151 Fuzzing Jobs

About Agoda Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more. Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world. Our Purpose - Bridging the World Through Travel We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness.We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone. Get to Know our Team: The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. Given that the security ecosystem is moving forward at tremendous speed, we like to be early adaptors of recent technology and products. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment. The Opportunity: As a Security Analyst, you will focus on identifying, analyzing, and remediating vulnerabilities across our environment. You will be hands-on with penetr ation testing and vulnerability management, ensuring our systems remain secure and resilient. In this Role, you’ll get to: Develop Security Automation Tools to implement solutions at scale Triage security findings from multiple tools and work with hundreds of teams to get them remediated within the right SLA Conduct security assessments through code reviews, vulnerability assessments, penetration testing and risk analysis Research on the negative effects of a vulnerability, from minimizing the impact to altering security controls for future prevention Identify potential threats so that the organization can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration Testing Be responsible for developing Security Trainings for developers Work with DevSecOps team in integration of tools into CI/CD, as well as fine-tune the rules and precision What you'll Need to Succeed: 5+ years in the information security field 5+ years of experience with Penetration Testing (Web, Infra, Mobile, APIs etc.) and Vulnerability Management Minimum 1 year of experience running a bug bounty platform Minimum 2years of experience with any of public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience performing security testing, e.g. code review and web application security testing Familiarity with Gitlab, Defectdojo, JIRA, Confluence Proficient in one or more programming languages such as Python, Go, Node.js, Python etc Familiar with analytics platform and databases such as GraphQL , REST APIs, Postgres, MSSQL, Kafka, Hadoop, S3 etc Strong knowledge of Security Assessment tools such as security scanners (Nessus, Acunetix and similar platforms) and fuzzers It's great if you have: Knowledge in Container Image Security, Dependency Checking, Fuzzing and License Scanning Familiarity with security incident response processes and 0-days Security Certifications Relocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are... Hybrid Working Model WFH Set Up Allowance 30 Days of Remote Working from anywhere globally every year Employee discount for accommodation globally Global team of 90+ nationalities 40+ offices and 25+ countries Annual CSR / Volunteer Time off Benevity Subscription for employee donations Volunteering opportunities globally Free Headspace subscription Free Odilo & Udemy subscriptions Access to Employee Assistance Program (third party for personal and workplace support) Enhanced Parental Leave Life, TPD & Accident Insurance #bangalore #kolkata #singapore #riyadh #jeddah #medina #madrid #barcelona #london #edinburgh #paris #toronto #telaviv #saopaolo #melbourne #cairo #dubai #abudhabi #sharjah #chicago #newyork #sydney #bucharest #mumbai #newdelhi #pune #dublin #berlin #sanjose #moscow #saintpetersburg #munich #cairo #alexandria #giza #shanghai #beijing #shenzhen #IT #4 # Equal Opportunity Employer At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics. We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy. Disclaimer We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

About Agoda Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more. Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world. Our Purpose - Bridging the World Through Travel We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness.We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone. Get to Know our Team: The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. Given that the security ecosystem is moving forward at tremendous speed, we like to be early adaptors of recent technology and products. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment. The Opportunity: As a Security Analyst, you will focus on identifying, analyzing, and remediating vulnerabilities across our environment. You will be hands-on with penetration testing and vulnerability management, ensuring our systems remain secure and resilient. In this Role, you’ll get to: Develop Security Automation Tools to implement solutions at scale Triage security findings from multiple tools and work with hundreds of teams to get them remediated within the right SLA Conduct security assessments through code reviews, vulnerability assessments, penetration testing and risk analysis Research on the negative effects of a vulnerability, from minimizing the impact to altering security controls for future prevention Identify potential threats so that the organization can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration Testing Be responsible for developing Security Trainings for developers Work with DevSecOps team in integration of tools into CI/CD, as well as fine-tune the rules and precision What you'll Need to Succeed: 5+ years in the information security field 5+ years of experience with Penetration Testing (Web, Infra, Mobile, APIs etc.) and Vulnerability Management Minimum 1 year of experience running a bug bounty platform Minimum 2years of experience with any of public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience performing security testing, e.g. code review and web application security testing Familiarity with Gitlab, Defectdojo, JIRA, Confluence Proficient in one or more programming languages such as Python, Go, Node.js, Python etc Familiar with analytics platform and databases such as GraphQL , REST APIs, Postgres, MSSQL, Kafka, Hadoop, S3 etc Strong knowledge of Security Assessment tools such as security scanners (Nessus, Acunetix and similar platforms) and fuzzers It's great if you have: Knowledge in Container Image Security, Dependency Checking, Fuzzing and License Scanning Familiarity with security incident response processes and 0-days Security Certifications Relocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are... Hybrid Working Model WFH Set Up Allowance 30 Days of Remote Working from anywhere globally every year Employee discount for accommodation globally Global team of 90+ nationalities 40+ offices and 25+ countries Annual CSR / Volunteer Time off Benevity Subscription for employee donations Volunteering opportunities globally Free Headspace subscription Free Odilo & Udemy subscriptions Access to Employee Assistance Program (third party for personal and workplace support) Enhanced Parental Leave Life, TPD & Accident Insurance #bangalore #kolkata #singapore #riyadh #jeddah #medina #madrid #barcelona #london #edinburgh #paris #toronto #telaviv #saopaolo #melbourne #cairo #dubai #abudhabi #sharjah #chicago #newyork #sydney #bucharest #mumbai #newdelhi #pune #dublin #berlin #sanjose #moscow #saintpetersburg #munich #cairo #alexandria #giza #shanghai #beijing #shenzhen #IT #4 Equal Opportunity Employer At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics. We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy. Disclaimer We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

About Agoda Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more. Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world. Our Purpose - Bridging the World Through Travel We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness.We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone. Get to Know our Team: The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. Given that the security ecosystem is moving forward at tremendous speed, we like to be early adaptors of recent technology and products. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment. The Opportunity: As a Security Analyst, you will focus on identifying, analyzing, and remediating vulnerabilities across our environment. You will be hands-on with penetration testing and vulnerability management, ensuring our systems remain secure and resilient. In this Role, you’ll get to: Develop Security Automation Tools to implement solutions at scale Triage security findings from multiple tools and work with hundreds of teams to get them remediated within the right SLA Conduct security assessments through code reviews, vulnerability assessments, penetration testing and risk analysis Research on the negative effects of a vulnerability, from minimizing the impact to altering security controls for future prevention Identify potential threats so that the organization can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration Testing Be responsible for developing Security Trainings for developers Work with DevSecOps team in integration of tools into CI/CD, as well as fine-tune the rules and precision What you'll Need to Succeed: 5+ years in the information security field 5+ years of experience with Penetration Testing (Web, Infra, Mobile, APIs etc.) and Vulnerability Management Minimum 1 year of experience running a bug bounty platform Minimum 2years of experience with any of public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) Experience performing security testing, e.g. code review and web application security testing Familiarity with Gitlab, Defectdojo, JIRA, Confluence Proficient in one or more programming languages such as Python, Go, Node.js, Python etc Familiar with analytics platform and databases such as GraphQL , REST APIs, Postgres, MSSQL, Kafka, Hadoop, S3 etc Strong knowledge of Security Assessment tools such as security scanners (Nessus, Acunetix and similar platforms) and fuzzers It's great if you have: Knowledge in Container Image Security, Dependency Checking, Fuzzing and License Scanning Familiarity with security incident response processes and 0-days Security Certifications Relocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are... Hybrid Working Model WFH Set Up Allowance 30 Days of Remote Working from anywhere globally every year Employee discount for accommodation globally Global team of 90+ nationalities 40+ offices and 25+ countries Annual CSR / Volunteer Time off Benevity Subscription for employee donations Volunteering opportunities globally Free Headspace subscription Free Odilo & Udemy subscriptions Access to Employee Assistance Program (third party for personal and workplace support) Enhanced Parental Leave Life, TPD & Accident Insurance #bangalore #kolkata #singapore #riyadh #jeddah #medina #madrid #barcelona #london #edinburgh #paris #toronto #telaviv #saopaolo #melbourne #cairo #dubai #abudhabi #sharjah #chicago #newyork #sydney #bucharest #mumbai #newdelhi #pune #dublin #berlin #sanjose #moscow #saintpetersburg #munich #cairo #alexandria #giza #shanghai #beijing #shenzhen #IT #4 Equal Opportunity Employer At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics. We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy. Disclaimer We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

