487 Metasploit Jobs

Job Description: About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it. About the Job: As part of the AT&T Governance Enforcement, Assessment and Testing, Third Party Risk, and Emerging Technology Cyber Organization (GATE), you will lead and support the Assessment and Testing Team by designing and executing Red team engagements to simulate advanced attack scenarios, identify vulnerabilities, and assess security measures. In this role, you will lead and participate in sophisticated Red Team exercises aimed at uncovering vulnerabilities across our networks, systems, applications, and processes. As an innovative thinker, you will go beyond standard vulnerability assessments, developing and utilizing unique tools and techniques to identify and exploit security gaps. Your primary responsibilities will involve conducting comprehensive Red Team exercises to identify vulnerabilities in diverse environments such as cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks, and IoT devices and systems. You will design and develop custom tools and methodologies to enhance our security testing capabilities and employ creative tactics to uncover weaknesses, including poor user practices and weak security methods. Working collaboratively with other Red Team members and Security Analysts, you will identify and exploit security issues, characterize cyber-attack vectors, and discover related vulnerabilities, providing actionable recommendations for remediation. In addition, you will be required to stay abreast of the latest vulnerabilities and exploit techniques, continuously adapting your tools and methodologies to address emerging threats and evolving security landscapes. Your role will also involve documenting and communicating security findings in both written and verbal formats, using your insights to inform management, drive security strategies, notify affected customers, and advise network operations and other business units on security issues and recommended solutions. Experience Level: 12+ years. Location: Hyderabad Responsibilities Include: Performing formal and informal targeted “Hunts” to identify vulnerabilities. Actively building and participating in Red Team exercises. Design and execute red team engagements, simulating advanced attack scenarios to identify vulnerabilities and assess the effectiveness of security measures. Conduct penetration tests on networks, applications, and physical security controls. Employing tactics to uncover security holes in user practices and procedures. Develop and execute red team strategies and methodologies to uncover potential security gaps. Analyze and report on findings from red team exercises, including detailed recommendations for remediation. Providing feedback and verification as security issues are fixed. Stay current with the latest security threats, attack techniques, and industry trends. Communicate complex security concepts to both technical and non-technical stakeholders. Collaborate with other security teams to improve overall security practices and incident response capabilities. Be proactive and demonstrate the ability to analyze issues, generate ideas, and initiate action while achieving results. Effectively manages multiple tasks / projects with close attention to detail and meets short turnarounds and deadlines. Collaborate with leadership teams, provide subject matter expertise and insights. Support and guide team members in providing high-quality and actionable intelligence products / deliverables. Support, guide and mentor team members in technical and functional matters The expert in this role will perform analysis of complex security issues and corresponding activities to help mitigate risk. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats and attacks, and enhancing our mitigation techniques, processes, and technology solutions. Required skills: At least 12+ years of experience in penetration testing and red team operations. Expert level understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate. Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits. Expert knowledge of attack vectors, exploitation techniques, and vulnerability assessment methodologies. Experience with industry-standard penetration testing tools and frameworks. Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.) Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, PowerShell, curl, Web application development (PHP, ASP.NET, etc.) Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment. Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively in teams of individuals with a variety of skills and backgrounds. Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials. Highly self-motivated requiring little direction. Demonstrates creative/out-of-the-box thinking and good problem-solving skills. Demonstrates strong ethical behavior. Sense of urgency and attention to detail Flexible to provide coverage in US morning hours on a need-basis, and as required Desirable skills: Strong knowledge of an enterprise architecture Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols. Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. Understanding of cloud-based architectures and highly distributed big data architectures Experience with application security testing tools, such as the Metasploit framework and Burp Suite One or more of these certifications CEH: Certified Ethical Hacker CPT: Certified Penetration Tester CEPT: Certified Expert Penetration Tester GPEN: GIAC Certified Penetration Tester OSCP: Offensive Security Certified Professional BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field Prior experience with Telecom sector. Additional information (if any): Need to be flexible to provide coverage in US morning hours. Weekly Hours: 40 Time Type: Regular Location: IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.

7 - 9 Years 1 Opening Kochi, Trivandrum Role description Role Proficiency: Collect information about cyberattacks and vectors attack groups new vulnerabilities and exploits and new campaigns and trends. Create of threat intelligence reports that communicate the results of the analysis – e.g. sharing information with decision-makers security officials senior corporate officials etc. Create innovative research reports. Mentor junior members of the team as well as assist the Team Lead. Outcomes: Independently monitor cyber security news from the clear deep and dark web on a daily basis. Keep up to date with industry news security threats outside of their network and the intentions of potentially threatening entities. Closely follow the documented process to ensure consistent and repeatable guideline to report about threats (finished intelligence). Ensure documentation included in ThreatConnect/ CDC as predefined / agreed standards. Learn from review process for continuous improvement. Communicate and report appropriately as per defined process. Measures of Outcomes: Case studies and value delivered to CyberProof/ externally (blogs webinars) as well as implementing new research types new analysis tools. Number of threat intelligence finished reports including threat landscape and asset-based intelligence Percent of security incidents opened based on the CTI analyst’s reports. Adherence to process – validation formatting documentation improvement suggestion. Evidence of skill development including training certification etc. Outputs Expected: Collection: Work with OSINT sources. Use WEBINT techniques to collect and enrich intelligence data. Develop and maintain deep web sources. Processing and analysis: Analyse the threat data into a finished report including technical recommendations MITRE ATT&CK mapping and valid IOCs. Reach out to other SOC teams (DFIR TH L2 etc) for validating and enriching your intelligence. Complete documentation including annotation in ThreatConnect / CDC to ensure audit trail as per defined standards and quality requirements. In accordance with the defined process ensure that the defined reports are created and published to stakeholders. Support the team: Assist the team lead in ensuring quality of service across the team. Seek advice from senior members of the team when in doubt. Continuous Learning innovation and optimization : Ensure completion of learning program. Lead ideas that will help innovation and optimization of processes. Continually learn new technology and stay updated on cyber threats. Conduct new types of research and recommend topics for inclusion or upgrade team workflows. Skill Examples: User level skills in use of CDC ThreatConnect Sixgill IntSights VT Premium. Excellent logical problem-solving ability and analytical skills for intelligence processing and analysis Great oral and written communication skills. Ability to conduct presentation of finished intelligence to team members management clients. Ability to create innovative research reports (global trends cross clients collaboration with other teams in the company). Proficiency in data analytics tools – SQL BI reports. Proficiency in Python. Knowledge Examples: Knowledge Examples Understanding of cybersecurity threat landscape. Understanding of enterprise IT Infrastructure including Networks OS Databases Web Applications etc. Experience conducting research in the areas of WEBINT OSINT social media platforms and virtual HUMINT. Experience in gathering dark web intelligence. Training / Certification in Ethical Hacking etc. Additional Comments: Job Description – Threat Intelligence Analyst II - Cyber Security Experience- 12+ years Responsibilities:  Focus on automation of threat hunting exercises, designated threat hunting projects, customer onboarding, build customer relation.  Perform threat hunting on various enterprise assets by exploring and correlating large data sets resulting in timely notifications for customers.  Enable and improve inhouse automation threat hunting projects that use Jupyter notebook, mysticpy etc  Uncover novel attack techniques, monitor and catalogue changes in activity group tradecraft.  Acquire new and leverage existing knowledge of attacker tools, tactics and procedures to improve the security posture of customers.  Effectively engage and collaborate with partners in data science, and threat research to develop and maintain high-fidelity detection rules.  Build or identify hunting tools and automation for use in the discovery of human adversaries  You would be expected to support a 24/7 operation model that sometimes involves working in night shifts.  Deep knowledge of the attacker landscape and rich telemetry from our sensors to perform root- cause analysis and generate custom s, ensuring that customers are well equipped to quickly respond to human adversaries identified in their unique environments.  Skilled hunters harness the power of available telemtry / signals to quickly identify and report the latest human adversary behaviours, drive critical context-rich s, build new tools and automation in support of hunting objectives, and drive innovations for detecting advanced attacker tradecraft.  Build strong cross team relationship with CTI, Detection engineering/UCM, automation, R&D and sales.  Skilled working with extremely large data sets, using tools and scripting languages such as: Excel, SQL, Python, Splunk, and PowerBI. Preferred Qualifications:  Bachelor degree preferred in Computer Science, Computer Engineering, Information Security.  Knowledge of operating system internals, OS security mitigations & understanding of Security challenges in Windows, Linux, Mac, Android & iOS platforms.  Knowledge of kill-chain model, ATT&CK framework, and modern penetration testing techniques.  Experience with reverse engineering, digital forensics (DFIR) or incident response, or machine learning models.  Experience with system administration in a large enterprise environment including Windows and Linux servers and workstations, network administration.  Experience with offensive security including tools such as Metasploit, exploit development, Open Source Intelligence Gathering (OSINT), and designing ways to breach enterprise networks.  Additional advanced technical degrees or cyber security certifications such as CISSP, OSCP, CEH, or GIAC certifications. Skills Soc,Network Security,Cyber Security About UST UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

