Perform Web Application PT, Mobile Application PT, Network VAPT, Source code review, Wireless pen-testing- Write detailed reports on VAPT findings- Perform and present research on various attack vectors- Perform red teaming activities- Understand client requirements and provide tailored security solutions to address complex security testing and risk assessment needs- Build and maintain efficient working relationships with clients Certifications: Good to have: OSCP, OSWA, PNPT, eJPT, eCPPTv2, CREST and other relevant certifications Education Qualification : BCA / B-Tech / B-Sc Computer Science / B-Sc - Information Security / Cyber Forensics / M-Sc Information Security/ Cyber Forensics- Experience: - Minimum 5 years of relevant security testing experience in : Web application penetration testing Network VAPT, Active Directory penetration testing- Mobile application penetration testing (Android and iOS) and thick client- - Skilled in manual testing and using Burp Suite Pro, WebInspect, Acunetix - Experience in secure code review (manual and automated)- - Good programming skills in any language- - Proficient with OWASP security standards with a deep understanding of common security vulnerabilities - Experience in red teaming activities is a plus- - Good communication skills, especially presentation and technical writing skills- - Excellent analytical and problem-solving skills- Benefits Competitive salary and benefits Medical Insurance - Self & family Parental Support - Maternity Leave Retirement Benefits - PF Contribution Opportunities for professional growth Collaborative and inclusive work environment
Lead and execute ISO 27001 implementation and audit projects , including risk assessments, gap analysis, and compliance checks- Drive the implementation of NIST cybersecurity frameworks (e-g-, NIST CSF, 800-53, 800-171) for clients across industries- Provide strategic guidance on security best practices, governance, risk, and compliance (GRC) initiatives- Perform internal audits and prepare clients for certification audits in alignment with ISO standards- Create and maintain Information Security Management System (ISMS) documentation and support continual improvement processes- Collaborate with cross-functional teams and manage end-to-end client engagements - Mentor and lead a team of junior consultants; review deliverables and ensure timely project delivery- Conduct security awareness sessions, training, and workshops for clients and internal stakeholders- Stay updated on evolving threats, industry standards, and compliance regulations- Should be open to travel and work at client premises as and when required by project or business demands is essential- Requirements 5 to 8 years of professional experience in Information Security consulting- Proven experience with ISO 27001 implementation & auditing- Experience in NIST framework implementation and controls assessment- Experience in auditing cloud environments across platforms such as AWS, Azure, or Google Cloud - Strong understanding of GRC practices and cybersecurity principles- ISO 27001:2013/2022 Lead Auditor Certification is mandatory- Prior team management or leadership experience is required- Excellent communication, documentation, and presentation skills- Ability to work independently and manage multiple client engagements- Exposure to other frameworks and standards like SOC 2, HIPAA, GDPR, PCI DSS is a plus- Experience working with clients from BFSI, IT/ITES, or Healthcare sectors- Additional certifications such as CISA, CISM, or CISSP are advantageous- Benefits Competitive salary and benefits Medical Insurance - Self & family Parental Support - Maternity Leave Retirement Benefits - PF Contribution Opportunities for professional growth Collaborative and inclusive work environment
Application security testing, Network Security testing and Security Engineering activities. Understanding the client environment and compliance requirements, provide tailored security solutions to address complex security testing and risk assessment needs. Primary Responsibilities will involve: Perform Web Application PT, Mobile Application PT, Network VAPT, Source code review, Wireless pen-testing. Validating secure application architecture, network architectures, performing vulnerability assessments and penetration tests, red teaming activities, and ensuring compliance with various information security standards. Build and maintain efficient working relationships with clients. The Lead Security Engineer will also be responsible to train, manage and guide a team of Security Engineers. Education Qualification : BCA / B.Tech / B.Sc Computer Science / B.Sc - Information Security / Cyber Forensics / M.Sc Information Security/ Cyber Forensics. Certifications: Must have any ONE of the following : OSCP, OSWA, PNPT, eJPT, eCPPTv2, CREST - CPSA, CRT or other relevant certifications Experience: - Minimum 7 years of relevant security testing experience in : Web application penetration testing Network VAPT Active Directory penetration testing. Mobile application penetration testing (Android and iOS) and thick client. - Skilled in manual testing and using Burp Suite Pro, WebInspect, Acunetix - Experience in secure code review (manual and automated). - Experience handling a team - Good programming skills in any language. - Proficient with OWASP security standards with a deep understanding of common security vulnerabilities - Experience in red teaming activities. - Good communication skills, especially presentation and technical writing skills. - Excellent analytical and problem-solving skills. Benefits Competitive salary and benefits Medical Insurance Parental Support - Maternity Leave & Paternity Leave Retirement Benefits - Gratuity & PF Contribution Opportunities for professional growth Collaborative and inclusive work environment
FIND ON MAP