360 Burp Suite Jobs - Page 5

Technical Skills- Penetration Testing, Vulnerability Management, Web Application Security, Network Security, Cloud Security (AWS, Azure), Security Compliance (HIPAA, PCI DSS, ISO 27001, NIST), Security Documentation, Security Tools (Qualys, Burp Suite, Nessus, Metasploit), Security Operations, Incident Response, Forensic Analysis, Risk Assessment, Security Audits Experience: 10+ years City: Bengaluru, Noida, Pune, Mumbai, Hyderabad, Mohali, Panchkula, Chennai Job Description: The candidate will have expertise in penetration testing, cloud security, compliance frameworks (HIPAA, PCI DSS), security documentation, and security tools such as Qualys, Burp Suite, and other industry-standard solutions Strong communication skills and the ability to document security processes effectively are essential for this role Key Responsibilities Penetration Testing & Vulnerability ManagementPerform penetration testing on web applications, networks, and cloud environments to identify security vulnerabilities Utilize tools like Burp Suite, Qualys, Nessus, Metasploit, and other scanning tools to detect threats Work with development and operations teams to remediate vulnerabilities and strengthen security posture Cloud SecurityEnsure cloud security best practices for AWS, Azure, and other cloud platforms Implement security controls for cloud-hosted applications and workloads Conduct security assessments and recommend security enhancements Compliance & Regulatory SecurityEnsure compliance with HIPAA, PCI DSS, ISO 27001, NIST, and other security frameworks Conduct audits, risk assessments, and compliance gap analysis Assist in developing policies, procedures, and security documentation to meet regulatory requirements Security Operations & Incident ResponseMonitor security logs and alerts for threat detection and response Work with security teams to investigate and mitigate security incidents Conduct forensic analysis in the event of security breaches Documentation & CommunicationDevelop and maintain security policies, procedures, and technical documentation Create security reports and communicate findings effectively to stakeholders Provide security training and awareness programs for employees

Position Purpose The purpose of the position is to help with the information security topics mentioned in the direct responsibilities. Responsibilities Direct Responsibilities - Executing IT risk assessment reviews, identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans. Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate. Knowledge of Secure Development methodologies and frameworks. Hands-on experience in penetration testing and tools like AppScan, Webinspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity Well-versed in conducting Security Review, Assessments and providing recommendations. Knowledge of OWASP, SANS standards. Experience in Process Improvement, Controls Enhancement and Reporting. - Engaging with organization wide risk and control groups, including internal audit and territory control teams. - Working with Technology stakeholders (including Production Support and Development teams) to identify the IT risks affecting the organization and formulating appropriate remediation strategies based on full understanding of business exposure and compensating controls. Contributing Responsibilities Excellent understanding of development security and its implementation in systems: identification, authentication, access control and provisioning, alignment of jurisdiction to business process Knowledge of single-sign-on security strategies (e.g. SAML, OAUTH2, SiteMinder etc.) Excellent understanding of authentication related mechanisms (Kerberos, One Time Passwords, PKI) Good understanding of cryptography and its practical uses within secure application development Familiarity with common security vulnerabilities (e.g. OWASP Top 10) Strong technical skills required to understand vulnerabilities in detail and how to resolve/mitigate them. Excellent knowledge of programming best practices, design patterns, etc. Excellent problem solving skills, being able to develop approaches to complex technology and strategy problems, building consensus across diverse interest groups and working within constraints of practical delivery yet able to think beyond the requirements of immediate issues. Well-developed written communication skills with the ability to summarise key issues, conclusions and recommendations in report form. Target audiences will include regulatory authorities and internal/external auditors. Technical & Behavioral Competencies Excellent knowledge of programming best practices, design patterns, etc. Excellent problem solving skills, being able to develop approaches to complex technology and strategy problems, building consensus across diverse interest groups and working within constraints of practical delivery yet able to think beyond the requirements of immediate issues. Well-developed written communication skills with the ability to summarize key issues, conclusions and recommendations in report form. Target audiences will include regulatory authorities and internal/external auditors. Hands-on experience in penetration testing and tools like AppScan, Webinspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity, Sonatype, Blackduck Well-versed in conducting Security Review, Assessments and providing recommendations. Knowledge of OWASP, SANS standards. Experience in Process Improvement, Controls Enhancement and Reporting. Excellent Inter personal and presentation skills Strong in verbal and written communication Ability to liaise with cross-functional stakeholders globally Clear understanding of application and data security Must be flexible, independent, self-motivated Good analytical skills Specific Qualifications (if required) - CEH, SSCP, OSCP certified. - Technical Graduate (Computer Science) Preferable. Skills Referential Behavioural Skills : (Please select up to 4 skills) Ability to collaborate / Teamwork Communication skills - oral & written Ability to share / pass on knowledge Active listening Transversal Skills: (Please select up to 5 skills) Ability to understand, explain and support change Analytical Ability Ability to develop and adapt a process Ability to develop and leverage networks Ability to manage / facilitate a meeting, seminar, committee, training Education Level: Bachelor Degree or equivalent

