90 Kali Linux Jobs

* Mentor and guide training resources across Kerala, ensuring effective knowledge transfer. * Deliver comprehensive training on RedTeam courses, including but not limited to ADCD, CPT, CICSA, CSA, CCSA, CRTA, CEH, P+, S+, CYSA+, CHFI, etc.

Understand common cyber attacks, e. g. , social engineering, phishing, identity theft. Obfuscation, trojans, dumpster diving, insider attacks, etc. Strong Knowledge of Information Security & Ethical Hacking Concepts. Required Candidate profile Freshers B.Tech | BCA | MCA | Must have Knowledge about Ethical Hacking , Cyber Security Proficiency in testing tools (Kali Linux, Metasploit, Burp Suite, Wireshark) Whatsapp Resume: 7042302345

Job responsibility 4– 8 years of post-qualification experience with strong working knowledge on Manual Security code review. Roles and Responsibilities Technical Skills Required: Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA

As an IT professional in this role, you will be responsible for managing and adapting forecasting tools to effectively monitor inventory and consolidate financial and operational KPI's using SharePoint. You will also be involved in designing new LAN cabling, including patch panels, UTP, switches, and routers. Your responsibilities will include working on customer migrations for programs such as IIS, email, DNS, and SQL, as well as installing and troubleshooting company wireless internet. Additionally, you will migrate Linux DNS servers into a Microsoft environment and have administrative access to install and troubleshoot software. You will utilize Kali Linux to test for vulnerabilities against internal and external infrastructure, and install and configure secured environments, VPN internet connectivity for virtualized server environments and clients. Furthermore, you will implement network services like data backups/restores, security, wireless connectivity, VPN, and terminal servers. Your role will also involve maintaining the ERP system, including troubleshooting, relationship management, contract negotiation, and proposing and comparing new systems. Lastly, you will be responsible for developing a user-friendly company intranet on SharePoint to promote better collaboration and ensure clear communication across all corporate channels. Qualifications required: - 0-2 years of experience in a similar role - Proficiency in LAN cabling design and troubleshooting - Experience with customer migrations involving IIS, email, DNS, and SQL - Familiarity with installing and troubleshooting wireless internet - Knowledge of migrating servers and software between different environments - Ability to test for vulnerabilities using Kali Linux - Experience in configuring secured environments, VPN internet connectivity, and network services - Proficient in maintaining ERP systems and developing user-friendly intranet portals Note: No additional details about the company were provided in the job description.,

Work Experience 4– 8 yrs of post-qualification experience with strong working knowledge on Manual Security code review. Roles and Responsibilities Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred: GWAPT, CREST, OSCP, OSWE, OSWA work location-Bnagalore

Technical capability: We are seeking a talented and highly motivated Cybersecurity Engineer to join our Information Security team. The ideal candidate will possess strong communication skills, hold relevant security certifications, and have proven expertise in penetration testing and implementing robust cybersecurity solutions. This role involves protecting our organizations systems, networks, and data against evolving security threats while ensuring compliance with industry standards. Role & Responsibilities: Design, implement, and maintain security solutions to safeguard the organizations infrastructure, applications, and data. Perform comprehensive penetration testing of networks, applications, and systems to identify vulnerabilities and assess risk exposure. Monitor and analyze security events and incidents using Security Information and Event Management (SIEM) tools. Conduct vulnerability assessments and work with teams to remediate identified risks. Collaborate with cross-functional teams to integrate security best practices into system architecture and application development. Respond to security incidents, perform root cause analysis, and recommend corrective actions. Manage security tools and technologies. Support compliance initiatives, ensuring adherence to regulatory requirements like GDPR, HIPAA, or PCI-DSS. Provide security awareness training to employees to foster a strong culture of cybersecurity. Stay updated on emerging threats, vulnerabilities, and security technologies to ensure proactive protection measures. Preferences and qualifications: Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field (or equivalent experience). Proven experience in cybersecurity engineering or related roles, with a focus on penetration testing (PT). Strong verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders. Relevant security certifications such as CISSP, CISM, CEH, OSCP, CompTIA Security+, or equivalent. Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nessus, Kali Linux, or similar. Hands-on experience with security technologies, including firewalls, SIEM, IDS/IPS, endpoint protection, and DLP solutions. Knowledge of cloud security practices across platforms like AWS, Azure, or GCP. Familiarity with scripting or automation tools (e.g., Python, PowerShell) for improving security processes. Solid understanding of network protocols, system architecture, and security principles. Experience with incident response and forensic analysis. Familiarity with zero-trust architectures and advanced authentication methods.