Position: Cybersecurity Trainer Location: Kohat Enclave, Pitampura, New Delhi Employment Type: Full-Time (Onsite Only) Working Days: 6 Days Working About Ducat India: Ducat India is a premier IT training institute offering industry-oriented courses across technologies like Software Development, Data Science, Cloud Computing, Networking, Cybersecurity and more. With 9 training centers across NCR including Noida, Greater Noida, New Delhi, Gurugram and Faridabad. We are committed to bridging the gap between academic learning and professional employment through quality education and skill development. About the Role: We are looking for a skilled and enthusiastic Cybersecurity Trainer to join our training team in Delhi. If you're passionate about Cybersecurity, Ethical Hacking, Linux and Networking and love to share your knowledge – this is the right platform for you to make an impact. Key Responsibilities: - Deliver in-depth classroom sessions on Cybersecurity, Ethical Hacking, Linux and CCNA. - Design lab exercises, case studies and project-based learning modules. - Stay updated with industry trends and certifications to keep content relevant. - Engage learners with interactive and practical training methods. Required Skills & Experience: - 1–3 years of experience in cybersecurity roles or training delivery. - Proficiency in Linux OS, Ethical Hacking tools and core networking concepts. - Sound knowledge of CCNA (certification preferred). - Strong communication and interpersonal skills. - Ability to simplify complex technical concepts for learners. Preferred Skills: - CEH, CompTIA Security+ or any other relevant certifications. - Hands-on experience with tools like Kali Linux, Wireshark, Metasploit, etc. - Prior experience in teaching or mentoring in an IT training setup. Apply Now: Send your updated resume to hr@ducatindia.com Contact us at +91-9205783661. Job Type: Full-time Pay: ₹20,000.00 - ₹45,000.00 per month Schedule: Day shift

• Hands-on experience with testing frameworks in line with Web App, Mobile, Web Services/APIs, Network & blockchain. Experience in both commercial and open source tools like: Burp Professional, Nmap, Kali, Metasploit, etc. Experience with Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. Experience in preparing a security threat model and associated test plans. Experience in translating the complex security threats to simpler procedures for web application developers, systems administrators, and management to understand security testing results. In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) is preferred. Knowledge of current information security threats

Position: Cybersecurity Trainer Location: Kohat Enclave, Pitampura, New Delhi Employment Type: Full-Time (Onsite Only) Working Days: 6 Days Working About Ducat India: Ducat India is a premier IT training institute offering industry-oriented courses across technologies like Software Development, Data Science, Cloud Computing, Networking, Cybersecurity and more. With 9 training centers across NCR including Noida, Greater Noida, New Delhi, Gurugram and Faridabad. We are committed to bridging the gap between academic learning and professional employment through quality education and skill development. About the Role: We are looking for a skilled and enthusiastic Cybersecurity Trainer to join our training team in Delhi. If you're passionate about Cybersecurity, Ethical Hacking, Linux and Networking and love to share your knowledge – this is the right platform for you to make an impact. Key Responsibilities: - Deliver in-depth classroom sessions on Cybersecurity, Ethical Hacking, Linux and CCNA. - Design lab exercises, case studies and project-based learning modules. - Stay updated with industry trends and certifications to keep content relevant. - Engage learners with interactive and practical training methods. Required Skills & Experience: - 1–3 years of experience in cybersecurity roles or training delivery. - Proficiency in Linux OS, Ethical Hacking tools and core networking concepts. - Sound knowledge of CCNA (certification preferred). - Strong communication and interpersonal skills. - Ability to simplify complex technical concepts for learners. Preferred Skills: - CEH, CompTIA Security+ or any other relevant certifications. - Hands-on experience with tools like Kali Linux, Wireshark, Metasploit, etc. - Prior experience in teaching or mentoring in an IT training setup. Apply Now: Send your updated resume to hr@ducatindia.com Contact us at +91-9205783661. Job Type: Full-time Pay: ₹20,000.00 - ₹45,000.00 per month Schedule: Day shift

