26 Fuzzing Jobs

Role Overview We are hiring a Technical Lead – AI Security to join our CISO team in Mumbai. This is a critical, hands-on role — ensuring the trustworthiness, resilience, and compliance of AI/ML systems, including large language models (LLMs). You will work at the intersection of cybersecurity and AI, shaping secure testing, understanding secure MLOps/LLMOps workflows, and leading technical implementation of defenses against emerging AI threats. This role requires both strategic vision and strong engineering depth. Key Responsibilities · Lead and operationalize the AI/ML and LLM security roadmap across training, validation, deployment, and runtime to enable AI Security Platform Approach. · Design and implement defenses against threats like adversarial attacks, data poisoning, model inversion, prompt injection, and fine-tuning exploits using industry leading open source and commercial tools. · Build hardened workflows for model security, integrity verification, and auditability in production AI environments. · Leverage AI security tools for scanning, fuzzing, and penetration testing models. · Apply best practices from OWASP Top 10 for ML/LLMs, MITRE ATLAS, NIST AI RMF, and ISO/IEC 42001 to test AI/ML assets. · Ensure AI model security testing framework aligns with internal policy, national regulatory requirements, and global best practices. · Plan and execute security tests for AI/LLM systems, including jailbreaking, RAG hardening, and bias/toxicity validation. Required Skills & Experience · 8+ years in cybersecurity, with at least 3+ years hands-on in AI/ML security or secure MLOps/LLMOps · Proficient in Python, TensorFlow/PyTorch, HuggingFace, LangChain, and common data science libraries · Deep understanding of adversarial ML/LLM, model evaluation under threat conditions, and inference/training-time attack vectors · Experience securing cloud-based AI workloads (AWS, Azure, or GCP) · Familiarity with secure DevOps and CI/CD practices · Strong understanding of AI-specific threat models (MITRE ATLAS) and security benchmarks (OWASP Top 10 for ML/LLMs) · Ability to communicate technical risk clearly to non-technical stakeholders · Ability to guide developers and data scientists to solve the AI Security risks. · Certifications: CISSP, OSCP, GCP ML Security, or relevant AI/ML certificates · Experience with AI security tools or platforms (e.g., model registries, lineage tracking, policy enforcement) · Experience with RAG, LLM-based agents, or agentic workflows · Experience in regulated sectors (finance, public sector) Show more Show less

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Windows Security Senior Engineer Company: - Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: We are looking for Security Engineer to contribute in the area of the Windows on Snapdragon products. The person will have the responsibility to perform security assessment, design & code review, develop fuzzing harness and fuzz the Windows software stack on Snapdragon products. Ideal candidate must posses security mindset and has good exposure on Security Development Life Cycle "SDLC". The ideal candidate also needs to have Strong Embedded software knowledge, Experience on Windows Internals and good driver development. Solid understanding of Operating System concepts, RTOS, FW management. Solid understanding of System level features, Processor and Power management, architecting system level features. Hands on experience in complex and multi domain large features. Windows kernel driver development experience. Understanding and experience in Designing and Implementing Windows Kernel mode drivers, Board support package, ACPI & UEFI. Strong communication and interpersonal skills. Strong problem solving and debugging skills. Ability to co-ordinate across stakeholders and Task management Handling small to large medium size technology teams. Experience on Enterprise and IHV/IBVs is a plus Minimum . Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 1+ year of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field. 2+ years of academic or work experience with Programming Language such as C, C++, Java, Python, etc. Preferred Qualifications 2+ years of Security Engineering or related work experience. Design and development of Fuzzing harness Ability to perform design and code review for vulnerability detection Strong knowledge on Windows OS internals and Windows Driver knowledge (KMDF) Windows Device driver programming and debugging with WinDbg, JTAG/other tools. ARM Processor architecture and Assembly Language. Experience with PC software - System BIOS, UEFI, ACPI, Drivers, Applications Embedded OS (Kernel architecture, OS services heap, memory, multi-core, multi-threading, and crash debugging). Knowledge of OS/system performance profiling and optimization techniques. Communication, written & interpersonal skills, motivation, the ability to learn quickly

Job Title:- Penetration Tester We are looking for Penetration Tester to join our security team & who will be responsible for Web & Mobile VAPT. Job Description : Qualysec Technologies is seeking a skilled and highly motivated Penetration Tester to join our fabulous security team in Bhubaneswar. The Penetration Tester will be mainly responsible for performing security testing of Web & Mobile applications including identifying, evaluating, and exploiting vulnerabilities in various systems, networks, and applications. Qualification :- Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. Experience :- 0 to 1 years Location :- Bhubaneswar Job Type :- Full Time Responsibilities Perform vulnerability assessments & penetration testing (VAPT) on Web, APIs and mobile applications Identify and exploit vulnerabilities in products under test prepare reports by documenting identified issues based on internal templates Collaborating with other team members to improve the overall security posture of our clients. Enhance technical skills & knowledge by Staying up-to-date with emerging threats and vulnerabilities Skills Required Knowledge in penetration testing, vulnerability assessment, and ethical hacking. Knowledge in Pentesting of various applications i.e Web, Mobile (Android & iOS), APIs, Cloud (AWS / Azur )etc. Strong knowledge of security assessment tools such as Metasploit, BurpSuite, ZAP, OWASP tools, Kali Linux tools and Fuzzing tools Hands-on experience with manual and automated penetration testing methodologies. Experience in working with Standards such as NIST, OWASP, MITRE CWE etc. Strong understanding of network protocols, operating systems, and web application technologies. Excellent written and verbal communication skills, with the ability to clearly document and communicate findings and recommendations. About Us Qualysec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services. Our tailored solutions help businesses proactively defend against evolving cyber threats. With over four years of experience, we take pride in having served more than 150 clients across 21 countries—a testament to our commitment to quality and resilience. Our dynamic work environment and employee-focused culture drive our continuous growth and success. Job Type: Full-time Schedule: Day shift Note: Preference will be given to Odisha candidates. Job Types: Full-time, Permanent Schedule: Day shift Work Location: In person

