olly debugger, IDA Pro, EchoMirage, Wireshark, Apktool, Jadx-gui, Frida etc. Ability to perform manual penetration testing and security assessments using automated tools. Excellent technical report writing skillset. Knowledge of web application components like frontend, backend, databases and application servers. Understanding in web development technologies like HTML, CSS, JavaScript, PHP, JAVA, .Net and backend databases. Experience with reviewing application security architectures and threat modelling. Understand on the basic concepts of reverse engineering, memory analysis etc. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP/s Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professionals (OSCP), Offensive Security Web Expert (OSWE), Burp Suite Certified Practitioner (BSCP), Web Application Penetration Tester (GWAPT). Preferred: Proficiency in Web and Mobile application security assessments, penetration testing and secure code review. Relevant publications such as blogs, tools, conference presentations and CVEs are preferred. Offensive Security Web Expert (OSWE) and Burp Suite Certified Practitioner (BSCP) certifications are preferred. Experience with automation and scripting (Python) are preferred. OutstandingEnglishwrittenand oralcommunicationskillsand theabilitytoprioritize work Strongunderstandingofweb, mobile and microservices vulnerabilities. Workingknowledgeofhowmaliciouscodeoperatesandhowtechnicalvulnerabilitiesare exploited. Stronganalyticalandproblem-solving skills. Self-motivatedtoupskill and learn new attack vectors. Astrongdesiretounderstandthewhat aswellasthewhy andthehowof security vulnerabilities. The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth,innovation,andperformanceagendasthroughproactivemanagementoftheassociatedcyber risks.Our professionalsprovideadvisory and implementation servicesthat integraterisk,regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Howyou’ll Grow AtDeloitte,ourprofessionaldevelopmentplanfocusesonhelpingpeopleateveryleveloftheircareer to identify and use their strengths todo their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpenskills in addition to hands-on experience in the global, fast-changing business world.From on-the-job learningexperiencestoformaldevelopmentprogramsatDeloitteUniversity,ourprofessionalshavea variety of opportunitiestocontinuetogrowthroughout their career. ExploreDeloitteUniversity,The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employeesabroadrangeofbenefits. LearnmoreaboutwhatworkingatDeloittecanmeanforyou. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them theflexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programsandarecontinuouslylookingfornewwaystomaintainaculturewhereourpeopleexceland lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters.This purposedefines who we are and extendsto relationships with our clients, our people and our communities.We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadershiptohelpdrivepositivesocialimpactinourcommunities. LearnmoreaboutDeloitte’simpact on the world. Recruiter tips WewantjobseekersexploringopportunitiesatDeloittetofeelpreparedandconfident.Tohelpyou with your interview, we suggest that you do your research: know some background about the organizationandthebusinessareayou’reapplyingto. CheckoutrecruitingtipsfromDeloitte professionals. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 302577 Show more Show less

Position Summary JobDescription:CyberRiskApplication Security Consultant Are you interested in improving the cyber and organizationalrisk profiles of leading companies? Do youwanttobeinvolvedindeliveringAttackSurfaceManagement(ASM)Services including identifying potentially vulnerable IT assets or weak security configurations within their networks in real time? Are you excited about rapidly changing operational environments, learning what you need to get the job done, and producing accurate and timely results? Ifyes,thenDeloitte’s Attack Surface Management (ASM) teamcould betheplaceforyou!Transparency, innovation,collaboration,sustainability:thesearethehallmarkissuesshaping cyberinitiativestoday. Deloitte’s ASM business is passionate about making an impact with lasting change.Delivering our industry leading services requires fresh thinking and a creative approach. We collaborate with teams from across our organization to bring the fullbreadth ofDeloitte, its commercialand public sector expertise, to best support our clients.Our aspiration is to be the premier integrated services provider in helping to transform the cyber security services marketplace. Ourteamisclientfocusedandmissiondriven.AsaCyberRiskAttackSurfaceSeniorConsultant inDeloitte'sAttackSurfaceManagement(ASM) Services,you’llworkwithourdiverseteamsofpassionateprofessionals to help solve for some of today’s toughest cybersecurity challenges to enable or clients to achieve business growth and manage risk. Workyou’ll do AsanAttackSurface Management Consultant,youwillassistourclientswithdiscoveringvulnerabilitiesand rogue assets (such as shadow IT)in their networks as part of a team of engineers and analysts around the world who specialize in the tactics, tools and proceduresused by cyber criminals. Conduct vulnerability assessments and manual penetration testing for Web, API, Thick Client and mobile applications. Perform Secure code review and false positive analysis for vulnerabilities reported by industry standard tools. Respond torequestsfor ad-hocreporting andresearchtopicsfrommanagementand analysts as required Develop and implement application security policies and procedures. Identify and prioritizes security vulnerabilities. Coordinate with the application development teams and operations teams to assist with the remediations plans and securing the applications Quicklyunderstandanddeliver oncompanyandclient requirements Aidinandparticipateindaily,weekly,quarterly,andyearlyreporting forclients, partners, and internal teams AdheretointernaloperationalsecurityandotherDeloitte policies Qualifications Required: Bachelor'sdegreeorhigherinComputer Science, or equivalent experience. 