Perform Web Application PT, Mobile Application PT, Network VAPT, Source code review, Wireless pen-testing- Write detailed reports on VAPT findings- Perform and present research on various attack vectors- Perform red teaming activities- Understand client requirements and provide tailored security solutions to address complex security testing and risk assessment needs- Build and maintain efficient working relationships with clients Certifications: Good to have: OSCP, OSWA, PNPT, eJPT, eCPPTv2, CREST and other relevant certifications Education Qualification : BCA / B-Tech / B-Sc Computer Science / B-Sc - Information Security / Cyber Forensics / M-Sc Information Security/ Cyber Forensics- Experience: - Minimum 5 years of relevant security testing experience in : Web application penetration testing Network VAPT, Active Directory penetration testing- Mobile application penetration testing (Android and iOS) and thick client- - Skilled in manual testing and using Burp Suite Pro, WebInspect, Acunetix - Experience in secure code review (manual and automated)- - Good programming skills in any language- - Proficient with OWASP security standards with a deep understanding of common security vulnerabilities - Experience in red teaming activities is a plus- - Good communication skills, especially presentation and technical writing skills- - Excellent analytical and problem-solving skills- Benefits Competitive salary and benefits Medical Insurance - Self & family Parental Support - Maternity Leave Retirement Benefits - PF Contribution Opportunities for professional growth Collaborative and inclusive work environment
Lead and execute ISO 27001 implementation and audit projects , including risk assessments, gap analysis, and compliance checks- Drive the implementation of NIST cybersecurity frameworks (e-g-, NIST CSF, 800-53, 800-171) for clients across industries- Provide strategic guidance on security best practices, governance, risk, and compliance (GRC) initiatives- Perform internal audits and prepare clients for certification audits in alignment with ISO standards- Create and maintain Information Security Management System (ISMS) documentation and support continual improvement processes- Collaborate with cross-functional teams and manage end-to-end client engagements - Mentor and lead a team of junior consultants; review deliverables and ensure timely project delivery- Conduct security awareness sessions, training, and workshops for clients and internal stakeholders- Stay updated on evolving threats, industry standards, and compliance regulations- Should be open to travel and work at client premises as and when required by project or business demands is essential- Requirements 5 to 8 years of professional experience in Information Security consulting- Proven experience with ISO 27001 implementation & auditing- Experience in NIST framework implementation and controls assessment- Experience in auditing cloud environments across platforms such as AWS, Azure, or Google Cloud - Strong understanding of GRC practices and cybersecurity principles- ISO 27001:2013/2022 Lead Auditor Certification is mandatory- Prior team management or leadership experience is required- Excellent communication, documentation, and presentation skills- Ability to work independently and manage multiple client engagements- Exposure to other frameworks and standards like SOC 2, HIPAA, GDPR, PCI DSS is a plus- Experience working with clients from BFSI, IT/ITES, or Healthcare sectors- Additional certifications such as CISA, CISM, or CISSP are advantageous- Benefits Competitive salary and benefits Medical Insurance - Self & family Parental Support - Maternity Leave Retirement Benefits - PF Contribution Opportunities for professional growth Collaborative and inclusive work environment
FIND ON MAP