Cowbell is signaling a new era in cyber insurance by harnessing technology and data to provide small and medium-sized enterprises (SMEs) with advanced warning of cyber risk exposures bundled with cyber insurance coverage adaptable to the threats of today and tomorrow. Championing adaptive insurance, Cowbell follows policyholders" cyber risk exposures as they evolve through continuous risk assessment and continuous underwriting. In its unique AI-based approach to risk selection and pricing, Cowbell's underwriting platform, powered by Cowbell Factors, compresses the insurance process from submission to issue to less than 5 minutes. Founded in 2019 and based in the San Francisco Bay Area, Cowbell has rapidly grown, now operating across the U.S., Canada, U.K., and India. This growth was recently bolstered by a successful Series C fundraising round of $60 million from Zurich Insurance. This investment not only underscores the confidence in Cowbell's mission but also accelerates our capacity to revolutionize cyber insurance on a global scale. With the backing of over 25 prominent reinsurance partners, Cowbell is poised to redefine how SMEs navigate the evolving landscape of cyber threats. In support of business objectives, we are actively looking for an ambitious person, who is not afraid of hard-work and embraces ambiguity as it comes to join our Information Security Team as a Sr. Developer, Application Security. The InfoSec team drives security, privacy, and compliance improvements to reduce risk by building out key security programs. We enable our colleagues to keep the company secure and support our customers" security journey with tried and true best practices. We are a Java, Python, and React shop combined with world-class cloud infrastructure such as AWS & Snowflake. Balancing proper security while enabling execution speed for our colleagues is our ultimate goal. It's challenging and rewarding! If you are up for the challenge, come join us. You will be instrumental in curing security defects in code, burning down any new and existing vulnerabilities. You can fix the code yourself and continuous patching is your north star. You will be the champion for safeguards and standards that will keep our code secure and reduce the introduction of new vulnerabilities. Partner and collaborate with internal stakeholders in assisting with the overall security posture with an emphasis on the Engineering and Operations/IT areas. Work across engineering, product and business systems teams to enhance and evangelize security in applications (& infrastructure). Research emerging technologies and maintain awareness of current security risks in support of security enhancement and development efforts. Develop and maintain application scanning solutions to inform stakeholders of security weaknesses & vulnerabilities. Review outstanding vulnerabilities with product teams and assist in remediation efforts to reduce risk. Bachelor's degree in computer science or another STEM discipline and 8 to 10+ years of professional experience in security software development. Majority of prior experience as a Security Engineer focused on remediation of security vulnerabilities and defects in Java and Python. Must have prior in-depth demonstrable experience developing in JAVA and Python; Basically you are developer first and a security engineer second. Applicants that do not have this experience will not be considered. Experience developing in, and securing, Javascript and React a plus. Experience securing integrations and code that utilizes Elasticsearch, Snowflake, Databricks, RDS a big plus. Detail-oriented with problem-solving, communication, and analytical skills. Expert understanding of CVE and CVSS scoring and how to utilize this data for validation, prioritization, and remediation. Excellent understanding and utilization of OWASP. Demonstrated ability to secure API; Techniques, patterns, will be assessed. Experience designing and implementing application security solutions for web and or mobile applications. Experience developing and reporting vulnerability metrics as well as articulating how to reproduce and resolve those security defects. Experienced in application penetration testing; and understanding of remediation techniques for common misconfigurations and vulnerabilities. Demonstrable experience in understanding patching and library upgrade paths including interdependencies. Familiarity with CI/CD tools. Previous admin experience in CI/CD is not required but a big plus. Capability to deploy, provide maintenance for, and operationalize scanning solutions. Hands-on ability to conduct scans across application repositories and infrastructure. Must be willing to work extended hours and weekends as needed. Great at and enjoys documenting solutions; creating repeatable instruction for others, operational documentation, developing technical diagrams, and similar artifacts. Preferred Qualifications: You can demonstrate and document threat modeling scenarios using well-known frameworks such as STRIDE. Proficient with penetration testing tools such Burp suite, Metasploit or ZAP. You are already proficient with SAST & SCA tools; proficiency with DAST and/or OAST tool usage and techniques would be even better. As a mentor you also have the experience and desire in providing fellow engineering teams with technical guidance on the impact and priority of security issues and driving remediation. Capability to develop operational process from scratch or improve current processes and procedures through well-thought-out hand-offs, integrations, and automation. Familiarity with multiple security domains such as application security, infrastructure security, network security, incident response, and regulatory compliance and certifications. Understanding of modern endpoint security technologies/concepts. Adept at working with distributed team members. What Cowbell brings to the table: Employee equity plan for all and wealth enablement plan for select customer-facing roles. Comprehensive wellness program, meditation app subscriptions, lunch and learn, book club, happy hours, and much more. Professional development and the opportunity to learn the ins and outs of cyber insurance, cybersecurity as well as continuing to build your professional skills in a team environment. Equal Employment Opportunity: Cowbell is a leading innovator in cyber insurance, dedicated to empowering businesses to always deliver their intended outcomes as the cyber threat landscape evolves. Guided by our core values of TRUE Transparency, Resiliency, Urgency, and Empowerment, we are on a mission to be the gold standard for businesses to understand, manage, and transfer cyber risk. At Cowbell, we foster a collaborative and dynamic work environment where every employee is empowered to contribute and grow. We pride ourselves on our commitment to transparency and resilience, ensuring that we not only meet but exceed industry standards. We are proud to be an equal opportunity employer, promoting a diverse and inclusive workplace where all voices are heard and valued. Our employees enjoy competitive compensation, comprehensive benefits, and continuous opportunities for professional development.,

As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients" systems and networks. This position offers an exciting opportunity to work on challenging projects, collaborate with talented professionals, and contribute to the advancement of cybersecurity practices. You will perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) for clients" IT infrastructure, applications, and networks. Conduct thorough security assessments using industry-standard tools and methodologies, including but not limited to, Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Identify and exploit security vulnerabilities to assess the potential impact on clients" systems and data. Prepare detailed assessment reports outlining findings, risk levels, and recommended remediation measures. Collaborate with clients" IT teams to prioritize and address identified security issues in a timely manner. Develop and implement custom scripts or tools to enhance testing capabilities and automate repetitive tasks. Stay abreast of emerging security threats, vulnerabilities, and industry best practices to continually improve testing methodologies. Provide guidance and mentorship to junior security engineers, fostering a culture of knowledge sharing and skill development within the team. Requirements: - Bachelor's degree in Computer Science, Information Technology, or related field. - 2+ years of experience in cybersecurity, with a focus on Vulnerability Assessment and Penetration Testing. - Proficiency in using tools such as Nmap, Nessus, Metasploit, Burp Suite, and OWASP. - Hands-on experience with various operating systems, including Windows, Linux, and Unix. - Strong understanding of network protocols, web application architecture, and common security vulnerabilities. - Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar certifications preferred. - Excellent analytical skills and attention to detail, with the ability to prioritize and manage multiple tasks effectively. - Effective communication skills, both verbal and written, with the ability to convey technical concepts to non-technical stakeholders. - Proven track record of delivering high-quality security assessments and actionable recommendations.,

Job Overview: The Red Team Specialist is responsible for simulating advanced cyber attacks to rigorously test the organization's defenses and improve its security posture. This role focuses on conducting red team exercises, penetration tests, and vulnerability assessments to identify and exploit security weaknesses, thereby providing a realistic assessment of the organization's security readiness. Key Responsibilities: Conduct red team exercises to simulate sophisticated, real-world attacks and evaluate the effectiveness of security controls. Perform targeted penetration tests and vulnerability assessments to uncover and exploit security weaknesses. Develop and execute complex attack scenarios to challenge the organization's defenses. Collaborate with defensive security teams to remediate identified vulnerabilities and enhance security measures. Utilize and integrate advanced offensive security tools, such as Metasploit, Burp Suite, and Kali Linux, into the red team testing framework. Provide expert analysis and interpretation of red team tools and their results. Create and maintain detailed documentation related to red team activities, including test plans, attack scenarios, and incident response procedures. Contribute to the development and delivery of specialized security training and awareness programs focused on red team techniques. Ensure design and implementation of security controls and best practices from a red team perspective. Support the Offensive Security Lead in developing and refining the red team program. Assist with the evaluation and implementation of new red team technologies and improvements to existing processes. Qualifications: B.Tech, (Any field) 4+ years of experience in offensive security, with a focus on penetration testing and red teaming. In-depth understanding of encryption technologies, authentication protocols, and other security mechanisms. Preferred Skills: Relevant security certifications (e.g., OSCP, OSCE, CEH, GPEN).