Principal Security Engineering Manager Hyderabad, Telangana, India Date posted May 12, 2025 Job number 1823324 Work site Microsoft on-site only Travel 0-25 % Role type People Manager Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. As a manager in the Continuous Security Validation & Assurance (CSVA) security engineering team, you will have an opportunity to contribute your deep technical leadership and problem-solving skills to lead a team of engineers working on the security of the underlying platform, code and infrastructure of many Microsoft products used by millions of customers. We build and manage services to manage continuous security posture of cloud scale services. The team is customer-focused with an emphasis on security, great user experience and reliability. You would drive solutions to challenging technical problems involving security for large scale systems and lead critical design initiatives, be accountable for delivery and take part in strategic and tactical decisions in the context of mission-critical services. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Qualifications 8-10 years of overall industry experience in software development and building world class solutions with at least 3-5 years of that as SWE manager. A Bachelor’s degree in Computer Science or equivalent experience Experience in designing, coding, debugging and testing production grade cloud services with a high emphasis on security. Experience/understanding of addressing security issues in distributed cloud-based environments and across the dev ops ecosystem. Experience in technical leadership in driving engineering roadmaps, leading v-teams, mentoring and helping others grow technically. Knowledge of common security vulnerabilities/mitigations Excellent communication, cross-team collaboration/influence, presentation skills. Passion to grow and develop other engineers and leads. Preferred Proficient with a cloud computing environment like Azure (preferred), GCP or AWS. Experience with CICD pipelines/automation, agile/scrum processes Experience building and operating scalable microservices using Docker + Kubernetes. Ability to reason about security challenges and propose practical solutions Knowledge of Security Development Lifecycle, security standards and frameworks like NIST, OWASP, etc. Experience implementing security features/automated mitigations for common security issues. Ability to define, design and implement telemetry and proactive monitoring for the services to run the operations efficiently in production environments. Experience with security tools/techniques such as SAST, DAST, fuzzing, pen-testing, etc. Exposure to security protocols and infrastructure components such as OAuth, OIDC, PKI, IRM, A/AD, etc. Experience with reporting technologies/frameworks such as PowerBI. Experience with Kusto or other big data stores Responsibilities Lead the architecture, design and implementation of security engineering and security automation projects in the context of large scale services, working with a variety of stakeholders. Lead your team while also collaborating with stakeholders in peer teams and organizations to deliver production-grade solutions for security challenges that scale and work across multiple products while meeting standards of service quality, availability, scale and performance. Influence and align product vision by collaborating with customers, partners, product management and engineering teams. Have a hands-on approach to technical leadership in setting the engineering direction for the team with sound design and development best practices. Drive engineering roadmaps, leading teams, mentoring, and helping others grow. Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills To Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firm’s service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com. Show more Show less

Description As an IT/OT Vulnerability Assessment and Penetration Testing (VAPT) Engineer, you will be engaged in identifying and mitigating security vulnerabilities across IT systems, Industrial Control Systems (ICS), and Industrial Internet of Things (IIoT) environments. Your work will involve rigorous security assessments of critical infrastructure, SCADA systems, PLCs, field devices, gateways, and cloud-connected IIoT platforms. You will simulate advanced adversary tactics to expose vulnerabilities and provide strategic remediation guidance. The role is suited for professionals with a deep understanding of both enterprise IT security and industrial/embedded system ecosystems. Responsibilities 1-Vulnerability Assessment & Penetration Testing (IT + ICS/IIoT): Perform black-box, grey-box, and white-box VAPT on: Enterprise IT assets (servers, databases, web/mobile apps, Active Directory, cloud) OT/ICS assets (PLCs, RTUs, HMIs, engineering workstations, protocol gateways) IIoT platforms (MQTT/CoAP-based telemetry, edge gateways, cloud dashboards) Emulate APT-level attacks across air-gapped, segmented, or hybrid IT-OT architectures. Execute Red Team scenarios to simulate insider threats or supply chain compromise. 2- ICS Protocol & Field Device Security Testing: Analyze and exploit vulnerabilities in ICS protocols: Modbus TCP, DNP3, IEC 104, OPC-UA, S7comm, Profinet, BACnet, CIP (EtherNet/IP), MQTT, CoAP Perform live traffic analysis, packet manipulation, and protocol fuzzing to test resilience. Evaluate control logic vulnerabilities in ladder logic, structured text, and function blocks. 3- Firmware & Hardware Exploitation (IIoT/ICS Devices): Extract and analyze firmware from industrial devices using JTAG, UART, SPI interfaces. Perform static and dynamic analysis using Ghidra, Binwalk, Radare2, or IDA Pro. Reverse engineer file systems (e.g., squashfs, cramfs) and analyze web interfaces or CLI backdoors. Exploit misconfigured bootloaders, insecure firmware upgrade mechanisms, or exposed debug ports. 4- Network Architecture & Segmentation Testing: Review and test IT-OT segmentation via firewall ACLs, VLANs, DMZ configurations. Assess trust relationships, weak credential policies, and insecure remote access (e.g., exposed VNC, Telnet, RDP). Identify unauthorized bridging of air-gapped networks or misconfigured routing/switching. 5- Cloud & IIoT Platform Security: Evaluate MQTT brokers, edge-to-cloud telemetry, and analytics pipelines. Test REST APIs, insecure mobile app integrations, and cloud misconfigurations (S3, IAM, IoT Core). Identify insecure certificate handling, default API tokens, and lack of encryption at rest/in transit. Reporting & Mitigation Develop technical and executive-level reports with CVSS scoring, attack paths, and exploitation evidence. Recommend hardening measures for both IT (patches, SIEM, EDR) and OT (control policy tuning, physical zoning, least privilege for operators). Coordinate with ICS engineers, IT admins, and SOC teams for patch validation and monitoring upgrades. Compliance & Framework Alignment Ensure assessments comply with industry and regulatory frameworks: NIST SP 800-82, ISA/IEC 62443, ISO 27001, NERC CIP, SANS ICS Top 20 Map findings to MITRE ATT&CK for ICS and monitor emerging CVEs relevant to industrial products. Eligibility Educational Background: Bachelor’s or Master’s in Cybersecurity, Computer Science, Industrial Automation, Electronics, or a related field. Technical Skills: Deep knowledge of ICS/SCADA systems, embedded architectures, and real-time OS (VxWorks, QNX, FreeRTOS). Hands-on experience with tools: VAPT Tools: Nessus, Burp Suite, Metasploit, Nmap, Nikto, SQLMap ICS Tools: Wireshark, Scapy, PLCScan, ICSFuzz, S7comm Tools, Conpot, ModScan Firmware Tools: Binwalk, Ghidra, Radare2, OpenOCD, Logic Analyzers IIoT Security: Shodan, Censys, MQTTX, Postman, OWASP ZAP Certifications (Preferred): OSCP, GRID, GICSP, CRT, CRTP, CEH, CISSP, or equivalent. Participation in ICS/IoT-focused CTFs or open-source contributions is a plus. Travel As and when required, across the country for project execution and monitoring as well as for coordination with geographically distributed teams. Communication Submit a cover letter summarising your experience in relevant technologies and software along with a resume and the Latest passport-size photograph. Show more Show less

Cyber security - Automotive REQUIRED EXPERIENCE /SKILLS 8+ years of experience in automotive embedded software development. Develop and execute cybersecurity test plans for vehicle ECUs, communication networks (CAN, LIN, Ethernet), and connected systems. Perform threat and risk analysis (TARA) and validate mitigation measures. Conduct vulnerability assessments and penetration testing of automotive systems. Utilize tools like CANoe, Vector tools, and fuzzing frameworks to validate network security. Perform security regression testing on firmware/software releases. Validate compliance with ISO/SAE 21434, UNECE WP.29 (R155/R156) standards. Prepare technical documentation including test reports, risk assessments, and validation results Show more Show less