Meet the Team Join Dexcom's Product Security R&D department as a Senior Security Engineer specializing in penetration testing. Our team is dedicated to ensuring the security of our mobile and web applications, cloud infrastructure, APIs, and physical medical devices. You'll work closely with the Director of Cybersecurity Engineering to identify and exploit vulnerabilities across various platforms, including mobile and web applications, cloud environments, APIs, hardware, firmware, and wireless networks. If you're a skilled penetration tester eager to tackle security challenges and make a significant impact using cutting-edge technologies, we want to hear from you. Where You Come In You conduct penetration testing on mobile and web applications, cloud infrastructure, APIs, hardware, firmware, and wireless networks to identify and exploit vulnerabilities. You work closely with development teams to provide recommendations on security best practices. You develop and execute penetration test plans and reports. You research and stay current on the latest security threats and tools. You create custom tools and exploits with coding and automation. What Makes You Successful You have solid experience in penetration testing. You hold certifications such as OSCP, OSWE, OSEP, CPTS, PNPT, INE Certification, or SANS. You possess strong knowledge of OWASP Top 10 (web, mobile, API, etc.) vulnerabilities. You are experienced with penetration testing tools such as OWASP ZAP, Burp Suite, Nmap, and Kali Linux. You are proficient with API testing tools like Postman or Swagger. You have a strong understanding of web technologies such as RESTful APIs, framework-based deployments, and backend management. You have experience with cloud platforms such as GCP and Kubernetes. You are knowledgeable about cloud security best practices and common misconfigurations. You have experience with mobile, hardware, firmware, and wireless technologies such as Bluetooth Low Energy (BLE). You can write and review code in at least one of the following languages: Java, Scala, C#, or similar. Preferred Qualifications You hold a Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH) certification. You have experience with security research, bug bounties, zero-day exploits, or creating custom exploits. You have experience with red teaming exercises. You are familiar with threat modeling and risk assessment methodologies. You have experience with DevOps practices and the secure software development lifecycle. You have experience or interest in Artificial Intelligence. Education and Experience Requirements: Typically requires a bachelors degree in a technical discipline, and a minimum of 5-8 years related experience or master’s degree and 2-5 years equivalent industry experience or a PhD and 0-2 years’ experience

You have a strong knowledge and hands-on experience in conducting vulnerability assessments and penetration testing for web applications and devices. You are proficient in using security assessment tools like Nessus, NMAP, OWAPS, NICTO, KALI LINUX, etc. You excel in preparing detailed reports, submitting them, and ensuring follow-up for closure of security issues. Your expertise extends to understanding and working with SIEM, WAF, Firewall, log server, and Cloud Security. You are familiar with File Server, network devices, and Firewall access control lists. Knowledge of ISO27001 requirements will be an added advantage. Possessing certifications such as CEH and LA-ISMS showcases your commitment to security practices. Your skills include a strong understanding of Security audit questionnaires and actively participating in Security audits. You are well-versed in Business Continuity Planning (BCP) and Disaster Recovery (DR) processes. Acquaintance with DC, ADC, AD, Group Policy, IIS, DNS, DHCP, Mail Server, and Linux demonstrates your diverse expertise. You have a track record of completing tasks and projects within specified timelines. Ensuring meticulous documentation and knowledge sharing are part of your routine. Your ability to multitask, effective communication skills, teamwork, and ITIL knowledge make you a valuable asset to the organization. Your educational background includes a Graduate degree with 3-4 years of relevant experience. The job location for this opportunity is in Mahape, Navi Mumbai.,

Position: VAPT Engineer Reporting to: Platform Lead Infrastructure Security Employment Type: Employee - Full Time Work Location: Guwahati Key Focus area: Infrastructure Penetration Tester Key Responsibilities: Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility. Identifying and maintaining Key metrics and SLA on Infrastructure Security. Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems. Thorough experience in configurations reviews against CIS benchmarks and security standards. Ensure all Hardening and Patching activities are conducted and tracked as per defined policies. Create/Update hardening documents and build audit file for automated testing. Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations. Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings. Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments. Safeguarding information, infrastructures, applications, and business processes against cyber threats. Proactively create, share, and read reports as part of the penetration testing activities. Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation. Qualification and Work Experience Qualification: BE / BTech (Similar Education Background) Work experience: 7-15 Years 7+ years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems. Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion. Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc. The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng. Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications) Preferred: Script writing skills (Python/Ruby/bash/PowerShell). Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS. Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms. Expertise in performing grey box/Black box testing. Experience devising methods to automate testing activities and streamline testing processes. Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises. Competencies / Expertise Required (Functional & Behavioral) Systematic strong analytical thinking and problem-solving skills. Excellent in analytical thinking for translating data into informative visuals and reports. Adaptable to change. Quick Learner Open learn and work on new technologies and products. If you're interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Regards, Ashwini Chakor