As a Cyber Security Tester, you will be responsible for completing testing tasks on time and staying updated with the latest standards, regulations, and technical developments in the cyber security space. You will actively co-develop security programs and test methods in accordance with ITSAR requirements. Setting up lab infrastructure and test equipment as per ITSAR, NCCS requirements, and IoT services like EN 303645 will be a key part of your role. Your expertise should include knowledge in areas such as sniffing, authentication, web application security, fuzzing, update mechanisms, secure storage, and cybersecurity standards like ETS EN 303645 / ITSAR Standards. You will conduct testing based on customer requirements and contracts aligned with NCCS/ITSAR/Consumer IoT security standards. Additionally, you will review test results and reports before submission to authorities, ensuring compliance with standards and regulations. Supporting and guiding peers during testing, implementing corrections and corrective actions, and ensuring testing is completed within the schedule are also part of your responsibilities. Your educational background should include a B.E/B.Tech./M.E/M.Tech or M.C.A with a minimum of 2 years of experience in Cyber security testing, preferably in Electronics, Telecommunication, Computer Science, Cyber Security, or AI streams. Having at least one cyber security certification such as CEH is essential for this role. Your dedication to staying updated with industry trends, providing support to colleagues, and ensuring accurate and timely testing results will be crucial for success in this position.,

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards.Roles & Responsibilities:Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations.Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis.Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues.Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations.Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance.Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes.Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms.Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262.Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices.Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation.Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness.Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services.Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434.Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers.Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals.Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering.Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms.Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information:3+ years experience implementing and performing Automotive CybersecurityKnowledge of tools like CANoe, Wireshark, or Ghidra.Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules.This position is based at our Bengaluru officeA 15-year full-time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem.Roles & Responsibilities:Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements.Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity.Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces.Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle.Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular).Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules.Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification.Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning.Lead red team exercises and security reviews in coordination with product security and development teams.Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262.Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements.Professional & Technical Skills: Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis.Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces.Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular.In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications.Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments.Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434.Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards.Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering.Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment.Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams.Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information:7+ years experience implementing and performing Automotive CybersecurityThis position is based at our Bengaluru officeA 15-year full time education is requiredGood to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Role : Sr / Lead SDET Experience : 5-9 Years Location : Bangalore/ Remote About us Lucidity is a rapidly growing company with a first of its kind and impactful product in the cloud storage. Joining Lucidity offers the opportunity to work on cutting-edge technology, solve real-world problems for major enterprises, and be part of a company that is reshaping the future of cloud storage. We were also awarded Best Infra and Dev Tools SaaS Startup by SaaSBoomi – Link Listed among India’s Top Startups by LinkedIn Link We are backed by $32 M in funding from investors like Alpha Wave Global, WestBridge Capital, and Beenext - Link We are the category leader in cloud storage optimization. Trusted by major enterprises, including Fortune 500 companies spanning across the US and the UK, being the major Markets. Opportunity to work with experienced co-founders Vatsal & Nitin - serial entrepreneurs who bring with them more than a decade of experience working with companies like Microsoft, Swiggy, and Tracxn and building and selling large tech products. Work in deep tech company and be part of an accelerated growth journey We have a presence across India, Abu Dhabi, the US, and the UK. What we do Lucidity is a company that provides an automated NoOps disk auto-scaler for cloud storage across AWS, Azure, and GCP. It addresses over-provisioned block storage by dynamically scaling capacity, increasing disk utilization to around 80% from 25-35%. This results in cost reductions of up to 70% for businesses. Here's a video of what Lucidity does. Key benefits include: Significant Cost Savings on storage (especially EBS costs). Elimination of Downtime by preventing disk space issues. Reduced DevOps Effort through automation. Application Agnostic solution works with various systems. What you’ll do Break things creatively : Design tests that expose weaknesses in storage tiering, kernel interactions, and edge cases Find flaws early : Shift-left testing through fault injection, fuzzing, and adversarial approaches Automate the chaos : Build test frameworks to simulate filesystem corruption, kernel panics, and recovery scenarios Push systems to fail : Artificially induce I/O storms, memory leaks, and resource starvation Debug deep : Solve complex issues at the kernel, filesystem, and block device layers Lead quality culture : Mentor engineers in defensive thinking with focus on NFRs and establish CI/CD pipelines What you'll need Must Haves 5+ years testing storage systems, filesystems, or cloud infrastructure Hands-on with Linux/Windows storage stacks and benchmarking tools (fio, vdbench) Strong scripting (Java/Python/Bash/Go) and test automation experience Familiarity with kernel debugging (strace, eBPF, WinDbg) Experience with cloud storage platforms (AWS/Azure/GCP) Good to haves Open-source storage contributions (Ceph, ZFS, kernel) Production war stories of finding and fixing nasty bugs Knowledge of RAID, erasure coding, or tiering algorithms Crash systems with purpose : We reward finding critical flaws Shape our tech : Your testing directly influences architecture Zero bureaucracy : Just hard problems and smart teammates Competitive pay in a high-growth startup Why us We're hiring a set of highly skilled, enthusiastic, and passionate people who thrive in a high-growth environment. We believe the best way to grow is to give everyone the opportunity to pursue their interests. Plus, with benefits like flexible hours, company offsite, unlimited leaves, we ensure you enjoy the journey as much as we do. What do we promise? A high-growth work environment Autonomy to decide & deliver on KPIs Work from home | Flexible hours | Unlimited Leaves Attractive ESOPs. Potential to see 100x in the next 5 years.

Location Hinjewadi, Pune - Maharashtra, India FORVIA HELLA is a listed, international automotive supplier. Coming together with Faurecia in the FORVIA Group, we build the world&aposs seventh largest supplier of automotive technologies. As a global market leader in high-growth areas, FORVIA employs 157,000 people worldwide. FORVIA HELLA therein stands for high-performance lighting technology and automotive electronics. At the same time, we cover a broad service and product portfolio for the spare parts and workshop business as well as for manufacturers of special vehicles with our Business Group Lifecycle Solutions. With around 37,500 employees at over 125 locations, the Company is active worldwide and generated adjusted sales of 8.1 billion on a preliminary basis in the fiscal year 2023. YOUR TASKS We are seeking Certified Information Systems Security Professional (CISSP) candidates to join our team at Pune. Major Tasks Lead and manage product cyber security in high-complexity development projects from acquisition to start of production (SOP) in compliance with ISO/SAE 21434 or UNECE R-155 standards. Ensure the integration of security requirements into the product lifecycle. Planning & Development Develop and implement comprehensive security activities, including threat modeling, security requirements definition, and secure design practices. Evaluate development efforts to ensure adherence to security standards and best practices. Evaluation & Approval Review and approve security concepts, architectures, and strategies throughout the development phases. Conduct security reviews and audits to ensure compliance with security policies and standards. QCT Targets Achieve Quality, Cost, and Time (QCT) targets related to cyber security work products, ensuring efficient and effective security implementations. Tasks / Areas Of Responsibility Planning & Guidance: Independently plan and execute necessary cyber security activities, providing technical guidance and mentorship to colleagues. Develop and maintain security documentation, including security plans, risk assessments, and test reports. Risk Analysis Perform detailed risk analysis of product scope, identifying and mitigating cyber security risks based on known vulnerabilities and threat intelligence. Utilize tools and methodologies such as STRIDE, DREAD, and CVSS for risk assessment. Coordination Define and implement a holistic product cyber security concept, ensuring alignment with overall product strategy. Coordinate with customers, suppliers, and subcontractors to ensure security requirements are met. Report security status to customers and gather necessary information from subcontractors. Support Assist the development team in selecting and integrating security-compliant technologies and cryptographic procedures. Provide technical support for security-related issues and incidents. Verification Methods Define and implement verification methods such as fuzzing, vulnerability scanning, penetration testing, and static/dynamic code analysis. Develop and execute security test plans to validate the effectiveness of security controls. Assessments & Training Prepare and conduct cyber security assessments, including security audits, penetration tests, and compliance checks. Implement training measures to enhance the security awareness and skills of the development team. Communication Facilitate communication within the global HELLA cyber security network to share knowledge, improve processes, and promote best practices. Represent the organization in external security forums and working groups. CISSP certificate is Mandatory Your Qualifications Bachelor&aposs degree BE /B. Tech/ M.E/ M. Tech in Electronics/Electronics & Communication/Industrial Electronics ISO-21434 certification OR working experience Location - Hinjewadi Phase - 1. // Hybrid Working. Even if you do not meet all our requirements, do not hesitate to apply to us, because the further development of our employees is very important to us and opens up a wide range of opportunities for you in our company. FORVIA HELLA stands for the variety of all employees. Inclusion and diversity are firmly anchored in our company culture. We are continuously looking for new team players and welcome applications from all interested parties, regardless of their ethical and social background, age, religion, gender, disability, sexual orientation or identity. HELLA India Automotive Pvt Ltd. Rimsha Shaikh Show more Show less

