About the job: Position Overview: We are seeking a highly skilled and motivated ASM Specialist to join our Offensive Security Operations team. This role involves simulating real-world cyberattacks, identifying vulnerabilities, and actively managing the attack surface of enterprise environments. You will work closely with red teamers, threat intelligence analysts, and security stakeholders to detect, map, and reduce digital exposure across the organization's infrastructure. Key responsibilities: 1. Lead and execute Attack Surface Management (ASM) operations to identify external-facing vulnerabilities. 2. Simulate real-world attack scenarios within defined rules of engagement. 3. Maintain comprehensive visibility of internet-facing assets, including shadow IT. 4. Analyze and prioritize vulnerabilities based on risk and threat intelligence. 5. Collaborate with blue/red teams to improve security posture and reduce exposure. 6. Utilize frameworks such as MITRE ATT&CK for planning and simulation. 7. Communicate technical findings effectively to both technical and non-technical audiences. 8. Keep updated with latest threat actor tactics, techniques, and procedures (TTPs). Who can apply: Only those candidates can apply who: have minimum 1 years of experience are Computer Science Engineering students Salary: ₹ 3,00,000 /year Experience: 1 year(s) Deadline: 2025-08-17 23:59:59 Skills required: Ethical Hacking, Network Security, Network Management, Web Application Security, Cybersecurity, Security tools, Web Application Testing and Network Monitoring Other Requirements: 1. Experience in cybersecurity, red teaming, vulnerability management, or reverse engineering. 2. Holds certifications like OSCP, CRTO, GCIA, or equivalent. 3. Proven expertise in Red Team operations and ASM platforms/tools. 4. Strong knowledge of adversary simulation and threat intelligence. 5. Familiar with TTPs, DDoS, malware operations, and network scanning. 6. Understands how malicious code exploits vulnerabilities. 7. Exposure to cloud, DevOps, and enterprise environments. 8. Scripting/automation skills in Python, PowerShell are a plus. 9. Hands-on with tools like Shodan, Censys, and other recon platforms. 10. Excellent written and verbal communication skills. 11. Can explain technical findings to leadership and non-tech teams. 12. Strong prioritization, problem-solving, and time management. 13. Able to work in high-pressure, fast-paced settings. 14. Experience managing large-scale ASM programs. 15. Skilled at converting raw threat intelligence into insights. 16. Deep understanding of attack chains and defense evasion. 17. Experience working with globally distributed cybersecurity teams. 18. Passion for continuous learning and upskilling. 19. Bachelor’s or higher in Computer Science, InfoSec, IT, or related field. About Company: Beyond Cloud, a leading cybersecurity consultancy, empowers businesses to navigate the digital landscape confidently in cybersecurity, information security, and risk management. We provide innovative solutions to protect their valuable assets and manage cyber threats effectively. Our team of experts specializes in Penetration testing, Red Teaming, cybersecurity risk management, security operations, and cyber resilience. We are one of the top cybersecurity firms in India, offering a wide range of cybersecurity services. Trust Beyond Cloud for your cyber protection and safeguarding your business against emerging cyber threats.
Job Title: Attack Surface Management (ASM) Trainer Location: Remote Employment Type: Full-time Experience Required: 5+ Years in Cybersecurity / Offensive Security About the Role We are looking for an experienced and passionate Attack Surface Management (ASM) Trainer to lead hands-on training sessions for cybersecurity professionals and red teamers. The ideal candidate will have strong technical expertise in external attack surface discovery, vulnerability assessment, and ASM tools, along with a flair for teaching and mentoring. As a trainer, you will be responsible for designing and delivering high-impact training programs that equip learners with practical skills in ASM, OSINT, and vulnerability intelligence. You'll also guide learners in mastering real-world ASM tools and offensive techniques used in red team engagements. Key Responsibilities Design and deliver structured training modules on Attack Surface Management, OSINT, and vulnerability intelligence. Train participants in the use of ASM platforms (e.g., CyCognito, Netlas, Shodan, Censys, RiskIQ, etc.). Conduct hands-on labs covering domain/IP discovery, cloud exposure mapping, asset attribution, and misconfiguration detection. Teach how to analyze and prioritize external threats using frameworks like MITRE ATT&CK and CVSS/EPSS. Stay up to date with the latest ASM trends, tools, and adversary techniques and update course content accordingly. Conduct assessments and evaluations to monitor trainee progress. Mentor learners through real-world simulations and lab-based challenges. Support internal teams by developing knowledge-sharing sessions and upskilling programs. Technical Skills Required Strong experience in ASM, external threat mapping, and internet-wide scanning. Hands-on with tools like CyCognito, Netlas, Shodan, Censys, SecurityTrails, FOFA, ZoomEye, etc. Knowledge of vulnerability intelligence platforms (Tenable, Qualys, AWS Inspector). Deep understanding of OSINT techniques, reconnaissance workflows, and attack surface mapping. Scripting knowledge (Python, Bash, PowerShell) for automation is a plus. Familiarity with networking protocols (TCP/IP, HTTP/S, DNS), cloud services, and web attack vectors. Soft Skills Excellent presentation and public speaking skills. Strong ability to simplify complex concepts and communicate effectively with learners of all levels. Passionate about teaching, mentoring, and continuous learning. Ability to create engaging, hands-on content and real-world simulation environments. Preferred Certifications (Optional but a Plus) OSCP / CRTP / CRTO / CEH CySA+, CompTIA Security+ CVA or equivalent vulnerability-focused certifications Any cloud or OSINT certifications
