8 Crest Jobs

The ideal candidate must possess strong communication skills, with an ability to listen and comprehend information and share it with all the key stakeholders, highlighting opportunities for improvement and concerns, if any. He/she must be able to work collaboratively with teams to execute tasks within defined timeframes while maintaining high-quality standards and superior service levels. The ability to take proactive actions and willingness to take up responsibility beyond the assigned work area is a plus. Responsible for all components of the daily Pre-matching, Value Date, fails management & settlement and ensuring accurate and timely processing, through adherence of internal control policies and procedures, trade capture processes, including trade blotter reconciliations and resolution of exceptions. Maintains proper daily workflow documentation evidence for regulatory and compliance purposes. Satisfies documentation processes to ensure files are easily found, understood and are well maintained. Daily comparison of open trade fails and ensuring items are tracked and actioned. Daily interaction with external clients, Brokers, Sales desk, trading desk etc on trade discrepancies. Match trades with broker dealer counterparts. Monitor Euroclear/DTCC/Crest/SGX/Clear stream to ensure matching of all settlement items. Work with settlements team to monitor and resolve fails. Cover BAU functions within Middle Office and Settlements team if necessary. Functional & Technical Skills: Graduation (B.Com., BBA, BBM, BCA) / Post Graduation (M.Com., MBA, PGDM). 2 to 4 years of experience in Cash Settlements and OTC derivative. Should have basic knowledge of finance, trade life cycle, investment banking, and derivatives.,

At EY, you will have the opportunity to shape your future with confidence by joining a globally connected powerhouse of diverse teams. As part of our highly successful Cyber Security team, we are currently seeking Security Architects with varying levels of experience. Whether you are considering a career change now or in the future, we invite you to connect with us and explore this exciting opportunity to contribute to building a better working world. As a Security Architect at EY, you will play a crucial role in leading the implementation of security solutions for our clients. You will work alongside an international team of specialists to address complex information security needs and enhance our clients" business resilience. Your responsibilities will include designing security solutions, developing security policies and guidelines, evaluating existing security controls, and collaborating with stakeholders to ensure effective security measures are in place. To excel in this role, you must possess expert-level knowledge in technical IT security domains such as infrastructure, networks, databases, security monitoring, and cloud security. Additionally, you should have experience in assessing solution architectures for security issues, managing multiple stakeholders, and implementing security vulnerability remediation strategies. Industry certifications such as CISSP, CISA, CISM, and experience in areas like Cyber Threat Management, Identity & Access Management, and Data Protection will be advantageous. To qualify for this role, you should have 8-10 years of professional experience in cyber security consulting, strong project management skills, and advanced communication abilities. While technical skills are essential, we value candidates who demonstrate strong interpersonal skills, relationship-building capabilities, and a commitment to delivering excellence in client service. Joining EY offers you the opportunity to work on inspiring projects, receive support and coaching from engaging colleagues, and develop new skills to progress your career. You will be part of a diverse and interdisciplinary environment that promotes knowledge exchange and emphasizes high quality in all endeavors. At EY, you will have the freedom and flexibility to shape your role in a way that suits you best, supported by a culture that values individual growth and personal development. If you are looking to be part of a market-leading team of professionals, collaborate with leading businesses globally, and contribute to building a better working world, we invite you to explore the exciting opportunities available at EY.,

Greetings potential candidate, We are looking for a Security Assessment & Compliance Specialist with 3-6 years of experience to join our team at Netsach, a Cyber Security Company based in Dubai. As a Security Threat Assessment & Compliance Specialist, you will be responsible for conducting testing on bank installations using focused threat-based methodologies to identify vulnerabilities, enhance Cyber readiness, and ensure security controls and system configurations adhere to compliance standards. Your role will involve collecting open source intelligence on threats, developing Cyber assessment plans, assessing The bank group installations & controls, and providing insight on IT technology assets. Key Responsibilities: - Conduct testing on bank installations using threat-based methodologies - Identify, expose, and exploit vulnerabilities to enhance Cyber readiness - Review security controls and system configurations to ensure compliance - Collect open source intelligence on threats and vulnerabilities - Develop Cyber assessment plans and conduct assessment tests - Ensure threat controls and systems are appropriately configured - Identify and track IT risks and remediate gaps through operational activities - Provide threat activity reporting and insight on IT technology assets - Manage ad-hoc review and reporting requests from stakeholders Requirements: - Bachelor's or Master's degree in Computer Science, Mathematics, or related field - Master's Degree in Business Management or equivalent - Certifications such as CISSP, OSCP, OSCE, CREST, GPEN, SANS GWAPT - 3-5 years of experience in technical Cyber security - Proficiency in Bash scripting, Perl, Python, and Machine Learning frameworks - Experience with malware scanning tools and mobile digitization platforms - Familiarity with threat modeling frameworks such as STRIDE, PASTA, and VAST - Knowledge of Cloud, DBMS, Containerization Technologies, and Microservices/API architecture - Strong technical background covering heterogeneous technologies and multiple security domains - Deep experience in vulnerability assessment, threat evaluation, and mitigation recommendations - Extensive experience with Security scanning solutions like Tenable Security Center, Tripwire, Rapid Scan, Qualys - Ability to integrate open source frameworks and solutions for unified reporting If you meet the above requirements and are passionate about Cybersecurity, we would love to hear from you. Join us in our mission to enhance Cyber readiness and ensure compliance in the banking sector. Thank you, Emily Jha emily@netsach.co.in,

