360 Burp Suite Jobs - Page 9

Dear Candidate, We are hiring a Compliance Engineer to ensure code and dependencies meet licensing and audit standards. Key Responsibilities: Track open-source usage and license compliance. Automate compliance scanning and reporting. Assist in security reviews and audits. Required Skills & Qualifications: Familiarity with tools like FOSSA, Black Duck. Knowledge of OSS licenses (MIT, GPL, Apache). Experience with code scanning and SBOMs. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Educational Bachelor of Engineering,Master Of Engineering Service Line Cyber Security Responsibilities Approx 5 years' experience as a Security Architect Bachelor's degree in information technology, security, or similar Experience in providing security architecture support to a large development organization Information security credentials such as IGP, CISSP or similar Well versed in cloud security on a generic level as well as AWSSecondary Skills: SAST and DASTSolid diplomatic and communication skills in EnglishThe candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of "shift left" for assessments to automate and minimize the manyal work involved It is also expected that the candidate will assist in creating an assessment " factory" with a streamlined process for approaching assessments Preferred Skills: Technology-Enterprise Architecture-Data / Information Architecture

Why this job matters As an experienced Information Security Services provider, we will help lead a highly motivated team laser-focused on analysing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What Ill be doing your accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support Protect BT ISO27001 certificate for Offensive Security team The skills you need Pentest Skills Web application pen test (OWASP, NIST framework), Network pen test (Linux, windows), API & Mobile pen test. Networking Skills TCP/IP packet level understanding, Routing, Switching, firewall understanding. Linux Skills Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework (CVE/CVSS) and Security assessment tools (such as Nmap, Metasploit, Burp Suite, SQL map, Nessus) Regulatory Understanding- PCI DSS guidelines, GDPR. Leadership accountabilities Accountabilities of the job: Solution focused achiever: We need this person to focus on delivering exceptional penetration testing services Customer champion: we are transforming how we communicate with our customers and need responsible person with a customer-focused attitude. Change agent: We need a tester who sees our processes and immediately thinks of better ways to do what we are doing and then leads that change. Experience you would be expected to have Mandatory 2-4 Years experience in the field on pen testing. Mandatory Bachelors degree or higher preferred. CEH, OSCP, CREST, LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable of working successfully with end customers PREFERRED.