Role Description Role Proficiency: Collect information about cyberattacks and vectors attack groups new vulnerabilities and exploits and new campaigns and trends. Create of threat intelligence reports that communicate the results of the analysis – e.g. sharing information with decision-makers security officials senior corporate officials etc. Create innovative research reports. Mentor junior members of the team as well as assist the Team Lead. Outcomes Independently monitor cyber security news from the clear deep and dark web on a daily basis. Keep up to date with industry news security threats outside of their network and the intentions of potentially threatening entities. Closely follow the documented process to ensure consistent and repeatable guideline to report about threats (finished intelligence). Ensure documentation included in ThreatConnect/ CDC as predefined / agreed standards. Learn from review process for continuous improvement. Communicate and report appropriately as per defined process. Measures Of Outcomes Case studies and value delivered to CyberProof/ externally (blogs webinars) as well as implementing new research types new analysis tools. Number of threat intelligence finished reports including threat landscape and asset-based intelligence Percent of security incidents opened based on the CTI analyst’s reports. Adherence to process – validation formatting documentation improvement suggestion. Evidence of skill development including training certification etc. Collection Outputs Expected: Work with OSINT sources. Use WEBINT techniques to collect and enrich intelligence data. Develop and maintain deep web sources. Processing And Analysis Analyse the threat data into a finished report including technical recommendations MITRE ATT&CK mapping and valid IOCs. Reach out to other SOC teams (DFIR TH L2 etc) for validating and enriching your intelligence. Complete documentation including annotation in ThreatConnect / CDC to ensure audit trail as per defined standards and quality requirements. In accordance with the defined process ensure that the defined reports are created and published to stakeholders. Support The Team Assist the team lead in ensuring quality of service across the team. Seek advice from senior members of the team when in doubt. Continuous Learning innovation And Optimization Ensure completion of learning program. Lead ideas that will help innovation and optimization of processes. Continually learn new technology and stay updated on cyber threats. Conduct new types of research and recommend topics for inclusion or upgrade team workflows. Skill Examples User level skills in use of CDC ThreatConnect Sixgill IntSights VT Premium. Excellent logical problem-solving ability and analytical skills for intelligence processing and analysis Great oral and written communication skills. Ability to conduct presentation of finished intelligence to team members management clients. Ability to create innovative research reports (global trends cross clients collaboration with other teams in the company). Proficiency in data analytics tools – SQL BI reports. Proficiency in Python. Knowledge Examples Knowledge Examples Understanding of cybersecurity threat landscape. Understanding of enterprise IT Infrastructure including Networks OS Databases Web Applications etc. Experience conducting research in the areas of WEBINT OSINT social media platforms and virtual HUMINT. Experience in gathering dark web intelligence. Training / Certification in Ethical Hacking etc. Additional Comments Job Description – Threat Intelligence Analyst II - Cyber Security Experience- 12+ years Responsibilities:  Focus on automation of threat hunting exercises, designated threat hunting projects, customer onboarding, build customer relation.  Perform threat hunting on various enterprise assets by exploring and correlating large data sets resulting in timely notifications for customers.  Enable and improve inhouse automation threat hunting projects that use Jupyter notebook, mysticpy etc  Uncover novel attack techniques, monitor and catalogue changes in activity group tradecraft.  Acquire new and leverage existing knowledge of attacker tools, tactics and procedures to improve the security posture of customers.  Effectively engage and collaborate with partners in data science, and threat research to develop and maintain high-fidelity detection rules.  Build or identify hunting tools and automation for use in the discovery of human adversaries  You would be expected to support a 24/7 operation model that sometimes involves working in night shifts.  Deep knowledge of the attacker landscape and rich telemetry from our sensors to perform root- cause analysis and generate custom s, ensuring that customers are well equipped to quickly respond to human adversaries identified in their unique environments.  Skilled hunters harness the power of available telemtry / signals to quickly identify and report the latest human adversary behaviours, drive critical context-rich s, build new tools and automation in support of hunting objectives, and drive innovations for detecting advanced attacker tradecraft.  Build strong cross team relationship with CTI, Detection engineering/UCM, automation, R&D and sales.  Skilled working with extremely large data sets, using tools and scripting languages such as: Excel, SQL, Python, Splunk, and PowerBI. Preferred Qualifications:  Bachelor degree preferred in Computer Science, Computer Engineering, Information Security.  Knowledge of operating system internals, OS security mitigations & understanding of Security challenges in Windows, Linux, Mac, Android & iOS platforms.  Knowledge of kill-chain model, ATT&CK framework, and modern penetration testing techniques.  Experience with reverse engineering, digital forensics (DFIR) or incident response, or machine learning models.  Experience with system administration in a large enterprise environment including Windows and Linux servers and workstations, network administration.  Experience with offensive security including tools such as Metasploit, exploit development, Open Source Intelligence Gathering (OSINT), and designing ways to breach enterprise networks.  Additional advanced technical degrees or cyber security certifications such as CISSP, OSCP, CEH, or GIAC certifications. Skills Soc,Network Security,Cyber Security

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Specialist Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory Skill Sets Bachelor’s degree (minimum requirement). 2-8 years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred Skill Sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years Of Experience Required 2-12 + years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Job Title: Faculty – Cyber Security & Machine Learning Location: Mira Road, Thane Position Type: Visiting Faculty Job Summary: We are seeking an experienced and passionate faculty member to teach and mentor undergraduate students in the field of Cyber Security and Machine Learning. The selected candidate will be responsible for delivering course content, designing assessments, mentoring students on practical implementations, and driving academic excellence in the subjects Ethical Hacking and Machine Learning I, as outlined by the University of Mumbai syllabus. Key Responsibilities: Academic Delivery ● Conduct theory and practical sessions for: ○ Ethical Hacking (including network security, cryptography, web security, hardware security) ○ Machine Learning I (including supervised & unsupervised learning, ensemble techniques, SVM, dimensionality reduction) ● Create lesson plans, lecture notes, and assessment tools aligned with syllabus ● Use tools such as Cisco Packet Tracer, Kali Linux, Metasploit, SQLMap, Wireshark, Jupyter Notebooks, Scikit-learn, and others during practical sessions ● Assign and evaluate laboratory work, tutorials, and case studies ● Encourage students to use digital tools and platforms (e.g., DVWA, OWASP, Kaggle, UCI datasets) Assessment & Evaluation ● Conduct internal assessments as per academic guidelines ● Prepare, administer, and grade exams, assignments, and projects ● Maintain timely and accurate records of grades and student progress Qualifications & Experience: Minimum Qualifications: ● Master’s degree in Computer Science / Cyber Security / Information Technology / Data Science / Artificial Intelligence or equivalent Experience: ● Minimum 2–5 years of teaching or industry experience in ethical hacking, information security, or applied machine learning Preferred Skills: ● Hands-on with penetration testing tools (e.g., Wireshark, John the Ripper, Metasploit) ● Familiarity with ML libraries: Scikit-learn, TensorFlow, etc. ● Experience with classroom and lab-based instruction ● Strong communication and mentoring skills Desirable Certifications: ● CEH (Certified Ethical Hacker) ● CompTIA Security+ ● Offensive Security Certified Professional (OSCP) ● Machine Learning or AI certifications (Coursera, edX, etc.) Remuneration: Rs. 2000 per hour (Negotiable)

As a Cybersecurity Penetration Tester at our organization in Hyderabad, you will play a key role in supporting our security initiatives on an On-Demand or Hourly Basis. Your primary responsibility will be to conduct penetration testing on web applications, networks, and infrastructure to identify security vulnerabilities. Utilizing tools like Metasploit, Burp Suite, and other industry-standard tools, you will assess and improve our systems" security posture. Your findings will be documented, and security risks will be reported with clear remediation strategies to ensure effective resolution. Collaboration with internal teams is essential to address identified vulnerabilities efficiently. You will also be required to perform security audits and provide actionable insights to enhance security controls across the organization. Proficiency in utilizing Wiz, a Vulnerability Management Tool, for identifying and managing security risks will be preferred. To excel in this role, you should have proven experience as a Penetration Tester or Security Analyst with a strong background in vulnerability assessment. Proficiency in penetration testing tools such as Metasploit, Burp Suite, and knowledge of Wiz or similar vulnerability management tools will be beneficial. A solid understanding of network security, application security, and system hardening is required. Excellent analytical, problem-solving, and communication skills are essential for effective collaboration with internal teams. Your ability to work independently and deliver high-quality results within deadlines will be crucial for success in this role.,