About the Role Join us in building an autonomous penetration testing platform that simulates real-world adversaries. You'll develop exploit chains, 0-day discovery systems, and evasive payloads that help organizations understand their security posture for cyber insurance and compliance. What You'll Build Exploit Automation : Multi-stage attack chains from initial access to data exfiltration 0-Day Discovery : Intelligent fuzzing infrastructure and vulnerability research systems Evasion Techniques : Polymorphic payloads that bypass modern EDR/AV solutions Cloud Attacks : AWS/Azure/GCP exploitation modules and container escapes Custom C2 : Covert communication channels and post-exploitation frameworks Reporting Engine : Auto-generate compliance-ready pentest reports Technical Skills Required Languages : Python (expert), C/C++, Go/Rust, Assembly basics Web Exploitation : OWASP Top 10 (SQLi, XSS, SSRF, Deserialization, SSTI) Binary Exploitation : Buffer overflows, ROP chains, heap exploitation Tools : Metasploit, Burp Suite, Cobalt Strike, IDA/Ghidra Cloud Security : AWS/Azure misconfigs, Docker/K8s attacks Evasion : AV bypass, sandbox detection, AMSI/ETW patching Must-Have Credentials HackTheBox : Minimum Pro Hacker rank (50+ owns) - include profile link CTF Experience : Active participation (picoCTF, DEF CON quals, GoogleCTF) GitHub Portfolio : Security tools, exploit development, CTF writeups Proven Skills : CVEs, bug bounties, or published exploits are a huge plus Preferred Qualifications TryHackMe Top 5% or PortSwigger Academy completion OSCP/OSWE in progress or completed pwnable.kr, ROP Emporium, or Nightmare challenges Personal security research blog or YouTube channel Contributed to open-source security tools Interview Process Portfolio Review : GitHub + HackTheBox profile assessment Take-Home Challenge : Design an attack chain for given scenario assignment Red Flags We Avoid Only used automated scanners Can't code beyond basic scripts No hands-on exploitation experience Ethical flexibility Green Flags We Love Built your own tools Linux nut Discovered real vulnerabilities Active security community contributor Why This Role? This isn't a typical security internship running Nessus scans. You'll build the platform that makes traditional pentesting obsolete. Your code will simulate real attackers, helping protect thousands of organizations. We need someone who sees a login page and thinks "SQLi, NoSQLi, LDAP injection, or mass assignment?" Someone who gets excited about bypassing protections, not just finding vulns.

Location Hinjewadi, Pune - Maharashtra, India FORVIA HELLA is a listed, international automotive supplier. Coming together with Faurecia in the FORVIA Group, we build the world's seventh largest supplier of automotive technologies. As a global market leader in high-growth areas, FORVIA employs 157,000 people worldwide. FORVIA HELLA therein stands for high-performance lighting technology and automotive electronics. At the same time, we cover a broad service and product portfolio for the spare parts and workshop business as well as for manufacturers of special vehicles with our Business Group Lifecycle Solutions. With around 37,500 employees at over 125 locations, the Company is active worldwide and generated adjusted sales of € 8.1 billion on a preliminary basis in the fiscal year 2023. YOUR TASKS We are seeking Certified Information Systems Security Professional (CISSP) candidates to join our team at Pune. Major Tasks Lead and manage product cyber security in high-complexity development projects from acquisition to start of production (SOP) in compliance with ISO/SAE 21434 or UNECE R-155 standards. Ensure the integration of security requirements into the product lifecycle. Planning & Development Develop and implement comprehensive security activities, including threat modeling, security requirements definition, and secure design practices. Evaluate development efforts to ensure adherence to security standards and best practices. Evaluation & Approval Review and approve security concepts, architectures, and strategies throughout the development phases. Conduct security reviews and audits to ensure compliance with security policies and standards. QCT Targets Achieve Quality, Cost, and Time (QCT) targets related to cyber security work products, ensuring efficient and effective security implementations. Tasks / Areas Of Responsibility Planning & Guidance: Independently plan and execute necessary cyber security activities, providing technical guidance and mentorship to colleagues. Develop and maintain security documentation, including security plans, risk assessments, and test reports. Risk Analysis Perform detailed risk analysis of product scope, identifying and mitigating cyber security risks based on known vulnerabilities and threat intelligence. Utilize tools and methodologies such as STRIDE, DREAD, and CVSS for risk assessment. Coordination Define and implement a holistic product cyber security concept, ensuring alignment with overall product strategy. Coordinate with customers, suppliers, and subcontractors to ensure security requirements are met. Report security status to customers and gather necessary information from subcontractors. Support Assist the development team in selecting and integrating security-compliant technologies and cryptographic procedures. Provide technical support for security-related issues and incidents. Verification Methods Define and implement verification methods such as fuzzing, vulnerability scanning, penetration testing, and static/dynamic code analysis. Develop and execute security test plans to validate the effectiveness of security controls. Assessments & Training Prepare and conduct cyber security assessments, including security audits, penetration tests, and compliance checks. Implement training measures to enhance the security awareness and skills of the development team. Communication Facilitate communication within the global HELLA cyber security network to share knowledge, improve processes, and promote best practices. Represent the organization in external security forums and working groups. CISSP certificate is Mandatory Your Qualifications Bachelor's degree BE /B. Tech/ M.E/ M. Tech in Electronics/Electronics & Communication/Industrial Electronics ISO-21434 certification OR working experience Location - Hinjewadi Phase - 1. // Hybrid Working. Even if you do not meet all our requirements, do not hesitate to apply to us, because the further development of our employees is very important to us and opens up a wide range of opportunities for you in our company. FORVIA HELLA stands for the variety of all employees. Inclusion and diversity are firmly anchored in our company culture. We are continuously looking for new team players and welcome applications from all interested parties, regardless of their ethical and social background, age, religion, gender, disability, sexual orientation or identity. HELLA India Automotive Pvt Ltd. Rimsha Shaikh

About the Job: Job Title: Java Full Stack Developer Skills : Java, Spring, SQL, Angular, Typescript Experience Required : 8+ Years Location: Chennai, Bangalore, Hyderabad, Indore, Mumbai Notice Period: Serving Notice - 45 days Job Description: General requirements: Solid understanding of computer science Independence, creativity and solution orientation Backend: Java (>=8 years) C, Rust or other compiled language, at least basic experience Spring - deep understanding of the framework TDD / Conviction that test automation is key- RPC / Remote-APIs SQL Multi-Threading Focus on Performance Basic overview of DevOps and Tools (Container, Orchestration, IaC) Frontend: Angular Typescript HTML, CSS, Bootstrap Jest (optional) Test: Test Automation in Java Ability and willingness to persistently address even minor errors Ability and willingness to write non-functional tests Experience with generating synthetic test data Experience in Fuzzing (optional) Playwright (optional) About InfoBeans: InfoBeans is a global digital transformation and product engineering company, enabling businesses to thrive through innovation, agility, and cutting-edge technology solutions. With over 1,700 team members across the globe, we specialize in custom software development, enterprise solutions, cloud, AI/ML, UX, automation, and digital transformation services . At InfoBeans, we live by our core purpose of “Creating WOW!” —for our clients, team members, and the community. Our collaborative culture, growth opportunities, and people-first approach make us one of the most trusted and rewarding workplaces. Link: https://infobeans.ai/