Role Proficiency: Resolve enterprise trouble tickets within agreed SLA and raise problem tickets for permanent resolution and/or provide mentorship (Hierarchical or Lateral) to junior associates Outcomes: 1) Update SOP with updated troubleshooting instructions and process changes2) Mentor new team members in understanding customer infrastructure and processes3) Perform analysis for driving incident reduction4) Escalate high priority incidents to customer and organization stakeholders for quicker resolution5) Contribute to planning and successful migration of platforms 6) Resolve enterprise trouble tickets within agreed SLA and raise problem tickets for permanent resolution7) Provide inputs for root cause analysis after major incidents to define preventive and corrective actions Measures of Outcomes: 1) SLA Adherence2) Time bound resolution of elevated tickets - OLA3) Manage ticket backlog timelines - OLA4) Adhere to defined process - Number of NCs in internal/external Audits5) Number of KB articles created6) Number of incidents and change ticket handled 7) Number of elevated tickets resolved8) Number of successful change tickets9) % Completion of all mandatory training requirements Outputs Expected: Resolution: Understand Priority and Severity based on ITIL practice resolve trouble ticket within agreed resolution SLA Execute change control tickets as documented in implementation plan Troubleshooting: Troubleshooting based on available information from previous tickets or consulting with seniors Participate in online knowledge forums reference. Covert the new steps to KB article Perform logical/analytical troubleshooting Escalation/Elevation: Escalate within organization/customer peer in case of resolution delay. Understand OLA between delivery layers (L1 L2 L3 etc) adhere to OLA. Elevate to next level work on elevated tickets from L1 Tickets Backlog/Resolution: Follow up on tickets based on agreed timelines manage ticket backlogs/last activity as per defined process. Resolve incidents and SRs within agreed timelines. Execute change tickets for infrastructure Installation: Install and configure tools software and patches Runbook/KB: Update KB with new findings Document and record troubleshooting steps as knowledge base Collaboration: Collaborate with different towers of delivery for ticket resolution (within SLA resolve L1 tickets with help from respective tower. Collaborate with other team members for timely resolution of tickets. Actively participate in team/organization-wide initiatives. Co-ordinate with UST ISMS teams for resolving connectivity related issues. Stakeholder Management: Lead the customer calls and vendor calls. Organize meeting with different stake holders. Take ownership for function's internal communications and related change management. Strategic: Define the strategy on data management policy management and data retention management. Support definition of the IT strategy for the function's relevant scope and be accountable for ensuring the strategy is tracked benchmarked and updated for the area owned. Process Adherence: Thorough understanding of organization and customer defined process. Suggest process improvements and CSI ideas. Adhere to organization' s policies and business conduct. Process/efficiency Improvement: Proactively identify opportunities to increase service levels and mitigate any issues in service delivery within the function or across functions. Take accountability for overall productivity efforts within the function including coordination of function specific tasks and close collaboration with Finance. Process Implementation: Coordinate and monitor IT process implementation within the function Compliance: Support information governance activities and audit preparations within the function. Act as a function SPOC for IT audits in local sites (incl. preparation interface to local organization mitigation of findings etc.) and work closely with ISRM (Information Security Risk Management). Coordinate overall objective setting preparation and facilitate process in order to achieve consistent objective setting in function Job Description. Coordination Support for CSI across all services in CIS and beyond. Training: On time completion of all mandatory training requirements of organization and customer. Provide On floor training and one to one mentorship for new joiners. Complete certification of respective career paths. Performance Management: Update FAST Goals in NorthStar track report and seek continues feedback from peers and manager. Set goals for team members and mentees and provide feedback Assist new team members to understand the customer environment Skill Examples: 1) Good communication skills (Written verbal and email etiquette) to interact with different teams and customers. 2) Modify / Create runbooks based on suggested changes from juniors or newly identified steps3) Ability to work on an elevated server ticket and solve4) Networking:a. Trouble shooting skills in static and Dynamic routing protocolsb. Should be capable of running netflow analyzers in different product lines5) Server:a. Skills in installing and configuring active directory DNS DHCP DFS IIS patch managementb. Excellent troubleshooting skills in various technologies like AD replication DNS issues etc.c. Skills in managing high availability solutions like failover clustering Vmware clustering etc.6) Storage and Back up:a. Ability to give recommendations to customers. Perform Storage & backup enhancements. Perform change management.b. Skilled in in core fabric technology Storage design and implementation. Hands on experience on backup and storage Command Line Interfacesc. Perform Hardware upgrades firmware upgrades Vulnerability remediation storage and backup commissioning and de-commissioning replication setup and management.d. Skilled in server Network and virtualization technologies. Integration of virtualization storage and backup technologiese. Review the technical diagrams architecture diagrams and modify the SOP and documentations based on business requirements.f. Ability to perform the ITSM functions for storage & backup team and review the quality of ITSM process followed by the team.7) Cloud:a. Skilled in any one of the cloud technologies - AWS Azure GCP.8) Tools:a. Skilled in administration and configuration of monitoring tools like CA UIM SCOM Solarwinds Nagios ServiceNow etcb. Skilled in SQL scriptingc. Skilled in building Custom Reports on Availability and performance of IT infrastructure building based on the customer requirements9) Monitoring:a. Skills in monitoring of infrastructure and application components10) Database:a. Data modeling and database design Database schema creation and managementb. Identify the data integrity violations so that only accurate and appropriate data is entered and maintained.c. Backup and recoveryd. Web-specific tech expertise for e-Biz Cloud etc. Examples of this type of technology include XML CGI Java Ruby firewalls SSL and so on.e. Migrating database instances to new hardware and new versions of software from on premise to cloud based databases and vice versa.11) Quality Analysis: a. Ability to drive service excellence and continuous improvement within the framework defined by IT Operations Knowledge Examples: 1) Good understanding of customer infrastructure and related CIs. 2) ITIL Foundation certification3) Thorough hardware knowledge 4) Basic understanding of capacity planning5) Basic understanding of storage and backup6) Networking:a. Hands-on experience in Routers and switches and Firewallsb. Should have minimum knowledge and hands-on with BGPc. Good understanding in Load balancers and WAN optimizersd. Advance back and restore knowledge in backup tools7) Server:a. Basic to intermediate powershell / BASH/Python scripting knowledge and demonstrated experience in script based tasksb. Knowledge of AD group policy management group policy tools and troubleshooting GPO sc. Basic AD object creation DNS concepts DHCP DFSd. Knowledge with tools like SCCM SCOM administration8) Storage and Backup:a. Subject Matter Expert in any of the Storage & Backup technology9) Tools:a. Proficient in the understanding and troubleshooting of Windows and Linux family of operating systems10) Monitoring:a. Strong knowledge in ITIL process and functions11) Database:a. Knowledge in general database management b. Knowledge in OS System and networking skills Additional Comments: Job Title: Threat Hunter | VAPT Analyst Role Overview: We are seeking a versatile cybersecurity professional who will serve as a Threat Hunter, and VAPT Analyst, responsible for proactively identifying cyber threats, assessing security vulnerabilities, and mitigating email-based attacks. This role requires expertise in threat hunting, and penetration testing, combining advanced technical skills with strong analytical capabilities. The ideal candidate will play a pivotal role in strengthening the organization's cybersecurity posture. Responsibilities: Threat Hunting - Proactively hunt for undetected threats within the organization's networks, systems, and endpoints using threat intelligence and behavioral analysis. - Identify patterns, TTPs (Tactics, Techniques, and Procedures), and anomalies that indicate potential threats or APT activity. - Leverage threat intelligence feeds and MITRE ATT&CK framework to create detection use cases and hypotheses. - Work closely with SOC teams to improve detection rules and accuracy. - Perform forensic investigations and root cause analysis of incidents and suspicious activities. - Develop custom scripts and queries to automate hunting activities (e.g., with EDR, SIEM, XDR tools). - Generate threat hunting reports, indicators of compromise (IOCs), and actionable recommendations. Vulnerability Assessment and Penetration Testing (VAPT) - Conduct vulnerability assessments and penetration tests on systems, applications, and networks. - Identify and analyze critical vulnerabilities, and deliver detailed, actionable reports. - Use automated tools (e.g., Nessus, Burp Suite, Nmap, Metasploit) and manual testing techniques. - Ensure VAPT processes align with compliance and internal policies. - Perform regular and ad-hoc assessments, including web apps, databases, wireless, and APIs. - Provide recommendations for remediation and validate fixes through re-testing. - Maintain up-to-date knowledge of evolving vulnerabilities and attack methods. Qualifications: - Bachelor's degree in Computer Science, Information Security, or related discipline. - 5+ years of experience in a cybersecurity role encompassing threat hunting, and VAPT. - Expertise in VAPT tools and methodologies (e.g., Nessus, Burp Suite, Metasploit, OWASP Top 10). - Strong experience with SIEMs, EDR platforms, threat intel, and threat hunting frameworks (MITRE ATT&CK). - Proficiency in scripting (Python, PowerShell, Bash) for automation and analysis. - Excellent problem-solving, investigative, and reporting skills. - Strong communication and interpersonal skills. - Certifications such as OSCP, CEH, GIAC (GCIH/GPEN/GWAPT), CISSP, or CESM are highly preferred. Required Skills Soc,TTP,Troubleshooting