Company Description Checkmate Security is a specialized IT Security firm focusing on Fuzzing, Penetration Testing, Audits, and Security assessments. With expertise in finding flaws in applications and real attacker simulation, we provide comprehensive security solutions to our clients. Role Description This is a full-time hybrid role for an Emergency Response Officer at Checkmate Security. The role is located in Hyderabad with the flexibility to work from home. The Emergency Response Officer will be responsible for emergency services, physical security, training, security protocols, and firefighting procedures. Qualifications Emergency Services and Firefighting skills Physical Security and Security training expertise Experience in security protocols and emergency response Strong problem-solving and decision-making abilities Excellent communication and teamwork skills Ability to work in a fast-paced and high-pressure environment Experience in IT security or related field is a plus Certifications in emergency response or security management are beneficial Show more Show less

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are looking for a reliable and diligent security engineer with excellent judgment and a strong track record in security and software engineering, who can bring his or her experience to help drive solutions for the most challenging security problems in Azure through a data-driven, product-driven lens In this role, you will advance security by working with other Security Engineers, Program and Product Managers, and Developers, as well as business leaders throughout Microsoft to turn individual findings and vulnerabilities into patterns and insights that can be measured and managed through engineering, automation, and other appropriate mitigations. You will provide technical security leadership, inside and outside of Microsoft and stay on top of current developments for the benefit of Microsoft products and services. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Responsibilities Vulnerability discovery and variant hunting: Using the best available and most appropriate methodologies, including threat modeling, penetration testing, security design analysis, fuzzing, SAST and DAST, etc., you will examine chosen target systems in detail, looking for vulnerabilities and weaknesses, perform variant hunting looking for larger patterns, conduct qualitative and quantitative analysis over those patterns, and drive solutions upstream in a data-driven, shift-left fashion. Solution design and delivery: You will help design solutions for security problems, partner with service teams and other security stakeholders to ensure rapid adoption of solutions and mitigation of threats from beginning to end. Threat modeling / Architecture reviews: You will review the design of services from a security perspective to identify vulnerabilities and weaknesses in the architecture, make appropriate recommendations, and guide teams to implement those recommendations. Software Development – You will prototype and create tools and scanners to automate the discovery and prevention of vulnerabilities across Azure services Follow through and closure. You will partner with engineers, product and program managers, and leaders around the company to ensure the successful completion of work to address your findings. Qualifications Strong leadership, empathy, and interpersonal skills. Bachelor of Science in Computer Science, Mathematics, Engineering or equivalent experience or education 8+ years’ experience in a hands-on security role, with demonstrable software engineering skills Expert level knowledge regarding multiple classes of vulnerabilities, including cross-site scripting, buffer overflows, SQL injection, TOCTOU (Time of Check Time of Use) vulnerabilities, cryptographic weaknesses, insecure direct object references, and others, and the ability to communicate about them to technical and non-technical audiences Demonstrated coding skills in one or more popular languages and platforms, including C#, Java, C++, JavaScript/Typescript, SQL, assembly, Ruby, Python, GoLang, and others, and the ability to pick up new languages, platforms, and frameworks platforms quickly Demonstrated knowledge and understanding of Microsoft Azure or competing cloud services. Preferred Qualifications Experience in technical disciplines outside the security space, including general software development, networking, database management, big data and full-stack development is a strong plus Masters of Science in Computer Science, Mathematics or Engineering is a strong plus #AzureSecurity #VariantHunting #MSFTSecurity Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations. Show more Show less

Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. We are looking for a reliable and diligent security engineer with excellent judgment and a strong track record in security and software engineering, who can bring his or her experience to help drive solutions for the most challenging security problems in Azure through a data-driven, product-driven lens In this role, you will advance security by working with other Security Engineers, Program and Product Managers, and Developers, as well as business leaders throughout Microsoft to turn individual findings and vulnerabilities into patterns and insights that can be measured and managed through engineering, automation, and other appropriate mitigations. You will provide technical security leadership, inside and outside of Microsoft and stay on top of current developments for the benefit of Microsoft products and services. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Responsibilities Vulnerability discovery and variant hunting: Using the best available and most appropriate methodologies, including threat modeling, penetration testing, security design analysis, fuzzing, SAST and DAST, etc., you will examine chosen target systems in detail, looking for vulnerabilities and weaknesses, perform variant hunting looking for larger patterns, conduct qualitative and quantitative analysis over those patterns, and drive solutions upstream in a data-driven, shift-left fashion. Solution design and delivery: You will help design solutions for security problems, partner with service teams and other security stakeholders to ensure rapid adoption of solutions and mitigation of threats from beginning to end. Threat modeling / Architecture reviews: You will review the design of services from a security perspective to identify vulnerabilities and weaknesses in the architecture, make appropriate recommendations, and guide teams to implement those recommendations. Software Development – You will prototype and create tools and scanners to automate the discovery and prevention of vulnerabilities across Azure services Follow through and closure. You will partner with engineers, product and program managers, and leaders around the company to ensure the successful completion of work to address your findings. Qualifications Strong leadership, empathy, and interpersonal skills. Bachelor of Science in Computer Science, Mathematics, Engineering or equivalent experience or education 8+ years’ experience in a hands-on security role, with demonstrable software engineering skills Expert level knowledge regarding multiple classes of vulnerabilities, including cross-site scripting, buffer overflows, SQL injection, TOCTOU (Time of Check Time of Use) vulnerabilities, cryptographic weaknesses, insecure direct object references, and others, and the ability to communicate about them to technical and non-technical audiences Demonstrated coding skills in one or more popular languages and platforms, including C#, Java, C++, JavaScript/Typescript, SQL, assembly, Ruby, Python, GoLang, and others, and the ability to pick up new languages, platforms, and frameworks platforms quickly Demonstrated knowledge and understanding of Microsoft Azure or competing cloud services. Preferred Qualifications Experience in technical disciplines outside the security space, including general software development, networking, database management, big data and full-stack development is a strong plus Masters of Science in Computer Science, Mathematics or Engineering is a strong plus #AzureSecurity #VariantHunting #MSFTSecurity Microsoft is an equal opportunity employer. Consistent with applicable law, all qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations. Show more Show less