🧪 Agentic QA Engineer (Break-the-System Role) – KronosX AI Labs Location: Bengaluru (On-site, startup environment) Type: Full-time Start Date: Immediate Contact: raj@kronosx.ai If 60-80hr weeks across global timelines don’t scare you, if winning matters more than work-life-balance, and if you want to be an environment where you’ll been pushed hard to greatness, you can read further! 🏢 About Us KronosX AI Labs is building the agentic data infrastructure layer for regulated industries like healthcare, insurance, and finance. Our systems handle sensitive data and must be rock-solid before hitting production . We’re not looking for a checklist QA. We need an AI engineer with a hacker mindset, someone who thrives on probing multi-agent systems until they fail, then making sure those failures never reach our clients. 🎓 Who You Are An AI/ML engineer who has strong Python coding experience and understands agents, orchestration, and RAG . Curious and adversarial you enjoy breaking things as much as building them. Obsessed with edge cases, corner scenarios, and pushing systems beyond their comfort zone. Comfortable documenting issues, writing tests, and moving fast in a startup. 🌟 Must-Haves Solid Python skills (PyTorch, LangChain / LangGraph / LlamaIndex, embeddings, RAG). Experience testing or evaluating agent workflows and LLM pipelines. Experience with vector search, retrieval metrics, or grounding evaluation. Comfort with PyTest, API testing, and adding automated checks into CI. Familiarity with data transformation using python or fuzzing to expand test coverage. GitHub projects that show you’ve built and tinkered with AI systems. 💡 Nice-to-Haves Exposure to guardrails, prompt injection, or red-team style testing . Observability tools (structured logging, metrics, traces) and degraded-mode testing . Prior startup or open-source contribution experience. ✅ Why Join Us Be the first Agentic QA Engineer at KronosX shaping how we stress-test AI systems. Direct impact : your work decides if we’re production-ready for Fortune 500s. Work side-by-side with the founding team in a role that’s QA meets AI engineering with a hacker edge . 📩 To apply: Send your CV ( FirstName_LastName_AgenticQA.pdf ) and a short note on why this breaker role excites you to raj@kronosx.ai .

As a Rust Backend Developer for the MPC Development Project at Speqto Technologies Pvt Ltd, an esteemed IT service provider in NCR, India, you will be part of a cutting-edge initiative focused on Multi-Party Computation (MPC) Node Infrastructure. This project entails the development of secure key generation, distributed signing, encrypted communication channels, and SDKs across various platforms like Web, Android, and iOS. The emphasis will be on ensuring security, low-latency communication, and accuracy in cryptographic protocols. Your primary responsibilities will include developing and maintaining the core MPC backend logic using Rust. You will also be tasked with implementing and extending protocols such as GG18, GG20, EdDSA, and ECDSA within a multi-node distributed system. Building secure communication layers, managing session orchestration, key lifecycle, and threshold signing will be crucial aspects of your role. Additionally, you will collaborate closely with SDK teams to expose backend logic via gRPC, WebSockets, and REST. To excel in this role, you must possess a strong command over Rust, including asynchronous programming, traits, lifetimes, error handling, and memory safety. A deep understanding of multi-threading, message queues, and asynchronous concurrency is essential. Familiarity with communication frameworks like ZeroMQ and WebSockets, as well as experience working with cryptographic protocols, will be advantageous. Hands-on experience with secure backend services, data persistence, and testing in Rust is also required. Bonus points will be awarded if you have prior experience in building or contributing to MPC, Zero-Knowledge Proof (ZKP), or Crypto Wallets. Knowledge of protocols like GG18, GG20, Threshold Signatures, or Secure MPC papers will be beneficial. Experience with low-level system libraries, FFI bridges, WASM bindings, and network protocol security will also be valuable assets. Your expertise will be showcased through the utilization of tools and technologies such as Rust (Tokio, Actix, Serde), Protocol Buffers, gRPC, Postgres, RocksDB, Docker, GitHub Actions, Prometheus, Grafana, and Git. Familiarity with VS Code and Obsidian for documentation purposes will be essential for seamless collaboration within the team. This is a full-time position that requires your presence at the onsite location in Noida, India. You will be expected to work day shifts and actively engage in sprint planning, code reviews, pair programming, and handling production bug fixes and system upgrades. Your contribution to the project will play a pivotal role in achieving benchmarked quality standards in the competitive market.,

Description As an IT/OT Vulnerability Assessment and Penetration Testing (VAPT) Engineer, you will be engaged in identifying and mitigating security vulnerabilities across IT systems, Industrial Control Systems (ICS), and Industrial Internet of Things (IIoT) environments. Your work will involve rigorous security assessments of critical infrastructure, SCADA systems, PLCs, field devices, gateways, and cloud-connected IIoT platforms. You will simulate advanced adversary tactics to expose vulnerabilities and provide strategic remediation guidance. The role is suited for professionals with a deep understanding of both enterprise IT security and industrial/embedded system ecosystems. Responsibilities Vulnerability Assessment & Penetration Testing (IT + ICS/IIoT): Perform black-box, grey-box, and white-box VAPT on enterprise IT assets (servers, databases, web/mobile apps, Active Directory, cloud), OT/ICS assets (PLCs, RTUs, HMIs, engineering workstations, protocol gateways), and IIoT platforms (MQTT/CoAP-based telemetry, edge gateways, cloud dashboards). Emulate APT-level attacks across air-gapped, segmented, or hybrid IT-OT architectures. Execute Red Team scenarios to simulate insider threats or supply chain compromise. ICS Protocol & Field Device Security Testing: Analyze and exploit vulnerabilities in ICS protocols (Modbus TCP, DNP3, IEC 104, OPC-UA, S7comm, Profinet, BACnet, CIP, MQTT, CoAP). Perform live traffic analysis, packet manipulation, and protocol fuzzing to test resilience. Evaluate control logic vulnerabilities in ladder logic, structured text, and function blocks. Firmware & Hardware Exploitation (IIoT/ICS Devices): Extract and analyze firmware using JTAG, UART, SPI. Perform static/dynamic analysis with Ghidra, Binwalk, Radare2, IDA Pro. Reverse engineer file systems (squashfs, cramfs), analyze backdoors, insecure bootloaders. Network Architecture & Segmentation Testing: Review and test IT-OT segmentation, DMZ, firewall ACLs, VLANs. Assess trust relationships, insecure remote access, weak credentials, bridging of air-gapped networks. Cloud & IIoT Platform Security: Evaluate MQTT brokers, edge-to-cloud telemetry, and analytics pipelines. Test REST APIs, cloud misconfigurations, insecure mobile app integrations. Identify insecure certificate handling, weak encryption, default API tokens. Reporting & Mitigation: Develop technical and executive-level reports with CVSS scoring, attack paths, exploitation evidence. Recommend hardening measures for IT and OT systems. Coordinate with ICS engineers, IT admins, SOC teams for patch validation and monitoring upgrades. Compliance & Framework Alignment: Ensure assessments comply with industry standards: NIST SP 800-82, ISA/IEC 62443, ISO 27001, NERC CIP. Map findings to MITRE ATT&CK for ICS and track new CVEs in industrial products. Eligibility: Educational Background: Bachelor’s or Master’s in Cybersecurity, Computer Science, Industrial Automation, Electronics, or related field. Technical Skills: Deep knowledge of ICS/SCADA systems, embedded architectures, and real-time OS (VxWorks, QNX, FreeRTOS). Hands-on with VAPT tools (Nessus, Burp Suite, Metasploit, Nmap, SQLMap, etc.), ICS tools (Wireshark, PLCScan, ICSFuzz, S7comm Tools, etc.), Firmware tools (Binwalk, Ghidra, Radare2), IIoT security (Shodan, MQTTX, Postman, OWASP ZAP). Desired Eligibility: Certifications (Preferred): OSCP, GRID, GICSP, CRT, CRTP, CEH, CISSP. Participation in ICS/IoT CTFs or open-source contributions is a plus. Travel: As and when required, across the country for project execution and monitoring, as well as for coordination with geographically distributed teams. Communication: Submit a cover letter summarising your experience in relevant technologies and software, along with a resume and the Latest passport-size photograph.