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning penetration testing activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied.Roles & Responsibilities:Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses.Conduct penetration testing, vulnerability assessments, and security audits.Develop and execute test plans, scripts, and scenarios to simulate real-world attacks.Perform infrastructure penetration testing, including SSH and network devices.Collaborate with development and operations teams to remediate identified vulnerabilities.Provide detailed reports on findings, including risk assessments and recommendations for mitigation.Stay up to date with the latest security trends, tools, and techniques.Assist in the development and implementation of security policies and procedures.Professional & Technical Skills: Qualifications:Bachelor's degree in Computer Science, Information Security, or a related field.Proven experience in security testing, penetration testing, and vulnerability assessments.Strong knowledge of web application security, API security, and infrastructure security.Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc).Excellent problem-solving skills and attention to detail.Strong communication skills, both written and verbal.Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus.Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools.Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP).Experience with On-Premises Cloud Infrastructure Pentesting.Knowledge of secure coding practices and code review.Understanding of network security and protocols.Ability to work independently and as part of a team. Additional Information:- The candidate should have minimum 3 years of experience in Security Penetration Testing.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning penetration testing activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied.Roles & Responsibilities:Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses.Conduct penetration testing, vulnerability assessments, and security audits.Develop and execute test plans, scripts, and scenarios to simulate real-world attacks.Perform infrastructure penetration testing, including SSH and network devices.Collaborate with development and operations teams to remediate identified vulnerabilities.Provide detailed reports on findings, including risk assessments and recommendations for mitigation.Stay up to date with the latest security trends, tools, and techniques.Assist in the development and implementation of security policies and procedures.Professional & Technical Skills: Qualifications:Bachelor's degree in Computer Science, Information Security, or a related field.Proven experience in security testing, penetration testing, and vulnerability assessments.Strong knowledge of web application security, API security, and infrastructure security.Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc).Excellent problem-solving skills and attention to detail.Strong communication skills, both written and verbal.Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus.Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools.Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP).Experience with On-Premises Cloud Infrastructure Pentesting.Knowledge of secure coding practices and code review.Understanding of network security and protocols.Ability to work independently and as part of a team. Additional Information:- The candidate should have minimum 5 years of experience in Security Penetration Testing.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Job Title: Cybersecurity & Ethical Hacking Specialist Experience: 3-5 Years Location: Hyderabad Employment Type: Full-time Job Summary: We are seeking a skilled Cybersecurity & Ethical Hacking Specialist with 35 years of experience in securing systems, applications, and cloud environments. The ideal candidate will have strong expertise in ethical hacking, penetration testing, and familiarity with cloud security practices across platforms like AWS, Azure, or GCP. Key Responsibilities: Perform penetration testing and ethical hacking across on-premise and cloud infrastructure Identify, analyze, and report security vulnerabilities and risks Conduct security assessments and compliance audits Collaborate with DevOps and engineering teams to remediate issues and implement secure solutions Monitor for threats, support incident response, and improve security monitoring Ensure security best practices across public cloud platforms (AWS, Azure, GCP) Maintain technical documentation and present findings to stakeholders Requirements: 3–5 years of experience in cybersecurity and ethical hacking. Hands-on experience with penetration testing tools (Burp Suite, Metasploit, Nmap, Nessus, etc.) Good understanding of cloud security principles (IAM, encryption, VPCs, security groups, etc.) Familiarity with AWS, Azure, or GCP cloud environments Knowledge of OWASP Top 10, network protocols, and secure application development Scripting skills in Python, Bash, or PowerShell Excellent problem-solving, analytical, and communication skills Bachelor’s degree in Computer Science, Cybersecurity, or related field

Position: VAPT Engineer Reporting to: Platform Lead Infrastructure Security Employment Type: Employee - Full Time Work Location: Guwahati Key Focus area: Infrastructure Penetration Tester Key Responsibilities: Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility. Identifying and maintaining Key metrics and SLA on Infrastructure Security. Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems. Thorough experience in configurations reviews against CIS benchmarks and security standards. Ensure all Hardening and Patching activities are conducted and tracked as per defined policies. Create/Update hardening documents and build audit file for automated testing. Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations. Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings. Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments. Safeguarding information, infrastructures, applications, and business processes against cyber threats. Proactively create, share, and read reports as part of the penetration testing activities. Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation. Qualification and Work Experience Qualification: BE / BTech (Similar Education Background) Work experience: 7-15 Years 7+ years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems. Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion. Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc. The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng. Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications) Preferred: Script writing skills (Python/Ruby/bash/PowerShell). Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS. Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms. Expertise in performing grey box/Black box testing. Experience devising methods to automate testing activities and streamline testing processes. Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises. Competencies / Expertise Required (Functional & Behavioral) Systematic strong analytical thinking and problem-solving skills. Excellent in analytical thinking for translating data into informative visuals and reports. Adaptable to change. Quick Learner Open learn and work on new technologies and products. If you're interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Regards, Ashwini Chakor

Lead the ISO 27001 ISMS implementation and audits, ITGC framework. Interact with internal and external stakeholders for all GRC related activities.Responsible for handling , supporting member related compliance related cyber security policy and SEBI Required Candidate profile Be part of Internal audit team and carry out access reviews like User access, Tool review, SOC review, Firewall access other reviews as per requirement.Handle vulnerability assessments