As a Lead Data Scraping Engineer, you will be a vital part of our team in Ahmedabad/WFO, bringing your senior-level expertise with over 4 years in the IT scraping industry. Your role will involve not only hands-on data scraping using tools like Scrapy and Python libraries but also leading and mentoring a team of 5+ developers to deliver successful projects within set timelines. Your primary responsibilities will include designing and implementing scalable data scraping solutions, managing project timelines, and ensuring the team's success through effective leadership. You will be expected to utilize advanced scraping techniques, reverse engineering, and automation to overcome scraping restrictions and automate interactions effectively. In addition to overseeing proxies, IP rotation, and SSL unpinning for efficient scraping, you will also be responsible for maintaining API integrations, data pipelines, and ensuring code quality through version control, error handling, and documentation. Collaboration with cross-functional teams, performance monitoring, and providing solutions under high-pressure environments will also be key aspects of your role. To excel in this position, you should have a minimum of 4 years of experience in data scraping, with at least 2 years of leadership experience managing a team of developers. Proficiency in tools like Scrapy, Threading, requests, and web automation, along with advanced Python skills, is essential. Additionally, strong technical skills in captcha solving, blocking handling, source reverse engineering, and API management are required. Your leadership skills should include basic project management, moderate documentation, team handling, pressure management, flexibility, adaptability, and high accountability. Experience with Linux, as well as knowledge of tools like Appium, Fiddler, and Burp Suite, would be considered a plus. If you are passionate about data scraping, possess strong technical expertise, and thrive in a leadership role, we encourage you to apply and be part of our dynamic team.,

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the teams goal. Responsibilities Direct Responsibilities Direct Responsibilities - To perform Penetration testing (Gray Box and/or Black Box) for Web applications; Thick Client, API, and mobile applications. - To understand the applications security requirements and identify & document the scope of the test - Ensure execution of the documented security scenarios for the application under test. - Document and report all findings - Collaborate with the developers to help them understand the vulnerabilities reported in application - Escalate issues to the local management and onshore stakeholders in case it affects the testing progress - Ensure processes for the project is followed for the assessments Note : - Optional, experience in Source Code Assessment (SCA)/SAST, Mobile Testing Contributing Responsibilities Technical & Behavioral Competencies - Clear understanding of OWASP Top 10 - application security risks - Tools/OS: Burp Suite, OWASP ZAP, Kali Linux - Manual Security Testing & Analysis, Security Test Designing - Excellent Inter personal and presentation skills - Strong in verbal and written communication - Good analytical skills - Strong Time Management - Must be flexible, independent, self-motivated - Team player Specific Qualifications (if required) CSSLP/CEH or equivalent certification preferred

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModellingAbility to conduct threat modelling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Security TestingExperience with static and dynamic application security testing (SAST/DAST) tools. Security ToolsProficiency in using security tools like Burp Suite, Nessus, or Fortify.

VAPTConsultant Preferred Knowledge 3-4 years of experience in IT Security. Preferably possess industry certifications like CEH Familiarity with security standards (OWASP, SANS, ISO ) Hands-on experience of security testing tools such as Burp Suite, Kali-Linux, Appscan, Nessus. Basic Knowledge of Programming and scripting languages Proficient in MS Office for making reports and sharing with customer Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise 3-4 years of demonstrating experience in planning and executing VA & penetration tests exercises against web applications, APIs, Network. Minimum 3+ years of experience in Network and Application Security Proficient in Secure coding best practices and OWASP TOP 10 vulnerabilities Experience in security requirements analysis for application Experience in security requirement implementation recommendations & guidance Prior experience in Network & Application Security Test planning & coordination Experience in Application risk mitigation planning, Vulnerabilities remediation recommendation & guidance, Compliance & Metrics reporting Preferred technical and professional experience 3-4 years of experience in IT Security. Preferably possess industry certifications like CEH Familiarity with security standards (OWASP, SANS, ISO ) Hands-on experience of security testing tools such as Burp Suite, Kali-Linux, Appscan, Nessus. Basic Knowledge of Programming and scripting languages Proficient in MS Office for making reports and sharing with customer

IT Security HeadCandidate Skill:Technical SkillsPenetration Testing, Vulnerability Management, Cloud Security (AWS, Azure), Compliance Frameworks (HIPAA, PCI DSS, ISO 27001, NIST), Security Documentation, Security Tools (Qualys, Burp Suite, Nessus, Metasploit, other industry-standard scanning tools), Security Operations & Incident Response, Forensic Analysis, Security Policy & Procedure Development, Security Training & Awareness Programs Experience:4+ YearsCity:Gurgaon, BengaluruCountry:India Job Description:The candidate will have expertise in penetration testing, cloud security, compliance frameworks (HIPAA, PCI DSS), security documentation, and security tools such as Qualys, Burp Suite, and other industry-standard solutions Strong communication skills and the ability to document security processes effectively are essential for this role Key ResponsibilitiesPenetration Testing & Vulnerability ManagementPerform penetration testing on web applications, networks, and cloud environments to identify security vulnerabilities Utilize tools like Burp Suite, Qualys, Nessus, Metasploit, and other scanning tools to detect threats Work with development and operations teams to remediate vulnerabilities and strengthen security posture Cloud SecurityEnsure cloud security best practices for AWS, Azure, and other cloud platforms Implement security controls for cloud-hosted applications and workloads Conduct security assessments and recommend security enhancements Compliance & Regulatory SecurityEnsure compliance with HIPAA, PCI DSS, ISO 27001, NIST, and other security frameworks Conduct audits, risk assessments, and compliance gap analysis Assist in developing policies, procedures, and security documentation to meet regulatory requirements Security Operations & Incident ResponseMonitor security logs and alerts for threat detection and response Work with security teams to investigate and mitigate security incidents Conduct forensic analysis in the event of security breaches Documentation & CommunicationDevelop and maintain security policies, procedures, and technical documentation Create security reports and communicate findings effectively to stakeholders Provide security training and awareness programs for employees