3-5 years of hands-on experience in application security, vulnerability assessment, penetration testing, mobile application security, Thick Client and Web API security assessments. Strong understanding of OWASP Top 10 vulnerabilities but not limited to. Strong experience in manual assessment and exploitation of vulnerabilities such as Blind SQLi, XXE, SSRF, Insecure Deserialization, HTTP Request Smuggling etc. Strong understanding of OAUTHv2/OpenID standards and associated vulnerabilities. Strong understanding of business logic vulnerabilities. Experience in Secure Code Review in-line with OWASP Secure Coding Practices. Proficiency in industry standard tools such as Burp Suite, Fiddler, Sysinternals suite, Veracode, DnSpy, Olly debugger, IDA Pro, EchoMirage, Wireshark, Apktool, Jadx-gui, Frida etc. Ability to perform manual penetration testing and security assessments using automated tools. Excellent technical report writing skillset. Knowledge of web application components like frontend, backend, databases and application servers. Understanding in web development technologies like HTML, CSS, JavaScript, PHP, JAVA, .Net and backend databases. Experience with reviewing application security architectures and threat modelling. Understand on the basic concepts of reverse engineering, memory analysis etc. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP/s Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professionals (OSCP), Offensive Security Web Expert (OSWE), Burp Suite Certified Practitioner (BSCP), Web Application Penetration Tester (GWAPT). Preferred: Proficiency in Web and Mobile application security assessments, penetration testing and secure code review. Relevant publications such as blogs, tools, conference presentations and CVEs are preferred. Offensive Security Web Expert (OSWE) and Burp Suite Certified Practitioner (BSCP) certifications are preferred. Experience with automation and scripting (Python) are preferred. OutstandingEnglishwrittenand oralcommunicationskillsand theabilitytoprioritize work Strongunderstandingofweb, mobile and microservices vulnerabilities. Workingknowledgeofhowmaliciouscodeoperatesandhowtechnicalvulnerabilitiesare exploited. Stronganalyticalandproblem-solving skills. Self-motivatedtoupskill and learn new attack vectors. Astrongdesiretounderstandthewhat aswellasthewhy andthehowof security vulnerabilities. The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth,innovation,andperformanceagendasthroughproactivemanagementoftheassociatedcyber risks.Our professionalsprovideadvisory and implementation servicesthat integraterisk,regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Howyou’ll Grow AtDeloitte,ourprofessionaldevelopmentplanfocusesonhelpingpeopleateveryleveloftheircareer to identify and use their strengths todo their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpenskills in addition to hands-on experience in the global, fast-changing business world.From on-the-job learningexperiencestoformaldevelopmentprogramsatDeloitteUniversity,ourprofessionalshavea variety of opportunitiestocontinuetogrowthroughout their career. ExploreDeloitteUniversity,The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employeesabroadrangeofbenefits. LearnmoreaboutwhatworkingatDeloittecanmeanforyou. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them theflexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programsandarecontinuouslylookingfornewwaystomaintainaculturewhereourpeopleexceland lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters.This purposedefines who we are and extendsto relationships with our clients, our people and our communities.We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadershiptohelpdrivepositivesocialimpactinourcommunities. LearnmoreaboutDeloitte’simpact on the world. Recruiter tips WewantjobseekersexploringopportunitiesatDeloittetofeelpreparedandconfident.Tohelpyou with your interview, we suggest that you do your research: know some background about the organizationandthebusinessareayou’reapplyingto. CheckoutrecruitingtipsfromDeloitte professionals. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 302277 Show more Show less

Position Summary JobDescription:CyberRiskApplication Security Senior Consultant Are you interested in improving the cyber and organizationalrisk profiles of leading companies? Do youwanttobeinvolvedindeliveringAttackSurfaceManagement(ASM)Services including identifying potentially vulnerable IT assets or weak security configurations within their networks in real time? Are you excited about rapidly changing operational environments, learning what you need to get the job done, and producing accurate and timely results? Ifyes,thenDeloitte’s Attack Surface Management (ASM) teamcould betheplaceforyou!Transparency, innovation,collaboration,sustainability:thesearethehallmarkissuesshaping cyberinitiativestoday. Deloitte’s ASM business is passionate about making an impact with lasting change.Delivering our industry leading services requires fresh thinking and a creative approach. We collaborate with teams from across our organization to bring the fullbreadth ofDeloitte, its commercialand public sector expertise, to best support our clients.Our aspiration is to be the premier integrated services provider in helping to transform the cyber security services marketplace. Ourteamisclientfocusedandmissiondriven.AsaCyberRiskAttackSurfaceSeniorConsultant inDeloitte'sAttackSurfaceManagement(ASM) Services,you’llworkwithourdiverseteamsofpassionateprofessionals to help solve for some of today’s toughest cybersecurity challenges to enable or clients to achieve