Job Summary : We are seeking a highly skilled and curious Security Researcher to join our cybersecurity team. As a Security Researcher, you will investigate vulnerabilities, analyze malware, and uncover emerging threats to protect our infrastructure and products. This role is ideal for someone passionate about offensive and defensive security, reverse engineering, and continuous learning. Key Responsibilities : Research and discover new vulnerabilities in software, systems, and protocols (zero-day and known CVEs) Analyze malware samples, APT techniques, and exploit kits to understand their behavior and implications Monitor threat intelligence sources to identify trends, TTPs (tactics, techniques, and procedures), and threat actors Develop and refine detection signatures, proof-of-concepts (PoCs), and mitigation strategies Contribute to open-source tools, whitepapers, or technical blogs on cybersecurity topics Participate in bug bounty programs and responsible disclosure initiatives Stay up to date with the latest security technologies, exploits, and research trends Cloud security best practices and CIS benchmark Required Skills & Qualifications: Solid understanding of operating system internals (Windows, Linux, macOS) 5+ years in cybersecurity or related field . Strong knowledge of network protocols, encryption standards, and web/app security Experience with scripting/programming languages (e.g., Python, C/C++, Go, Bash) Familiarity with vulnerability research, fuzzing, and exploit development Comfortable with tools such as Wireshark, Burp Suite, Metasploit, and custom scripts Understanding of MITRE ATT&CK, threat modeling, and IOC analysis Experience with static and dynamic analysis of malware Experience with AWS, Azure, GCP Preferred Qualifications: Contributions to security research communities (e.g., CVEs, open-source tools, DEF CON/Black Hat presentations) Familiarity with cloud security (AWS, Azure, GCP) Exploitation Kubernetes cluster security best practices Experience with binary exploitation, ROP chains, and sandbox evasion techniques Offensive Security certifications (e.g., OSCP, OSCE, OSEP) or GIAC (e.g., GREM, GXPN) Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field or equivalent practical experience Show more Show less

Location Hinjewadi, Pune - Maharashtra, India FORVIA HELLA is a listed, international automotive supplier. Coming together with Faurecia in the FORVIA Group, we build the world's seventh largest supplier of automotive technologies. As a global market leader in high-growth areas, FORVIA employs 157,000 people worldwide. FORVIA HELLA therein stands for high-performance lighting technology and automotive electronics. At the same time, we cover a broad service and product portfolio for the spare parts and workshop business as well as for manufacturers of special vehicles with our Business Group Lifecycle Solutions. With around 37,500 employees at over 125 locations, the Company is active worldwide and generated adjusted sales of € 8.1 billion on a preliminary basis in the fiscal year 2023. YOUR TASKS Responsibility: Oversee product cyber security in high-complexity development projects from acquisition to start of production (SOP) according to ISO/SAE 21434 or UNECE R-155. Planning & Development: Develop security activities and evaluate development efforts. Evaluation & Approval: Approve security concepts and strategies throughout development phases. QCT Targets: Achieve Quality, Cost, and Time targets related to cyber security work products. Tasks / Areas of Responsibility Planning & Guidance: Independently plan necessary cyber security activities and provide guidance to colleagues. Risk Analysis: Analyze product scope for cyber security risks, considering known weaknesses and vulnerabilities. Coordination Define a holistic product cyber security concept. Coordinate with customers, suppliers, and subcontractors. Report to customers and obtain information from subcontractors. Support: Assist the development team in selecting security-compliant technologies and cryptographic procedures. Verification Methods: Define verification methods like fuzzing, vulnerability scanning, and penetration testing. Assessments & Training: Prepare cyber security assessments and implement training measures. Communication: Facilitate communication within the global HELLA cyber security network to improve processes. Your Qualifications Bachelor's OR master's degree in engineering ISO-21434 certification OR working experience CISSP certification is preferred Location - Hinjewadi Phase - 1. Hybrid Working. Even if you do not meet all our requirements, do not hesitate to apply to us, because the further development of our employees is very important to us and opens up a wide range of opportunities for you in our company. FORVIA HELLA stands for the variety of all employees. Inclusion and diversity are firmly anchored in our company culture. We are continuously looking for new team players and welcome applications from all interested parties, regardless of their ethical and social background, age, religion, gender, disability, sexual orientation or identity. HELLA India Automotive Pvt Ltd. Rimsha Shaikh Show more Show less

Automotive Product Cyber Security Manager Location Hinjewadi, Pune - Maharashtra, India FORVIA HELLA is a listed, international automotive supplier. Coming together with Faurecia in the FORVIA Group, we build the world's seventh largest supplier of automotive technologies. As a global market leader in high-growth areas, FORVIA employs 157,000 people worldwide. FORVIA HELLA therein stands for high-performance lighting technology and automotive electronics. At the same time, we cover a broad service and product portfolio for the spare parts and workshop business as well as for manufacturers of special vehicles with our Business Group Lifecycle Solutions. With around 37,500 employees at over 125 locations, the Company is active worldwide and generated adjusted sales of € 8.1 billion on a preliminary basis in the fiscal year 2023. YOUR TASKS Responsibility: Oversee product cyber security in high-complexity development projects from acquisition to start of production (SOP) according to ISO/SAE 21434 or UNECE R-155. Planning & Development: Develop security activities and evaluate development efforts. Evaluation & Approval: Approve security concepts and strategies throughout development phases. QCT Targets: Achieve Quality, Cost, and Time targets related to cyber security work products. Tasks / Areas of Responsibility Planning & Guidance: Independently plan necessary cyber security activities and provide guidance to colleagues. Risk Analysis: Analyze product scope for cyber security risks, considering known weaknesses and vulnerabilities. Coordination: Define a holistic product cyber security concept. Coordinate with customers, suppliers, and subcontractors. Report to customers and obtain information from subcontractors. Support: Assist the development team in selecting security-compliant technologies and cryptographic procedures. Verification Methods: Define verification methods like fuzzing, vulnerability scanning, and penetration testing. Assessments & Training: Prepare cyber security assessments and implement training measures. Communication: Facilitate communication within the global HELLA cyber security network to improve processes. YOUR QUALIFICATIONS Bachelor's OR master's degree in engineering ISO-21434 certification OR working experience CISSP certification is preferred Location - Hinjewadi Phase - 1. Hybrid Working. Even if you do not meet all our requirements, do not hesitate to apply to us, because the further development of our employees is very important to us and opens up a wide range of opportunities for you in our company. FORVIA HELLA stands for the variety of all employees. Inclusion and diversity are firmly anchored in our company culture. We are continuously looking for new team players and welcome applications from all interested parties, regardless of their ethical and social background, age, religion, gender, disability, sexual orientation or identity. HELLA India Automotive Pvt Ltd. Rimsha Shaikh