We are seeking an experienced and highly skilled Penetration Tester with expertise in mobile application security, specifically for both Android and iOS platforms. As a Penetration Tester, you will be responsible for identifying and exploiting vulnerabilities in mobile applications, networks, APIs, and other critical systems. Your primary responsibility will be performing thorough security assessments, including reverse engineering, malware analysis, and incident forensics, to ensure the security and resilience of mobile applications and systems. The ideal candidate should have hands-on experience with penetration testing tools, mobile application testing, and advanced exploitation techniques. You will also be expected to collaborate with various teams, including Red Teams, to develop strategic security initiatives and offer expert-level recommendations for security improvements. Key Responsibilities: Mobile Application Penetration Testing: Conduct in-depth security assessments of mobile applications for both Android and iOS platforms, identifying vulnerabilities and recommending remediation strategies. Red Team Activities: Participate in Red Team exercises to simulate real-world attacks, uncover hidden threats, and assess the effectiveness of security controls. Security Assessments: Perform penetration testing on applications, networks, mobile platforms, APIs, cloud environments, and critical systems to identify advanced threats and vulnerabilities. Custom Exploit Development: Develop custom exploit code and scripts to demonstrate potential security risks to stakeholders and stakeholders, providing hands-on demonstrations of vulnerabilities. Reverse Engineering & Malware Analysis: Use reverse engineering techniques and tools to analyze complex threats, malware, and incidents, providing detailed reports on findings. Collaboration with Leadership: Collaborate with executive leadership and management to develop and execute strategic security initiatives and roadmaps to mitigate security risks. Security Architecture Guidance: Provide expert-level guidance on secure coding practices, cryptography, architecture design principles, and implementation to mitigate risks effectively. Tool Development & Automation: Develop custom penetration testing tools and scripts to automate testing processes and enhance capabilities for thorough assessments. Incident Forensics: Lead efforts to analyze and investigate security incidents, determining the root causes and recommending improvements for better prevention. Required Skills and Qualifications: Mobile Pen Testing Expertise: Strong experience in mobile application penetration testing for both Android and iOS platforms. Penetration Testing Tools: Expertise in tools and frameworks such as Metasploit, Burp Suite, Nessus, NMAP, and custom/open-source tools. Red Teaming & Advanced Exploitation: Advanced proficiency in red teaming, black box testing, and using advanced exploitation techniques to identify vulnerabilities. Malware Analysis & Reverse Engineering: Experience in malware analysis and reverse engineering to assess complex threats and incidents. Cryptography & Secure Coding: In-depth knowledge of cryptography, secure coding practices, and secure architecture design principles. Custom Tools & Scripting: Hands-on experience in developing custom scripts and tools to automate testing processes and enhance the effectiveness of assessments. Penetration Testing Methodologies: Expertise in applying penetration testing methodologies, including both network and application-level security assessments. Certifications (Preferred): o OSCP (Offensive Security Certified Professional) o CRTP (Certified Red Team Professional) o eLearn Security Certified Professional Penetration Tester V0 o Any other relevant certifications are a plus. Required Experience: Overall Experience: 12+ years in penetration testing, security assessments, and threat analysis. Relevant Experience: 10 years of hands-on experience specifically in penetration testing for mobile applications (Android & iOS), network security, cloud environments, and APIs. Experience working in Red Team environments is a plus. Mandatory Key Skills Mobile Application Security,Android,iOS,Security Assessments,Reverse Engineering,Malware Analysis,Root Cause Analysis,Network Security,Scripting,Automation,Penetration Testing*

About the Job Were looking for a Team Lead, Testing & Quality, to join our growing product development team and be responsible for owning, implementing, and executing test plans and test cases. As Team Lead, Testing & Quality, You Will Review and analyze system specifications. Collaborate with QA Engineers to develop effective strategies and test plans. Execute test cases (manual or automated) and analyze results. Evaluate product code according to specifications. Create logs to document testing phases and defects. Help troubleshoot issues. Conduct post-release/ post-implementation testing. Work with cross-functional teams to ensure quality throughout the software development lifecycle. Provide strong technical leadership in Quality Assurance Engineering towards delivering Standalone / cloud-based APIs. Deliver test suites for highly scalable and reliable business applications using the latest web technologies and cloud services. Maintain a suite of existing web applications and services by implementing new features and fixing critical bugs. Actively participate in enhancing the QA and automation frameworks. Build and Automate end-to-end test scenarios and simulate device behaviors via tests. Research, visualize, and interpret Big Data to suit business needs. Be the link between the technical architects and developers, non-technical personnel translate business requirements into functional requirements. Focus on the quality delivery for product releases. Be a Technical lead for a team of testers based onsite and offsite. Build a strong automation team. As Team Lead, Testing & Quality, You Need A graduate with a minimum of 5 years of experience as a Software Tester or Senior Software Tester. Proven experience as a Quality Assurance Tester or similar role. Experience in project management and QA methodology. Familiarity with Agile frameworks and regression testing is a plus. Test Plan & Execution experience. Working knowledge of test management software (e.g., Jira, qTest, Zephyr) and SQL. Excellent communication skills. Attention to detail. Analytical mind and problem-solving aptitude. Strong organizational skills. Strong technical knowledge in Google Sheets, MS Excel, MS Word, and PowerPoint / Google Slides. Experience in writing manual test cases. Experience with any one of the Automation tools JMeter, BlazeMeter, TestRail, QTest, Selenium, or Cypress. Experience with Postman for API testing. Experience with tools like SonarQube, ESLint, or Burp is an added advantage.