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Specialist Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: · Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. · Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. · Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. · Follow up on cybersecurity incident tickets until closure. · Guide L1 and L2 analysts in analyzing events and response activities. · Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. · Review and provide suggestions for information security policies and best practices in client environments. · Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. · Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. · Update and review documents, playbooks, and standard operational procedures. · Validate and update client systems and IT infrastructure documentation. · Share knowledge on current security threats, attack patterns, and tools with team members. · Create and review new use cases based on evolving attack trends. · Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. · Develop and maintain threat detection rules, parsers, and use cases. · Understand security analytics and flows across SaaS applications and cloud computing tools. · Validate use cases through selective testing and logic examination. · Maintain continuous improvement processes and build/groom teams over time. · Develop thought leadership within the SOC. Mandatory skill sets: · Bachelor’s degree (minimum requirement). · 2-8 years of experience in SOC operations. · Experience analyzing malicious traffic and building detections. · Experience in application security, network security, and systems security. · Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). · Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). · Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). · Experience with traditional security operations, event monitoring, and SIEM tools. · Knowledge of MITRE or similar frameworks and procedures used by adversaries. · Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: · Strong communication skills, both written and oral. · Experience with SMB and large enterprise clients. · Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). · Strong expertise in multiple SIEM tools and other SOC environment devices. · Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. · Understanding of raw log formats of various security devices. · Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). · Relevant certifications (CEH, CISA, CISM, etc.). · Strong work ethic and time management skills. · Coachability and dedication to consistent improvement. · Ability to mentor and encourage junior teammates. · Knowledge of regex and parser creation. · Ability to deploy SIEM solutions in customer environments. Years of experience required: 2-12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Company Overview: Leading with our core values of Quality, Integrity, and Opportunity, MedInsight is one of the healthcare industry’s most trusted solutions for healthcare intelligence. Our company purpose is to empower easy, data-driven decision-making on important healthcare questions. Through our products, education, and services, MedInsight is making an impact on healthcare by helping to drive better outcomes for patients while reducing waste. Over 300 leading healthcare organizations have come to rely on MedInsight analytic solutions for healthcare cost and care management. MedInsight has been ranked #1 for Payer Quality Analytics by clients for the last three years in the Best in KLAS report. MedInsight is a subsidiary of Milliman; a global, employee-owned consultancy providing actuarial consulting, retirement funding and healthcare financing, enterprise risk management and regulatory compliance, data analytics and business transformation as well as a range of other consulting and technology solutions. Position Summary: As a Penetration Tester, you will play a vital role in safeguarding our information systems by proactively identifying and mitigating security vulnerabilities. Working under the guidance of senior security professionals, you will assess the effectiveness of our cybersecurity infrastructure through simulated attacks and vulnerability assessments. This role offers the opportunity to build hands-on experience while contributing to the design and implementation of secure systems and processes. Key Responsibilities: Conduct penetration tests on networks, web and mobile applications, APIs, and cloud environments to identify security vulnerabilities and risks. Support security architects in assessing potential weaknesses in system designs and contribute to defining secure architecture and infrastructure requirements. Identify and exploit vulnerabilities in applications and infrastructure to simulate real-world cyber threats. Facilitate and coordinate vulnerability assessments and scans, review assessment results, and oversee remediation activities for network and infrastructure devices. Document and communicate findings clearly, translating technical risk into business risk for non-technical stakeholders. Participate in educating users and new employees on security best practices, policies, and procedures. Research and stay current on emerging cybersecurity threats, attack methods, and industry best practices. Recommend improvements to enhance system security and align with internal standards and regulatory requirements. Ensure testing activities and remediation efforts align with compliance standards and privacy laws (e.g., OWASP, NIST, ISO 27001). Collaborate with senior team members to provide technical guidance and support for security initiatives. May assist in reviewing third-party security controls, especially for cloud services. Qualifications: Minimum 4 years of experience in Application Security and Penetration Testing across networks, web/mobile apps, APIs, and cloud environments to identify vulnerabilities and risks. Familiarity with penetration testing methodologies, tools (e.g., Burp Suite, Nmap, Metasploit), and scripting languages (e.g., Python, Bash, PowerShell). Basic understanding of networking protocols, web technologies, and operating systems. Exposure to cybersecurity frameworks such as OWASP Top 10, NIST, or CIS Controls. Strong problem-solving skills, attention to detail, and ability to work as part of a team. Willingness to learn and grow within a structured, closely supervised environment. Preferred Experience: Experience related to ethical hacking or vulnerability assessments. One (or more) relevant certifications, or ability to pass exam: GPEN, GWAPT, OSCP CTF experience (HackTheBox, VulnHub, OverTheWire, etc) Educational Requirements Bachelor’s degree in computer science, Information Security, or related field or equivalent work experience. What makes this a great opportunity? Join an innovative, high growth company with a solid industry track record Bring your expertise and ideas to directly impact and help build the next generation of MedInsight products and solutions Enjoy significant visibility in your work and be recognized for your wins Work for a company that values your wellbeing and professional growth, offering a flexible work environment, generous benefits package, and investment in the development of your career Milliman Benefits: We offer competitive benefits which include the following based on plan eligibility: Supportive work culture focused on continuous learning, growth, and team collaboration Exposure to international teams and projects for broader professional experience Flexible working hours with hybrid/remote options to support work-life balance Annual health check-ups and employee wellness programs for a healthier lifestyle Employee Assistance Program (EAP) offering confidential mental health support Paid time off including vacation, sick leave, and recognized public holidays