About Client: Our Client is a global IT services company headquartered in Southborough, Massachusetts, USA. Founded in 1996, with a revenue of $1.8B, with 35,000+ associates worldwide, specializes in digital engineering, and IT services company helping clients modernize their technology infrastructure, adopt cloud and AI solutions, and accelerate innovation. It partners with major firms in banking, healthcare, telecom, and media. Our Client is known for combining deep industry expertise with agile development practices, enabling scalable and cost-effective digital transformation. The company operates in over 50 locations across more than 25 countries, has delivery centers in Asia, Europe, and North America and is backed by Baring Private Equity Asia. Job Title: Java Automation Skills :Java11+,Appium,TestNG,AWS Job Locations: Gurugram Experience: 6 -10Years Budget: 15 LPA Education Qualification : Any Graduation Work Mode: Hybrid Employment Type: Contract Notice Period: Immediate - 15 Days Interview Mode: 2 Rounds of Technical Interview Job Description: Key Responsibilities: Core Responsibilities: Test Strategy & Planning  Build risk-based matrices covering functional, integration, performance, and security scopes; tether each matrix to product OKRs (e.g., user-retention, session length). Automation Frameworks & Tooling   Architect modular UI/API automation in Java 11+ using Appium, TestNG, and Allure; enable parallel grid execution via BrowserStack or AWS Device Farm. Implement contract-testing (Pact) to flag breaking backend changes; add property-based fuzzing for resilience. CI/CD & Observability   Embed quality gates in GitHub Actions or Xcode Cloud; publish flakiness and coverage dashboards. Visualise runtime anomalies with MetricKit exporters feeding Grafana panels. Manual & Exploratory Testing  Conduct session-based deep-dives on new iOS 26 paradigms (widgets, Live Activities, Vision Pro handoff); verify accessibility (VoiceOver, Switch Control) and localisation paths. Minimum Qualifications      4 + yrs in mobile QA (≥ 2 yrs iOS automation). Mastery of Appium + XCTest/XCUITest; comfort with Fastlane tools (scan, gym, snapshot). Robust Java (streams, lambdas, TestNG listeners) and scripting (Bash/Python) chops. Hands-on device-farm orchestration and MDM-secured lab management. Familiarity with Xcode 16+ and iOS SDK nuances. Interested Candidates please share your CV to hajeera.s@people-prime.com

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are seeking a dynamic and experienced Product Manager to join our growing Enterprise TruRisk Platform PM Team at Qualys. In this role, you will drive the strategy and execution of our Connectors — to unlock value with new use cases by integrating Qualys with 3rd Party Application Security Solutions. You will bring a strong background in application security, and a “can-do” attitude to help global enterprise customers to seamlessly integrate their app security data with Qualys ecosystem. You will collaborate closely with engineering, product design, product marketing, sales, and solution engineering teams, and interface with product leadership in a globally distributed environment. This is an exciting opportunity to have a high-impact role at a company known for innovation and trusted by the world’s leading enterprises. Requirements: Background in solution engineering, product development, product management, business analysis, Integration architect, Implementation consultant Deep understanding of application security, Secure coding standards (e.g. OWASP Top 10, SANS CWE) Threat modeling, static and dynamic analysis (SAST, DAST) Software Composition Analysis (SCA) for open-source vulnerabilities Application penetration testing, fuzzing, and red teaming basics Hands-on experience or strong understanding of AppSec tools and platforms, such as: Veracode, Checkmarx, Fortify, SonarQube, GitHub Advanced Security Knowledge of API security, including JWT, OAuth, rate limiting, and input validation strategies Proven experience in leading AppSec product initiatives in a cybersecurity or developer tools company Skilled at working with engineering and Security teams to design and prioritize scalable solutions Understanding of integration - API, authentication protocols (OAuth, SAML), integration security best practices Excellent written and verbal communication skills to align diverse stakeholders Responsibilities: Define and execute the product strategy and roadmap for Qualys connectors based on company goals, customer feedback, industry trends, competitive analysis, and market research Define clear product themes, epics, and user stories as input to engineering and design teams Collaborate with engineering, UX/UI, and program management teams to prioritize, iterate, and refine product plans and ensure on-time delivery Attend and drive engineering grooming sessions and regular scrum meetings to provide PM input and track progress Identify, prioritize, and resolve trade-offs and issues that might impede product delivery Define, acquire, and analyze metrics and KPIs to guide product priorities and track success Engaging with customers to gather feedback, run beta programs, and validate product features before general availability Ability to articulate value propositions for security solutions to technical and non-technical audiences. Collaborate with Marketing on product messaging, launch readiness, and field enablement Support the Sales team with product pitches, demos, and enablement for key accounts and strategic opportunities Education and Experience: Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or a related technical field (MBA or equivalent experience preferred) 3+ years of experience in product management, or 5+ years in a technical leadership, security engineering, solution architecture role in cybersecurity or application security or developer security products Prior background as a technical product manager (for security products) or security engineer is highly desirable Relevant certifications are a plus: Security: CISSP, CSSLP, OSWE, or GWAPT

Key Responsibilities Complete testing on time. Keep up to date with the latest in standards, regulations and technical developments in the cyber security space. Actively co-develop the security programs and details test method according to ITSAR requirements Set-up lab infrastructure and test equipments needed to deliver the service according to ITSAR, NCCS requirements and IoT services such as EN 303645 Knowledge in sniffing, authentication, web app, fuzzing, update mechanism, secure storage, cybersecurity standard such as ETS EN 303645 / ITSAR Standards Testing as per the requirements/contract entered with customers as per NCCS/ITSAR/Consumer IoT security standards Review of test results and reports before they are submitted to authorities Stay up to date with the standards and regulations Support and guidance to the peers in and during the testing To implement corrections and corrective actions. Ensure testing is completed as per the schedule Education B.E/B.Tech./M.E/M.Tech or M.C.A (Minimum 2 years of experience in Cyber security testing) BE or B.Tech. or ME or M.Tech and the streams should be Electronics/ Telecommunication/Computer Science/Cyber Security/AI Certification or Training Trained and certified in atleast one cyber security certification (like CEH)