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Pentester, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning pentesting activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities:Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses.Conduct penetration testing, vulnerability assessments, and security audits.Develop and execute test plans, scripts, and scenarios to simulate real-world attacks.Perform infrastructure pentesting, including SSH and network devices.Collaborate with development and operations teams to remediate identified vulnerabilities.Provide detailed reports on findings, including risk assessments and recommendations for mitigation.Stay up-to-date with the latest security trends, tools, and techniques.Assist in the development and implementation of security policies and procedures.Provide specialised knowledge and guidance in your area of expertise, acting as a resource for team members seeking advice or solutions to complex problems.Organise tasks, facilitate effective communication, and encourage collaboration among team members to help drive results and achieve set objectives efficiently.Take responsibility for the outcomes of decisions made by the team, ensuring transparency and learning from successes or setbacks to continuously improve future decision-making processes. Professional & Technical Skills: Qualifications:Bachelor's degree in Computer Science, Information Security, or a related field.Proven experience in security testing, penetration testing, and vulnerability assessments.Strong knowledge of web application security, API security, and infrastructure security.Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc).Excellent problem-solving skills and attention to detail.Strong communication skills, both written and verbal.Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus.Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools.Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP).Experience with On-Premises Cloud Infrastructure Pentesting.Knowledge of secure coding practices and code review.Understanding of network security and protocols.Ability to work independently and as part of a team.Good to HaveConduct telecom risk assessments on core and access network nodes (e.g., Voice core, packet core, radio, IMS, 5G Core, fixed line).Demonstrate cybersecurity knowledge for mobile and fixed networks (2G-5G, IMS, VoLTE).Understand telecom protocolsDiameter, SIP, SS7, GTP, SCTP.Familiarity with standards:3GPP, GSMA NESAS, ISO 27001, NIST, and local regulations.Perform penetration testing on telecom infrastructure and services.Contribute to security hardening using industry best practices (3GPP, GSMA NESAS, NIST). Additional Information:The candidate should have a minimum of 7.5 years of experience in Security Penetration Testing.This position is based at our Gurugram office.A 15 years full time education is required. Qualification 15 years full time education

About The Role Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Pentester, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning pentesting activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities:Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses.Conduct penetration testing, vulnerability assessments, and security audits.Develop and execute test plans, scripts, and scenarios to simulate real-world attacks.Perform infrastructure pentesting, including SSH and network devices.Collaborate with development and operations teams to remediate identified vulnerabilities.Provide detailed reports on findings, including risk assessments and recommendations for mitigation.Stay up-to-date with the latest security trends, tools, and techniques.Assist in the development and implementation of security policies and procedures.Provide specialised knowledge and guidance in your area of expertise, acting as a resource for team members seeking advice or solutions to complex problems.Organise tasks, facilitate effective communication, and encourage collaboration among team members to help drive results and achieve set objectives efficiently.Take responsibility for the outcomes of decisions made by the team, ensuring transparency and learning from successes or setbacks to continuously improve future decision-making processes. Professional & Technical Skills: Qualifications:Bachelor's degree in Computer Science, Information Security, or a related field.Proven experience in security testing, penetration testing, and vulnerability assessments.Strong knowledge of web application security, API security, and infrastructure security.Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, nmap, etc).Excellent problem-solving skills and attention to detail.Strong communication skills, both written and verbal.Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus.Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools.Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP).Experience with On-Premises Cloud Infrastructure Pentesting.Knowledge of secure coding practices and code review.Understanding of network security and protocols.Ability to work independently and as part of a team.Good to Have:Conduct telecom risk assessments on core and access network nodes (e.g., Voice core, packet core, radio, IMS, 5G Core, fixed line).Demonstrate cybersecurity knowledge for mobile and fixed networks (2G-5G, IMS, VoLTE).Understand telecom protocolsDiameter, SIP, SS7, GTP, SCTP.Familiarity with standards:3GPP, GSMA NESAS, ISO 27001, NIST, and local regulations.Perform penetration testing on telecom infrastructure and services.Contribute to security hardening using industry best practices (3GPP, GSMA NESAS, NIST). Additional Information:The candidate should have a minimum of 5 years of experience in Security Penetration Testing.This position is based at our Gurugram office.A 15 years full time education is required. Qualification 15 years full time education

Performed web application penetration testing using Burp Suite. Conducted secure code analysis with SonarQube. Used Kali Linux tools for vulnerability assessment. Reported and documented security issues with mitigation steps. Supported the team in maintaining secure SDLC practices.

Skills: Web, Mobile, Network & Cloud Security Assessments, Vulnerability Assessment, Pen Testing, Threat Modelling, OWASP Top 10, ASVS, Source Code Reviews. Tools: Burp Suite, Kali Linux, Metasploit, NMAP, Nessus, Nexpose, Wireshark, sqlmap. Languages: Java, Python, Golang. Threat Detection and Analysis: Monitor network traffic, system logs, and security alerts to detect and analyze potential security threats, such as malware, intrusions, and unauthorized access.Incident Response: Develop and execute incident response plans to address and mitigate security incidents and breaches.Vulnerability Assessment: Identify vulnerabilities in software, hardware, and network configurations, and recommend patches and security updates.Security Monitoring: Continuously monitor and analyze security events, assess system vulnerabilities, and recommend security enhancements.Security Policies and Procedures: Develop and enforce security policies, standards, and procedures to ensure a consistent and secure computing environment.Access Control: Implement and manage access control systems, including user authentication, authorization, and password policies.Security Tools: Utilize a range of security tools, such as intrusion detection systems (IDS), intrusion prevention systems (IPS), firewalls, antivirus software, and data encryption.

Job Summary: We are seeking a skilled and motivated Assistant Manager – VAPT with expertise in Cloud Security to support the organization’s cybersecurity initiatives through comprehensive vulnerability assessments and penetration testing. The ideal candidate will have hands-on experience in identifying security weaknesses in systems, applications, networks, and cloud environments, and provide actionable recommendations to mitigate risks. Key Responsibilities: Conduct regular Vulnerability Assessments and Penetration Tests on web applications, mobile applications, networks, cloud infrastructure (AWS, Azure, GCP), and APIs. Identify, analyze, and document security flaws and vulnerabilities using manual techniques, custom scripts, and automated tools. Perform cloud security assessments to identify misconfigurations, vulnerabilities, and risks associated with cloud services (AWS, Azure, GCP). Work closely with IT, cloud infrastructure, and development teams to validate findings, suggest remediation steps, and verify the implementation of fixes. Collaborate with third-party vendors for external testing and audits. Prepare detailed technical reports and executive summaries of findings and recommendations. Ensure compliance with internal policies and external regulatory requirements (e.g., ISO 27001, PCI-DSS, GDPR, SOC2). Stay updated with the latest vulnerabilities, exploits, and security news, particularly in the cloud security domain, through continuous learning and threat intelligence feeds. Assist in security incident response efforts related to vulnerabilities discovered in cloud environments and on-prem systems. Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Technology, or a related field. 4+ years of experience in VAPT or a similar cybersecurity role, with hands-on experience in cloud security . Proficiency in tools such as Nessus, Burp Suite, Nmap, Metasploit, Wireshark, Kali Linux , and cloud security tools (e.g., AWS Inspector, Azure Security Center, GCP Security Command Center ). Strong knowledge of OWASP Top 10 , SANS 25 , and secure coding practices. Hands-on experience in securing cloud environments (AWS, Azure, GCP), including network security, identity and access management (IAM), and infrastructure-as-code (IaC) security. Familiarity with scripting languages (Python, Bash, PowerShell) for automation and custom testing is a plus. Industry certifications such as OSCP, CEH, GPEN, or eJPT and cloud security certifications like AWS Certified Security Specialty , Azure Security Engineer are highly desirable. Strong analytical, problem-solving, and communication skills.

About ASB ASB is committed to empowering students with expertise in emerging technologies. We are looking for an enthusiastic and passionate Cybersecurity Training Expert to lead and mentor students, equipping them with industry-relevant skills in cybersecurity. This role requires a deep understanding of cybersecurity principles, hands-on technical expertise, and a passion for teaching. The ideal candidate will have solid experience in network security, penetration testing, ethical hacking, compliance, and security frameworks. They should be an excellent communicator who can break down complex cybersecurity concepts into easy-to-understand modules. Key Responsibilities 1. Training Delivery Design, develop, and deliver high-quality cybersecurity training through courses, workshops, boot camps, and webinars. Cover a broad range of cybersecurity topics, including but not limited to: Network Security & Firewalls Penetration Testing & Ethical Hacking Cloud Security & DevSecOps Security Compliance & Auditing (ISO 27001, NIST, GDPR, etc.) Threat Intelligence & Incident Response SIEM, SOC & Security Tools (Burp Suite, Wireshark, Metasploit, AWS Security Hub, etc.) 2. Curriculum Development Develop and continuously update cybersecurity training materials, including hands-on labs, case studies, quizzes, and real-world projects. Ensure training content is aligned with industry best practices, compliance frameworks, and emerging security trends. 3. Training Management Organize and manage cybersecurity training sessions, ensuring smooth content delivery, engagement, and assessments. Track learner progress and provide additional support, including one-on-one guidance and mentorship. 4. Technical Support & Mentorship Assist students with technical queries and troubleshoot cybersecurity-related challenges. Provide career guidance and mentorship, helping students navigate certifications (CEH, CISSP, OSCP, CISM, etc.) and job opportunities in cybersecurity. 5. Industry Engagement Stay updated with the latest cybersecurity threats, vulnerabilities, and defense mechanisms. Represent ASB at cybersecurity conferences, webinars, and industry events. 6. Assessment & Evaluation Develop hands-on challenges, CTFs (Capture The Flag), and practical assessments to evaluate student proficiency. Provide constructive feedback to enhance their technical skills. Required Qualifications & Skills Educational Background Bachelor's or Masters degree in Computer Science, Cybersecurity, Information Security, or a related field. Hands-on Cybersecurity Experience 3+ years of experience in cybersecurity roles such as Penetration Tester, Security Analyst, SOC Analyst, Cybersecurity Engineer, or Security Auditor. Expertise in ethical hacking, threat analysis, cloud security, risk assessment, and compliance. Strong knowledge of Linux, Windows Security, Networking, and Cryptography. Teaching & Communication Skills 2+ years of experience in training, mentoring, or delivering cybersecurity education. Ability to explain complex security concepts in a clear and engaging way. Cybersecurity Tools & Platforms Experience with security tools such as Kali Linux, Metasploit, Burp Suite, Wireshark, Nessus, Nmap, Snort, Splunk, SIEM platforms, and AWS Security Hub. Knowledge of SOC operations, incident response, and security automation tools. Passion for Education A genuine enthusiasm for training the next generation of cybersecurity professionals. Preferred Qualifications Industry Certifications CEH, OSCP, CISSP, CISM, CCSP, AWS Security Certification, or equivalent. Experience in Online Teaching Prior experience in online training platforms (Udemy, Coursera, etc.) or learning management systems (LMS). Knowledge of Security Frameworks & Compliance Familiarity with ISO 27001, NIST, GDPR, SOC 2, and PCI-DSS. Experience in Blue Team & Red Team Operations Understanding of ethical hacking (offensive security) and defensive security (SOC, SIEM, endpoint protection, etc.).

As a part of the Information Security operation team, you will be responsible for delivering crucial management and reporting services across various Information Security platforms. This role entails tasks such as configuration, creating tools (scripts, procedures, and templates), defining reports, and recommending best practices and procedures to enhance the overall security posture. Your responsibilities will also include actively engaging in security operational activities, developing procedures, methods, reports, and scripts to streamline the monitoring and measurement of enterprise-wide IT Security Solutions. Proactively identifying and addressing potential security risks and incidents, configuring and monitoring security infrastructure, conducting vulnerability scanning and reporting, monitoring various log sources to detect risks and issues, creating event log dashboards, reports, and alerts, and contributing to the enhancement of the overall IT security architecture. In addition, you should possess hands-on knowledge and proficiency with tools such as Nmap, Kali Linux, Metasploit, Armitage, Maltego, Burp, Paros Proxy, Nessus, Nexpose, Wireshark, SQLMap, among others. This position requires a minimum of 2 years of experience and a strong background in Information Security. Preferred certifications include CEH, CHFI, ECSA, LPT, OSCP, OSCE, OSEE, and OSWE. Your expertise and active involvement will play a pivotal role in maintaining a robust and secure IT environment.,

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the teams goal. Responsibilities Direct Responsibilities Direct Responsibilities - To perform Penetration testing (Gray Box and/or Black Box) for Web applications; Thick Client, API, and mobile applications. - To understand the applications security requirements and identify & document the scope of the test - Ensure execution of the documented security scenarios for the application under test. - Document and report all findings - Collaborate with the developers to help them understand the vulnerabilities reported in application - Escalate issues to the local management and onshore stakeholders in case it affects the testing progress - Ensure processes for the project is followed for the assessments Note : - Optional, experience in Source Code Assessment (SCA)/SAST, Mobile Testing Contributing Responsibilities Technical & Behavioral Competencies - Clear understanding of OWASP Top 10 - application security risks - Tools/OS: Burp Suite, OWASP ZAP, Kali Linux - Manual Security Testing & Analysis, Security Test Designing - Excellent Inter personal and presentation skills - Strong in verbal and written communication - Good analytical skills - Strong Time Management - Must be flexible, independent, self-motivated - Team player Specific Qualifications (if required) CSSLP/CEH or equivalent certification preferred