The Company PayPal has been revolutionizing commerce globally for more than 25 years. Creating innovative experiences that make moving money, selling, and shopping simple, personalized, and secure, PayPal empowers consumers and businesses in approximately 200 markets to join and thrive in the global economy. We operate a global, two-sided network at scale that connects hundreds of millions of merchants and consumers. We help merchants and consumers connect, transact, and complete payments, whether they are online or in person. PayPal is more than a connection to third-party payment networks. We provide proprietary payment solutions accepted by merchants that enable the completion of payments on our platform on behalf of our customers. We offer our customers the flexibility to use their accounts to purchase and receive payments for goods and services, as well as the ability to transfer and withdraw funds. We enable consumers to exchange funds more safely with merchants using a variety of funding sources, which may include a bank account, a PayPal or Venmo account balance, PayPal and Venmo branded credit products, a credit card, a debit card, certain cryptocurrencies, or other stored value products such as gift cards, and eligible credit card rewards. Our PayPal, Venmo, and Xoom products also make it safer and simpler for friends and family to transfer funds to each other. We offer merchants an end-to-end payments solution that provides authorization and settlement capabilities, as well as instant access to funds and payouts. We also help merchants connect with their customers, process exchanges and returns, and manage risk. We enable consumers to engage in cross-border shopping and merchants to extend their global reach while reducing the complexity and friction involved in enabling cross-border trade. Our beliefs are the foundation for how we conduct business every day. We live each day guided by our core values of Inclusion, Innovation, Collaboration, and Wellness. Together, our values ensure that we work together as one global team with our customers at the center of everything we do – and they push us to ensure we take care of ourselves, each other, and our communities. Job Description Summary: What you need to know about the role This role requires a deep understanding of modern application security principles, methodologies, and tools. The ideal candidate will have a proven track record of designing, implementing, and managing comprehensive application security programs within large-scale enterprises. Meet our team The Application Security Architect at PayPal is a seasoned AppSec expert and will be responsible for Security Architecture functions within the enterprise (ECS Security Architecture). This position involves collaborating with development teams, security engineers, and other stakeholders to identify, assess, and mitigate application security risks throughout the software development lifecycle (SDLC). Job Description: Your way to Impact You will be responsible for developing and maintaining a robust application security strategy and architecture that aligns with industry best practices and regulatory requirements. The ideal candidate will possess a deep understanding of both AppSec and general cybersecurity principles. Your Day to Day Develop and maintain a robust application security strategy, standards and target state architectures which aligns with industry best practices and regulatory requirements. Be the application security advocate across the organization. Lead discussions and reviews around new technologies, framework enhancements and product reviews. Define and improve application security in the SDLC, ensuring security is prioritized from inception to deployment. Conduct regular security architecture risk assessments and threat modelling to implement effective risk mitigation strategies. Ensure compliance with relevant security standards, regulations, and industry frameworks (e.g., PCI DSS, GDPR). Maintain awareness on latest DevSecOps approaches and how they fit into large enterprise organization’s AppSec program. Collaborate with software engineers and leadership teams as well and cybersecurity teams to integrate security controls throughout the software development lifecycle. Be comfortable interfacing and providing guidance to senior and technical leadership on application security issues/approaches, to achieve the deployment of effective security solutions. What do you need to bring Degree in Computer Science, Cybersecurity, Mathematics, or a related field. 15+ years' experience in AppSec, Software/Systems Engineering, and/or Architecture. Expert level understanding of NodeJS, Java, modern web development frameworks and Service Oriented Architecture (SOA). Familiarity with iOS, Android and browser SDK development. Expert level understanding of AppSec scanning tools across SAST/SCA/DAST/IAST/Container Security/API Security/Secret Scanning/Fuzzing in large enterprise environments. In depth knowledge of SDLC, and CI/CD pipelines best practices. Good understanding of SLSA and supply chain security. Expert level understanding of containerized platforms and security best practices. In depth understanding of cybersecurity principles, including cryptography, authentication, web security, vulnerability assessments and threat detection. Desired expertise in various security testing activities, including penetration testing, vulnerability scanning, and code reviews. Working knowledge of major cloud platforms such as AWS, Azure, Google Cloud. Industry certifications (e.g., CISSP, CISM, CCSP, or equivalent) are a plus. **We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply. For the majority of employees, PayPal's balanced hybrid work model offers 3 days in the office for effective in-person collaboration and 2 days at your choice of either the PayPal office or your home workspace, ensuring that you equally have the benefits and conveniences of both locations. Our Benefits: At PayPal, we’re committed to building an equitable and inclusive global economy. And we can’t do this without our most important asset—you. That’s why we offer benefits to help you thrive in every stage of life. We champion your financial, physical, and mental health by offering valuable benefits and resources to help you care for the whole you. We have great benefits including a flexible work environment, employee shares options, health and life insurance and more. To learn more about our benefits please visit https://www.paypalbenefits.com Who We Are: To learn more about our culture and community visit https://about.pypl.com/who-we-are/default.aspx Commitment to Diversity and Inclusion PayPal provides equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, pregnancy, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state, or local law. In addition, PayPal will provide reasonable accommodations for qualified individuals with disabilities. If you are unable to submit an application because of incompatible assistive technology or a disability, please contact us at paypalglobaltalentacquisition@paypal.com. Belonging at PayPal: Our employees are central to advancing our mission, and we strive to create an environment where everyone can do their best work with a sense of purpose and belonging. Belonging at PayPal means creating a workplace with a sense of acceptance and security where all employees feel included and valued. We are proud to have a diverse workforce reflective of the merchants, consumers, and communities that we serve, and we continue to take tangible actions to cultivate inclusivity and belonging at PayPal. Any general requests for consideration of your skills, please Join our Talent Community. We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don’t hesitate to apply.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities: Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations. Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis. Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues. Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations. Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance. Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes. Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms. Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices. Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation. Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness. Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services. Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434. Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers. Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals. Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering. Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms. Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information: 3+ years' experience implementing and performing Automotive Cybersecurity Knowledge of tools like CANoe, Wireshark, or Ghidra. Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules. This position is based at our Bengaluru office A 15-year full-time education is required Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Principal Security Engineering Manager Hyderabad, Telangana, India Date posted May 12, 2025 Job number 1823324 Work site Microsoft on-site only Travel 0-25 % Role type People Manager Profession Software Engineering Discipline Software Engineering Employment type Full-Time Overview Security represents the most critical priorities for our customers in a world awash in digital threats, regulatory scrutiny, and estate complexity. Microsoft Security aspires to make the world a safer place for all. We want to reshape security and empower every user, customer, and developer with a security cloud that protects them with end to end, simplified solutions. The Microsoft Security organization accelerates Microsoft’s mission and bold ambitions to ensure that our company and industry is securing digital technology platforms, devices, and clouds in our customers’ heterogeneous environments, as well as ensuring the security of our own internal estate. Our culture is centered on embracing a growth mindset, a theme of inspiring excellence, and encouraging teams and leaders to bring their best each day. In doing so, we create life-changing innovations that impact billions of lives around the world. As a manager in the Continuous Security Validation & Assurance (CSVA) security engineering team, you will have an opportunity to contribute your deep technical leadership and problem-solving skills to lead a team of engineers working on the security of the underlying platform, code and infrastructure of many Microsoft products used by millions of customers. We build and manage services to manage continuous security posture of cloud scale services. The team is customer-focused with an emphasis on security, great user experience and reliability. You would drive solutions to challenging technical problems involving security for large scale systems and lead critical design initiatives, be accountable for delivery and take part in strategic and tactical decisions in the context of mission-critical services. Microsoft’s mission is to empower every person and every organization on the planet to achieve more. As employees we come together with a growth mindset, innovate to empower others, and collaborate to realize our shared goals. Each day we build on our values of respect, integrity, and accountability to create a culture of inclusion where everyone can thrive at work and beyond. In alignment with our Microsoft values, we are committed to cultivating an inclusive work environment for all employees to positively impact our culture every day. Qualifications 8-10 years of overall industry experience in software development and building world class solutions with at least 3-5 years of that as SWE manager. A Bachelor’s degree in Computer Science or equivalent experience Experience in designing, coding, debugging and testing production grade cloud services with a high emphasis on security. Experience/understanding of addressing security issues in distributed cloud-based environments and across the dev ops ecosystem. Experience in technical leadership in driving engineering roadmaps, leading v-teams, mentoring and helping others grow technically. Knowledge of common security vulnerabilities/mitigations Excellent communication, cross-team collaboration/influence, presentation skills. Passion to grow and develop other engineers and leads. Preferred Proficient with a cloud computing environment like Azure (preferred), GCP or AWS. Experience with CICD pipelines/automation, agile/scrum processes Experience building and operating scalable microservices using Docker + Kubernetes. Ability to reason about security challenges and propose practical solutions Knowledge of Security Development Lifecycle, security standards and frameworks like NIST, OWASP, etc. Experience implementing security features/automated mitigations for common security issues. Ability to define, design and implement telemetry and proactive monitoring for the services to run the operations efficiently in production environments. Experience with security tools/techniques such as SAST, DAST, fuzzing, pen-testing, etc. Exposure to security protocols and infrastructure components such as OAuth, OIDC, PKI, IRM, A/AD, etc. Experience with reporting technologies/frameworks such as PowerBI. Experience with Kusto or other big data stores Responsibilities Lead the architecture, design and implementation of security engineering and security automation projects in the context of large scale services, working with a variety of stakeholders. Lead your team while also collaborating with stakeholders in peer teams and organizations to deliver production-grade solutions for security challenges that scale and work across multiple products while meeting standards of service quality, availability, scale and performance. Influence and align product vision by collaborating with customers, partners, product management and engineering teams. Have a hands-on approach to technical leadership in setting the engineering direction for the team with sound design and development best practices. Drive engineering roadmaps, leading teams, mentoring, and helping others grow. Own career development of team through active coaching. Lead the team by bringing clarity, creating energy, and driving results. Create a strong culture of engineering excellence, customer passion, collaboration, diversity, and inclusion. Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.  Industry leading healthcare  Educational resources  Discounts on products and services  Savings and investments  Maternity and paternity leave  Generous time away  Giving programs  Opportunities to network and connect Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, citizenship, color, family or medical care leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable local laws, regulations and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application process, read more about requesting accommodations.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As an Automotive Cybersecurity Architect, you will define the end-to-end security architecture and strategy for in-vehicle systems, telematics, and cloud-connected services, ensuring alignment with regulatory requirements and industry best practices. You will also lead penetration testing efforts, document security controls across ECUs and communication interfaces, and guide the implementation of secure system designs across the vehicle ecosystem. Roles & Responsibilities: • Define and implement end-to-end cybersecurity architecture for connected vehicles, ECUs, and backend services, ensuring alignment with ISO/SAE 21434, UNECE WP.29, and CSMS requirements. • Develop secure communication and firmware update frameworks, supporting over-the-air (OTA) updates and in-vehicle data integrity. • Perform threat modeling and risk analysis using industry-standard methodologies such as HEAVENS, STRIDE, and attack trees to identify vulnerabilities across vehicle networks and interfaces. • Guide the definition of mitigation strategies and ensure full traceability between threats, assets, and controls throughout the development lifecycle. • Plan and lead security validation activities, including advanced penetration testing and fuzzing of vehicle interfaces (CAN, DoIP, Ethernet, Bluetooth, Wi-Fi, Cellular). • Create and maintain documentation for test cases, tooling, security controls, and validation outcomes across ECUs and connected modules. • Collaborate with cross-functional teams to drive secure design practices in diagnostics, boot process, and firmware integrity verification. • Conduct vulnerability assessments using tools such as CANoe, CANalyzer, Wireshark, Ghidra, and custom analysis scripts, and support remediation planning. • Lead red team exercises and security reviews in coordination with product security and development teams. • Represent cybersecurity in internal audits and regulatory assessments, ensuring alignment with WP.29 R155/R156 and ISO 26262. • Work with suppliers and partners to evaluate and integrate security solutions aligned with evolving vehicle cybersecurity requirements. Professional & Technical Skills: • Extensive experience (12+ years) in embedded and automotive systems, with over 6 years specializing in automotive cybersecurity strategy, architecture, and threat analysis. • Hands-on experience designing and executing penetration testing of automotive systems, including ECUs, ADAS, telematics, infotainment, and V2X components, across in-vehicle networks and external interfaces. • Strong knowledge of in-vehicle communication protocols such as CAN, LIN, FlexRay, DoIP, and automotive diagnostic protocols (UDS), as well as wireless technologies including Bluetooth, Wi-Fi, and Cellular. • In-depth understanding of secure communication protocols and cryptographic standards, including TLS, MACsec, AES, RSA, ECC, and Public Key Infrastructure (PKI) for automotive applications. • Proven experience in designing and implementing Secure Boot, Secure OTA (Over-the-Air) update mechanisms, and ECU firmware authentication using HSMs and trusted execution environments. • Demonstrated ability to conduct and lead threat modeling and risk assessments using HEAVENS, STRIDE, attack trees, and DFD methodologies in compliance with ISO/SAE 21434. • Familiarity with regulatory and compliance frameworks such as UNECE WP.29 (R155/R156), CSMS, and ISO 26262, and practical experience aligning security activities to these standards. • Proficiency in security validation tools and platforms including Canoe, CANalyzer, Wireshark, Ghidra, Scapy, and custom-built tools for binary analysis, fuzzing, and reverse engineering. • Experience guiding vulnerability remediation efforts across hardware and software development teams in an Agile or V-model development environment. • Strong technical documentation skills and the ability to translate complex cybersecurity concepts into actionable guidance for engineering and compliance teams. • Capable of engaging with external vendors, regulatory bodies, and cross-functional stakeholders to align security requirements, audits, and certifications. Additional Information: • 7+ years’ experience implementing and performing Automotive Cybersecurity • This position is based at our Bengaluru office • A 15-year full time education is required • Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As an Automotive Cybersecurity Engineer, you will implement and validate security controls across in-vehicle systems, ensuring protection of ECUs, telematics units, and connected vehicle infrastructure. You will contribute to threat modeling and diagnostics hardening efforts, support penetration testing activities, and document the integration of cybersecurity measures in alignment with regulatory and technical requirements. Roles & Responsibilities: • Support the development and implementation of cybersecurity controls across ECUs, telematics systems, and in-vehicle networks in alignment with ISO/SAE 21434 and company CSMS. • Participate in security architecture and design reviews, contributing to the definition and validation of security requirements for embedded vehicle systems. • Conduct and document threat modeling and risk assessments using methodologies such as HEAVENS, STRIDE, and custom attack graphs. • Perform penetration testing and intrusion validation on in-vehicle protocols including CAN, DoIP, and Ethernet, as well as wireless interfaces such as Bluetooth and Wi-Fi. • Assist in the execution of fuzz testing and vulnerability analysis using tools like CANoe, Wireshark, Scapy, and Python-based custom scripts. • Contribute to the validation of secure boot mechanisms and assist in reverse engineering activities to verify firmware security compliance. • Work with software and hardware teams to analyze security issues, identify root causes, and define corrective actions and mitigations. • Maintain operational documentation, including test procedures, vulnerability logs, and mitigation tracking in compliance with regulatory requirements. • Collaborate with cross-functional teams to integrate secure diagnostics, access control strategies, and key management protocols. • Participate in internal assessments and support audit readiness for cybersecurity compliance frameworks such as UNECE WP.29 and ISO 26262. Professional & Technical Skills: • Experience supporting in-vehicle cybersecurity programs with 8+ years in embedded or automotive systems development, including 3–4 years focused on penetration testing, diagnostics security, or secure ECU architecture. • Hands-on experience conducting security testing and vulnerability assessments on vehicle communication interfaces such as CAN, DoIP, and Ethernet, as well as wireless protocols including Bluetooth, Wi-Fi, and cellular. • Strong working knowledge of UDS diagnostics (ISO 14229), secure diagnostics access control, and protocol fuzzing techniques to uncover vulnerabilities in ECUs and vehicle gateways. • Proficiency with security testing tools and platforms such as CANoe, Wireshark, Scapy, Python, and Ghidra for traffic analysis, custom scripting, and reverse engineering. • Familiarity with cryptographic principles and practical usage of cryptographic libraries (e.g., OpenSSL, mbedTLS) and hardware security modules (HSM) for secure key storage, boot processes, and firmware authentication. • Experience supporting OTA (Over-the-Air) update platforms and ensuring their secure integration using encryption, authentication, and rollback protection mechanisms. • Exposure to cybersecurity development in Agile-based or V-model automotive environments, working collaboratively with software, systems, and validation teams. • Knowledge of regulatory and compliance standards relevant to automotive cybersecurity, including ISO/SAE 21434, UNECE WP.29 (R155/R156), and functional safety (ISO 26262). • Ability to document test cases, generate detailed security analysis reports, and provide engineering teams with clear recommendations and follow-up actions for mitigation. • Demonstrated problem-solving skills and the ability to troubleshoot complex issues related to embedded systems security, communication integrity, and control system protection. Additional Information: • 5+ years’ experience implementing and performing Automotive Cybersecurity • Experience with AUTOSAR (Classic/Adaptive), ECU firmware security, or secure telematics units. • This position is based at our Bengaluru office • A 15-year full-time education is required • Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities: • Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations. • Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis. • Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues. • Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations. • Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance. • Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes. • Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms. • Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: • 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices. • Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation. • Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness. • Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services. • Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434. • Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers. • Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals. • Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering. • Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms. • Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information: • 3+ years’ experience implementing and performing Automotive Cybersecurity • Knowledge of tools like CANoe, Wireshark, or Ghidra. • Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules. • This position is based at our Bengaluru office • A 15-year full-time education is required • Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As an Automotive Cybersecurity Engineer, you will implement and validate security controls across in-vehicle systems, ensuring protection of ECUs, telematics units, and connected vehicle infrastructure. You will contribute to threat modeling and diagnostics hardening efforts, support penetration testing activities, and document the integration of cybersecurity measures in alignment with regulatory and technical requirements. Roles & Responsibilities: • Support the development and implementation of cybersecurity controls across ECUs, telematics systems, and in-vehicle networks in alignment with ISO/SAE 21434 and company CSMS. • Participate in security architecture and design reviews, contributing to the definition and validation of security requirements for embedded vehicle systems. • Conduct and document threat modeling and risk assessments using methodologies such as HEAVENS, STRIDE, and custom attack graphs. • Perform penetration testing and intrusion validation on in-vehicle protocols including CAN, DoIP, and Ethernet, as well as wireless interfaces such as Bluetooth and Wi-Fi. • Assist in the execution of fuzz testing and vulnerability analysis using tools like CANoe, Wireshark, Scapy, and Python-based custom scripts. • Contribute to the validation of secure boot mechanisms and assist in reverse engineering activities to verify firmware security compliance. • Work with software and hardware teams to analyze security issues, identify root causes, and define corrective actions and mitigations. • Maintain operational documentation, including test procedures, vulnerability logs, and mitigation tracking in compliance with regulatory requirements. • Collaborate with cross-functional teams to integrate secure diagnostics, access control strategies, and key management protocols. • Participate in internal assessments and support audit readiness for cybersecurity compliance frameworks such as UNECE WP.29 and ISO 26262. Professional & Technical Skills: • Experience supporting in-vehicle cybersecurity programs with 8+ years in embedded or automotive systems development, including 3–4 years focused on penetration testing, diagnostics security, or secure ECU architecture. • Hands-on experience conducting security testing and vulnerability assessments on vehicle communication interfaces such as CAN, DoIP, and Ethernet, as well as wireless protocols including Bluetooth, Wi-Fi, and cellular. • Strong working knowledge of UDS diagnostics (ISO 14229), secure diagnostics access control, and protocol fuzzing techniques to uncover vulnerabilities in ECUs and vehicle gateways. • Proficiency with security testing tools and platforms such as CANoe, Wireshark, Scapy, Python, and Ghidra for traffic analysis, custom scripting, and reverse engineering. • Familiarity with cryptographic principles and practical usage of cryptographic libraries (e.g., OpenSSL, mbedTLS) and hardware security modules (HSM) for secure key storage, boot processes, and firmware authentication. • Experience supporting OTA (Over-the-Air) update platforms and ensuring their secure integration using encryption, authentication, and rollback protection mechanisms. • Exposure to cybersecurity development in Agile-based or V-model automotive environments, working collaboratively with software, systems, and validation teams. • Knowledge of regulatory and compliance standards relevant to automotive cybersecurity, including ISO/SAE 21434, UNECE WP.29 (R155/R156), and functional safety (ISO 26262). • Ability to document test cases, generate detailed security analysis reports, and provide engineering teams with clear recommendations and follow-up actions for mitigation. • Demonstrated problem-solving skills and the ability to troubleshoot complex issues related to embedded systems security, communication integrity, and control system protection. Additional Information: • 5+ years’ experience implementing and performing Automotive Cybersecurity • Experience with AUTOSAR (Classic/Adaptive), ECU firmware security, or secure telematics units. • This position is based at our Bengaluru office • A 15-year full-time education is required • Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities: • Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations. • Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis. • Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues. • Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations. • Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance. • Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes. • Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms. • Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: • 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices. • Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation. • Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness. • Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services. • Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434. • Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers. • Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals. • Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering. • Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms. • Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information: • 3+ years’ experience implementing and performing Automotive Cybersecurity • Knowledge of tools like CANoe, Wireshark, or Ghidra. • Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules. • This position is based at our Bengaluru office • A 15-year full-time education is required • Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary: As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities: • Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations. • Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis. • Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues. • Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations. • Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance. • Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes. • Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms. • Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: • 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices. • Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation. • Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness. • Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services. • Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434. • Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers. • Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals. • Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering. • Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms. • Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information: • 3+ years’ experience implementing and performing Automotive Cybersecurity • Knowledge of tools like CANoe, Wireshark, or Ghidra. • Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules. • This position is based at our Bengaluru office • A 15-year full-time education is required • Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP 15 years full time education