Your Role Were hiring a skilled VAPT Engineer to strengthen our cybersecurity team! If you have hands-on experience in Vulnerability Assessment & Penetration Testing , and a passion for securing digital infrastructure, apply now for Pan India locations . Experience in Cyber Security Penetration Testing (Manual PT, VAPT, DAST, SAST, MAST, API). Experience in Vulnerability Assessment and Penetration Testing of web applications, mobile applications, API networks, and thick client applications. Manual Penetration Testing skills and techniques, with hands-on experience in identifying false positives from automated tool results. Hands-on knowledge of toolsBurp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, SQLmap, Checkmarx, etc. Strong knowledge of tools for mobile application security, including Appuse, MOBSF, Geny Motion, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify on Demand, etc Your Profile Vulnerability Assessment and Penetration Testing (VAPT) experience range 3 to 9 years Cyber Security Penetration Testing Manual Penetration Testing skills Knowledge of security tools Mobile application security tools What you'll love about working here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Prudent Technologies and Consulting is hiring for a fast-growing Cybersecurity team that supports a customer base including the world s largest organizations. We have an immediate opening for a Senior Application Security Consultant. The role requires an experienced offensive consultant who understands application security testing methodologies, frameworks, tools and reporting. As a Senior Consultant you will perform and lead technical teams to conduct thorough security assessments as well as perform field related research. Candidates should be familiar with a variety of technologies including web, mobile, API, AI/LM, cloud, desktop, single sign-on and OAuth. Responsibilities: Consult with technical and non-technical client stakeholders Collaborate with Sales teams to assist in scoping efforts Lead projects and mentor less experienced consultants Perform advanced comprehensive penetration tests, adhering to industry-standard best practices Conduct penetration testing across diverse environments, including desktop applications, mobile applications, web applications, cloud environments, on-prem environments, APIs and AI/LM Document and report vulnerabilities, show proof-of-concepts where applicable, and provide detailed explanations to highlight severity, business impact, and tailored remediation steps Manages priorities and tasks to achieve utilization targets Participate in research and development efforts to improve the Cybersecurity practice Qualifications: Required Qualifications: 5+ years of direct experience performing manual penetration testing assessments on desktop applications, mobile applications, web applications, cloud environments, API and AI/LM Proficient at using penetration testing tools such as Burp Suite, DAST scanners, Metasploit and Nessus to identify and exploit vulnerabilities Able to write deliverable reports, including executive summaries and presentations, and status reports for clients Understanding of industry-standard security frameworks (e.g., OWASP and MITRE ATT&CK) Excellent project management, leadership, time management, and client consulting skills Preferred Qualifications: Bachelor s degree in computer science, information security, or related field Relevant certifications (e.g., OSCP and/or OSWE) Experience with scripting languages such as Python and Bash Experience with application development, systems engineering, or similar Published CVE/CWE contributions, participation in CTF events and independent research projects Education: Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudent s specific approach and methodology

We have an immediate opening for a Senior Application Security Consultant. The role requires an experienced offensive consultant who understands application security testing methodologies, frameworks, tools and reporting. As a Senior Consultant you will perform and lead technical teams to conduct thorough security assessments as well as perform field related research. Candidates should be familiar with a variety of technologies including web, mobile, API, AI/LM, cloud, desktop, single sign-on and OAuth. Responsibilities: Consult with technical and non-technical client stakeholders Collaborate with Sales teams to assist in scoping efforts Lead projects and mentor less experienced consultants Perform advanced comprehensive penetration tests, adhering to industry-standard best practices Conduct penetration testing across diverse environments, including desktop applications, mobile applications, web applications, cloud environments, on-prem environments, APIs and AI/LM Document and report vulnerabilities, show proof-of-concepts where applicable, and provide detailed explanations to highlight severity, business impact, and tailored remediation steps Manages priorities and tasks to achieve utilization targets Participate in research and development efforts to improve the Cybersecurity practice Qualifications: Required Qualifications: 5+ years of direct experience performing manual penetration testing assessments on desktop applications, mobile applications, web applications, cloud environments, API and AI/LM Proficient at using penetration testing tools such as Burp Suite, DAST scanners, Metasploit and Nessus to identify and exploit vulnerabilities Able to write deliverable reports, including executive summaries and presentations, and status reports for clients Understanding of industry-standard security frameworks (e.g., OWASP and MITRE ATT&CK) Excellent project management, leadership, time management, and client consulting skills Preferred Qualifications: Bachelors degree in computer science, information security, or related field Relevant certifications (e.g., OSCP and/or OSWE) Experience with scripting languages such as Python and Bash Experience with application development, systems engineering, or similar Published CVE/CWE contributions, participation in CTF events and independent research projects Education: Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudents specific approach and methodology