Role Summary The Cyber Threat Intelligence Analyst is responsible for identifying, analyzing, and mitigating cyber threats originating from online platforms, hacker forums, and encrypted communication channels. The role involves continuous monitoring, intelligence gathering, and proactive threat mitigation strategies to protect organizational assets and data from cybercriminal activities. Candidates should have a deep understanding of cyber threat ecosystems, threat actor profiling, and intelligence tools. Key Responsibilities Conduct real-time monitoring of forums, marketplaces, and hidden sites for emerging threats. Identify compromised credentials, leaked confidential documents, and illicit trade of corporate data. Track ransomware groups, cybercriminal activities, and extortion tactics on underground forums and leak sites. Engage with cyber threat intelligence platforms to collect and analyze early warning indicators of potential attacks. Develop and implement intelligence-driven security measures to mitigate cyber threats. Provide risk assessment reports on ransomware threats, stolen data trends, and cyberattack patterns. Collaborate with cybersecurity teams to enforce threat takedown strategies and prevent unauthorized access. Stay updated on evolving threat landscapes and underground cybercrime tactics. Qualifications & Skills Strong investigative and analytical skills in cyber threat intelligence. Experience in cyber threat monitoring, threat actor profiling, and digital risk analysis. Proficiency with OSINT tools, domain registration lookups, and intelligence platforms. Understanding of ransomware attack lifecycles, breach detection techniques, and mitigation strategies. Familiarity with encrypted communication channels and underground cybercrime networks. Excellent communication and reporting skills. Cyber Threat Intelligence Services 1. Threat Monitoring & Detection Continuous scanning of forums, marketplaces, and hidden sites. Monitoring compromised credentials to detect breaches before escalation. Alerting security teams to prevent unauthorized access and identity theft. Tracking discussions of potential attacks to identify risks in advance. Identifying stolen data, malicious software, and illicit transactions. Detecting leaked confidential documents to prevent intellectual property theft. 2. Marketplaces & Code Hosting Monitoring Surveillance of marketplaces for illegal trade of sensitive data and exploits. Monitoring document-sharing platforms for leaked corporate data. Tracking code repositories for unauthorized leaks of proprietary software. 3. Ransomware Risk Profiling & Attack Lifecycle Intelligence Comprehensive analysis of ransomware threats targeting industries. Risk assessments to prioritize security actions and mitigation strategies. Identifying organizations compromised by ransomware gangs. Tracking ransomware groups and their extortion tactics. 4. Threat Actor Search & Intelligence Real-time monitoring of cybercriminal activities linked to organizations. Profiling threat actors with detailed insights into hacking groups and methods. Engaging with underground forums for intelligence gathering and early warnings. 5. Early Breach Detection & Threat Prevention Monitoring leaked credentials to detect breaches before escalation. Alerting security teams to prevent unauthorized access and identity theft. Tracking discussions of potential attacks to identify risks in advance. 6. Confidential Data & Intellectual Property Protection Detecting stolen documents on hidden file-sharing platforms. Monitoring unauthorized code leaks in illicit repositories. Issuing early alerts on intellectual property theft to prevent financial and reputational damage. 8. Encrypted Channel Intelligence Monitoring encrypted communication groups used by cybercriminals for data leaks and illicit activities. Tracking ransomware gangs and stolen credential discussions on private channels. Gaining early insights into underground cybercrime trends
Position: Brand Intelligence Trainer Company: Confidential Location: Bengaluru, Karnataka, India (remote) Role Summary The Brand Intelligence & Enforcement Trainer will be responsible for designing and delivering training programs to empower students and internal teams in identifying, analyzing, and mitigating brand-related threats. This role emphasizes brand enforcement, domain/IP takedown procedures, and DMCA-based protection strategies. The trainer will ensure participants gain practical expertise in safeguarding brand identity against counterfeiting, phishing, and other digital threats. Key Responsibilities Create and deliver comprehensive training sessions on brand enforcement and takedown strategies , covering counterfeit activities, phishing threats, and policy violations. Develop and update training materials, including guides, presentations, and modules on DMCA takedown processes , brand protection, and escalation procedures. Train teams to identify infringing content across domains, IP addresses, social media platforms, and websites , and initiate appropriate takedown actions. Provide detailed instructions on filing takedown requests and escalations with platforms such as Facebook, Instagram, LinkedIn, domain registrars, and hosting providers. Offer hands-on training in domain/IP analysis, WHOIS lookups, and registrar/host enforcement actions . Stay informed on evolving trends in digital risks, social media policies, brand misuse, and intellectual property enforcement . Monitor the effectiveness of takedown requests, follow up on unresolved cases, and ensure proper documentation of actions taken. Collaborate with internal teams to align training with organizational enforcement objectives. Collect feedback to refine training programs and ensure continuous improvement. Prepare and deliver training reports summarizing progress, participant engagement, and areas for improvement. Skills & Requirements Strong knowledge of brand enforcement, DMCA compliance, and takedown mechanisms . Experience in domain/IP analysis, registrar policies, and hosting provider escalation pathways . Familiarity with online monitoring tools and brand protection technologies. Understanding of intellectual property rights, copyright, and trademark enforcement . Excellent communication, presentation, and instructional skills. Ability to create structured learning paths and provide hands-on training.