Job Title:- Penetration Tester We are looking for Penetration Tester to join our security team & who will be responsible for Web & Mobile VAPT. Job Description : Qualysec Technologies is seeking a skilled and highly motivated Penetration Tester to join our fabulous security team in Bhubaneswar. The Penetration Tester will be mainly responsible for performing security testing of Web & Mobile applications including identifying, evaluating, and exploiting vulnerabilities in various systems, networks, and applications. Qualification :- Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. Experience :- 0 to 1 years Location :- Bhubaneswar Job Type :- Full Time Responsibilities Perform vulnerability assessments & penetration testing (VAPT) on Web, APIs and mobile applications Identify and exploit vulnerabilities in products under test prepare reports by documenting identified issues based on internal templates Collaborating with other team members to improve the overall security posture of our clients. Enhance technical skills & knowledge by Staying up-to-date with emerging threats and vulnerabilities Skills Required Knowledge in penetration testing, vulnerability assessment, and ethical hacking. Knowledge in Pentesting of various applications i.e Web, Mobile (Android & iOS), APIs, Cloud (AWS / Azur )etc. Strong knowledge of security assessment tools such as Metasploit, BurpSuite, ZAP, OWASP tools, Kali Linux tools and Fuzzing tools Hands-on experience with manual and automated penetration testing methodologies. Experience in working with Standards such as NIST, OWASP, MITRE CWE etc. Strong understanding of network protocols, operating systems, and web application technologies. Excellent written and verbal communication skills, with the ability to clearly document and communicate findings and recommendations. About Us Qualysec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services. Our tailored solutions help businesses proactively defend against evolving cyber threats. With over four years of experience, we take pride in having served more than 150 clients across 21 countries—a testament to our commitment to quality and resilience. Our dynamic work environment and employee-focused culture drive our continuous growth and success. Job Type: Full-time Schedule: Day shift Note: Preference will be given to Odisha candidates. Job Types: Full-time, Permanent Schedule: Day shift Ability to commute/relocate: Bhubaneshwar, Orissa: Reliably commute or planning to relocate before starting work (Preferred) Application Question(s): Do you have completed any Ethical hacking course and Internship? Education: Bachelor's (Preferred) Location: Bhubaneshwar, Orissa (Required) Work Location: In person