The candidate must have strong skills and hands-on experience in the following areas: Penetration testing of applications and networks beyond simply analysing tool outputs, with a focuson manual testing expertise Solid understanding of shell and Python scripting Strong OS (Linux, Windows)understanding Deep understanding of TCP/IP, DNS, DHCP, HTTP/HTTPS, andother protocols Familiaritywith OWASP Top 10 vulnerabilities (e.g., SQL injection, XSS, CSRF, etc.) Knowledge of firewalls,IDS/IPS, VPNs, proxies

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Primary Skills : Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cybersecurity, Security Configuration Review, Source Code Review Job Description: 4 to 6 years of experience conducting Application Security assessments Experienced in conducting Manual and Automated DAST for Web, API & Thick client covering OWASP Top 10 Experienced in conducting Manual code review Experienced in Mobile VAPT (Both static and Dynamic) Knowledge of Infra VAPT or at least VA and configuration review Knowledge in Container / Docker security / Cloud Audit is a plus Certifications suck as CEH, CRTP, OSCP is preferred Good communication skills, ability to explain vulnerabilities to business users in simple terms. Notice: Immediate to 15 days Location: ENBD Bangalore or ENBD Chennai or Dubai Location: Bangalore/Chennai/Dubai Experience: 4-6 Years Thanks & Regards, Ankita Ghosh

Job Summary: We are looking for enthusiastic Cyber Security Engineers with atleast 1 year of experience to join our dynamic team. The ideal candidate should have strong networking skills, extensive experience in Vulnerability Assessment and Penetration Testing (VAPT), and a solid understanding of network architecture, protocols, and security tools and the passion to learn, perfom and grow in the organisation. The role involves conducting in-depth security assessments on network devices and web applications, including the application of fuzzing techniques. Key Responsibilities: Vulnerability Assessment and Penetration Testing (VAPT): Lead and conduct comprehensive VAPT on network devices and web applications to identify and address security vulnerabilities. Network Security Expertise: Apply deep knowledge of network protocols, firewalls, IDS/IPS, and VPNs to ensure robust security across the network. Custom Security Tool Development: Develop and maintain custom security tools and scripts using Python, Bash, or PowerShell to enhance security assessments and automate processes. Network Tools Proficiency: Utilize tools such as Wireshark, Nmap, Nessus, Burp Suite, and others for network analysis and security testing. Security Assessments: Perform thorough security assessments on network devices, ensuring alignment with industry standards and best practices. Protocol Fuzzing Understanding: Apply protocol fuzzing techniques to uncover vulnerabilities in network devices and recommend effective remediation strategies. Communication: Clearly articulate complex security issues to both technical and non-technical stakeholders, ensuring a comprehensive understanding of risks and solutions. Continuous Improvement: Stay updated with the latest cybersecurity trends, threats, and technologies to enhance the organization's security posture. Qualifications: Experience: 1-2 years of relevant experience in cybersecurity, with a focus on networking, VAPT, and security assessments. Technical Skills: Strong networking skills and understanding of network architecture. Proficiency in network protocols, firewalls, IDS/IPS, and VPNs. Advanced programming skills in Python, Bash, or C/C++. Expertise in using network security tools (e.g., Wireshark, Nmap, Nessus, Burp Suite). Certifications: CEH, OSCP, or CRTP certifications are highly desirable. Communication: Excellent verbal and written communication skills, capable of conveying security concepts to diverse audiences. Problem-Solving: Strong analytical and problem-solving abilities, with keen attention to detail. Preferred Skills: Experience in security assessments on network devices. Understanding of web application fuzzing techniques. Ability to work independently and as part of a team. Education: Masters /Bachelors degree in Computer Science, Information Technology, Cyber Security, Electronics, Telecommunication or a related field (or equivalent experience).

Proficient in Python Experienced with OWASP ZAP, Burp Suite, SonarQube Strong knowledge of cryptography, TLS/HTTPS Skilled in threat modeling, secure code review (C/C++/Node/Golang), pen testing Familiar with OWASP Top10, CWE Top25, and mitigations.

