90 Kali Linux Jobs - Page 4

Position 1: Consultant - MAST Vanguard Requirements: Mandatory technical & functional skills •Strong knowledge on manual secure code review against common programming languages (Java, C#) •Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. •Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs •Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. •Preferred one year of experience in development of web applications and/or APIs. •should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. •One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA Job Description: Roles & responsibilities •Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications •Perform manual security code review against common programming languages (Java, CSharp). •Perform automated testing of running applications and static code (SAST, DAST). •Experience in one or more of the following a plus: AI pen testing. •Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. •Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation

*ONLY IMMEDIATE JOINERS PREFERRED* Job Title: Consultant - MAST Vanguard Experience: 4-7 Years Location: Bangalore (WFO 5 days) Work timings 12PM to 9PM Job Description: Roles & responsibilities •Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications •Perform manual security code review against common programming languages (Java, CSharp). •Perform automated testing of running applications and static code (SAST, DAST). •Experience in one or more of the following plus: AI pen testing. •Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. •Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Mandatory technical & functional skills Mandatory technical & functional skills Strong knowledge on manual secure code review against common programming languages ( Java, C#) Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and leading remediation conversations. Preferred one year of experience in development of web applications and/or APIs. Should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA

Bachelor's degree and a minimum of 2 years of professional experience in an IT-related field (Information Security, Network Security, IT Infrastructure).Experience on Network Security, Firewall Security, and Web Security (including web application firewalls and proxies)Directory services (Microsoft Active Directory), SCCM, Vulnerability Assessment (infrastructure, server, workstation, and *application). Experience on SIEM, PIM, Content Filtering, and Cisco Firewalls.CompTIA Security+ certification, CEH, CHFI, or equivalent, preferred.Experience on Change Management Review and Security Audits/Reviews. Experience on Linux and hacking tools (Kali Linux, Backtrack.Excellent interpersonal and communication skills, Self-driven, quick learner with attention to details and quality. Knowledge of ISO 27001, HIPAA, SOX will be an advantage.Good knowledge of security programs, process, and metric.Good knowledge of IT Security Infrastructure and related applications and toolsets. Examples include firewalls & Network.

Security test engineer having 4+ years experience in software/IT industry preferably with B.Tech./B.E./M.Tech (preferably in computer science)/ MCA Good experience doing the security/penetration Security test engineer having 4+ years experience in software/IT industry preferably with B.Tech./B.E./M.Tech (preferably in computer science)/MCA Good experience doing the security/ penetration testing for enterprise products Basic understanding in domain pf BPM, ECM and CCM products will be an additional advantage. Strong experience in using the DAST tools like Burp professional, Kali Linux, or any other industry recognized tools Experience in using SAST tools like Veracode, SonarQube, JFrog or CheckMarx would be the added advantage Strong understanding of protocols, SSL, transport layers, encryption and cryptography. Strong experience in manual penetration testing using different hacking techniques, Well versed in security standards like PCI-DSS, OWASP, HIPAA etc. Good Experience in Linux and SQL. API penetration testing. Knowledge of XSS, SQL Injection and multiple type of security payloads. Knowledge of cloud computing AWS, Azure and Openshift Certifications like CISSP, CEH, or GSEC are preferred. Ability to work as a team player in a target driven work environment meeting deadline. Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols Interest in all aspects of security research and development Key Skills: Ethical Hacking, Kali Linux, Penetration testing, Security testing.