Position Overview: Adani Group is seeking an experienced Red Teaming Cybersecurity Expert to design and execute red teaming exercises aimed at testing and enhancing the security posture of Adani Group’s diverse entities. This includes critical infrastructure sectors such as Ports, Airports, Power, and Digital. The Red Teaming Expert will identify vulnerabilities, simulate advanced cyberattacks, and work closely with internal teams to improve detection and defense mechanisms. Key Responsibilities: 1. Strategic Red Teaming and Penetration Testing Execute sophisticated red teaming engagements to simulate real-world attack scenarios. Develop and implement long-term offensive security strategies to proactively identify and address vulnerabilities across diverse environments. Conduct comprehensive penetration testing on internal networks, cloud environments, and applications. Execute social engineering attacks, phishing campaigns, and physical intrusions as part of full-spectrum red team operations. 2. Adversarial Threat Simulation & Attack Path Mapping Develop and refine threat emulation plans, leveraging TTPs (tactics, techniques, and procedures) used by nation-state actors and other adversaries. Model various attack paths from an adversary’s perspective to test the resilience of existing security measures. Simulate attacks against IT, OT (Operational Technology), and ICS (Industrial Control Systems) environments, ensuring critical infrastructure protection. 3. Collaborative Defense & Response Enhancement Collaborate with Blue Teams, incident response teams, and the Security Operations Center (SOC) to enhance detection, response times, and mitigation strategies. Provide detailed feedback on the effectiveness of security controls, detection mechanisms, and incident response processes. Develop and conduct collaborative red-blue team exercises (purple teaming) to continuously improve organizational defense mechanisms. 4. Vulnerability Research & Exploit Development Conduct research on emerging cybersecurity threats and stay current with evolving vulnerabilities, zero-day exploits, and new attack techniques. Develop or customize proof-of-concept exploits to demonstrate the impact of vulnerabilities in real-world scenarios. Perform threat intelligence analysis to determine the most relevant and high-risk attack vectors for Adani’s business environment. 5. Reporting & Risk Communication Produce comprehensive technical reports and executive-level summaries detailing vulnerabilities, successful attack simulations, and recommendations for improvement. Translate complex security vulnerabilities into business risk language for presentation to senior management and business stakeholders. Present red team findings in a clear and concise manner to leadership teams and board members, offering strategic insights for enhancing the overall cybersecurity posture. 6. Training, Mentoring, and Knowledge Sharing Provide mentorship and training to junior red team members and internal security teams, fostering a culture of proactive security and continuous improvement. Conduct workshops and tabletop exercises with business units to raise awareness about red teaming methodologies and the importance of cybersecurity. 7. Tool Development & Automation Develop, customize, or extend red teaming tools, scripts, and automation frameworks to simulate various attack vectors. Continuously assess and introduce new red teaming tools to improve the efficacy and realism of adversary simulations. 8. People Management Foster an environment of learning, excellence, and innovation within the team and across teams. Provide mentorship and guidance to junior team members. Conduct performance reviews and provide constructive feedback. Ensure continuous professional development of team members. Qualifications & Skills: Education: Bachelor’s or master’s degree in computer science, Cybersecurity, Information Security, or a related technical field. Relevant professional certifications in cybersecurity. Experience: 4+ years of experience in cybersecurity, with a minimum of 2+ years in red teaming, offensive security, ethical hacking, or penetration testing. Proven track record of executing large-scale red teaming exercises in complex environments, including experience with critical infrastructure (Ports, Airports, Energy, etc.). Extensive experience in simulating advanced cyberattacks, particularly in industrial environments, OT, and ICS. Certifications: CRTP, OSCP, OSCE, CREST certifications or equivalent in red teaming and penetration testing. Other cybersecurity certifications such as CISSP, CEH, GIAC, GCIH, GPEN are CRTP advantageous. Technical Skills: Expert knowledge of offensive security tools (e.g., Metasploit, Cobalt Strike, Burp Suite, Empire, etc.) and threat simulation frameworks. Strong understanding of TTPs used by cybercriminals and APT groups (MITRE ATT&CK framework knowledge preferred). Deep expertise in network protocols, firewalls, intrusion detection systems, and secure configurations. Proficient in various operating systems (Windows, Linux, macOS) and cloud environments (AWS, Azure, GCP). Knowledge of Operational Technology (OT) and Industrial Control Systems (ICS) security challenges and attack methodologies. Experience with exploit development and custom tool creation for red teaming operations. Soft Skills: Communication: Excellent written and verbal communication skills, with the ability to convey complex technical information to non-technical stakeholders. Problem-Solving: Strong problem-solving skills, strategic thinking, and analytical ability to assess risks and prioritize mitigation. Leadership: Effective leadership and mentoring abilities for team members. Collaboration: Ability to work collaboratively with cross-functional teams and foster a culture of proactive security. Adaptability: Ability to work in high-pressure environments and handle multiple concurrent assignments with minimal oversight. Ethical Mindset: Commitment to ethical hacking principles and maintaining the highest standards of integrity. Continuous Learning: Dedication to staying ahead of cybersecurity threats through ongoing research and professional development. Key Competencies: Adverserial Mindset: Ability to think like an adversary and develop innovative ways to bypass security controls. Collaborative Spirit: Strong emphasis on working closely with blue teams and cross-functional teams. Continuous Learning: Commitment to staying ahead of cybersecurity threats by engaging in ongoing research and professional development.

🔐 We're Hiring: Cyber Security Expert (4–5 Years Experience) 📍 Location : CS Soft Solutions Pvt. Ltd., I-18, Sector 101, IT City Rd, JLPL Industrial Area, Sahibzada Ajit Singh Nagar, Punjab – 160062 📧 Email: shivani-kanwar@cssoftsolutions.com At CS Soft Solutions, we're not just about building digital products—we’re about building trust in every digital interaction. We're expanding our cybersecurity division and are on the lookout for a Cyber Security Expert who’s ready to take ownership, drive strategic initiatives, and protect our clients across industries. 🚀 Key Responsibilities : Act as a trusted advisor to clients, assessing posture & identifying risks Conduct vulnerability assessments, penetration tests & risk analyses Design and implement tailored cybersecurity policies & frameworks Respond to incidents & coordinate response with internal and client teams Ensure compliance (GDPR, HIPAA, ISO 27001, NIST, SOC 2) Lead client workshops, trainings, and briefings Collaborate with DevOps, IT, and Engineering for secure solution design Engage directly with CXOs to understand needs & propose solutions Drive proposal creation, pre-sales, and client success Mentor and lead junior cybersecurity professionals ✅ Required Qualifications : Bachelor’s/Master’s in Cybersecurity, InfoSec, or related field 5+ years hands-on cybersecurity experience Expertise in threat detection, incident response, and network security Hands-on with SIEMs (Splunk, QRadar), Nessus, Qualys, Metasploit, etc. Cloud security exposure (AWS, Azure, GCP) Knowledge of compliance & frameworks (ISO 27001, NIST, SOC 2) Industry exposure: IT, BFSI, Healthcare, Manufacturing Certifications Preferred: CEH, CISSP, OSCP, CISM, ISO 27001 LA/LI 💡 Nice to Have : MSSP or cybersecurity consulting experience DevSecOps and secure SDLC familiarity Forensics or threat hunting background 🧠 Key Traits : Strategic mindset with strong business acumen Excellent communication & client-handling skills Ownership-driven, independent, and team-oriented 📩 If you're passionate about securing digital transformation journeys and thrive in a dynamic, high-growth environment—CS Soft wants you on board! #CyberSecurityJobs #HiringNow #CSSoftSolutions #InformationSecurity #CybersecurityExpert #MSSP #ISO27001 #SIEM #DevSecOps #CloudSecurity #CISSP #OSCP #JoinOurTeam

Key Responsibilities Update Mechanism & Distribution Testing Assess update delivery pipeline for unauthorized access, misconfigurations, or delivery flaws. Simulate HMAC token forge/replay attacks to test authentication robustness. Test code-signing integrity by attempting to modify signed update bundles. Simulate rollback scenarios, downgrade attack vectors, and patch bypass attempts. Backend & Infrastructure Security Perform RBAC abuse tests to detect privilege escalation opportunities. Verify audit logging and forensic traceability of system actions. Check backend service configurations for policy compliance and data protection. Availability & Threat Resilience Conduct DoS resilience testing by simulating excessive/malformed requests. Perform mobile reverse engineering to detect information leakage or insecure storage. Reporting & Retesting Provide a detailed vulnerability report with CVSS scores and POC evidence. Collaborate with DevSecOps for remediation validation and re-testing. Required Skills & Qualifications 7+ years of penetration testing experience in enterprise environments. Deep knowledge of OWASP Top 10 (Web, API, Mobile). Hands-on experience testing mobile hybrid apps (Capacitor/Ionic). Expertise in code signing, HMAC validation, and secure OTA update mechanisms. Familiarity with Azure-hosted services, WebAPI, and SQL Server. Proficient with tools such as Burp Suite, MobSF, Frida, Drozer, OWASP ZAP, Metasploit, Postman, Wireshark. Strong scripting/debugging knowledge (Python, JavaScript, Bash). Understanding of regulatory/compliance frameworks: ISO 27001, GDPR, NIST. Certifications preferred: OSCP, CEH, GMOB, GWAPT. Additional Context App Architecture: Hybrid (Ionic + Capacitor) Backend: .NET Core, WebAPI, Azure Blob Storage CI/CD: Azure DevOps, App Center Governance: Scoped under Qatar Airways IT & Cyber Security policies About Virtusa Teamwork, quality of life, professional and personal development: values that Virtusa is proud to embody. When you join us, you join a team of 27,000 people globally that cares about your growth — one that seeks to provide you with exciting projects, opportunities and work with state of the art technologies throughout your career with us. Great minds, great potential: it all comes together at Virtusa. We value collaboration and the team environment of our company, and seek to provide great minds with a dynamic place to nurture new ideas and foster excellence. Virtusa was founded on principles of equal opportunity for all, and so does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.