business growth and manage risk. Workyou’ll do AsanAttackSurface Management SeniorConsultant,youwillassistourclientswithdiscoveringvulnerabilitiesand rogue assets (such as shadow IT)in their networks as part of a team of engineers and analysts around the world who specialize in the tactics, tools and proceduresused by cyber criminals. Conduct vulnerability assessments and manual penetration testing for Web, API, Thick Client and mobile applications. Perform Secure code review and false positive analysis for vulnerabilities reported by industry standard tools. Respond torequestsfor ad-hocreporting andresearchtopicsfrommanagementand analysts as required Develop and implement application security policies and procedures. Identify and prioritizes security vulnerabilities. Coordinate with the application development teams and operations teams to assist with the remediations plans and securing the applications Quicklyunderstandanddeliver oncompanyandclient requirements Aidinandparticipateindaily,weekly,quarterly,andyearlyreporting forclients, partners, and internal teams AdheretointernaloperationalsecurityandotherDeloitte policies Qualifications Required: Bachelor'sdegreeorhigherinComputer Science, or equivalent experience. 5-9 years of hands-on experience in application security, vulnerability assessment, penetration testing, mobile application security, Thick Client and Web API security assessments. Strong understanding of OWASP Top 10 vulnerabilities but not limited to. Strong experience in manual assessment and exploitation of vulnerabilities such as Blind SQLi, XXE, SSRF, Insecure Deserialization, HTTP Request Smuggling etc. Strong understanding of OAUTHv2/OpenID standards and associated vulnerabilities. Strong understanding of business logic vulnerabilities. Experience in Secure Code Review in-line with OWASP Secure Coding Practices. Proficiency in industry standard tools such as Burp Suite, Fiddler, Sysinternals suite, Veracode, DnSpy, Olly debugger, IDA Pro, EchoMirage, Wireshark, Apktool, Jadx-gui, Frida etc. Ability to perform manual penetration testing and security assessments using automated tools. Excellent technical report writing skillset. Knowledge of web application components like frontend, backend, databases and application servers. Understanding in web development technologies like HTML, CSS, JavaScript, PHP, JAVA, .Net and backend databases. Experience with reviewing application security architectures and threat modelling. Understand on the basic concepts of reverse engineering, memory analysis etc. Understanding of basic networking protocols such as TCP/IP, DNS, HTTP/s Understanding of vulnerability classification using National Vulnerability Database nomenclature such as CVE/CVSS Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professionals (OSCP), Offensive Security Web Expert (OSWE), Burp Suite Certified Practitioner (BSCP), Web Application Penetration Tester (GWAPT). Preferred: Proficiency in Web and Mobile application security assessments, penetration testing and secure code review. Relevant publications such as blogs, tools, conference presentations and CVEs are preferred. Offensive Security Web Expert (OSWE) and Burp Suite Certified Practitioner (BSCP) certifications are preferred. Experience with automation and scripting (Python) are preferred. OutstandingEnglishwrittenand oralcommunicationskillsand theabilitytoprioritize work Strongunderstandingofweb, mobile and microservices vulnerabilities. Workingknowledgeofhowmaliciouscodeoperatesandhowtechnicalvulnerabilitiesare exploited. Stronganalyticalandproblem-solving skills. Self-motivatedtoupskill and learn new attack vectors. Astrongdesiretounderstandthewhat aswellasthewhy andthehowof security vulnerabilities. The team Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth,innovation,andperformanceagendasthroughproactivemanagementoftheassociatedcyber risks.Our professionalsprovideadvisory and implementation servicesthat integraterisk,regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory’s Cyber Risk Services practice. Howyou’ll Grow AtDeloitte,ourprofessionaldevelopmentplanfocusesonhelpingpeopleateveryleveloftheircareer to identify and use their strengths todo their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to help sharpenskills in addition to hands-on experience in the global, fast-changing business world.From on-the-job learningexperiencestoformaldevelopmentprogramsatDeloitteUniversity,ourprofessionalshavea variety of opportunitiestocontinuetogrowthroughout their career. ExploreDeloitteUniversity,The Leadership Center. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employeesabroadrangeofbenefits. LearnmoreaboutwhatworkingatDeloittecanmeanforyou. Deloitte’s culture Our positive and supportive culture encourages our people to do their best work every day. We celebrate individuals by recognizing their uniqueness and offering them theflexibility to make daily choices that can help them to be healthy, centered, confident, and aware. We offer well-being programsandarecontinuouslylookingfornewwaystomaintainaculturewhereourpeopleexceland lead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters.This purposedefines who we are and extendsto relationships with our clients, our people and our communities.We believe that business has the power to inspire and transform. We focus on education, giving, skill-based volunteerism, and leadershiptohelpdrivepositivesocialimpactinourcommunities. LearnmoreaboutDeloitte’simpact on the world. Recruiter tips WewantjobseekersexploringopportunitiesatDeloittetofeelpreparedandconfident.Tohelpyou with your interview, we suggest that you do your research: know some background about the organizationandthebusinessareayou’reapplyingto. CheckoutrecruitingtipsfromDeloitte professionals. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 301462 Show more Show less