About ASB ASB is committed to empowering students with expertise in emerging technologies. We are looking for an enthusiastic and passionate Cybersecurity Training Expert to lead and mentor students, equipping them with industry-relevant skills in cybersecurity. This role requires a deep understanding of cybersecurity principles, hands-on technical expertise, and a passion for teaching. The ideal candidate will have solid experience in network security, penetration testing, ethical hacking, compliance, and security frameworks. They should be an excellent communicator who can break down complex cybersecurity concepts into easy-to-understand modules. Key Responsibilities 1. Training Delivery Design, develop, and deliver high-quality cybersecurity training through courses, workshops, boot camps, and webinars. Cover a broad range of cybersecurity topics, including but not limited to: Network Security & Firewalls Penetration Testing & Ethical Hacking Cloud Security & DevSecOps Security Compliance & Auditing (ISO 27001, NIST, GDPR, etc.) Threat Intelligence & Incident Response SIEM, SOC & Security Tools (Burp Suite, Wireshark, Metasploit, AWS Security Hub, etc.) 2. Curriculum Development Develop and continuously update cybersecurity training materials, including hands-on labs, case studies, quizzes, and real-world projects. Ensure training content is aligned with industry best practices, compliance frameworks, and emerging security trends. 3. Training Management Organize and manage cybersecurity training sessions, ensuring smooth content delivery, engagement, and assessments. Track learner progress and provide additional support, including one-on-one guidance and mentorship. 4. Technical Support & Mentorship Assist students with technical queries and troubleshoot cybersecurity-related challenges. Provide career guidance and mentorship, helping students navigate certifications (CEH, CISSP, OSCP, CISM, etc.) and job opportunities in cybersecurity. 5. Industry Engagement Stay updated with the latest cybersecurity threats, vulnerabilities, and defense mechanisms. Represent ASB at cybersecurity conferences, webinars, and industry events. 6. Assessment & Evaluation Develop hands-on challenges, CTFs (Capture The Flag), and practical assessments to evaluate student proficiency. Provide constructive feedback to enhance their technical skills. Required Qualifications & Skills Educational Background Bachelor's or Masters degree in Computer Science, Cybersecurity, Information Security, or a related field. Hands-on Cybersecurity Experience 3+ years of experience in cybersecurity roles such as Penetration Tester, Security Analyst, SOC Analyst, Cybersecurity Engineer, or Security Auditor. Expertise in ethical hacking, threat analysis, cloud security, risk assessment, and compliance. Strong knowledge of Linux, Windows Security, Networking, and Cryptography. Teaching & Communication Skills 2+ years of experience in training, mentoring, or delivering cybersecurity education. Ability to explain complex security concepts in a clear and engaging way. Cybersecurity Tools & Platforms Experience with security tools such as Kali Linux, Metasploit, Burp Suite, Wireshark, Nessus, Nmap, Snort, Splunk, SIEM platforms, and AWS Security Hub. Knowledge of SOC operations, incident response, and security automation tools. Passion for Education A genuine enthusiasm for training the next generation of cybersecurity professionals. Preferred Qualifications Industry Certifications CEH, OSCP, CISSP, CISM, CCSP, AWS Security Certification, or equivalent. Experience in Online Teaching Prior experience in online training platforms (Udemy, Coursera, etc.) or learning management systems (LMS). Knowledge of Security Frameworks & Compliance Familiarity with ISO 27001, NIST, GDPR, SOC 2, and PCI-DSS. Experience in Blue Team & Red Team Operations Understanding of ethical hacking (offensive security) and defensive security (SOC, SIEM, endpoint protection, etc.).

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modeling: Ability to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify

Key Responsibilities Performing (Web, mobile, Cloud-based AWS, Azure, etc.), thick-clients business solutions and infrastructure pentest as assigned by the customer Work on full assessment & revalidation cases within customer defined timelines. Handling report creation based on pentest outcome as per customer template Develop new test cases, scenario & able to perform API pentesting. Develops, tests and validates solutions to remediate exploitable conditions on devices such as web servers, mail servers, routers, firewalls and intrusion detection systems | Provide results report and help team to evaluates, codes and implements software fixes (patches) to address system vulnerabilities such as malicious code (e.g., viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning and web services manipulation | Conducts security assessments of systems and applications using penetration tests, ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities. Perform source code review & configurations reviews against CIS benchmarks and security standard. Participating in end user calls with customer for requirement gathering, explanation of findings, technical discussions. About you Education, qualifications, and certifications Degree / Diploma Holders with good knowledge in pentest domain. Excellent verbal & written communication skills in English language Mandatory skill set Proficiency in Pentest tool such as using Burp suite and Kali Linux. Proficiency in Python and Java, Javascript, and other coding languages. Good experience in performing security penetration testing and vulnerability assessment. Experience in testing diverse infra components including various enterprise platforms such as private clouds, Openshift infra, dockers/container infra etc. Experience in Source code reviews, red team exercises, security architecture configuration reviews, and technical security compliance reviews Knowledge on Web-based applications and services (SOAP/REST) Well versed in writing reports, test cases etc. OSWP/ OSCE certification (preferred), SANS or Certified Penetration Tester, Certified Expert Penetration Tester or GIAC Certified Penetration Tester. Secondary skill set Knowledge on Azure & scripting language. Nice to have knowledge on other hacker tools;Appscan, Fortify, Wireshark, nmap, netcat, ZAP, FireBug, Nessus, John the Ripper. Experience Minimum of 3+ years related work experience in customer facing organizations within Pentest domain.

The IZOT product line includes BMCs Intelligent Z Optimization & Transformation products, which help the worlds largest companies to monitor and manage their mainframe systems. The modernization of mainframe is the beating heart of our product line, and we achieve this goal by developing products that improve the developer experience, the mainframe integration, the speed of application development, the quality of the code and the applications security, while reducing operational costs and risks. We acquired several companies along We are looking for Application Security Engineer to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Primary Roles and Responsibilities: Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure youre set up for success, you will bring the following skillset & experience: 3+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes.

Comcast brings together the best in media and technology We drive innovation to create the world's best entertainment and online experiences As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast Job Summary "Responsible for contributing towards the build and maintenance of the organization's cyber security systems and infrastructure Exercises solid knowledge of engineering skills and methodology with a working knowledge of applicable cyber security compliance standards Conducts security assessments and audits to identify cybersecurity risks within the company's networks, applications and operating systems Helps secure and protect the Network Infrastructure: Routers, Switches, Optical Devices, L2 Datacenter and cabling, Strand Mounted devices, Secure Routing protocols, DOCSIS plant (CMTS/vCMTS/PON), SDN, best practice device configuration, network automation, monitoring and troubleshooting Tests company's internal systems to validate security and detect any computer and information security weaknesses Performs a technical analysis of vulnerabilities and determines the impacts to the organization Reports, tracks and records findings in a comprehensive vulnerability assessment report Identifies and recommends appropriate action to mitigate vulnerabilities and reduce potential impacts on cybersecurity resources Applies long-term objectives and plans related to the company's technical vision to daily activity Applies innovative solutions for cyber engineering developmental problems that are competitive with industry and company standards Has in-depth experience, knowledge and skills in own discipline Usually determines own work priorities Acts as a resource for colleagues with less experience Employees at all levels are expect to: Understand our Operating Principles; make them the guidelines for how you do your job Own the customer experience think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services Know your stuff be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences Win as a team make big things happen by working together and being open to new ideas Be an active part of the Net Promoter System a way of working that brings more employee and customer feedback into the company by joining huddles, making call backs and helping us elevate opportunities to do better for our customers Drive results and growth Respect and promote inclusion and diversity Do what's right for each other, our customers, investors and our communities" Job Description What you will do Review and triage new vulnerability tickets to validate the impact Assist users by providing security guidance for remediation of Vulnerabilities Validate remediation efforts from internal customers Investigate possible security exceptions Update, maintain and document security controls Ensure application teams are implementing remediations within SLA Maintain documentation of work performed and remediation actions using ServiceNow ticketing system What You Should Possess Strong customer focus with the ability to advise and work closely with application teams and vendors on mitigation Exposure to commercial and open-source tools such as Burpsuite, WebInspect, , Qualys, nmap, etc Experience cataloguing and risk-scoring vulnerabilities discovered through assessments Knowledge about public cloud environments Knowledge about basic computer networking and HTTP Good understanding and experience with: Web application security assessment, including hands-on techniques Hands-on experience in identifying, mitigating, and remediating vulnerabilities based on OWASP Top10 (API, Web) Basic Scripting knowledge with the capability to automate analysis of technical engineering tasks using python, bash, or the use of PowerAutomate CVSS3 scoring and its use in risk rating Basic experience with Linux Preferable certifications like CEH / ECSA / CompTIA or other equivalent security certifications What Success Looks Like Prompt, effective review and collaboration on remediation of security vulnerabilities Responsiveness to internal customer requests Validation of remediated tickets within published service level agreements (SLAs) What You Can Expect A fun, cutting-edge, and collaborative environment A culture of innovation and continuous learning Training, support, and mentoring to expand and evolve your expertise Opportunities to impact the security of Comcast products in millions of homes and businesses What We Require Bachelor's Degree in Computer Science, Information Systems, or other related field or equivalent work experience Disclaimer This information has been designed to indicate the general nature and level of work performed by employees in this role It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications Comcast is proud to be an equal opportunity workplace We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus Additionally, Comcast provides best-in-class Benefits to eligible employees We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most Thats why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality to help support you physically, financially and emotionally through the big milestones and in your everyday life Please visit the compensation and benefits summary on our careers site for more details Education Bachelor's Degree While possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience Relevant Work Experience 5-7 Years

Job Description : Airtel Business is looking for IT Security Analyst / L2 operation support for Security Services center Location : Noida Job Summary: This is an opportunity for a highly motivated individual to join a high energy team of security administrators responsible for managing global security infrastructure. This position is to be part of a global team, reporting to the Sr. Security Delivery Manager in Gurgaon. Responsibilities: As a member of the Security Operations Team Should have experience in Vulnerability Assessment and Penetration testing across Infra and Applications Hand-on experience with VA/ PT tools. Perform asset and network discovery activities; infrastructure vulnerability testing, helping to ensure full coverage of the Epsilon environment Prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets Vulnerability Analysis Creation. Produce vulnerability reports providing a highly timely; accurate; and actionable assessment of new vulnerabilities as they are discovered. Recommend security patches and any other measures; produce operations reports Support vulnerability scanning activities, interprets the results, and validates potential exposures; Collate security incident and event data to produce monthly exception and management reports Keep the Vulnerability Management Program in compliance with security policy and with published SLAs Leverage CMDB inventory and patch management systems to provide reporting and governance for vulnerability impact and remediation progress Monitor security vulnerability information from vendors, and third parties Assist in maintaining technical support documentation. Collaborate with Information Technology and Business Departments to implement or coordinate remediation required by audits, and document exceptions as necessary Skills/ Experience expected Ability to demonstrate knowledge with prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets Experience in deploying, operating, and maintaining vulnerability scanning infrastructure and services Strong knowledge industry standards regarding vulnerability management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP) Perform initial analysis, identification, remediation, and documentation of network intrusions and computer system compromises Technical Skills: 3 to 5 years of experience Security Operations experience Ability to read, write and modify scripts for automation of vulnerability management tasks using Python, PowerShell, Ruby on Rails, and/ or Bash Good knowledge of packet filtering, stateful packet inspection and the differences between them Good knowledge of fundamental networking/distributed computing environment concepts; routing, switching, VLANs, VPNS, NIS, NFS. Intermediate to advanced understanding of packet capture and analysis using snoop, tcpdump and Ethereal or similar tools. Experience with host security (e.g., passwords, uids/gids, SIDs, file permissions, ACLs, filesystem integrity, use of security packages, IPTables). Familiarity with incident response techniques, intrusion prevention systems, information security methodologies, authentication protocols and different IT Security threat mechanisms. Knowledge of IT Security Standards (ISMS / ISO 27001, PCI-DSS etc.)

Project Role : Security Delivery Practitioner Project Role Description : Assist in defining requirements, designing and building security components, and testing efforts. Must have skills : Static Application Security Testing (SAST) Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Delivery Practitioner, you will assist in defining requirements, designing and building security components, and testing efforts. A typical day involves collaborating with cross-functional teams to ensure security measures are integrated into the development process, conducting assessments to identify vulnerabilities, and providing recommendations for improvements. You will also engage in discussions to enhance security protocols and contribute to the overall security strategy of the organization. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular security assessments and audits to identify vulnerabilities.- Collaborate with development teams to integrate security best practices into the software development lifecycle. Professional & Technical Skills: - Must To Have Skills: Proficiency in Static Application Security Testing (SAST).- Strong understanding of secure coding practices and principles.- Experience with security testing tools and methodologies.- Familiarity with threat modeling and risk assessment techniques.- Knowledge of compliance standards and regulations related to application security. Additional Information:- The candidate should have minimum 2 years of experience in Static Application Security Testing (SAST).- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Job Title : Cybersecurity Expert- Product, Platform & Solution Security Role Summary The Cybersecurity Expert plays a critical role in protecting the integrity, availability, and confidentiality of medical software and systems by embedding security principles throughout the development lifecycle. As part of the Cybersecurity Center of Competence, the expert collaborates cross-functionally with R&D, product teams, architects, regulatory stakeholders, and external security communities to lead threat analysis, ensure secure design, validate vulnerabilities, and shape the security posture of products and platforms. This role is both technical and consultative, requiring deep knowledge of secure engineering practices, standards, and incident response. Key Responsibilities 1. Security Consulting & Risk Mitigation Provide security consultation to product teams to eliminate or mitigate weaknesses in line with industry standards (e.g., IEC 62443, NIST, ISO 27001). Participate in design and architecture discussions to ensure alignment with secure design principles. Guide software architects in integrating cyber security requirements into product and solution design. 2. Vulnerability & Threat Management Perform threat modeling, risk analysis, and attack surface assessments. Analyze vulnerabilities (internal or third-party), validate remediation measures, and guide patching strategies. Perform security incident investigations and provide forensics support when required. Stay updated on new vulnerabilities, threat vectors, and exploits"”apply findings to continuously improve product security. 3. Security Engineering & Tooling Design or extend tools, scripts, or automation frameworks for vulnerability scanning and penetration testing. Perform or oversee activities such as: Fuzz testing Reverse engineering Code analysis (static/dynamic) Secure software supply chain checks Contribute to the integration of automated security tooling into CI/CD pipelines. 4. Secure Development Lifecycle Support Lead or support security activities throughout the Secure Software Development Lifecycle (SDLC). Participate in or lead security gate reviews, release readiness assessments, and milestone reviews. Create and maintain secure coding and design guidelines for developers. Conduct or support internal security audits and regulatory submissions. 5. Community Development & Training Conduct security awareness sessions and technical training for R&D teams. Develop reusable security patterns, checklists, and guidance material. Collaborate with Cybersecurity Officers, Product Owners, and Architects to ensure cohesive security implementation across programs. Contribute to internal and external knowledge sharing, security forums, and standardization groups. Required Qualifications & Skills Education and Experience : Bachelors/Masters degree in Computer Science, Cybersecurity, or a related field. 5"“8 years of experience in IT/software development, with 3+ years focused on cybersecurity. Technical Expertise Strong foundation in: Secure architecture and design Threat modeling / Security risk analysis Static and dynamic code analysis Fuzz testing / Penetration testing Security tooling and automation (e.g., SonarQube, Burp Suite, Fortify, Checkmarx) Operating systems and networking fundamentals DevSecOps pipeline and CI/CD integration basics Working knowledge of: HIPAA, HITECH, FDA Pre/Postmarket Cybersecurity Guidance (for medical devices) Regulatory standardsIEC 62443, ISO 27001, NIST SP 800-53/82/218, CLSI AUTO11-Ax, IEC 80001 Certifications (Preferred) CISSP- Certified Information Systems Security Professional CSSLP- Certified Secure Software Lifecycle Professional OSCP, CEH, or similar ethical hacking certifications Collaboration & Stakeholders Internal Cybersecurity Officers (CYSO), R&D Development & Test teams, Quality/Risk Managers, Project Managers, Product Owners, Architects External Standardization bodies, security tool vendors, customer security teams, and external cybersecurity communities Work Style and Engagemen t Must be able to support multiple concurrent projects. Requires proactive leadership and strong communication with cross-functional teams. Expected to contribute regularly to internal security initiatives, CoPs (Communities of Practice), and lessons learned.

Educational Master Of Technology,Master Of Engineering,Bachelor Of Technology,Bachelor of Engineering Service Line Engineering Services Responsibilities A day in the life of an Infoscion As part of the Infosys consulting team, your primary role would be to lead the engagement effort of providing high-quality and value-adding consulting solutions to customers at different stages- from problem definition to diagnosis to solution design, development and deployment. You will review the proposals prepared by consultants, provide guidance, and analyze the solutions defined for the client business problems to identify any potential risks and issues. You will identify change Management requirements and propose a structured approach to client for managing the change using multiple communication mechanisms. You will also coach and create a vision for the team, provide subject matter training for your focus areas, motivate and inspire team members through effective and timely feedback and recognition for high performance. You would be a key contributor in unit-level and organizational initiatives with an objective of providing high-quality, value-adding consulting solutions to customers adhering to the guidelines and processes of the organization. If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Technical and Professional : Experience in at least one of the following fieldsembedded security, secure design and hardware security Detailed knowledge of PKI and cryptography Knowledge of automotive vehicle systems, architecture, and automotive communication protocols (CAN, Ethernet etc.) would be considered an asset Work with different teams across the business to ensure development and implementation complies with legislation R155 vehicle cyber security, according to ISO21434 process. Participate in implementing process to comply with R155 for Polestar. Review Software applications for potential security vulnerabilities by conducting application security reviews i.e. Secure Design review, Threat Modelling. Preferred Skills: Domain-Automotive-Engine / Power Train Domain-Automotive-Infotainment System Domain-Automotive-Connected Car Domain-Automotive-Electric Vehicles (EVs)-EV

TitleSecurity Test Engineer Key Responsibilities Core Skills Must have Work Experience Minimum of 2+ Years of work experience in Application security, Vulnerability Assessment & Penetration Testing. Skill Set Vulnerability Assessment and Penetration Testing for Web application and API. Knowledge on open source and commercial tools Source code Review Knowledge on scripting language is desirable. Expertise in DAST for web Application (e.g. Acunetix, IBM AppScan, Burpsuite etc.) tooling including triage. Advance Understanding of Security standard and best practices. Hands on exp in Kali Linux , SQL Map Expertise in Vulnerability Assessments using various open source and commercial tools. Sound knowledge of network security devices (Firewalls, proxies , NIDS/NIPS, ETC.) Ability to analyse and detect false positives from the vulnerabilities identified by scanners and communicate effectively with all stakeholders in order to mitigate the existing vulnerabilities in the application. Experience in in performing SAST scan with tool (e.g. Veracode, SecureAssist, IBM AppScan, Checkmarx , Snyk) tooling including triage. Understanding of webbased application vulnerabilities and API Vulnerabilities (OWASP TOP 10) Strong customer service orientation & Experience working in a teamoriented, collaborative environment. Strong organization and time management skills Offshore

A Technical Support Representatives at IBM is a front-line position supporting our products and making sure they are at their best for our customers. With over 100 years in technology, IBM has built a strong reputation of quality service and this role ensures we continue to deliver on that promise. If you enjoy helping people with technical issue, you’ll love your career at IBM Application Security group is responsible for ensuring that Fidelity applications are designed, developed and deployed securely. The role will involve working closely with development groups to ensure secure design, development and implementation of services and components. As Technical Specialist, person would be responsible to understand complex technical and architectural issues from security perspective and the ability to understand the implications associated with the chosen technical strategy * Conduct Vulnerability Assessments of Network and Security Devices using various open source and commercial tools * Map out a network, discover ports and services running on the different exposed network and security devices * Analyze scan reports and suggest remediation / mitigation plan * Keep track of new vulnerabilities on various network and security devices for different vendors * Review software posture and work with operations to plan code version upgrade requirements of supported security and network devices * Advanced technical analysis on intrusions * Audit configuration of Network and Security devices * Providing rich client specific reports Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise * 1-2 years’ experience in Cybersecurity * Knowledge on VA tool such as Tenable * Should be able scan devices using VA tool * Should be able to prepare report based on VA tool * Should be able to explain the report to client based on the findings * Should have knowledge on Web Penetration & Network Penetration testing. Should have a skill to conduct Gray box & black box testing * Should worked on various PT tools such as Burp Suite, Acunetix, etc. * Should be able do SCD scanning for Windows & Linux * Should have good knowledge on OS such as Windows, Linux * Experience on network vulnerability scanning penetration testing * Experience with Nessus NetCat, NMAP Backtrack, Metasploit, , HPing, and similar tools set like RetinaCS, Qualys, McAfee (Foundstone) * Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) * In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database * Analytical thinker willing to "think outside the box" to resolve customer impacting situations on first contact; understand customer risk profile. * Self-starter and ability to deliver under defined time lines Preferred technical and professional experience Integrate Security into DevOps and enable security automation in CI/CD pipeline Professional Qualification CEH, ECSA, LPT or Any other equivalent certification. Focused and versatile team player that is comfortable under pressure Ability to remove barriers and enable teams to complete their objectives Understanding of emerging technologies and corresponding security threats Self-motivated, flexible, with a ‘can do’ attitude. Ability to pick up business knowledge, new technology areas, new processes/methodologies and apply these changes in the day-to-day working to improve Security organization.

Hi, Greetings from the IDESLABS, Urgent Requirement for Vulnerability Management, Location:Bangalore Employment Type:C2H Notice Period:Immediate JD: Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create vulnerability reports that detail discovered vulnerabilities, risk analysis and remediation actions.

Strong understanding of OWASP Threats classification Exp with establishing penetration testing procedures & processes. Exp with standard security tools such as Metasploit, SQLMap, Nmap, OWASP ZAP, Burp Suite etc. Stay current with evolving threats Required Candidate profile Understanding of threat modelling, vulnerability assessment, and penetration testing Exp on application & infrastructure vulnerabilities, automated/manual testing, auditing and remediation techniques

Role & responsibilities Strong knowledge of web application security testing, API security testing Strong knowledge of Industry standard application security tools Burp Suite, Nmap, Zap proxy Strong knowledge of Industry standard DAST tool (example: NetSparker) Strong knowledge in both static and dynamic assessments for desktop and mobile applications Strong knowledge in manual and automated testing process, focusing on OWASP methodology Strong Knowledge of vulnerability identification and remediation methodology. Knowledge of vulnerability assessments of network and security devices Strong knowledge of open source and commercial tools, proficient in Kali Linux based tools Mandatory skill sets: VAPT, web application security testing, API security testing Preferred candidate profile Preferred skill sets: mobile security testing, DAST, penetration testing