Only Immediate Joiner- Within 8-10 days 5+ Years Rotational Shift Hyderabad, IND (ONSITE) Job Responsibilities: • Conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests and Cloud on system and network levels, employing advanced ethical hacking techniques. • Application Penetration Testing (Browser-based, API, Mobile, IoT) • Threat Modeling • Source Code Review • Perform penetration testing on web applications and APIs (internal and external) to identify, assess, and report on vulnerabilities in their applications. • Perform red team exercises to determine where weaknesses in the client’s infrastructure and how it should be remediated. • Organizing and delivering technical security operational briefings for both technical and non technical audiences. • Set scope, objectives, and timelines for penetration testing engagements and leverage data to create useful metrics. • Dynamic application security testing (DAST) scans on the identified targets without credentials. • Perform credentialed DAST scans on known client URLs. • Conduct research to identify new attack vectors. • Review and provide feedback for all Security Artifacts. • Play a critical role in building an AppSec program that has a wide scope and impact. • Researching Open source emerging technologies, developing required frameworks and capabilities to perform red team exercises on new technologies adopted by clients. • Preparing and delivering clear, accurate, and concise written and oral technical reports for management. Job specifications: 1. Qualification: • Bachelor’s degree in Engineering or closely related coursework in technology development disciplines • Certifications like OSCP, CEH, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN are desirable 2. Experience: • Total Experience – 4+ years 3. Desired Skills: Knowledge and Experience: • Offensive Security Certified Professional (OSCP) and/or Offensive Security Certified Expert (OSCE). • A thorough understanding of the Secure Development Life Cycle • Have comprehensive knowledge of common vulnerabilities (e.g., OWASP Top 10), diverse application attack vectors, security testing processes, and both wired and wireless network security protocols. • Have familiarity with common threat tactics and tools (Nmap, Metasploit, Kali Linux, Burp Suite Pro, CobaltStrike, App detective, Web Inspect, etc.). • Cloud Service penetration testing tradecraft and methodologies across one or more service providers (e.g. AWS, GCP, etc.). • Mobile platform penetration testing tradecraft and methodologies across widely-used platforms (iOS and/or Android). • Microservices testing Ability to find and exploit bugs in: • C++, Java, JavaScript, Go, and Python • Kubernetes, AWS, GCP, or Azure • Memory management, namespaces, cgroups, etc. • Passion for writing code to solve problems combined with an interest in Offensive Security. • Ability to demonstrate a strong background in one of the following languages: o Golang, Python, Java, JavaScript, C++, C

We are seeking an experienced and detail-oriented Penetration Tester to assess the security posture of web and mobile applications. The ideal candidate will have a strong background in ethical hacking, vulnerability assessment, and hands-on experience identifying and exploiting application-level security flaws. Key Responsibilities: Perform penetration testing of web and mobile applications to identify vulnerabilities and security weaknesses. Conduct threat modeling and risk analysis for new and existing applications. Simulate real-world cyberattacks and document exploit paths. Prepare detailed technical reports, proof of concepts, and risk assessments. Work closely with development and infrastructure teams to provide remediation guidance. Ensure compliance with industry standards such as OWASP Top 10 , CWE/SANS , and relevant data privacy regulations. Conduct security assessments using both manual techniques and automated tools. Stay up-to-date with the latest security threats, trends, and technologies. Requirements: Minimum 4 years of experience in penetration testing or ethical hacking. Solid experience testing web and mobile applications (Android/iOS). Proficiency with tools such as Burp Suite, OWASP ZAP, Metasploit, Nmap, Nikto, MobSF , etc. Deep understanding of web technologies (HTTP/HTTPS, APIs, authentication mechanisms). Familiarity with OWASP Top 10 , Mobile Top 10 , CVSS scoring, and common exploit techniques. Experience with manual testing techniques to complement automated tools. Strong knowledge of common mobile platforms and application architectures. Scripting skills (Python, Bash, or similar) to aid in custom testing scenarios. Excellent documentation, reporting, and communication skills.