Senior Manager, Penetration Testing & Red Teaming What you will do Let’s do this. Let’s change the world. In this vital role has a strong focus on ensuring the organization's infrastructure, applications, and systems are secure from external and internal threats. As a senior-level position, this role involves not only hands-on penetration testing but also overseeing teams, setting testing strategies, and working closely with other security and engineering teams to implement long-term security improvements. The ideal candidate has in-depth knowledge of cybersecurity practices, experience in complex security assessment practices and strong leadership skills. Roles & Responsibilities: Develop and implement the penetration testing strategy in alignment with Amgen’s security framework. Champion a proactive security culture, integrating offensive security principles into Amgen’s broader risk management program. Lead, mentor, and develop a team of penetration testers, fostering a culture of innovation and continuous learning. Provide coaching and training to enhance the team’s technical and strategic capabilities. Build and maintain a high-performance security team, ensuring strong succession planning and career development opportunities. Oversee complex penetration testing engagements, ensuring high-quality execution and impactful reporting. Establish standard methodologies and frameworks for offensive security testing, risk assessment, and mitigation strategies. Ensure penetration testing methodologies align with industry standards (e.g., PTES, OWASP, MITRE ATT&CK). Serve as a trusted advisor to security, engineering, and executive leadership teams on cybersecurity risks and offensive security findings. Advocate for secure development practices and influence secure-by-design principles across engineering teams. Communicate technical security risks in business terms to executive collaborators and senior leadership. Define and enforce security testing policies, methodologies, and compliance requirements. Drive initiatives to enhance security automation and continuous testing frameworks. Ensure penetration testing efforts contribute to regulatory compliance (e.g., ISO 27001, NIST). What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Master’s degree and 8 to 10 years of experience in Computer Science, Cybersecurity or Information Systems related field OR Bachelor’s degree and 10 to 14 years of experience in Computer Science, Cybersecurity or Information Systems related field OR Diploma and 14 to 18 years of experience in Computer Science, Cybersecurity or Information Systems related field Must-Have Skills: Proven experience in leading and managing high-performing security teams. Strong ability to influence senior collaborators and drive security adoption across an organization. Ability to translate technical security risks into business-aligned security strategies. Experience building and managing enterprise-wide penetration testing programs. Demonstrated ability to foster a culture of innovation, learning, and collaboration within security teams. Technical & Security Skills Deep knowledge of penetration testing frameworks and methodologies (e.g., OWASP, NIST, MITRE ATT&CK, PTES). Strong understanding of web application, cloud, and infrastructure security vulnerabilities. Experience with security tools such as Burp Suite, OWASP ZAP, Metasploit, Kali Linux. Familiarity with secure coding principles, threat modeling, and adversary simulation. Professional Certifications (please mention if the certification is preferred or mandatory for the role): PreferredOSCP, OSWE, OSWA, eWPTX, GWAPT, GXPN PreferredCISSP Preferred Qualifications: Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards. Apply now and make a lasting impact with the Amgen team. careers.amgen.com As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Dear Candidate, We are hiring a Penetration Tester to simulate attacks and discover security vulnerabilities in critical systems. Perfect for professionals skilled in offensive security techniques. Key Responsibilities: Conduct penetration tests on web, mobile, and network systems Document vulnerabilities and remediation recommendations Develop exploits and custom testing tools Collaborate with developers to address findings Required Skills & Qualifications: Proficiency with penetration testing tools (Burp Suite, Metasploit, Nmap) Strong understanding of application and network security Experience writing exploit scripts (Python, Bash) Bonus: OSCP, OSWE, or CEH certification Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

position: Contract to Hire(C2H) Skill: Security Test Engineer Experience:5+ Location: Bangalore Notice Period: Immediate to 15 Day Job Descrption: Clear understanding of OWASP Top 10 - application security risks Tools/OS: Burp Suite, OWASP ZAP, Kali Linux Manual Security Testing & Analysis, Security Test Designing Excellent Interpersonal and presentation skills Strong in verbal and written communication Good analytical skills Strong Time Management Must be flexible, independent, self-motivated. Team Player Candidates who are Interested for above position , Please share your resume to bhargavi.maddela@kiya.ai

Happiest Minds Technologies hiring for Security Engineer for Mumbai Location, please share resume to ankita.patari@happiestminds.com Skills and Job description: Location: Mumbai(BKC) Working days: 5 days from Office. Experience:2.5 years above+ For a Network VAPT (Vulnerability Assessment and Penetration Testing) Assessor, the required skillset spans across technical expertise, analytical thinking, and knowledge of security frameworks. Here's a breakdown of the key skills. Networking Fundamentals TCP/IP, DNS, DHCP, NAT, VLANs Routing and switching concepts Network architecture and protocols Vulnerability Assessment Tools Nessus, Algosec Nmap for port scanning and service enumeration Nikto, Burp Suite (for web-based assessments) Penetration Testing Tools Metasploit Framework Kali Linux tools Wireshark for packet analysis Thanks and Regards, Ankita Ghosh