About the Role: Duration: 6 months Notice Period: (Immediate Joiner - Only) (General Shift & UK shift), 5days work from the Office, a Cab facility is there. Job responsibilities: Conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests, and Cloud on system and network levels, employing advanced ethical hacking techniques. Application Penetration Testing (Browser-based, API, Mobile, IoT) Threat Modeling Source Code Review Perform penetration testing on web applications and APIs (internal and external) to identify, assess, and report on vulnerabilities in their applications. Perform red team exercises to determine weaknesses in the clients infrastructure and how it should be remediated. Organizing and delivering technical security operational briefings for both technical and non-technical audiences. Set scope, objectives, and timelines for penetration testing engagements and leverage data to create useful metrics. Dynamic application security testing (DAST) scans on the identified targets without credentials. Perform credentialed DAST scans on known client URLs. Research to identify new attack vectors. Review and provide feedback for all Security Artifacts. Play a critical role in building an AppSec program that has a wide scope and impact. Researching open-source emerging technologies, developing required frameworks and capabilities to perform red team exercises on new technologies adopted by clients. Preparing and delivering clear, accurate, and concise written and oral technical reports for management. Job specifications: Qualification: Bachelors degree in Engineering or closely related coursework in technology development disciplines Certifications like OSCP, CEH, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN are desirable Experience: Total Experience 4+ years Desired Skills: Knowledge and Experience: Offensive Security Certified Professional (OSCP) and/or Offensive Security Certified Expert (OSCE). A thorough understanding of the Secure Development Life Cycle Have comprehensive knowledge of common vulnerabilities (e.g., OWASP Top 10), diverse application attack vectors, security testing processes, and both wired and wireless network security protocols. Have familiarity with common threat tactics and tools (Nmap, Metasploit, Kali Linux, Burp Suite Pro, CobaltStrike, App Detective, Web Inspect, etc.) Cloud Service penetration testing tradecraft and methodologies across one or more service providers (e.g., AWS, GCP, etc.) Mobile platform penetration testing tradecraft and methodologies across widely-used platforms (iOS and/or Android). Microservices testing Ability to find and exploit bugs in: C++, Java, JavaScript, Go, and Python Kubernetes, AWS, GCP, or Azure Memory management, namespaces, cgroups, etc. Passion for writing code to solve problems, combined with an interest in Offensive Security. Ability to demonstrate a strong background in one of the following languages: Golang, Python, Java, JavaScript, C++, C Personal Attributes: Self-starter and quick learner requiring minimal ramp-up Excellent analytical, written, oral, and interpersonal communication skills Highly self-motivated, self-directed, and attentive to detail Ability to effectively prioritize and execute tasks in a high-pressure environment Strong communications skills to comfortably work cross-functionally across the organization.

Dear All, We are hiring for one of our MNC Product Based Company in Bangalore location ... Please find below more about this job details Also, Please follow us on below given our company Linkedin URL for more daily job updates https://www.linkedin.com/company/hirednext-recruitment-service/ Penetration Tester Experience : 4 to 8 Yrs Skills :OSCP or CRTP Certified,Burp Suite, Metasploit,Nmap, Nikto, SQLmap, John the Ripper, Hydra,Python, Bash, PowerShell, MITRE ATT&CK, NIST, and STRIDE,Python, Bash, or PowerShell,linux,windows JD: Perform penetration testing and security assessments of web applications, APIs, Android, IOS, cloud infrastructure, embedded systems, and network environments. Conduct threat modelling and vulnerability assessments during different stages of the software development lifecycle (SDLC). Simulate real-world attacks to identify potential security weaknesses in enterprise and automotive systems. Provide detailed and well-documented reports of findings with actionable remediation guidance. Collaborate with development, architecture, DevOps, and infrastructure teams to mitigate vulnerabilities and strengthen security controls. Perform retesting to validate resolved vulnerabilities. Stay current on latest attack techniques, vulnerabilities, and tools in the cybersecurity domain. Contribute to internal knowledge bases, red team frameworks, and automation of recurring testing processes. Minimum 4-5 years of professional experience in penetration testing, ethical hacking, or red teaming. Mandatory certification: OSCP or CRTP. Solid experience using penetration testing tools such as: Burp Suite Metasploit Nmap, Nikto, SQLmap, John the Ripper, Hydra, etc. Proficiency in scripting languages like Python, Bash, or PowerShell for automation. Strong understanding of: OWASP Top 10 vulnerabilities Secure coding practices Network protocols and architecture Web and mobile application security Experience working in Linux and Windows environments. Familiarity with threat modelling and security frameworks like MITRE ATT&CK, NIST, and STRIDE. Best Regards, Prathyusha B pratyusha@hirednext.info Recruitment Executive