At Arctic Wolf, we're redefining the cybersecurity landscape. With our employee Pack members, spread out globally, committed to setting new industry standards. Our accomplishments speak for themselves, from our recognition in the Forbes Cloud 100 , CNBC Disruptor 50 , Fortune Future 50 , and Fortune Cyber 60 to winning the 2024 CRN Products of the Year award. We’re proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and earning a Customers' Choice distinction from Gartner Peer Insights . Our Aurora Platform also received CRN’s Products of the Year award in the inaugural Security Operations Platform category. Join a company that’s not only leading, but also shaping, the future of security operations. Our mission is simple: End Cyber Risk. We’re looking for a Developer Intern to be part of making this happen. About The Role The Arctic Wolf security operations platform ingests and processes upwards of 600 billion events a day from a wide variety of on-premise devices and cloud platforms. The security pipeline is a distributed system of loosely-coupled microservices that constitute our Realtime analysis and threat detection systems. These services distill the incoming events into actionable intelligence that our Concierge Security Teams use to protect customers. We are looking for engineers to join our pack and work with us to build and expand the capabilities of our testing platform. You Will Design, develop, and maintain software services using Java, Spring Boot, Golang, JavaScript, TypeScript, React etc. Write clean, efficient, and testable code with proper documentation and unit testing. Create and extend software frameworks and tools to run, monitor, and report on automated tests. Create test approaches, test plans and test cases to drive high quality software deliverables Contribute to CI/CD pipelines and deployment automation using modern DevOps practices Maintain high quality software with automated testing using a variety of methods such as API validation, performance/load testing, fuzzing, etc. Work as part of a team of highly skilled software professionals Continuously learn and expand your technical horizons Our Technology Stack: Docker, Kubernetes, Amazon Web Services (AWS), OpenAPI, Kafka, Java, Golang, Postgres, Linux, and Javascript. You Are excited to work at the intersection of Big Data and the Cyber Security problem spaces Have 0-1 year(s) of experience shipping quality software Love building high quality software Have experience deploying services on cloud computing platforms (e.g, AWS, Azure, GCP) Are an expert using common tools for executing functional, load and fuzz testing Have worked on distributed systems and microservices architecture (preferred) Have experience working on stream processing architectures (e.g. Kafka, Flink) About Arctic Wolf At Arctic Wolf we’re cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We’ve been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)—and the 2nd Most Innovative Security Company. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience including: Top Workday USA (2021-2024) Great Place to Work (2022-2024) & Best Workplaces for Women (2024) in Canada Best Workplaces in Tech & For Women in the UK (2023) Top Company by Kununu in Germany (2024) Our Values Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good. We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here. Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com. Security Requirements Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes, and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies). Background checks are required for this position.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology, and management consulting, tax, and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. USI is a member of RSM International, the sixth largest global network of independent accounting, tax, and consulting firms. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Risk Consulting helps clients across various industries by addressing the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses. Risk Consulting major offerings includes AML & Regulatory Compliance; ERP Advisory; Automation and Analytics; Enterprise Risk Management; Internal Audit; SOX Advisory; Contract Compliance; Credit Reviews; Information & Technology Audits; Cybersecurity risk management; Third-party risk management; IT due diligence; SOC1 / SOC2; Security and Privacy Risk; Governance Risk and Compliance; PCI; Cyber Transformation; Manage Security Services; Secure Architecture Solutions; Cyber Testing; Digital Forensics and Incident Response; and Cyber Threat Intelligence. Qualification and Minimum Entry Requirements Bachelor or Master degree in computer science with a minimum of 10 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Good knowledge of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST , aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing. Technical Requirements Web application penetration testing experience - familiarity with Burp, OWASP Top 10, etc Ability to recognize and validate significant findings past initial scanning/recon Web Services penetration testing (RESTful, CURL and SOAP) API penetration testing experience Conducts periodic scans of networks to find and detect vulnerabilities Lead scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements Conduct IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing) Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach Maintain a firm grasp on the industry and anticipate trends and movements while balancing maturity and timing Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools Expert knowledge of tools used for wireless, web application, and network security testing Working knowledge of CI/CD and SDLC deployment lifecycles and mechanisms Motivated self-starter who loves to solve challenging problems and feels comfortable working directly with customers Excellent oral, written communication, and presentation skills with an ability to present client security sessions and security workshops to C-Level Executives and non-technical audience Highly organized, detail-oriented, excellent time management skills, and able to effectively prioritize tasks in a fast-paced, high-volume, and evolving work environment Ability to approach customer and sales requests with a proactive and consultative manner; listen and understand user requests and needs and effectively deliver Comfortable managing multiple and changing priorities, and meeting deadlines in an entrepreneurial environment Nice to have: Mobile application penetration testing experience Nice to have: Cloud penetration testing experience (AWS and Azure) Soft Skills Requirement Ability to work independently under minimal supervision and within a team. Manage project tasks and deadlines within a multi-time zone remote culture. 5-10 years of customer-facing consulting experience Ability to communicate complex vulnerability results and demonstrate proof of concepts for diverse audiences. 5+ years of experience managing a diverse team of technical testers Proven experience improving technical quality of the team Report regularly to management on improvements and team challenges 7-10 years of experience working in a global environment with multiple time zones and adjusting to client needs in other countries Ability to train others and improve technical skills of a team At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology, and management consulting, tax, and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. USI is a member of RSM International, the sixth largest global network of independent accounting, tax, and consulting firms. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Risk Consulting helps clients across various industries by addressing the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses. Risk Consulting major offerings includes AML & Regulatory Compliance; ERP Advisory; Automation and Analytics; Enterprise Risk Management; Internal Audit; SOX Advisory; Contract Compliance; Credit Reviews; Information & Technology Audits; Cybersecurity risk management; Third-party risk management; IT due diligence; SOC1 / SOC2; Security and Privacy Risk; Governance Risk and Compliance; PCI; Cyber Transformation; Manage Security Services; Secure Architecture Solutions; Cyber Testing; Digital Forensics and Incident Response; and Cyber Threat Intelligence. Qualification and Minimum Entry Requirements Bachelor or Master degree in computer science with a minimum of 10 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Good knowledge of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST , aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing. Technical Requirements Web application penetration testing experience - familiarity with Burp, OWASP Top 10, etc Ability to recognize and validate significant findings past initial scanning/recon Web Services penetration testing (RESTful, CURL and SOAP) API penetration testing experience Conducts periodic scans of networks to find and detect vulnerabilities Lead scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements Conduct IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing) Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach Maintain a firm grasp on the industry and anticipate trends and movements while balancing maturity and timing Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools Expert knowledge of tools used for wireless, web application, and network security testing Working knowledge of CI/CD and SDLC deployment lifecycles and mechanisms Motivated self-starter who loves to solve challenging problems and feels comfortable working directly with customers Excellent oral, written communication, and presentation skills with an ability to present client security sessions and security workshops to C-Level Executives and non-technical audience Highly organized, detail-oriented, excellent time management skills, and able to effectively prioritize tasks in a fast-paced, high-volume, and evolving work environment Ability to approach customer and sales requests with a proactive and consultative manner; listen and understand user requests and needs and effectively deliver Comfortable managing multiple and changing priorities, and meeting deadlines in an entrepreneurial environment Nice to have: Mobile application penetration testing experience Nice to have: Cloud penetration testing experience (AWS and Azure) Soft Skills Requirement Ability to work independently under minimal supervision and within a team. Manage project tasks and deadlines within a multi-time zone remote culture. 5-10 years of customer-facing consulting experience Ability to communicate complex vulnerability results and demonstrate proof of concepts for diverse audiences. 5+ years of experience managing a diverse team of technical testers Proven experience improving technical quality of the team Report regularly to management on improvements and team challenges 7-10 years of experience working in a global environment with multiple time zones and adjusting to client needs in other countries Ability to train others and improve technical skills of a team At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. The RSM USI supports RSM U.S. risk consulting, transaction advisory, technical accounting, financial consulting, technology, and management consulting, tax, and assurance engagement teams by providing access to highly skilled professionals for repeatable business processes over an extended business day. USI is a member of RSM International, the sixth largest global network of independent accounting, tax, and consulting firms. RSM’s vision is to be the first-choice advisor to middle market leaders globally. You will work directly with clients, key decision makers and business owners across various industries and geographies to deliver a top-quality client experience. RSM is a diverse and inclusive place where you will work as part of a team while being valued as an individual, mentored as a future leader, and recognized for your accomplishments. Risk Consulting helps clients across various industries by addressing the increasingly complex strategic, operational, compliance, and governance challenges faced by those responsible for managing or overseeing dynamic businesses. Risk Consulting major offerings includes AML & Regulatory Compliance; ERP Advisory; Automation and Analytics; Enterprise Risk Management; Internal Audit; SOX Advisory; Contract Compliance; Credit Reviews; Information & Technology Audits; Cybersecurity risk management; Third-party risk management; IT due diligence; SOC1 / SOC2; Security and Privacy Risk; Governance Risk and Compliance; PCI; Cyber Transformation; Manage Security Services; Secure Architecture Solutions; Cyber Testing; Digital Forensics and Incident Response; and Cyber Threat Intelligence. Qualification And Minimum Entry Requirements Bachelor or Master degree in computer science with a minimum of 10 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Good knowledge of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing. Technical Requirements Web application penetration testing experience - familiarity with Burp, OWASP Top 10, etc Ability to recognize and validate significant findings past initial scanning/recon Web Services penetration testing (RESTful, CURL and SOAP) API penetration testing experience Conducts periodic scans of networks to find and detect vulnerabilities Lead scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements Conduct IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing) Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach Maintain a firm grasp on the industry and anticipate trends and movements while balancing maturity and timing Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools Expert knowledge of tools used for wireless, web application, and network security testing Working knowledge of CI/CD and SDLC deployment lifecycles and mechanisms Motivated self-starter who loves to solve challenging problems and feels comfortable working directly with customers Excellent oral, written communication, and presentation skills with an ability to present client security sessions and security workshops to C-Level Executives and non-technical audience Highly organized, detail-oriented, excellent time management skills, and able to effectively prioritize tasks in a fast-paced, high-volume, and evolving work environment Ability to approach customer and sales requests with a proactive and consultative manner; listen and understand user requests and needs and effectively deliver Comfortable managing multiple and changing priorities, and meeting deadlines in an entrepreneurial environment Nice to have: Mobile application penetration testing experience Nice to have: Cloud penetration testing experience (AWS and Azure) Soft Skills Requirement Ability to work independently under minimal supervision and within a team. Manage project tasks and deadlines within a multi-time zone remote culture. 5-10 years of customer-facing consulting experience Ability to communicate complex vulnerability results and demonstrate proof of concepts for diverse audiences. 5+ years of experience managing a diverse team of technical testers Proven experience improving technical quality of the team Report regularly to management on improvements and team challenges 7-10 years of experience working in a global environment with multiple time zones and adjusting to client needs in other countries Ability to train others and improve technical skills of a team At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com.