Role & responsibilities Perform fuzzing of network protocols on devices like routers, Wi-Fi routers, ONT/OLT, firewalls, and other network appliances. Research and develop fuzzing strategies to test network protocols, identify vulnerabilities, and improve security. Work with tools such as Synopsys Defensics, AFL, Peach Fuzzer, or similar for fuzzing network protocols. Collaborate with hardware and firmware teams to understand device functionality and how to target fuzzing effectively. Analyze crash reports and debug logs to identify root causes of vulnerabilities and provide detailed remediation steps. Prepare technical documentation and reports on the findings from fuzzing activities. Stay updated with the latest security trends, techniques, and tools in network protocol fuzzing. Preferred candidate profile Minimum 1 year of experience in fuzzing network protocols or security testing of network devices. Strong understanding of network protocols (e.g.TCP/IP, DHCP, DNS, HTTP, SIP, etc.). Experience with fuzzing tools (e.g., Synopsys, Defensics, AFL, Peach Fuzzer, Sulley, or custom fuzzers). Knowledge of network hardware, embedded systems, and operating systems. Familiarity with router, firewall, Wi-Fi router, ONT/OLT technologies, and associated protocols. Hands-on experience with debuggers, crash analysis, and memory corruption vulnerabilities. Solid understanding of network security concepts and vulnerability assessment techniques. Prior experience with security assessments and penetration testing of network appliances. Familiarity with scripting languages (e.g., Python, Bash) for automation of testing processes. Knowledge of reverse engineering and static/dynamic analysis of firmware. Certifications (Optional but Preferred) : OSCP, CEH, or other relevant security certifications.

Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: Windows Security Senior Engineer Company: - Qualcomm India Private Limited Job Area: Engineering Group, Engineering Group > Software Engineering General Summary: We are looking for Security Engineer to contribute in the area of the Windows on Snapdragon products. The person will have the responsibility to perform security assessment, design & code review, develop fuzzing harness and fuzz the Windows software stack on Snapdragon products. Ideal candidate must posses"™ security mindset and has good exposure on Security Development Life Cycle "SDLC". The ideal candidate also needs to have: Strong Embedded software knowledge, Experience on Windows Internals and good driver development. Solid understanding of Operating System concepts, RTOS, FW management. Solid understanding of System level features, Processor and Power management, architecting system level features. Hands on experience in complex and multi domain large features. Windows kernel driver development experience. Understanding and experience in Designing and Implementing Windows Kernel mode drivers, Board support package, ACPI & UEFI. Strong communication and interpersonal skills. Strong problem solving and debugging skills. Ability to co-ordinate across stakeholders and Task management Handling small to large medium size technology teams. Experience on Enterprise and IHV/IBVs is a plus Minimum . Minimum Qualifications: Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 2+ years of Software Engineering or related work experience. OR Master's degree in Engineering, Information Systems, Computer Science, or related field and 1+ year of Software Engineering or related work experience. OR PhD in Engineering, Information Systems, Computer Science, or related field. 2+ years of academic or work experience with Programming Language such as C, C++, Java, Python, etc. Preferred Qualifications: 2+ years of Security Engineering or related work experience. Design and development of Fuzzing harness Ability to perform design and code review for vulnerability detection Strong knowledge on Windows OS internals and Windows Driver knowledge (KMDF) Windows Device driver programming and debugging with WinDbg, JTAG/other tools. ARM Processor architecture and Assembly Language. Experience with PC software - System BIOS, UEFI, ACPI, Drivers, Applications Embedded OS (Kernel architecture, OS services heap, memory, multi-core, multi-threading, and crash debugging). Knowledge of OS/system performance profiling and optimization techniques. Communication, written & interpersonal skills, motivation, the ability to learn quickly Applicants : Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries). Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law. To all Staffing and Recruiting Agencies : Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications.