51 Kali Linux Jobs - Page 2

Job Title: WebPT P1 - Consultant Location: Bangalore & Pune (Hybrid Role) Contract Duration: 6 Months Roles & Responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Conduct manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: Web applications Internal applications APIs Internal and external networks Mobile applications Experience in one or more of the following is a plus: Mobile application testing Web application pen testing Application architecture Business logic analysis Work on application tools to perform security tests, including: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux Able to explain vulnerabilities such as: IDOR (Insecure Direct Object References) Second Order SQL Injection CSRF (Cross-Site Request Forgery) Provide root cause analysis and remediation guidance for identified vulnerabilities. Mandatory Technical & Functional Skills: Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux (or equivalent) Minimum three (3) years of performing manual penetration testing and code review against: Web applications Mobile apps APIs Minimum three (3) years of experience working with both technical and non-technical audiences in reporting results and leading remediation conversations. Preferred: One year of experience in the development of web applications and/or APIs. Ability to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. Certifications (Preferred but not required): GWAPT (GIAC Web Application Penetration Tester) CREST (Certified Testing Professional) OSCP (Offensive Security Certified Professional) OSWE (Offensive Security Web Expert) OSWA (Offensive Security Web Application) This is a 6-month contract role with hybrid work arrangements in Bangalore and Pune .

Dear Candidate, We are hiring a Compliance Engineer to ensure code and dependencies meet licensing and audit standards. Key Responsibilities: Track open-source usage and license compliance. Automate compliance scanning and reporting. Assist in security reviews and audits. Required Skills & Qualifications: Familiarity with tools like FOSSA, Black Duck. Knowledge of OSS licenses (MIT, GPL, Apache). Experience with code scanning and SBOMs. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Your Role Were hiring a skilled VAPT Engineer to strengthen our cybersecurity team! If you have hands-on experience in Vulnerability Assessment & Penetration Testing , and a passion for securing digital infrastructure, apply now for Pan India locations . Experience in Cyber Security Penetration Testing (Manual PT, VAPT, DAST, SAST, MAST, API). Experience in Vulnerability Assessment and Penetration Testing of web applications, mobile applications, API networks, and thick client applications. Manual Penetration Testing skills and techniques, with hands-on experience in identifying false positives from automated tool results. Hands-on knowledge of toolsBurp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, SQLmap, Checkmarx, etc. Strong knowledge of tools for mobile application security, including Appuse, MOBSF, Geny Motion, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify on Demand, etc Your Profile Vulnerability Assessment and Penetration Testing (VAPT) experience range 3 to 9 years Cyber Security Penetration Testing Manual Penetration Testing skills Knowledge of security tools Mobile application security tools What you'll love about working here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Job Summary: We are looking for enthusiastic Cyber Security Engineers with atleast 1 year of experience to join our dynamic team. The ideal candidate should have strong networking skills, extensive experience in Vulnerability Assessment and Penetration Testing (VAPT), and a solid understanding of network architecture, protocols, and security tools and the passion to learn, perfom and grow in the organisation. The role involves conducting in-depth security assessments on network devices and web applications, including the application of fuzzing techniques. Key Responsibilities: Vulnerability Assessment and Penetration Testing (VAPT): Lead and conduct comprehensive VAPT on network devices and web applications to identify and address security vulnerabilities. Network Security Expertise: Apply deep knowledge of network protocols, firewalls, IDS/IPS, and VPNs to ensure robust security across the network. Custom Security Tool Development: Develop and maintain custom security tools and scripts using Python, Bash, or PowerShell to enhance security assessments and automate processes. Network Tools Proficiency: Utilize tools such as Wireshark, Nmap, Nessus, Burp Suite, and others for network analysis and security testing. Security Assessments: Perform thorough security assessments on network devices, ensuring alignment with industry standards and best practices. Protocol Fuzzing Understanding: Apply protocol fuzzing techniques to uncover vulnerabilities in network devices and recommend effective remediation strategies. Communication: Clearly articulate complex security issues to both technical and non-technical stakeholders, ensuring a comprehensive understanding of risks and solutions. Continuous Improvement: Stay updated with the latest cybersecurity trends, threats, and technologies to enhance the organization's security posture. Qualifications: Experience: 1-2 years of relevant experience in cybersecurity, with a focus on networking, VAPT, and security assessments. Technical Skills: Strong networking skills and understanding of network architecture. Proficiency in network protocols, firewalls, IDS/IPS, and VPNs. Advanced programming skills in Python, Bash, or C/C++. Expertise in using network security tools (e.g., Wireshark, Nmap, Nessus, Burp Suite). Certifications: CEH, OSCP, or CRTP certifications are highly desirable. Communication: Excellent verbal and written communication skills, capable of conveying security concepts to diverse audiences. Problem-Solving: Strong analytical and problem-solving abilities, with keen attention to detail. Preferred Skills: Experience in security assessments on network devices. Understanding of web application fuzzing techniques. Ability to work independently and as part of a team. Education: Masters /Bachelors degree in Computer Science, Information Technology, Cyber Security, Electronics, Telecommunication or a related field (or equivalent experience).

About ASB ASB is committed to empowering students with expertise in emerging technologies. We are looking for an enthusiastic and passionate Cybersecurity Training Expert to lead and mentor students, equipping them with industry-relevant skills in cybersecurity. This role requires a deep understanding of cybersecurity principles, hands-on technical expertise, and a passion for teaching. The ideal candidate will have solid experience in network security, penetration testing, ethical hacking, compliance, and security frameworks. They should be an excellent communicator who can break down complex cybersecurity concepts into easy-to-understand modules. Key Responsibilities 1. Training Delivery Design, develop, and deliver high-quality cybersecurity training through courses, workshops, boot camps, and webinars. Cover a broad range of cybersecurity topics, including but not limited to: Network Security & Firewalls Penetration Testing & Ethical Hacking Cloud Security & DevSecOps Security Compliance & Auditing (ISO 27001, NIST, GDPR, etc.) Threat Intelligence & Incident Response SIEM, SOC & Security Tools (Burp Suite, Wireshark, Metasploit, AWS Security Hub, etc.) 2. Curriculum Development Develop and continuously update cybersecurity training materials, including hands-on labs, case studies, quizzes, and real-world projects. Ensure training content is aligned with industry best practices, compliance frameworks, and emerging security trends. 3. Training Management Organize and manage cybersecurity training sessions, ensuring smooth content delivery, engagement, and assessments. Track learner progress and provide additional support, including one-on-one guidance and mentorship. 4. Technical Support & Mentorship Assist students with technical queries and troubleshoot cybersecurity-related challenges. Provide career guidance and mentorship, helping students navigate certifications (CEH, CISSP, OSCP, CISM, etc.) and job opportunities in cybersecurity. 5. Industry Engagement Stay updated with the latest cybersecurity threats, vulnerabilities, and defense mechanisms. Represent ASB at cybersecurity conferences, webinars, and industry events. 6. Assessment & Evaluation Develop hands-on challenges, CTFs (Capture The Flag), and practical assessments to evaluate student proficiency. Provide constructive feedback to enhance their technical skills. Required Qualifications & Skills Educational Background Bachelor's or Masters degree in Computer Science, Cybersecurity, Information Security, or a related field. Hands-on Cybersecurity Experience 3+ years of experience in cybersecurity roles such as Penetration Tester, Security Analyst, SOC Analyst, Cybersecurity Engineer, or Security Auditor. Expertise in ethical hacking, threat analysis, cloud security, risk assessment, and compliance. Strong knowledge of Linux, Windows Security, Networking, and Cryptography. Teaching & Communication Skills 2+ years of experience in training, mentoring, or delivering cybersecurity education. Ability to explain complex security concepts in a clear and engaging way. Cybersecurity Tools & Platforms Experience with security tools such as Kali Linux, Metasploit, Burp Suite, Wireshark, Nessus, Nmap, Snort, Splunk, SIEM platforms, and AWS Security Hub. Knowledge of SOC operations, incident response, and security automation tools. Passion for Education A genuine enthusiasm for training the next generation of cybersecurity professionals. Preferred Qualifications Industry Certifications CEH, OSCP, CISSP, CISM, CCSP, AWS Security Certification, or equivalent. Experience in Online Teaching Prior experience in online training platforms (Udemy, Coursera, etc.) or learning management systems (LMS). Knowledge of Security Frameworks & Compliance Familiarity with ISO 27001, NIST, GDPR, SOC 2, and PCI-DSS. Experience in Blue Team & Red Team Operations Understanding of ethical hacking (offensive security) and defensive security (SOC, SIEM, endpoint protection, etc.).

Key Responsibilities Performing (Web, mobile, Cloud-based AWS, Azure, etc.), thick-clients business solutions and infrastructure pentest as assigned by the customer Work on full assessment & revalidation cases within customer defined timelines. Handling report creation based on pentest outcome as per customer template Develop new test cases, scenario & able to perform API pentesting. Develops, tests and validates solutions to remediate exploitable conditions on devices such as web servers, mail servers, routers, firewalls and intrusion detection systems | Provide results report and help team to evaluates, codes and implements software fixes (patches) to address system vulnerabilities such as malicious code (e.g., viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning and web services manipulation | Conducts security assessments of systems and applications using penetration tests, ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities. Perform source code review & configurations reviews against CIS benchmarks and security standard. Participating in end user calls with customer for requirement gathering, explanation of findings, technical discussions. About you Education, qualifications, and certifications Degree / Diploma Holders with good knowledge in pentest domain. Excellent verbal & written communication skills in English language Mandatory skill set Proficiency in Pentest tool such as using Burp suite and Kali Linux. Proficiency in Python and Java, Javascript, and other coding languages. Good experience in performing security penetration testing and vulnerability assessment. Experience in testing diverse infra components including various enterprise platforms such as private clouds, Openshift infra, dockers/container infra etc. Experience in Source code reviews, red team exercises, security architecture configuration reviews, and technical security compliance reviews Knowledge on Web-based applications and services (SOAP/REST) Well versed in writing reports, test cases etc. OSWP/ OSCE certification (preferred), SANS or Certified Penetration Tester, Certified Expert Penetration Tester or GIAC Certified Penetration Tester. Secondary skill set Knowledge on Azure & scripting language. Nice to have knowledge on other hacker tools;Appscan, Fortify, Wireshark, nmap, netcat, ZAP, FireBug, Nessus, John the Ripper. Experience Minimum of 3+ years related work experience in customer facing organizations within Pentest domain.

:Bachelor's degree and a minimum of 2 years of professional experience in an IT-related field (Information Security, Network Security, IT Infrastructure).Experience on Network Security, Firewall Security, and Web Security (including web application firewalls and proxies)Directory services (Microsoft Active Directory), SCCM, Vulnerability Assessment (infrastructure, server, workstation, and *application).Experience on SIEM, PIM, Content Filtering, and Cisco Firewalls.CompTIA Security+ certification, CEH, CHFI, or equivalent, preferred.Experience on Change Management Review and Security Audits/Reviews.Experience on Linux and hacking tools (Kali Linux, Backtrack.Excellent interpersonal and communication skills, Self-driven, quick learner with attention to details and quality.Knowledge of ISO 27001, HIPAA, SOX will be an advantage.Good knowledge of security programs, process, and metric.Good knowledge of IT Security Infrastructure and related applications and toolsets. Examples include firewalls & Network. Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests. Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visitr1rcm.com Visit us on Facebook Location - Chennai,Noida,Hyderabad,Gurugram

TitleSecurity Test Engineer Key Responsibilities Core Skills Must have Work Experience Minimum of 2+ Years of work experience in Application security, Vulnerability Assessment & Penetration Testing. Skill Set Vulnerability Assessment and Penetration Testing for Web application and API. Knowledge on open source and commercial tools Source code Review Knowledge on scripting language is desirable. Expertise in DAST for web Application (e.g. Acunetix, IBM AppScan, Burpsuite etc.) tooling including triage. Advance Understanding of Security standard and best practices. Hands on exp in Kali Linux , SQL Map Expertise in Vulnerability Assessments using various open source and commercial tools. Sound knowledge of network security devices (Firewalls, proxies , NIDS/NIPS, ETC.) Ability to analyse and detect false positives from the vulnerabilities identified by scanners and communicate effectively with all stakeholders in order to mitigate the existing vulnerabilities in the application. Experience in in performing SAST scan with tool (e.g. Veracode, SecureAssist, IBM AppScan, Checkmarx , Snyk) tooling including triage. Understanding of webbased application vulnerabilities and API Vulnerabilities (OWASP TOP 10) Strong customer service orientation & Experience working in a teamoriented, collaborative environment. Strong organization and time management skills Offshore

Primary Skill: Clear understanding of OWASP Top 10 - application security risks Tools/OS: Burp Suite, OWASP ZAP, Kali Linux Manual Security Testing & Analysis, Security Test Designing Excellent Interpersonal and presentation skills Strong in verbal and written communication Good analytical skills Strong Time Management Must be flexible, independent, self-motivated. Team Player Direct Responsibilities To perform Penetration testing (Gray Box and/or Black Box) , for Web applications, Thick Client, API, and mobile applications. Understand and deep knowledge of application security engineering principles to follow secure development practices which includes secure build processes, secure code review, security testing. Understanding of the security tools in DevOps Processes Knowledge of one or more scripting languages for automation Collaborate with the developers to help them understand the vulnerabilities reported in application.

Clear understanding of OWASP Top 10 - application security risks - Tools/OS: Burp Suite, OWASP ZAP, Kali Linux - Manual Security Testing & Analysis, Security Test Designing - Excellent Interpersonal and presentation skills - Strong in verbal and written communication - Good analytical skills - Strong Time Management - Must be flexible, independent, self-motivated. - Team player

Clear understanding of OWASP Top 10 - application security risks Tools/OS: Burp Suite, OWASP ZAP, Kali Linux Manual Security Testing & Analysis, Security Test Designing should be able to perform Penetration testing -Gray Box Web applications, application security engineering principles, security tools- should be strong at . should know scripting Excellent Interpersonal and presentation skills Strong in verbal and written communication Good analytical skills Strong Time Management Must be flexible, independent, self-motivated. Team Player

Securze is hiring Security Analysts (L2/L3) in Mumbai with 3+ yrs experience in pentesting, red/blue teaming, AD attacks, and network security. Hybrid role. Must be technically strong, confident, and eager to learn. Immediate joiners only.

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the teams goal. Responsibilities Direct Responsibilities Direct Responsibilities - To perform Penetration testing (Gray Box and/or Black Box) for Web applications; Thick Client, API, and mobile applications. - To understand the applications security requirements and identify & document the scope of the test - Ensure execution of the documented security scenarios for the application under test. - Document and report all findings - Collaborate with the developers to help them understand the vulnerabilities reported in application - Escalate issues to the local management and onshore stakeholders in case it affects the testing progress - Ensure processes for the project is followed for the assessments Note: - Optional, experience in Source Code Assessment (SCA)/SAST, Mobile Testing Contributing Responsibilities Technical & Behavioral Competencies - Clear understanding of OWASP Top 10 - application security risks - Tools/OSBurp Suite, OWASP ZAP, Kali Linux - Manual Security Testing & Analysis, Security Test Designing - Excellent Inter personal and presentation skills - Strong in verbal and written communication - Good analytical skills - Strong Time Management - Must be flexible, independent, self-motivated - Team player Specific Qualifications(if required) CSSLP/CEH or equivalent certification preferred Skills Referential BehaviouralSkills(Please select up to 4 skills) Transversal Skills: (Please select up to 5 skills)Education Level:Bachelor Degree or equivalentExperience LevelAt Least 3 years

Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the teams goal. Responsibilities Direct Responsibilities Direct Responsibilities - To perform Penetration testing (Gray Box and/or Black Box) for Web applications; Thick Client, API, and mobile applications. - To understand the applications security requirements and identify & document the scope of the test - Ensure execution of the documented security scenarios for the application under test. - Document and report all findings - Collaborate with the developers to help them understand the vulnerabilities reported in application - Escalate issues to the local management and onshore stakeholders in case it affects the testing progress - Ensure processes for the project is followed for the assessments Note : - Optional, experience in Source Code Assessment (SCA)/SAST, Mobile Testing Technical & Behavioral Competencies - Clear understanding of OWASP Top 10 - application security risks - Tools/OS: Burp Suite, OWASP ZAP, Kali Linux - Manual Security Testing & Analysis, Security Test Designing - Excellent Inter personal and presentation skills - Strong in verbal and written communication - Good analytical skills - Strong Time Management - Must be flexible, independent, self-motivated - Team player Specific Qualifications (if required) CSSLP/CEH or equivalent certification preferred Education Level: Bachelor Degree or equivalent Experience Level At Least 3 years

As a Cyber Security Analyst you will be responsible for the administration, endpoint protection, vulnerability management, intrusion detection system, security information & event management, Active Directory, Domain Controller and Email Security.

Role & responsibilities Orange Business is hiring for Cybersecurity Expert - Pentest for Greater Noida location. Performing (Web, mobile, Cloud-based AWS, Azure, etc.), thick-clients business solutions and infrastructure pentest as assigned by the customer Work on full assessment & revalidation cases within customer defined timelines. Handling report creation based on pentest outcome as per customer template Develop new test cases, scenario & able to perform API pentesting Develops, tests and validates solutions to remediate exploitable conditions on devices such as web servers, mail servers, routers, firewalls and intrusion detection systems | Provide results report and help team to evaluates, codes and implements software fixes (patches) to address system vulnerabilities such as malicious code (e.g., viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning and web services manipulation | Conducts security assessments of systems and applications using penetration tests, ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities Perform source code review & configurations reviews against CIS benchmarks and security standards Participating in end user calls with customer for requirement gathering, explanation of findings, technical discussions. Preferred candidate profile Mandatory skill set Proficiency in Pentest tool such as using Burp suite and Kali Linux Proficiency in Python and Java, JavaScript, and Other coding languages • Good experience in performing security penetration testing and vulnerability assessment for internal, external web & mobile applications, wireless networks and IT infrastructure, end-points, cloud etc. Experience in testing diverse infra components including various enterprise platforms such as private clouds, Openshift infra, dockers/container infra etc. Experience in Source code reviews, red team exercises, security architecture configuration reviews, and technical security compliance reviews Knowledge on Web-based applications and services (SOAP/REST) Well versed in writing reports, test cases etc. OSCP/ OSWP / OSCE certification (preferred), SANS or Certified Penetration Tester, Certified Expert Penetration Tester or GIAC Certified Penetration Tester Secondary skill set Knowledge on Azure & scripting language Nice to have knowledge on other hacker tools;Appscan, Fortify, Wireshark, nmap, netcat, ZAP, FireBug, Nessus, John the Ripper.

Hiring for Security Test Engineer at Bangalore location Role: Security Test Engineer Exp: 2 - 7 Years Job location: Bangalore Notice Period: Immediate joiners only - Must Work Mode: Hybrid Interview Mode: 2 rounds ( Virtual & F2F round is Must ) Direct Responsibilities: To perform Penetration testing (Gray Box and/or Black Box), for Web applications, Thick Client, API, and mobile applications. Understand and deep knowledge of application security engineering principles to follow secure development practices which includes secure build processes, secure code review, security testing. Understanding of the security tools in DevOps Processes Knowledge of one or more scripting languages for automation Collaborate with the developers to help them understand the vulnerabilities reported in application. Contributing Responsibilities To understand the applications security requirements and identify & document the scope of the test. Ensure execution of the documented security scenarios for the application under test. Document and report all findings. Escalate issues to the local management and onshore stakeholders in case it affects the testing progress. Ensure processes for the project is followed for the assessments. Help review peer's work and mentor junior members in the team. Technical & Behavioral Competencies: Clear understanding of OWASP Top 10 - application security risks Tools/OS: Burp Suite, OWASP ZAP, Kali Linux Manual Security Testing & Analysis, Security Test Designing Excellent Interpersonal and presentation skills Strong in verbal and written communication Good analytical skills Strong Time Management Must be flexible, independent, self-motivated. Team Player Interested candidates can share your updated profile to premkumar.m@kiya.ai

Following are the details: ANZEN Technologies Private Limited stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Job Summary: We are seeking a skilled and passionate Red Team Security Consultant to join our cybersecurity team. The ideal candidate will specialize in simulating adversarial tactics, techniques, and procedures (TTPs) to identify vulnerabilities and improve the organization's security posture. This role involves performing advanced penetration tests, simulating real-world attacks, and working with teams to implement effective remediation strategies. Key Responsibilities: Plan, execute, and document Red Team exercises mimicking advanced threat actors for medium to large enterprises. Conduct network penetration testing (VAPT), system vulnerability assessments, and security configuration reviews. Perform manual security assessments for web applications, APIs, and client-server applications. Simulate sophisticated attack chains including lateral movement, privilege escalation, and data exfiltration. Develop and execute custom attack payloads using tools and scripts. Assess physical security controls and implement social engineering assessments when required. Create and maintain custom tools/scripts in languages like Python, Bash, or PowerShell. Utilize and adapt adversary emulation frameworks such as MITRE ATT&CK, Cobalt Strike, and Metasploit. Collaborate with Blue Teams to improve detection and response mechanisms through Purple Team engagements. Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Qualification: BE/B. Tech/ MCA/ M. Sc. (IT/Computers) Skills : Excellent communication and collaboration skills. Red Teaming, VAPT, Application Security (Web/Mobile/API), Red Teaming and Application Security domains. Proficient in Application Security concepts, including OWASP Top 10 and OSSTMM. Experience with vulnerability scanning tools such as Burp Suite Pro, Nessus, OWASP ZAP, Kali Linux, Cobalt Strike, Caldera etc. Basic ability to write automation scripts (Bash or Python). Understanding of threat modelling and secure coding practices. Strong understanding of TTPs, threat modelling, and secure coding practices. Hands-on experience in Active Directory exploitation, phishing campaigns, and endpoint bypass techniques. Preferred Certificates : OSCP, CRTP, eWPTX, Security+, CREST, CRTO Job Location : Mumbai/Navi Mumbai Job Mode : Work from Office Need an immediate Joiner who may join by 15th June, 2025

Consultant - MAST Vanguard Requirements: Mandatory Technical & Functional Skills Strong knowledge on manual secure code review against common programming languages (Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual security code review against common programming languages (Java, CSharp). Perform automated testing of running applications and static code (SAST, DAST). Experience in one or more of the following a plus: AI pen testing. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation

Synergy IT is seeking an experienced Cybersecurity SOC Analyst to join our dynamic team. The ideal candidate will have a strong background in cybersecurity with a focus on Microsoft Sentinel, Azure Security, and Meraki Network solutions. As a Cybersecurity Analyst, you will play a critical role in safeguarding our organizations IT infrastructure by monitoring, analyzing, and responding to security incidents. Key Responsibilities: Security Monitoring & Incident Response: Utilize Microsoft Sentinel to monitor security events, analyze alerts, and manage incidents. Investigate and respond to security incidents using Azure Security tools and methodologies. Implement and manage security monitoring solutions, including those from Meraki for network security. Threat Intelligence & Analysis: Continuously evaluate and update threat intelligence to identify potential threats and vulnerabilities. Perform in-depth analysis of security events and incidents to determine their nature and impact. Security Management: Develop and implement security policies, procedures, and best practices for Microsoft Sentinel, Azure Security, and Meraki Networks. Ensure compliance with industry regulations and standards. System & Network Security: Configure, manage, and troubleshoot security solutions on Azure and Meraki Network environments. Conduct regular security assessments and vulnerability scans to identify and remediate potential security weaknesses. Collaboration & Reporting: Work closely with IT and cybersecurity teams to enhance overall security posture. Prepare and present detailed incident reports and security analyses to senior management. Continuous Improvement: Stay up-to-date with the latest cybersecurity trends, threats, and technologies. Recommend and implement improvements to security practices and tools. Qualifications: Experience: Proven experience as a Cybersecurity SOC Analyst or similar role with a strong focus on Microsoft Sentinel, Azure Security, and Meraki Network solutions. Demonstrated experience in incident detection, analysis, and response. Skills: Proficient in using Microsoft Sentinel for security information and event management (SIEM). Hands-on experience with Azure Security services and tools. Strong knowledge of Meraki Network solutions and their integration with security practices. Familiarity with other security tools and frameworks is a plus. Certifications: Relevant certifications such as CISSP, CISM, CEH, or Microsoft Certified: Azure Security Engineer Associate are highly desirable. Education: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field. Advanced degree or relevant certifications are a plus.

Position 1: Consultant - MAST Vanguard Requirements: Mandatory technical & functional skills •Strong knowledge on manual secure code review against common programming languages (Java, C#) •Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. •Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs •Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. •Preferred one year of experience in development of web applications and/or APIs. •should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. •One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities •Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications •Perform manual security code review against common programming languages (Java, CSharp). •Perform automated testing of running applications and static code (SAST, DAST). •Experience in one or more of the following a plus: AI pen testing. •Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. •Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation

*ONLY IMMEDIATE JOINERS PREFERRED* Job Title: Consultant - MAST Vanguard Experience: 4-7 Years Location: Bangalore (WFO 5 days) Work timings 12PM to 9PM Job Description: Roles & responsibilities •Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications •Perform manual security code review against common programming languages (Java, CSharp). •Perform automated testing of running applications and static code (SAST, DAST). •Experience in one or more of the following plus: AI pen testing. •Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. •Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Mandatory technical & functional skills Mandatory technical & functional skills Strong knowledge on manual secure code review against common programming languages ( Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and leading remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA

Bachelor's degree and a minimum of 2 years of professional experience in an IT-related field (Information Security, Network Security, IT Infrastructure).Experience on Network Security, Firewall Security, and Web Security (including web application firewalls and proxies)Directory services (Microsoft Active Directory), SCCM, Vulnerability Assessment (infrastructure, server, workstation, and *application). Experience on SIEM, PIM, Content Filtering, and Cisco Firewalls.CompTIA Security+ certification, CEH, CHFI, or equivalent, preferred.Experience on Change Management Review and Security Audits/Reviews. Experience on Linux and hacking tools (Kali Linux, Backtrack.Excellent interpersonal and communication skills, Self-driven, quick learner with attention to details and quality. Knowledge of ISO 27001, HIPAA, SOX will be an advantage.Good knowledge of security programs, process, and metric.Good knowledge of IT Security Infrastructure and related applications and toolsets. Examples include firewalls & Network.

Security test engineer having 4+ years experience in software/IT industry preferably with B.Tech./B.E./M.Tech (preferably in computer science)/ MCA Good experience doing the security/penetration Security test engineer having 4+ years experience in software/IT industry preferably with B.Tech./B.E./M.Tech (preferably in computer science)/MCA Good experience doing the security/ penetration testing for enterprise products Basic understanding in domain pf BPM, ECM and CCM products will be an additional advantage. Strong experience in using the DAST tools like Burp professional, Kali Linux, or any other industry recognized tools Experience in using SAST tools like Veracode, SonarQube, JFrog or CheckMarx would be the added advantage Strong understanding of protocols, SSL, transport layers, encryption and cryptography. Strong experience in manual penetration testing using different hacking techniques, Well versed in security standards like PCI-DSS, OWASP, HIPAA etc. Good Experience in Linux and SQL. API penetration testing. Knowledge of XSS, SQL Injection and multiple type of security payloads. Knowledge of cloud computing AWS, Azure and Openshift Certifications like CISSP, CEH, or GSEC are preferred. Ability to work as a team player in a target driven work environment meeting deadline. Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols Interest in all aspects of security research and development Key Skills: Ethical Hacking, Kali Linux, Penetration testing, Security testing.

Senior Manager, Penetration Testing & Red Teaming What you will do Let’s do this. Let’s change the world. In this vital role has a strong focus on ensuring the organization's infrastructure, applications, and systems are secure from external and internal threats. As a senior-level position, this role involves not only hands-on penetration testing but also overseeing teams, setting testing strategies, and working closely with other security and engineering teams to implement long-term security improvements. The ideal candidate has in-depth knowledge of cybersecurity practices, experience in complex security assessment practices and strong leadership skills. Roles & Responsibilities: Develop and implement the penetration testing strategy in alignment with Amgen’s security framework. Champion a proactive security culture, integrating offensive security principles into Amgen’s broader risk management program. Lead, mentor, and develop a team of penetration testers, fostering a culture of innovation and continuous learning. Provide coaching and training to enhance the team’s technical and strategic capabilities. Build and maintain a high-performance security team, ensuring strong succession planning and career development opportunities. Oversee complex penetration testing engagements, ensuring high-quality execution and impactful reporting. Establish standard methodologies and frameworks for offensive security testing, risk assessment, and mitigation strategies. Ensure penetration testing methodologies align with industry standards (e.g., PTES, OWASP, MITRE ATT&CK). Serve as a trusted advisor to security, engineering, and executive leadership teams on cybersecurity risks and offensive security findings. Advocate for secure development practices and influence secure-by-design principles across engineering teams. Communicate technical security risks in business terms to executive collaborators and senior leadership. Define and enforce security testing policies, methodologies, and compliance requirements. Drive initiatives to enhance security automation and continuous testing frameworks. Ensure penetration testing efforts contribute to regulatory compliance (e.g., ISO 27001, NIST). What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master’s degree and 8 to 10 years of experience in Computer Science, Cybersecurity or Information Systems related field OR Bachelor’s degree and 10 to 14 years of experience in Computer Science, Cybersecurity or Information Systems related field OR Diploma and 14 to 18 years of experience in Computer Science, Cybersecurity or Information Systems related field Must-Have Skills: Proven experience in leading and managing high-performing security teams. Strong ability to influence senior collaborators and drive security adoption across an organization. Ability to translate technical security risks into business-aligned security strategies. Experience building and managing enterprise-wide penetration testing programs. Demonstrated ability to foster a culture of innovation, learning, and collaboration within security teams. Technical & Security Skills Deep knowledge of penetration testing frameworks and methodologies (e.g., OWASP, NIST, MITRE ATT&CK, PTES). Strong understanding of web application, cloud, and infrastructure security vulnerabilities. Experience with security tools such as Burp Suite, OWASP ZAP, Metasploit, Kali Linux. Familiarity with secure coding principles, threat modeling, and adversary simulation. Professional Certifications (please mention if the certification is preferred or mandatory for the role): PreferredOSCP, OSWE, OSWA, eWPTX, GWAPT, GXPN PreferredCISSP Preferred Qualifications: Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.