Every day, millions of people count on NETGEAR products to connect their digital lives at home and on the go. As a key member of the NETGEAR Product Security Team, you will be helping our innovators develop highly secure and trusted networking products. This is a hybrid role based in Bengaluru. Key Responsibilities Serve as the product security subject-matter expert closely collaborating with other NETGEAR product development teams to identify, assess, root-cause, address, validate, and prevent product security issues. Be the champion for secure and defensive programming techniques and use of automation to eliminate and prevent security problems. Keep up to date with latest advancements in the field and continually elevate the secure software development practices at NETGEAR. Use the latest and greatest bug hunting technologies to find security vulnerabilities at scale. Monitor the latest security trends, vulnerabilities, and threat intelligence, and assess their relevance to NETGEAR products. Required Qualifications 10+ years of relevant work experience in application security, hardware, IoT security, security pen-testing, vulnerability discovery, secure software development, and design security reviews. Proven track record of implementing and scaling security tooling such as pre-commit hooks with static code analysis (SAST) and dependency security (OSS/SCA), and fine tuning them for the best developer experience. Experience with using techniques like fuzzing, reverse engineering, writing SAST rules, semgrep, CodeQL, Excellent knowledge of common security weaknesses (like OWASP top-n lists) and best ways to address them. Understanding of network security technologies and vulnerabilities, especially in the networking device space. Strong analytical and problem-solving skills, the ability to work both independently and collaboratively with diverse stakeholders Excellent written and verbal communication skills in English. BE or masters degree in computer science, computer security, application security, information security, or networking. Preferred Qualifications (optional) Participation in Capture the Flag (CTF) competitions, a local OWASP chapter, or similar security-focused communities Experience with software and firmware development. Examples of CVEs discovered or analyzed, or bug bounty awards received. Examples of innovation in product security, such as patents, publications, or contributions to open-source security projects. Company Statement/Values At NETGEAR, we are on a mission to unleash the full potential of connectivity with intelligent solutions that delight and protect. We turn ideas into innovative networking products that connect people, power businesses, and advance the way we live. We&aposre a performance-driven, talented and connected team that&aposs committed to delivering world-class products for our customers. As a company, we value our employees as the most essential building blocks of our success. And as teammates, we commit to taking our work to the Next Gear by living our values: we Dare to Transform the future, Connect and Delight our customers, Communicate Courageously with each other and collaborate to Win It Together . Youll find our values woven through our processes, present in our decisions, and celebrated throughout our culture. We strive to attract top talent and create a great workplace where people feel engaged, inspired, challenged, proud and respected. If you are creative, forward-thinking, passionate about technology and are looking for a rewarding career to make an impact, then you&aposve got what it takes to succeed at NETGEAR. Join our network and help us shape the future of connectivity. NETGEAR hires based on merit. All qualified applicants will receive equal consideration for employment. All your information will be kept confidential according to EEO guidelines. Show more Show less

Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets. Our platform, Ubuntu, is widely used in breakthrough enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers include the world's leading public cloud and silicon providers, and industry leaders in many sectors. The company is a pioneer of global distributed collaboration, with 1200+ colleagues in 75+ countries and very few office-based roles. Teams meet two to four times yearly in person, in interesting locations around the world, to align on strategy and execution. The company is founder-led, profitable, and growing. Canonical is looking for exceptional security-focused software engineers to be integrated across product teams. While they also contribute to the product as engineers, their primary focus is to challenge the entire team to think more deeply about security through state-of-the-art practices such as threat modeling, table-top exercises, architecture and design reviews, static analysis tools, and fuzzing, among others. These roles encompass all aspects of product security, including feature development, vulnerability response, proactive security, and open source community participation. Engineers in these roles collaborate closely with other Canonical teams, customers, and partners across the open source ecosystem. Each product engineering team at Canonical reserves one or two openings for security-oriented software engineers. We also develop a number of products driven entirely by security needs, such as our AppArmor kernel investments and the Ubuntu Security Guide (USG). As the publisher of Ubuntu, we also handle long-term security response for the entire operating system and open source ecosystem. Working with tens of thousands of upstreams means that we need to be fluent in every major programming language and design, build, and adopt sophisticated tools that enable us to work at scale and speed with confidence. Apply here if you are an exceptional security-focused software engineer, passionate about open source, and excited by Canonical's products and mission. This role requires the ability to be productive in a globally distributed team through strong self-discipline and motivation. It also involves mandatory international travel at least twice a year, typically for one week. Location: Worldwide, this is a globally remote role What you'll do Security roles might tackle any of the following: Define, implement, and document new security features Lead security-focused initiatives within a product engineering team Analyze, fix, and test vulnerabilities in open source software Contribute to Ubuntu and upstream open source projects to benefit the community Audit and analyze source code for vulnerabilities Integrate new tools into our security infrastructure, pipelines, and processes Achieve and retain various security certifications Extend and enhance Linux cryptographic components to meet country-specific compliance requirements, such as FIPS and Common Criteria (CC) certifications Work with external partners to develop Center for Internet Security (CIS) benchmarks Design and develop hardening automation for Ubuntu Stay up to date with trends and developments in the security industry Develop, test, and maintain new software capabilities Provide guidance and support to other engineering teams on security best practices What we are looking for in you An exceptional academic track record from both high school and university Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path A track record of going above and beyond expectations Thorough understanding of the common categories of security vulnerabilities and how to fix them Knowledge of modern software engineering techniques Familiarity with open source development tools and methodologies Skill in one or more of C, C++, Python, Go, Rust, Java, Ruby, PHP, or JavaScript/Typescript Experience as a security champion Experience driving security within a wider SSDLC process Professional written and spoken English Experience with Linux (Debian or Ubuntu preferred) Excellent interpersonal skills, curiosity, flexibility, and accountability Passion, thoughtfulness, and self-motivation Excellent communication and presentation skills Results-oriented, with a personal drive to meet commitments Optional skills we also value Clear and effective communication with both the team and Ubuntu community members Experience working with the Linux kernel Experience with security certifications and knowledge of FIPS and/or Common Criteria (CC) Experience with OVAL (Open Vulnerability Assessment Language) Knowledge of cryptographic modules such as OpenSSL and Libgcrypt Knowledge of low-level Linux cryptography APIs Demonstrated ability to learn quickly Performance engineering experience What we offer you We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognize outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally. Distributed work environment with twice-yearly team sprints in person Personal learning and development budget of USD 2,000 per year Annual compensation review Recognition rewards Annual holiday leave Maternity and paternity leave Employee Assistance Programme Opportunity to travel to new locations to meet colleagues Priority Pass, and travel upgrades for long haul company events About Canonical Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game. Canonical is an equal opportunity employer We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets. Our platform, Ubuntu, is widely used in breakthrough enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers include the world's leading public cloud and silicon providers, and industry leaders in many sectors. The company is a pioneer of global distributed collaboration, with 1200+ colleagues in 75+ countries and very few office-based roles. Teams meet two to four times yearly in person, in interesting locations around the world, to align on strategy and execution. The company is founder-led, profitable, and growing. Canonical is looking for exceptional security-focused software engineers to be integrated across product teams. While they also contribute to the product as engineers, their primary focus is to challenge the entire team to think more deeply about security through state-of-the-art practices such as threat modeling, table-top exercises, architecture and design reviews, static analysis tools, and fuzzing, among others. These roles encompass all aspects of product security, including feature development, vulnerability response, proactive security, and open source community participation. Engineers in these roles collaborate closely with other Canonical teams, customers, and partners across the open source ecosystem. Each product engineering team at Canonical reserves one or two openings for security-oriented software engineers. We also develop a number of products driven entirely by security needs, such as our AppArmor kernel investments and the Ubuntu Security Guide (USG). As the publisher of Ubuntu, we also handle long-term security response for the entire operating system and open source ecosystem. Working with tens of thousands of upstreams means that we need to be fluent in every major programming language and design, build, and adopt sophisticated tools that enable us to work at scale and speed with confidence. Apply here if you are an exceptional security-focused software engineer, passionate about open source, and excited by Canonical's products and mission. This role requires the ability to be productive in a globally distributed team through strong self-discipline and motivation. It also involves mandatory international travel at least twice a year, typically for one week. Location: Worldwide, this is a globally remote role What you'll do Security roles might tackle any of the following: Define, implement, and document new security features Lead security-focused initiatives within a product engineering team Analyze, fix, and test vulnerabilities in open source software Contribute to Ubuntu and upstream open source projects to benefit the community Audit and analyze source code for vulnerabilities Integrate new tools into our security infrastructure, pipelines, and processes Achieve and retain various security certifications Extend and enhance Linux cryptographic components to meet country-specific compliance requirements, such as FIPS and Common Criteria (CC) certifications Work with external partners to develop Center for Internet Security (CIS) benchmarks Design and develop hardening automation for Ubuntu Stay up to date with trends and developments in the security industry Develop, test, and maintain new software capabilities Provide guidance and support to other engineering teams on security best practices What we are looking for in you An exceptional academic track record from both high school and university Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path A track record of going above and beyond expectations Thorough understanding of the common categories of security vulnerabilities and how to fix them Knowledge of modern software engineering techniques Familiarity with open source development tools and methodologies Skill in one or more of C, C++, Python, Go, Rust, Java, Ruby, PHP, or JavaScript/Typescript Experience as a security champion Experience driving security within a wider SSDLC process Professional written and spoken English Experience with Linux (Debian or Ubuntu preferred) Excellent interpersonal skills, curiosity, flexibility, and accountability Passion, thoughtfulness, and self-motivation Excellent communication and presentation skills Results-oriented, with a personal drive to meet commitments Optional skills we also value Clear and effective communication with both the team and Ubuntu community members Experience working with the Linux kernel Experience with security certifications and knowledge of FIPS and/or Common Criteria (CC) Experience with OVAL (Open Vulnerability Assessment Language) Knowledge of cryptographic modules such as OpenSSL and Libgcrypt Knowledge of low-level Linux cryptography APIs Demonstrated ability to learn quickly Performance engineering experience What we offer you We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognize outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally. Distributed work environment with twice-yearly team sprints in person Personal learning and development budget of USD 2,000 per year Annual compensation review Recognition rewards Annual holiday leave Maternity and paternity leave Employee Assistance Programme Opportunity to travel to new locations to meet colleagues Priority Pass, and travel upgrades for long haul company events About Canonical Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game. Canonical is an equal opportunity employer We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets. Our platform, Ubuntu, is widely used in breakthrough enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers include the world's leading public cloud and silicon providers, and industry leaders in many sectors. The company is a pioneer of global distributed collaboration, with 1200+ colleagues in 75+ countries and very few office-based roles. Teams meet two to four times yearly in person, in interesting locations around the world, to align on strategy and execution. The company is founder-led, profitable, and growing. Canonical is looking for exceptional security-focused software engineers to be integrated across product teams. While they also contribute to the product as engineers, their primary focus is to challenge the entire team to think more deeply about security through state-of-the-art practices such as threat modeling, table-top exercises, architecture and design reviews, static analysis tools, and fuzzing, among others. These roles encompass all aspects of product security, including feature development, vulnerability response, proactive security, and open source community participation. Engineers in these roles collaborate closely with other Canonical teams, customers, and partners across the open source ecosystem. Each product engineering team at Canonical reserves one or two openings for security-oriented software engineers. We also develop a number of products driven entirely by security needs, such as our AppArmor kernel investments and the Ubuntu Security Guide (USG). As the publisher of Ubuntu, we also handle long-term security response for the entire operating system and open source ecosystem. Working with tens of thousands of upstreams means that we need to be fluent in every major programming language and design, build, and adopt sophisticated tools that enable us to work at scale and speed with confidence. Apply here if you are an exceptional security-focused software engineer, passionate about open source, and excited by Canonical's products and mission. This role requires the ability to be productive in a globally distributed team through strong self-discipline and motivation. It also involves mandatory international travel at least twice a year, typically for one week. Location: Worldwide, this is a globally remote role What you'll do Security roles might tackle any of the following: Define, implement, and document new security features Lead security-focused initiatives within a product engineering team Analyze, fix, and test vulnerabilities in open source software Contribute to Ubuntu and upstream open source projects to benefit the community Audit and analyze source code for vulnerabilities Integrate new tools into our security infrastructure, pipelines, and processes Achieve and retain various security certifications Extend and enhance Linux cryptographic components to meet country-specific compliance requirements, such as FIPS and Common Criteria (CC) certifications Work with external partners to develop Center for Internet Security (CIS) benchmarks Design and develop hardening automation for Ubuntu Stay up to date with trends and developments in the security industry Develop, test, and maintain new software capabilities Provide guidance and support to other engineering teams on security best practices What we are looking for in you An exceptional academic track record from both high school and university Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path A track record of going above and beyond expectations Thorough understanding of the common categories of security vulnerabilities and how to fix them Knowledge of modern software engineering techniques Familiarity with open source development tools and methodologies Skill in one or more of C, C++, Python, Go, Rust, Java, Ruby, PHP, or JavaScript/Typescript Experience as a security champion Experience driving security within a wider SSDLC process Professional written and spoken English Experience with Linux (Debian or Ubuntu preferred) Excellent interpersonal skills, curiosity, flexibility, and accountability Passion, thoughtfulness, and self-motivation Excellent communication and presentation skills Results-oriented, with a personal drive to meet commitments Optional skills we also value Clear and effective communication with both the team and Ubuntu community members Experience working with the Linux kernel Experience with security certifications and knowledge of FIPS and/or Common Criteria (CC) Experience with OVAL (Open Vulnerability Assessment Language) Knowledge of cryptographic modules such as OpenSSL and Libgcrypt Knowledge of low-level Linux cryptography APIs Demonstrated ability to learn quickly Performance engineering experience What we offer you We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognize outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally. Distributed work environment with twice-yearly team sprints in person Personal learning and development budget of USD 2,000 per year Annual compensation review Recognition rewards Annual holiday leave Maternity and paternity leave Employee Assistance Programme Opportunity to travel to new locations to meet colleagues Priority Pass, and travel upgrades for long haul company events About Canonical Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game. Canonical is an equal opportunity employer We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.