Greetings, We are looking for a Security Assessment & Compliance Specialist with 3-6 years of experience to join our team at Netsach, a Cyber Security Company in Dubai. As a Security Threat Assessment & Compliance Specialist, your role will involve conducting testing for bank installations using threat-based methodologies to identify vulnerabilities, improve Cyber readiness, and review security controls and system configurations across IT systems to ensure security posture and compliance. Your responsibilities will include collecting open-source intelligence on threats and vulnerabilities related to the bank's technology stack, participating in event planning stages to develop Cyber assessment plans, ensuring that threat controls and systems are appropriately configured across the Group, identifying and tracking IT risks and gaps for remediation, providing threat activity reporting and insights on IT technology assets, and managing ad-hoc review and reporting requests from stakeholders. The ideal candidate should have a Bachelor's or Master's degree in Computer Science, Mathematics, or equivalent discipline, along with certifications such as CISSP, OSCP, OSCE, CREST, GPEN, SANS GWAPT. You should have 3-5 years of experience in technical Cyber security, proficiency in Bash scripting, Perl, Python, or R, expertise in Machine Learning frameworks and code development, familiarity with malware scanning tools, experience with mobile and digitization platforms, and knowledge of threat modeling frameworks like STRIDE, PASTA, and VAST. Moreover, you should have a strong technical background covering heterogeneous technologies and multiple security domains, deep knowledge of vulnerabilities in banking environments, expertise in threat assessment and mitigation, and experience in evaluating threats based on the latest threat landscape in EMEA & North Africa. Additionally, you should be well-versed in security scanning solutions such as Tenable Security Center, Tripwire, Rapid Scan, Qualys, and be able to integrate open-source frameworks and solutions into the Threat and Vulnerability solution environment for unified reporting. If you are passionate about Cybersecurity and possess the required skills and experience, we would like to hear from you. Thank You, Emily Jha emily@netsach.co.in,

Must have industry recognised certifications (e.g. OSCP, OSCE, OSWP, OSWE, OSEECISSP, OSCP, CRT, CREST, CRTP) Senior Cyber Security Consultant Requirements: Minimum 5+ yearsofconsulting experience in Red Teaming/Pentestingand possesses industry recognised certifications (e.g.CISSP, OSCP, CRT, CREST, CRTP) Experienced and well versed in security testing domains. For example,red teaming, web/network/mobile/cloud/thick client vulnerability assessments and penetration testing. Proven experience in implementing proactive security solutions and integrating security into the software development lifecycle (SDLC). Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques Familiarity with programming languages (e.g., Python, Bash, C#, or JavaScript). Responsibilities: Actively participate in security testing of web and mobile applications. Conduct thorough penetration tests on applications, systems, and networks to identify vulnerabilities. Support the internal and/or customer development team in the preparation, formalization, implementation and verification of security requirements following a Security by Design principle. Develop and execute hands-on DevSecOps programs, including penetration testing, automation, static/dynamic code analysis, threat modeling, and developer training. Ability to think like an attacker. Conduct secure design reviews and contribute to threat modeling exercises. Preparing reports at both technical and executive level, providing recommendations to an heterogeneous public. Plan, lead and execute projects, including team management. Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices. Engage in continuous learning and research to improve your skills and contribute to the team's knowledge base. ,