At least 7 year of experience as a penetration tester Proven abilities to approach a black box and white box testing. Proven hands on experience in manual pen testing as major part of work profile Hands-on experience with vulnerability scanners (static and/or dynamic) and frameworks, including but not limited to Burp Suite, Checkmark, OWASP ZAP, Burp, Nmap, Nessus, Metasploit Framework Good hands on experience with API penetration testing of Rest/SOAP based interfaces Perfect knowledge of OWASP methodology and web vulnerabilities – you can easily explain and show how it works Python or any other scripting language. Comfortable using and working linux/unix environments Desirable skills to have PCI, NIST guidelines including PII, ISO2700x, cloud security, virtualization, SecDevOps, containerized deployment. Extremely committed and self-motivated individual with ability to deliver in challenging situations Excellent written and oral communication Assessing application and solution security controls against black box», grey box» and white box» attacks using both manual and automated (DAST) penetration techniques Assessment of penetration test results with development teams, contribution to risk mitigation actions Source code analysis (client/server/database) for vulnerabilities with scanning tools - SAST Roles and Responsibilities Discovering all information on system and solution exploitability ( of Top 10 vulnerabilities categorized by OWASP, CWE/CVE like XSS, CSRF, CRLF, SQLi, XXE and uncommon HTTP Request Smuggling/Splitting, other) and security weaknesses from a variety of sources ( technical documentation, source code, communication with project and development teams) Assessing application and solution security controls against black box», grey box» and white box» attacks using both manual and automated (DAST) penetration techniques Assessment of penetration test results with development teams, contribution to risk mitigation actions Source code analysis (client/server/database) for vulnerabilities with scanning tools - SAST Analysis of customer and 3rd party penetration test results and communicating security results to the customer Vulnerability assessment using various commercial and open source tool Software Composition Analysis of product open source libraries using various tools Contribution in enhancing penetration testing process, tools and automation of SAST/DAST tools in CI/CD pipelines

: We are seeking an experienced and highly skilled Penetration Tester with expertise in mobile application security, specifically for both Android and iOS platforms. As a Senior Penetration Tester, you will be responsible for identifying and exploiting vulnerabilities in mobile applications, networks, APIs, and other critical systems. Your primary responsibility will be performing thorough security assessments, including reverse engineering, malware analysis, and incident forensics, to ensure the security and resilience of mobile applications and systems. The ideal candidate should have hands-on experience with penetration testing tools, mobile application testing, and advanced exploitation techniques. You will also be expected to collaborate with various teams, including Red Teams, to develop strategic security initiatives and offer expert-level recommendations for security improvements. Key Responsibilities: Mobile Application Penetration Testing: Conduct in-depth security assessments of mobile applications for both Android and iOS platforms, identifying vulnerabilities and recommending remediation strategies. Red Team Activities: Participate in Red Team exercises to simulate real-world attacks, uncover hidden threats, and assess the effectiveness of security controls. Security Assessments: Perform penetration testing on applications, networks, mobile platforms, APIs, cloud environments, and critical systems to identify advanced threats and vulnerabilities. Custom Exploit Development: Develop custom exploit code and scripts to demonstrate potential security risks to stakeholders and stakeholders, providing hands-on demonstrations of vulnerabilities. Reverse Engineering & Malware Analysis: Use reverse engineering techniques and tools to analyze complex threats, malware, and incidents, providing detailed reports on findings. Collaboration with Leadership: Collaborate with executive leadership and senior management to develop and execute strategic security initiatives and roadmaps to mitigate security risks. Security Architecture Guidance: Provide expert-level guidance on secure coding practices, cryptography, architecture design principles, and implementation to mitigate risks effectively. Tool Development & Automation: Develop custom penetration testing tools and scripts to automate testing processes and enhance capabilities for thorough assessments. Incident Forensics: Lead efforts to analyze and investigate security incidents, determining the root causes and recommending improvements for better prevention. Required Skills and Qualifications: Mobile Pen Testing Expertise: Strong experience in mobile application penetration testing for both Android and iOS platforms. Penetration Testing Tools: Expertise in tools and frameworks such as Metasploit, Burp Suite, Nessus, NMAP, and custom/open-source tools. Red Teaming & Advanced Exploitation: Advanced proficiency in red teaming, black box testing, and using advanced exploitation techniques to identify vulnerabilities. Malware Analysis & Reverse Engineering: Experience in malware analysis and reverse engineering to assess complex threats and incidents. Cryptography & Secure Coding: In-depth knowledge of cryptography, secure coding practices, and secure architecture design principles. Custom Tools & Scripting: Hands-on experience in developing custom scripts and tools to automate testing processes and enhance the effectiveness of assessments. Penetration Testing Methodologies: Expertise in applying penetration testing methodologies, including both network and application-level security assessments. Certifications (Preferred): o OSCP (Offensive Security Certified Professional) o CRTP (Certified Red Team Professional) o eLearn Security Certified Professional Penetration Tester V2.0 o Any other relevant certifications are a plus. Required Experience: Overall Experience: 12+ years in penetration testing, security assessments, and threat analysis. Relevant Experience: 10 years of hands-on experience specifically in penetration testing for mobile applications (Android & iOS), network security, cloud environments, and APIs. Experience working in Red Team environments is a plus.

We are looking for a Penetration Tester. This position is available for Chennai Location. Youll make a difference by: Having experience in performing advanced penetration testing on networks, web & mobile applications, and systems. Having ability to Identify vulnerabilities, exploit weaknesses, and assess the security posture of various assets. Having ability to develop and maintain automated testing tools and scripts. Creating detailed reports outlining findings, risks, and recommended actions. Having Extensive experience in penetration testing, vulnerability assessment, and ethical hacking. Having Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, Nessus, and others. Strong understanding of network protocols, web and mobile applications, and operating systems. Maintaining documentation of testing methodologies, tools, and processes. Knowledge of scripting and programming languages (e.g., Python, Bash). Youll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 3-4 Years of relevant experience as Penetration Tester. Having Good command over English language (spoken & written) is non-negotiable. Working closely with business partners to understand their needs and translate them into technical requirements. Communicating findings, risks, and remediation strategies to both technical and non-technical stakeholders. Foster strong relationships with business units to ensure security measures align with business goals. Certification Preferred: Entry level certifications like CEH, eJPT, eWPT. Other certifications like eWPTX, OSCP is an advantage. Well support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities.