Date: 7 Aug 2025 Location: Bangalore, KA, IN At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling, and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars. Could you be the full-time Cybersecurity Engineer in Bangalore were looking for? Your future role Take on a new challenge and apply your cybersecurity expertise in a cutting-edge field. Youll work alongside a highly motivated and dynamic team of cybersecurity professionals. You'll play a pivotal role in safeguarding Alstoms products and solutions by leading vulnerability assessments, performing scans, penetration testing, and monitoring global threats. Day-to-day, youll collaborate with various teams across the businessincluding Program Managers, Product Development Teams, and Regional Cybersecurity Managerswhile driving the implementation of robust security practices and much more. Youll specifically take care of conducting security assessments, including vulnerability scans and penetration tests, but also contribute to incident response workflows and provide training on cybersecurity tools and processes. Well look to you for: Performing vulnerability assessments, penetration tests, and policy compliance scans using industry-standard tools. Monitoring published vulnerabilities and security advisories, and communicating potential risks to internal teams. Providing analysis on vulnerabilities in operating systems, applications, and configurations, and recommending remediation actions. Supporting incident response activities as part of the PSIRT team, including first-level analysis and vulnerability remediation workflows. Identifying and deploying cybersecurity tools, offering training and guidance to ensure effective use. Delivering internal training on cybersecurity processes, tools, and best practices. All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: Bachelors or Masters degree in Computer Science, Information Technology, or equivalent. Mandatory CEH or equivalent Pen Test certification. Preferred certifications: ISA 62443, OSCP, or others like GICSP, CISSP, GSEC, ECSA, CISM, Comptia Pen Test+. Experience with security tools such as Qualys, Nessus, Kali Linux, Metasploit, Burp Suite, and more. Strong knowledge of networking (TCP/IP, OSI model), operating systems (Windows, Linux), and security technologies (firewalls, IDS/IPS). Understanding of programming/scripting languages such as Python, Java, or C. Familiarity with security standards and regulations like ISO 2700X, ISA 62443, and NIST. Experience in configuration reviews using CIS Benchmarks. Knowledge of CVE, CPE, and CWE frameworks. Strong analytical, problem-solving, and communication skills. Things youll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. Youll also: Enjoy stability, challenges, and a long-term career free from monotonous daily routines. Work with new security standards for rail signalling. Collaborate with cross-functional teams and supportive colleagues. Contribute to innovative and impactful projects. Utilise our flexible and inclusive working environment. Steer your career in whatever direction you choose across functions and countries. Benefit from our investment in your development, through award-winning learning programs. Progress towards leadership roles in cybersecurity or related fields. Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension).

4-6 years of experience in web, network and embedded/IoT applications penetration testing ands-on experience with penetration testing tools including open-source tools, such as

Hiring: Application Security Engineer Pune, India (Onsite) | Full-time About the Role Secure applications & infrastructure end-to-end through testing, automation, and collaboration with cross-functional teams. Responsibilities SAST, DAST, IAST, Mobile & API testing VAPT & reporting Security automation in CI/CD (Jenkins, Azure DevOps) Promote secure coding practices Manage tools: BurpSuite, OWASP ZAP, SonarQube Ensure OWASP compliance & risk assessments Requirements 2+ years in Application Security Strong in SAST, DAST, VAPT, DevSecOps Hands-on with 3+ tools (BurpSuite, OWASP ZAP, Kali Linux) Proficient in Java/Python/PHP SDLC integration & PCI DSS/HIPAA knowledge Strong communication & teamwork

Train and manage the team of consultants to perform application penetration testing, vulnerability assessments for thick client – base application, source code reviews, and configuration reviews. Required Candidate profile Strong understanding of OWASP top 10 and SANS top 25 programming errors. Threat Hunting, attack identification, investigation, correlation and suggesting mitigation measures, Vulnerability Assessment.

Meet the Team Join Dexcom's Product Security R&D department as a Senior Security Engineer specializing in penetration testing. Our team is dedicated to ensuring the security of our mobile and web applications, cloud infrastructure, APIs, and physical medical devices. You'll work closely with the Director of Cybersecurity Engineering to identify and exploit vulnerabilities across various platforms, including mobile and web applications, cloud environments, APIs, hardware, firmware, and wireless networks. If you're a skilled penetration tester eager to tackle security challenges and make a significant impact using cutting-edge technologies, we want to hear from you. Where You Come In You conduct penetration testing on mobile and web applications, cloud infrastructure, APIs, hardware, firmware, and wireless networks to identify and exploit vulnerabilities. You work closely with development teams to provide recommendations on security best practices. You develop and execute penetration test plans and reports. You research and stay current on the latest security threats and tools. You create custom tools and exploits with coding and automation. What Makes You Successful You have solid experience in penetration testing. You hold certifications such as OSCP, OSWE, OSEP, CPTS, PNPT, INE Certification, or SANS. You possess strong knowledge of OWASP Top 10 (web, mobile, API, etc.) vulnerabilities. You are experienced with penetration testing tools such as OWASP ZAP, Burp Suite, Nmap, and Kali Linux. You are proficient with API testing tools like Postman or Swagger. You have a strong understanding of web technologies such as RESTful APIs, framework-based deployments, and backend management. You have experience with cloud platforms such as GCP and Kubernetes. You are knowledgeable about cloud security best practices and common misconfigurations. You have experience with mobile, hardware, firmware, and wireless technologies such as Bluetooth Low Energy (BLE). You can write and review code in at least one of the following languages: Java, Scala, C#, or similar. Preferred Qualifications You hold a Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH) certification. You have experience with security research, bug bounties, zero-day exploits, or creating custom exploits. You have experience with red teaming exercises. You are familiar with threat modeling and risk assessment methodologies. You have experience with DevOps practices and the secure software development lifecycle. You have experience or interest in Artificial Intelligence. Education and Experience Requirements: Typically requires a bachelors degree in a technical discipline, and a minimum of 5-8 years related experience or master’s degree and 2-5 years equivalent industry experience or a PhD and 0-2 years’ experience

What you’ll do Typical daily work will consist of planning and performing penetration tests on cloud-based and on-premises infra & applications to identify security weaknesses and loopholes Support the penetration testing lifecycle—from information gathering and vulnerability scanning to manual exploitation and documentation Collaborate closely with the vulnerability management team to validate exploitable vulnerabilities and help prioritize remediation Collaborate with infra owners, developers, business teams to understand applications and infrastructure and provide practical, remediation-focused security advice Help create clear, actionable penetration testing reports including proof-of-concept, risk ratings, and remediation guidance Developing and testing custom exploits to demonstrate vulnerabilities and assess the potential impact on systems Conduct comprehensive cloud penetration tests targeting AWS, Azure, GCP to identify and exploit misconfigurations, insecure interfaces, and vulnerabilities in cloud services and applications Regularly review and enhance penetration testing methodologies and practices to adapt to evolving threats and technologies Participate in internal security knowledge-sharing sessions and team meetings to learn from senior testers and share discoveries What you’ll bring Strong foundational understanding of information security principles Familiarity with tools such as Nmap, Burp Suite, OWASP ZAP, Nikto (Web/App Testing) Nessus, OpenVAS, Kali Linux (Infrastructure Scanning), and Metasploit (for controlled exploit validation) Basic Knowledge of OWASP Top 10 web application vulnerabilities Common infrastructure weaknesses (e.g., SMB, RDP, DNS, FTP, SMTP issues) Authentication and access control issues A deep interest in Cyber Security and a drive to learn about penetration testing skills through hands-on practice, research, and community engagement Comfort working in command-line environments (Linux shells, Windows CMD/PowerShell) for reconnaissance and exploitation. Strong analytical and problem-solving mindset , with the ability to break down complex problems and think creatively Eagerness to learn from real-world engagements and senior team members, with a growth mindset and a proactive approach to developing technical depth and practical experience Familiarity with secure communication protocols (e.g., HTTPS, SSH, VPNs) and how insecure configurations can be exploited Good verbal and written communication skills to clearly explain technical concepts and document findings Passion for cybersecurity, demonstrated through CTF participation, cybersecurity clubs, academic projects , personal labs, or platforms like Hack the Box, TryHackMe, or OverTheWire Good to have skills and abilities Completion of relevant cybersecurity coursework or certifications Basic scripting in Python, Bash, or PowerShell for automating tasks or building internal tools Understanding of web application architecture (client-server model, HTTP protocol, APIs) Awareness of vulnerability disclosure platforms (e.g., CVE database) and responsible reporting practices Basic Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System used for scoring vulnerabilities Academic Qualifications Bachelor’s degree in computer science/management of computer information/Cybersecurity 0-2 years of Penetration Testing / Red-Teaming / Offensive Security Must have Security CertificationsOSCP / CREST / GPEN / HTB-CPTS Security CertificationsCRTP/CARTP, CRTE, CRTO (I & II), OSEP, OSED, GRTP Cloud CertificationsAWS CLP, AWS Security Specialty

We are looking for an experienced Penetration Tester / Offensive Security Analyst for a 6-month full-time onsite role in Hyderabad. The ideal candidate will have 5-7 years of experience in offensive security, with a strong background in application and network penetration testing, red teaming, threat modeling, source code review, and vulnerability assessments. This role involves performing and leading advanced security assessments on web, mobile, APIs, cloud, and infrastructure environments. The candidate should be capable of working across general and UK shifts and possess excellent communication skills for both technical and non-technical audiences. Certification like OSCP/OSCE/CEH is desirable.