Job Title: WebPT P1 - Consultant Location: Bangalore & Pune (Hybrid Role) Contract Duration: 6 Months Roles & Responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Conduct manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: Web applications Internal applications APIs Internal and external networks Mobile applications Experience in one or more of the following is a plus: Mobile application testing Web application pen testing Application architecture Business logic analysis Work on application tools to perform security tests, including: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux Able to explain vulnerabilities such as: IDOR (Insecure Direct Object References) Second Order SQL Injection CSRF (Cross-Site Request Forgery) Provide root cause analysis and remediation guidance for identified vulnerabilities. Mandatory Technical & Functional Skills: Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux (or equivalent) Minimum three (3) years of performing manual penetration testing and code review against: Web applications Mobile apps APIs Minimum three (3) years of experience working with both technical and non-technical audiences in reporting results and leading remediation conversations. Preferred: One year of experience in the development of web applications and/or APIs. Ability to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. Certifications (Preferred but not required): GWAPT (GIAC Web Application Penetration Tester) CREST (Certified Testing Professional) OSCP (Offensive Security Certified Professional) OSWE (Offensive Security Web Expert) OSWA (Offensive Security Web Application) This is a 6-month contract role with hybrid work arrangements in Bangalore and Pune .

We are looking for a skilled and motivated Penetration Tester to join our DART (Detection and Response Team) and help deliver high-impact Penetration Testing as a Service (PTaaS) engagements to our global clients. This is a hands-on role focused on continuous testing, real-world simulations, and providing actionable insights using industry-leading tools like Metasploit Pro and CIS-CAT Pro. Youll be part of a CREST-aligned team helping financial institutions, government bodies, and mid-market clients secure their infrastructure, web applications, cloud platforms, and internal networks. Key Responsibilities Perform internal and external network penetration testing Conduct web application and API testing using OWASP and custom test cases Simulate real-world attack vectors including privilege escalation and lateral movement Execute configuration audits using CIS-CAT Pro for hardening validation Design and run automated and manual exploit campaigns using Metasploit Pro Prepare detailed reports with technical findings, business risk, and remediation guidance Participate in client scoping sessions and debriefs Collaborate with the development and infrastructure teams to validate remediations Contribute to continuous improvements of our PTaaS platform and methodology What Were Looking For 36 years in penetration testing, red teaming, or offensive security Strong knowledge of security testing methodologies (OWASP, PTES, MITRE ATT&CK) Hands-on experience with Metasploit Pro, Burp Suite, CIS-CAT Pro, or similar tools Certifications preferred : OSCP, CREST CRT, CRTO, or equivalent Preferred candidate profile Familiarity with cloud security (Azure, AWS, M365) and Active Directory attacks Strong report writing and client communication skills

Following are the details: ANZEN Technologies Private Limited stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Job Summary: We are seeking a skilled and passionate Red Team Security Consultant to join our cybersecurity team. The ideal candidate will specialize in simulating adversarial tactics, techniques, and procedures (TTPs) to identify vulnerabilities and improve the organization's security posture. This role involves performing advanced penetration tests, simulating real-world attacks, and working with teams to implement effective remediation strategies. Key Responsibilities: Plan, execute, and document Red Team exercises mimicking advanced threat actors for medium to large enterprises. Conduct network penetration testing (VAPT), system vulnerability assessments, and security configuration reviews. Perform manual security assessments for web applications, APIs, and client-server applications. Simulate sophisticated attack chains including lateral movement, privilege escalation, and data exfiltration. Develop and execute custom attack payloads using tools and scripts. Assess physical security controls and implement social engineering assessments when required. Create and maintain custom tools/scripts in languages like Python, Bash, or PowerShell. Utilize and adapt adversary emulation frameworks such as MITRE ATT&CK, Cobalt Strike, and Metasploit. Collaborate with Blue Teams to improve detection and response mechanisms through Purple Team engagements. Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Qualification: BE/B. Tech/ MCA/ M. Sc. (IT/Computers) Skills : Excellent communication and collaboration skills. Red Teaming, VAPT, Application Security (Web/Mobile/API), Red Teaming and Application Security domains. Proficient in Application Security concepts, including OWASP Top 10 and OSSTMM. Experience with vulnerability scanning tools such as Burp Suite Pro, Nessus, OWASP ZAP, Kali Linux, Cobalt Strike, Caldera etc. Basic ability to write automation scripts (Bash or Python). Understanding of threat modelling and secure coding practices. Strong understanding of TTPs, threat modelling, and secure coding practices. Hands-on experience in Active Directory exploitation, phishing campaigns, and endpoint bypass techniques. Preferred Certificates : OSCP, CRTP, eWPTX, Security+, CREST, CRTO Job Location : Mumbai/Navi Mumbai Job Mode : Work from Office Need an immediate Joiner who may join by 15th June, 2025