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the teams goal. Main Scope Role of Wealth Management India IT Risk and Information Systems Security Manager, being understood this role includes delegations from APAC WM CISO for the team located in India territory and fully participates in overall WMIS Cybersecurity and IT Risk objectives. Participate to IT project security reviews conducted both on a global and APAC basis across all platforms. Participate in the Security Operation meetings in APAC, EMEA & CH regions. This requires the incumbent to foster close working relationships with other business areas and IT Development/Production/CSIRT/Production Security teams. The incumbent will work hand in hand with the IT Dev, Prod teams and the business, as an enabler and a facilitator. Responsibilities Direct Responsibilities WM IT Risk and Security Manager o Manage the WM IT Risk and Security local team in India by managing the recruitment, performances review as well as training and career-path development. o Coordinate with APAC WM security actors, including India-based resources. o Coordinate with APAC WM IT teams on risk and security topics, while promoting a secure development and deployment culture o Assist for a Risk Treatment for any APAC WM issue, based on the WM GAIM generic process. o Periodic reporting of security status to WM CISO APAC and WM Global CISO o Contribute to the IT Risk and Cybersecurity Governance including procedural framework, Cybersecurity awareness and communication. o Ensure the regular reporting for management follow-up IT Security Compliance (delegation on WM APAC scope) o Ensure the alignment with the Group and WM GAIM security policies, for both project and production assets. o Ensure the protection of WM business data with an adequate security level of WM assets, based on project assessment and production review processes. o Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS), EU (GDPR), Switzerland (FINMA) o Leveraging on a deep knowledge of Security standards such as NIST, CIS,ISO2700x , ensure the compliance with the IT security requirements o Ensure the compliance with the Third-party Technology risks and Cloud security. o Identify the process gaps and provide solutions. Application Security o Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices. o Identify and implement the latest security standards for internet facing and internal assets. o Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing SAST, Dynamic Acceptance Security Testing DAST and Software Composition Analysis SCA). Perform Security risk assessments and reviews to be presented to respective committees. Ensure the adequate security level for all WM GAIM applications, whatever the IT project managers location and hosting provider. Production Security Oversight (delegation on WM APAC scope) o Identify the production security requirements and ensure a smooth integration of WM assets within APAC IT Production, including network flow opening and Application Zoning compliance. o Identify the compliance level of the production environment and contribute to remediation actions definition while keeping the oversight on actions progress. o Keep an overview and ensure the adequate Vulnerability Management at the server and middleware level leveraging on production scans and liaising with relevant production stakeholders. Contribute to the management of Cybersecurity incidents. CyberSecurity Program (delegation on WM APAC scope) o Contribute to the steering and driving of the security initiatives on the APAC scope expected by the WM Cybersecurity Program. Contributing Responsibilities Coordination with IT Security actors o Reporting line to the WM GAIM Global CISO : alignment on the objectives and means, contribution to the different global reporting (WM Cybersecurity Committee, Wholesale Application Security Dashboard) o Coordination and control of security activities performed by APAC CIB Business Information Security and Production Security teams, including project assessment from production point of view, production security review, user security awareness for the WM scope. o Coordination with the Swiss Security team concerning integration of WM assets within Swiss IT production. o Keeping abreast of initiatives by the IT Security community within the Group and other IT Security stakeholders within the Group. Technical & Behavioral Competencies Cybersecurity / Technical Value-added Competencies Cybersecurity Governance : framework (NIST / CIS framework), Security incident management, Logging & Detection (SIEM ELK products) DevSecOps : CI/CD toolchain knowledge of various tools o Source code management: sonarQuabe, bibucket, github/gitlab o Security application scanning (e.g. Sonatype/NexusIQ, Fortify, AppSpider, Qualys, DTR scan) o Automation/orchestration: Ansible tower, Jenkins Application Security: Threat modeling, Security architecture key concepts, exposure to various development framework and applicative landscape (Java/Web, Mobile applications, containerization/docker, kubernetes, API management, Cloud security) Vulnerability Management o Nexpose, Nessus Ethical Hacking Knowledge o Kali Linux knowledge (metasploit, nmap) Specific Qualifications (if required) Qualifications and Experience 10 years' experience in information security evaluation and design of technical architectures Functional as well as technical knowledge of the applications used within BNP Paribas Knowledge of the Norms and Standards of the BNP Paribas Group, in particular with respect to ITRM & Wholesale IT Security Norms and Policies Team management experience is a must Preferred Master level in Computer science and Information Security Skills Referential Behavioural Skills : Communication skills - oral & written Ability to collaborate / Teamwork Decision Making Ability to deliver / Results driven Transversal Skills: Ability to set up relevant performance indicators Ability to develop and adapt a process Ability to manage a project Ability to develop others & improve their skills Ability to manage / facilitate a meeting, seminar, committee, training Education Level: Master Degree or equivalent Experience Level At least 10 years Other/Specific Qualifications (if required) Other Value-added Competencies Advanced IT security certifications may be advantageous (such as CISM, CCSP, CSK, CEH, CISSP). Operational Risk and Permanent Control Data Analytics solutions (Tableau, PowerBI) and strong expertise in Dashboard/reporting