Skills: SAST, DAST, Network Security, Azure Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like : Native Azure security services. Burp Suite, CheckMarx, Veracode, fortify, Qualys Certification: Azure Security Engineer Associate Certification. (AZ-500) + - MANDATORY Azure Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to Azure Provide technical oversight and assistance for the execution of application and data migrations, ensuring secure data transit and encryption at rest. Help establish and enforce cloud architecture governance, security standards, and best practices across all migrations streams in collaboration with stakeholders. Act as a primary technical and cybersecurity liaison, offering support to client IT, business, and security stakeholders. Provide expert guidance on cloud-native security services, Identity & Access Management, Data Security, Cloud Security, Vulnerability governance, Application Security, and network security across Azure Support to ensure strict compliance with industry standards ( e.g HIPAA, GDPR, etc) and client policies throughout the migration. Facilitate and contribute to technical discussions and workshops, and present security solutions clearly to both technical and non-technical audiences. Proactively identify, assess, and mitigate technical and cybersecurity risks throughout the migration journey Support the optimization of cloud costs, performance, and continuously monitor the security posture of migration applications

This Position reports to: Business Title IS Service Owner for Application Security Your role and responsibilities In this role, you will have the opportunity to successfully develop, operate and implement security measures for ABB in your area of responsibility. Each day, you will protect ABB from rapidly escalating threats. You will also showcase your expertise by staying vigilant in combating security threats, taking charge of the organizations cybersecurity, and keeping track of existing security infrastructure to ensure systems that protect vital information are secured. The work model for the role is #LI #Onsite This role is contributing to the IS Application Security Service Line in India (Bangalore) . Key Responsibilities - You will be mainly accountable for: Designing and implementing IS Domain service operations in collaboration with IS Service Owners, Application managers, Application owners, Stakeholders, and Solution Architects, ensuring alignment with business needs and technical standards. Translating business process demands into scalable IS services, supporting the direction of new initiatives and projects in coordination with IS stakeholders. Integrating operational and build activities within a DevOps framework, fostering collaboration between development and operations teams. Contributing to vendor contract definitions, including operational scopes, service levels, and SLA agreements, to ensure high-quality service delivery. A quality assurance review can be conducted on the penetration testing service to ensure the accuracy, effectiveness, and consistency of the testing process. Review and Validate Penetration Test Findings: Review penetration testing reports to ensure all vulnerabilities are accurately documented, categorized by severity, and supported by evidence. Qualifications for the role Over 10 years of experience in IT, with at least 8 years in application security operations, managing complex service environments, global vendors, and cross-functional teams. Holds a bachelors degree in computer science, Information Technology, or a related field. Deep expertise in IS operations, ITIL-based service management, and cybersecurity frameworks, with hands-on experience in the application security domain. Proficient in using and managing security platform tools such as vulnerability scanning tools (e.g., Invicti, Burp Suite, Qualys, Nessus, Acunetix, AppScan), and DevOps pipelines. Solid understanding of Linux and Windows operating systems, network protocols (TCP/IP, UDP, FTP, SMB, SSH, HTTP, ICMP, NTP), and web servers like Microsoft IIS.

About The Role Project Role : Security Delivery Lead Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets). Must have skills : Security Penetration Testing Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Lead, you will be at the forefront of implementing and delivering Security Services projects. Your typical day will involve coordinating with various teams to ensure the successful execution of security initiatives, utilizing global delivery capabilities, and ensuring that projects meet the highest standards of security and compliance. You will engage with stakeholders to understand their needs and provide tailored solutions, while also mentoring team members to enhance their skills and knowledge in security practices. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team capabilities in security practices.- Monitor project progress and implement necessary adjustments to meet objectives. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Penetration Testing.- Strong understanding of vulnerability assessment tools and techniques.- Experience with threat modeling and risk assessment methodologies.- Familiarity with security frameworks and compliance standards.- Ability to analyze and interpret security logs and reports. Additional Information:- The candidate should have minimum 12 years of experience in Security Penetration Testing.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Application Security Architecture and Design Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are looking for a Technical Lead with strong expertise in Application and Infrastructure Security to lead a suite of security services including vulnerability management, application security testing (SAST/DAST), and penetration testing. This role is ideal for someone who can not only execute and review security assessments but also manage tools, provide technical direction to a delivery team, and act as a trusted advisor to the client on security best practices. Roles & Responsibilities:-Lead the delivery of application and infrastructure security services including:-Dynamic Application Security Testing (DAST)-Static Application Security Testing (SAST/SCA)-Web & API Penetration Testing-Mobile Application Security Testing-Infrastructure Vulnerability Management (IVM)-Oversee scan scheduling, execution, validation, and reporting.-Drive the reduction of false positives and enhance detection accuracy.-Ensure timely delivery of security testing activities aligned with client SLAs.-Perform automated and manual security scans for applications and infrastructure.-Validate findings, analyze root causes, and prioritize remediation based on risk.-Provide technical recommendations to development, DevOps, and infrastructure teams.-Align findings with recognized standards (e.g., OWASP Top 10, CVSS, CWE).-Administer and optimize usage of security tools including but not limited to:-WebInspect, Veracode, Burp Suite, Custom Scripting Tools-GitLab, ServiceNow Security Modules-Datadog Security Explorer, OpenShift ACS-Tune and maintain tool configurations, scan profiles, and dashboards.-Track scan volumes, issue lifecycle, and performance KPIs.-Deliver dashboards and executive-level reports on security posture.--Support audit, compliance, and client reporting needs.-Team Collaboration & Stakeholder Management-Provide technical direction and mentorship to the delivery team.-Liaise with client teams, application owners, and platform SMEs.-Ensure effective communication across stakeholders for testing, issue triage, and remediation. Professional & Technical Skills: -Experience in Cybersecurity, with specialization in Application Security and Vulnerability Management.-Strong technical knowledge of SAST/DAST tools (e.g., Veracode, WebInspect).-Hands-on experience in penetration testing of web, mobile, and API-based applications.-Familiarity with infrastructure scanning and vulnerability remediation practices.-Strong understanding of secure SDLC, OWASP Top 10, SANS Top 25, and risk classification models (CVSS, CWE).-Experience working in global delivery teams, preferably in a client-facing role.Preferred Certifications-CEH / OSCP / GWAPT / CISSP / CSSLP,Veracode Certified Specialist or equivalent,Vendor certifications on WebInspect, Burp Suite, GitLab Security-Knowledge of cloud security principles (Azure/AWS/GCP)-Familiarity with container security and DevSecOps tooling-Exposure to automated CI/CD security integrations Additional Information:- The candidate should have minimum 5 years of experience in Application Security Architecture and Design.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

We are seeking an experienced and highly skilled Penetration Tester with expertise in mobile application security, specifically for both Android and iOS platforms. As a Senior Penetration Tester, you will be responsible for identifying and exploiting vulnerabilities in mobile applications, networks, APIs, and other critical systems. Your primary responsibility will be performing thorough security assessments, including reverse engineering, malware analysis, and incident forensics, to ensure the security and resilience of mobile applications and systems. The ideal candidate should have hands-on experience with penetration testing tools, mobile application testing, and advanced exploitation techniques. You will also be expected to collaborate with various teams, including Red Teams, to develop strategic security initiatives and offer expert-level recommendations for security improvements. Key Responsibilities: Mobile Application Penetration Testing: Conduct in-depth security assessments of mobile applications for both Android and iOS platforms, identifying vulnerabilities and recommending remediation strategies. Red Team Activities: Participate in Red Team exercises to simulate real-world attacks, uncover hidden threats, and assess the effectiveness of security controls. Security Assessments: Perform penetration testing on applications, networks, mobile platforms, APIs, cloud environments, and critical systems to identify advanced threats and vulnerabilities. Custom Exploit Development: Develop custom exploit code and scripts to demonstrate potential security risks to stakeholders and stakeholders, providing hands-on demonstrations of vulnerabilities. Reverse Engineering & Malware Analysis: Use reverse engineering techniques and tools to analyze complex threats, malware, and incidents, providing detailed reports on findings. Collaboration with Leadership: Collaborate with executive leadership and senior management to develop and execute strategic security initiatives and roadmaps to mitigate security risks. Security Architecture Guidance: Provide expert-level guidance on secure coding practices, cryptography, architecture design principles, and implementation to mitigate risks effectively. Tool Development & Automation: Develop custom penetration testing tools and scripts to automate testing processes and enhance capabilities for thorough assessments. Incident Forensics: Lead efforts to analyze and investigate security incidents, determining the root causes and recommending improvements for better prevention. Required Skills and Qualifications: Mobile Pen Testing Expertise: Strong experience in mobile application penetration testing for both Android and iOS platforms. Penetration Testing Tools: Expertise in tools and frameworks such as Metasploit, Burp Suite, Nessus, NMAP, and custom/open-source tools. Red Teaming & Advanced Exploitation: Advanced proficiency in red teaming, black box testing, and using advanced exploitation techniques to identify vulnerabilities. Malware Analysis & Reverse Engineering: Experience in malware analysis and reverse engineering to assess complex threats and incidents. Cryptography & Secure Coding: In-depth knowledge of cryptography, secure coding practices, and secure architecture design principles. Custom Tools & Scripting: Hands-on experience in developing custom scripts and tools to automate testing processes and enhance the effectiveness of assessments. Penetration Testing Methodologies: Expertise in applying penetration testing methodologies, including both network and application-level security assessments. Certifications (Preferred): o OSCP (Offensive Security Certified Professional) o CRTP (Certified Red Team Professional) o eLearn Security Certified Professional Penetration Tester V2.0 o Any other relevant certifications are a plus. Required Experience: Overall Experience: 12+ years in penetration testing, security assessments, and threat analysis. Relevant Experience: 10 years of hands-on experience specifically in penetration testing for mobile applications (Android & iOS), network security, cloud environments, and APIs. Experience working in Red Team environments is a plus.

Role & responsibilities Candidate should have experience in GCP from Cloud security(Pure GCP profiles not required). Use below info identifying correct profiles GCP Security Specialist: Skills: AppSec (SAST, DAST), Network Security, GPC Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like: Native GCP security services, Burp Suite, CheckMarx, Vracode, fortify, Qualys. Certification: Google cloud "Professional Cloud Security Engineer" + -MANDATORY 1.GCP Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to GCP Provide technical oversight and assistance for the execution of application and data migrations, ensuring secure data transit and encryption at rest. Help establish and enforce cloud architecture governance, security standards, and best practices across all migrations streams in collaboration with stakeholders. Act as a primary technical and cybersecurity liaison, offering support to client IT, business, and security stakeholders. Provide expert guidance on cloud-native security services, Identity & Access Management, Data Security, Cloud Security, Vulnerability governance, Application Security, and network security across GCP. Support to ensure strict compliance with industry standards ( e.g HIPAA, GDPR, etc) and client policies throughout the migration. Facilitate and contribute to technical discussions and workshops, and present security solutions clearly to both technical and non-technical audiences. Proactively identify, assess, and mitigate technical and cybersecurity risks throughout the migration journey Support the optimization of cloud costs, performance, and continuously monitor the security posture of migration applications

Role & responsibilities Skills: SAST, DAST, Network Security, Azure Native Cloud Security , SSDLC, knowledge Security compliance standards, DevSecOps Tools like : Native Azure security services. Burp Suite, CheckMarx, Veracode, fortify, Qualys Certification: Azure Security Engineer Associate Certification. (AZ-500) + - MANDATORY Azure Security Specialist Assist and collaborate with Client & Internal stakeholders on the end-to-end migration strategy and architecture from AWS to Azure Provide technical oversight and assistance for the execution of application and data migrations, ensuring secure data transit and encryption at rest. Help establish and enforce cloud architecture governance, security standards, and best practices across all migrations streams in collaboration with stakeholders. Act as a primary technical and cybersecurity liaison, offering support to client IT, business, and security stakeholders. Provide expert guidance on cloud-native security services, Identity & Access Management, Data Security, Cloud Security, Vulnerability governance, Application Security, and network security across Azure Support to ensure strict compliance with industry standards ( e.g HIPAA, GDPR, etc) and client policies throughout the migration. Facilitate and contribute to technical discussions and workshops, and present security solutions clearly to both technical and non-technical audiences. Proactively identify, assess, and mitigate technical and cybersecurity risks throughout the migration journey Support the optimization of cloud costs, performance, and continuously monitor the security posture of migration applications

Responsibilities: * Conduct penetration tests on web apps, networks & mobile devices using Burp Suite, Nessus & Vapt. * Identify vulnerabilities through API testing & cloud security assessments with accuracy. Annual bonus

Mandatory Skills: Vulnerability Scanning.Experience: 3-5 Years. We are looking for a skilled Technical Support professional with 3-5 years of experience to join our team as an Analyst - L3. The ideal candidate will have a strong background in technical support and excellent problem-solving skills. Roles and Responsibility Provide technical support to customers via phone, email, or chat. Troubleshoot and resolve complex technical issues efficiently. Collaborate with internal teams to resolve customer complaints and concerns. Develop and maintain technical documentation and knowledge base articles. Analyze and report on customer feedback and suggest process improvements. Participate in training and development programs to enhance technical skills. Job Requirements Strong technical skills and knowledge of IT services and consulting. Excellent communication and problem-solving skills. Ability to work in a fast-paced environment and meet deadlines. Strong analytical and troubleshooting skills. Experience with technical support tools and software. Ability to collaborate effectively with cross-functional teams. Mandatory skills include technical support and title analyst.

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify.

Job Summary: We are looking for a Senior QA Automation Engineer with 5+ years of hands-on experience in automated testing using Cypress, performance testing using JMeter/LoadRunner, and security testing using Burp Suite or related tools. Experience in transportation or logistics domain is highly desirable. The candidate will play a key role in establishing robust test automation strategies, executing performance and security validation, and contributing to the overall product quality assurance across web and mobile platforms. Key Responsibilities: Automation Testing (Cypress / JavaScript): Develop, maintain, and execute end-to-end test automation using Cypress with BDD integration (Cucumber). Build reusable and scalable test suites for UI and API layers. Collaborate with developers, BAs, and product managers to define acceptance criteria. Maintain test artifacts, including test data, environments, and mock services. Performance Testing (JMeter / LoadRunner): Design and execute load, stress, and endurance tests. Analyze performance bottlenecks across API endpoints, backend services, and DB queries. Provide detailed performance reports and tuning recommendations. Security Testing (Burp Suite / OWASP): Conduct web vulnerability assessments using Burp Suite or similar tools. Identify issues like XSS, SQL injection, broken authentication, etc. Support remediation efforts by working closely with dev teams. Domain Knowledge - Transportation / Leasing: Understand workflows in fleet management, trailer leasing, contracts, billing, telematics. Validate modules like Account Management, Contracts, Schedule A, Equipment, Work Orders, Invoicing. Collaborate with business stakeholders to test domain-specific business rules. Required Skills & Experience: 5+ years experience in QA Automation using Cypress and JavaScript. Experience in BDD frameworks like Cucumber. Solid knowledge of REST APIs, JSON, and automated API testing. Performance Testing using JMeter or LoadRunner. Security Testing with tools like Burp Suite, OWASP ZAP, or similar. Experience with Git, JIRA, TestRail, and CI/CD pipelines. Hands-on with SQL and backend validation using PostgreSQL or similar. Familiarity with ReactJS, React Native, and Node.js app architectures. Nice to Have: Experience testing mobile apps (iOS/Android) using Appium. Knowledge of cloud platforms (AWS/Azure). Exposure to telemetry, GPS tracking, geofencing, and trailer monitoring systems. Understanding of business workflows in the Fleet Management or similar transport/logistics systems.