About the Role: Duration: 6 months Notice Period: (Immediate Joiner - Only) (General Shift & UK shift), 5days work from the Office, a Cab facility is there. Job responsibilities: Conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests, and Cloud on system and network levels, employing advanced ethical hacking techniques. Application Penetration Testing (Browser-based, API, Mobile, IoT) Threat Modeling Source Code Review Perform penetration testing on web applications and APIs (internal and external) to identify, assess, and report on vulnerabilities in their applications. Perform red team exercises to determine weaknesses in the clients infrastructure and how it should be remediated. Organizing and delivering technical security operational briefings for both technical and non-technical audiences. Set scope, objectives, and timelines for penetration testing engagements and leverage data to create useful metrics. Dynamic application security testing (DAST) scans on the identified targets without credentials. Perform credentialed DAST scans on known client URLs. Research to identify new attack vectors. Review and provide feedback for all Security Artifacts. Play a critical role in building an AppSec program that has a wide scope and impact. Researching open-source emerging technologies, developing required frameworks and capabilities to perform red team exercises on new technologies adopted by clients. Preparing and delivering clear, accurate, and concise written and oral technical reports for management. Job specifications: Qualification: Bachelors degree in Engineering or closely related coursework in technology development disciplines Certifications like OSCP, CEH, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN are desirable Experience: Total Experience 4+ years Desired Skills: Knowledge and Experience: Offensive Security Certified Professional (OSCP) and/or Offensive Security Certified Expert (OSCE). A thorough understanding of the Secure Development Life Cycle Have comprehensive knowledge of common vulnerabilities (e.g., OWASP Top 10), diverse application attack vectors, security testing processes, and both wired and wireless network security protocols. Have familiarity with common threat tactics and tools (Nmap, Metasploit, Kali Linux, Burp Suite Pro, CobaltStrike, App Detective, Web Inspect, etc.) Cloud Service penetration testing tradecraft and methodologies across one or more service providers (e.g., AWS, GCP, etc.) Mobile platform penetration testing tradecraft and methodologies across widely-used platforms (iOS and/or Android). Microservices testing Ability to find and exploit bugs in: C++, Java, JavaScript, Go, and Python Kubernetes, AWS, GCP, or Azure Memory management, namespaces, cgroups, etc. Passion for writing code to solve problems, combined with an interest in Offensive Security. Ability to demonstrate a strong background in one of the following languages: Golang, Python, Java, JavaScript, C++, C Personal Attributes: Self-starter and quick learner requiring minimal ramp-up Excellent analytical, written, oral, and interpersonal communication skills Highly self-motivated, self-directed, and attentive to detail Ability to effectively prioritize and execute tasks in a high-pressure environment Strong communications skills to comfortably work cross-functionally across the organization.

We are looking for a Mid Penetration Tester to deliver penetration tests to Thoropass customers, including vulnerability assessments, web app pentests, network pentests, and API pentests. This role will be a player-coach, responsible for delivering our first batch of customer-facing pentest reports. As we scale the offering, this role will also mentor junior resources to deliver consistently high-quality pentests. The ideal candidate will be equal-parts penetration tester, strategic thinker, and operational doer with a passion for solving complex challenges and delivering measurable impact for our company and customers. About You You adopt the mindset of an attacker, delving deep to identify potential vulnerabilities and attack vectors. You exhibit great judgment and sharp technical instincts that allow you to differentiate essential versus nice-to-have and to make good choices about trade-offs. You have a point-of-view on the penetration testing methodology, tools, process, and what is appropriate for different stages of a scaling start-up. Hungry, humble, scrappy, and will thrive in fast-paced environments and manage multiple priorities simultaneously. What You'll Do Deliver Penetration Testing Engagements Conduct web, network, mobile and API penetration tests with automated and manual testing, using black box or gray box testing methods. Demonstrate lateral movement capabilities and expose potential data exfiltration opportunities to simulate real-world attack scenarios. Develop effective countermeasures to address both known and unknown vulnerabilities within internal networks, employing advanced adversarial tactics to highlight security gaps. Employ innovative thinking to overcome security protection mechanisms, craft proof-of-concept code, and exploit business logic. Present detailed reports and findings to customers in a clear and concise manner, in fluent written and oral English. Advise customers on remediation efforts as needed. Build Penetration Testing Function Identify recurring issues and contribute to the automation of the penetration testing process, enabling scalability and expansion. Share your expertise through regular internal knowledge-sharing sessions, maintaining comprehensive documentation, and educating technical staff on security protocols. Serve as a trusted expert in the offensive security field, staying up-to-date with the latest trends and best practices. Collaborate cross-functionally with the Customer Success team and Sales & Marketing team to hit revenue goals and deliver the best customer experience. Skillsets/ Requirements 3-5+ years in a pentesting / red teaming role. Deep technical expertise in network pentesting, web app pentesting, AWS pentesting, and API pentesting. Familiarity with the majority of the following areas: Android pentesting, iOS pentesting, cloud pentesting, OSINT, exploit development, IoT pentesting, Web3 security review, secure code review - white box pentesting. At least 1 of the following certifications: Burp Suite Certified Practitioner, OSCP OR PWPT. Knowledge of current attack methods, manual penetration testing techniques, and popular hacking tools (e.g., Nessus, Nmap, Kali Linux, Burp Suite Pro). Experience with Hack the Box, Portswigger Academy, or similar learning platforms. Proficient scripting skills in bash, Python, or similar languages. Fluency in English, with exceptional verbal & written communication. Youre able to convey complex, technical topics to an array of stakeholders in a digestible and compelling manner. Strong project management skills with experience working with cross-functional teams and influencing stakeholders at all levels of the organization. Bonus Points Familiarity with programming languages such as C/C++, Java, .NET, Python, and manual source code analysis. Compensation : Competitive base salary Exceptional private healthcare Early equity in a fast-growing company Work-from-home model Flexible PTO Home office equipment Monthly wellness and home Wi-Fi stipend