Description What We Are Looking For: Meltwater’s collaborative Security Team needs a passionate Security Engineer to continue to advance Meltwater’s security. Working with a group of fun loving people who are genuinely excited and passionate about security, there will be more laughs than facepalms! If you believe that improving security is about constantly moving technology forward to be more secure, and shifting security tools and checks earlier in the development lifecycle, then you’ll feel at home on Meltwater’s Security Team! At Meltwater we want to ensure that we can have autonomous, empowered and highly efficient teams. Our Security Team charges head on into the challenge of ensuring our teams can maintain their autonomy without compromising the security of our systems, services and data. Through enablement and collaboration with teams, Security Engineers ensure that our development and infrastructure practices have security defined, integrated and implemented in a common-sense manner that reduces risk for our business. Security Engineers define best practices, build tools, implement security checks and controls together with the broader Engineering and IT teams to ensure that our employees and our customers' data stays safe. As part of this, we leverage AWS as a key component of our cloud infrastructure. Security Engineers play a critical role in securing and optimizing AWS environments by implementing best practices, automating security controls, and collaborating with teams to ensure scalability, resilience, and compliance with industry standards. What You’ll do: In this role, you will be designing and implementing security functions ranging from checks on IaC (Infrastructure as Code) to SAST/DAST scanners in our CI/CD pipelines. You will be collaborating closely with almost every part of the Meltwater organization and help create security impact across all teams with strong support from the business. Collaborate closely with teams to help identify and implement frictionless security controls throughout the software development lifecycle Propose and implement solutions to enhance the overall cloud infrastructure and toolset. Perform ongoing security testing, including static (SAST), dynamic (DAST), and penetration testing, along with code reviews, vulnerability assessments, and regular security audits to identify risks, improve security, and develop mitigation strategies. Educate and share knowledge around secure coding practices Identify applicable industry best practices and consult with development teams on methods to continuously improve the risk posture. Build applications that improve our security posture and monitoring/alerting capabilities Implement and manage security technologies including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and security information and event management (SIEM) tools. Conduct vulnerability assessments, penetration testing, and regular security audits to identify risks and develop mitigation strategies. Monitor and respond to security incidents and alerts, performing root cause analysis and incident handling. Participate in incident response and disaster recovery planning, testing, and documentation. Manage identity and access management (IAM) solutions to enforce least privilege and role-based access controls (RBAC). Assist in the development of automated security workflows using scripting (Python, Bash, or similar). What You'll Bring: Strong collaboration skills with experience working cross functionally with a diverse group of stakeholders Strong communication skills with the ability to provide technical guidance to both technical and non-technical audiences Experience in implementing security controls early in the software development life cycle Knowledge of industry accepted security best practices/standards/policies such as NIST, OWASP, CIS, MITRE&ATT@CK Software developer experience in one or more of the following languages: JavaScript, Java, Kotlin or Python Experience in at least one public cloud provider, preferably AWS, with experience in security, infrastructure, and automation. Hands-on experience with SIEM platforms such as Splunk, QRadar, or similar. Proficiency in Linux operating system, network security, including firewalls, VPNs, IDS/IPS, and monitoring tools. Experience with vulnerability management tools (Snyk, Nessus, Dependabot) and penetration testing tools (Kali Linux, Metasploit). Experience in forensics and malware analysis. Self-motivated learner that continuously wants to share knowledge to improve others The ideal candidate is someone from a Software Development background with a passion for security. If you’re someone who understands the value of introducing security early in the software development lifecycle, and want to do so by enabling and empowering teams by building tools they WANT to use, we want to hear from you! What We Offer: Enjoy flexible paid time off options for enhanced work-life balance. Comprehensive health insurance tailored for you. Employee assistance programs cover mental health, legal, financial, wellness, and behaviour areas to ensure your overall well-being. Complimentary CalmApp subscription for you and your loved ones, because mental wellness matters. Energetic work environment with a hybrid work style, providing the balance you need. Benefit from our family leave program, which grows with your tenure at Meltwater. Thrive within our inclusive community and seize ongoing professional development opportunities to elevate your career. Where You'll Work: Hitec city, Hyderabad. When You'll Join: As per the offer letter Our Story At Meltwater, we believe that when you have the right people in the right environment, great things happen. Our best-in-class technology empowers our 27,000 customers around the world to make better business decisions through data. But we can’t do that without our global team of developers, innovators, problem-solvers, and high-performers who embrace challenges and find new solutions for our customers. Our award-winning global culture drives everything we do and creates an environment where our employees can make an impact, learn every day, feel a sense of belonging, and celebrate each other’s successes along the way. We are innovators at the core who see the potential in people, ideas and technologies. Together, we challenge ourselves to go big, be bold, and build best-in-class solutions for our customers. We’re proud of our diverse team of 2,200+ employees in 50 locations across 25 countries around the world. No matter where you are, you’ll work with people who care about your success and get the support you need to unlock new heights in your career. We are Meltwater. Inspired by innovation, powered by people. Equal Employment Opportunity Statement Meltwater is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: At Meltwater, we are dedicated to fostering an inclusive and diverse workplace where every employee feels valued, respected, and empowered. We are committed to the principle of equal employment opportunity and strive to provide a work environment that is free from discrimination and harassment. All employment decisions at Meltwater are made based on business needs, job requirements, and individual qualifications, without regard to race, color, religion or belief, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, veteran status, or any other status protected by the applicable laws and regulations. Meltwater does not tolerate discrimination or harassment of any kind, and we actively promote a culture of respect, fairness, and inclusivity. We encourage applicants of all backgrounds, experiences, and abilities to apply and join us in our mission to drive innovation and make a positive impact in the world.

As an Analyst in Cyber Security, you will be responsible for applying your hands-on expert knowledge of tools such as Burp, Nessus, Nmap, Nipper, Metasploit, and other latest tools in the field. Your expertise will be crucial in conducting Vulnerability Assessment and Penetration Testing (VAPT) across various domains including Cloud Security, Web, and Mobile Applications. You should possess a solid understanding of OWASP top 10 and other application/network security frameworks to effectively discover and analyze security vulnerabilities. Your experience in Web Application and Internal/External Network Testing will be key in identifying and mitigating security risks. Moreover, your skills in Configuration Review, policy review, system and network hardening, as well as endpoint review will play a vital role in enhancing the overall security posture. Experience in Application Code Review and Testing tools will be an added advantage in this role. Your ability to create comprehensive reports and communicate effectively, both in writing and verbally, will be essential as you directly engage with clients during projects. You will also be expected to review cyber-attack surfaces, recommend security measures, and conduct cyber investigations when necessary. A minimum of 1 year of post-qualification experience in Security Testing Projects is required for this position. Holding certifications such as CEH/CHFI, OSCP/eWPTX, or any other industry-recognized security certification will be advantageous. If you have a basic scripting knowledge in any language, it will be considered a plus. Additionally, your willingness to travel as needed will be appreciated in this role.,

At BMC, trust is not just a word - it's a way of life! We are an award-winning, equal opportunity, culturally diverse, and fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, as we believe that you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! BMC Software is currently seeking a motivated and skilled individual to join the Product Security Group in a senior technical position. The successful candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, and penetration testing. As a penetration tester, you will play a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. **Roles And Responsibilities:** - Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. - Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. - Provide expert guidance on application security best practices. - Research and develop new penetration testing methodologies, tools, and techniques. **Qualifications & Skills:** - 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. - Penetration testing experience is essential; prior participation in bug bounty programs is a plus. - Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). - Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. - Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. - Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. - Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. - Ability to think creatively and analytically to identify and exploit vulnerabilities. - Strong problem-solving skills when encountering unexpected challenges during testing. - Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. - Meticulous attention to detail in documenting findings and creating reports. - Effective time management skills to meet project deadlines and testing schedules. - High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. **Preferred Skills:** - Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). - Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks. BMC's culture is built around its people. With over 6000 brilliant minds working together across the globe, you won't be known just by your employee number, but for your true authentic self. If you are unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experiences to ensure we face the world together with the best ideas.,

Key Responsibilities Update Mechanism & Distribution Testing Assess update delivery pipeline for unauthorized access, misconfigurations, or delivery flaws. Simulate HMAC token forge/replay attacks to test authentication robustness. Test code-signing integrity by attempting to modify signed update bundles. Simulate rollback scenarios, downgrade attack vectors, and patch bypass attempts. Backend & Infrastructure Security Perform RBAC abuse tests to detect privilege escalation opportunities. Verify audit logging and forensic traceability of system actions. Check backend service configurations for policy compliance and data protection. Availability & Threat Resilience Conduct DoS resilience testing by simulating excessive/malformed requests. Perform mobile reverse engineering to detect information leakage or insecure storage. Reporting & Retesting Provide a detailed vulnerability report with CVSS scores and POC evidence. Collaborate with DevSecOps for remediation validation and re-testing. Required Skills & Qualifications 7+ years of penetration testing experience in enterprise environments. Deep knowledge of OWASP Top 10 (Web, API, Mobile). Hands-on experience testing mobile hybrid apps (Capacitor/Ionic). Expertise in code signing, HMAC validation, and secure OTA update mechanisms. Familiarity with Azure-hosted services, WebAPI, and SQL Server. Proficient with tools such as Burp Suite, MobSF, Frida, Drozer, OWASP ZAP, Metasploit, Postman, Wireshark. Strong scripting/debugging knowledge (Python, JavaScript, Bash). Understanding of regulatory/compliance frameworks: ISO 27001, GDPR, NIST. Certifications preferred: OSCP, CEH, GMOB, GWAPT. Additional Context App Architecture: Hybrid (Ionic + Capacitor) Backend: .NET Core, WebAPI, Azure Blob Storage CI/CD: Azure DevOps, App Center Governance: Scoped under Qatar Airways IT & Cyber Security policies

Cyber security instructor, SOC operations, Bug bounty operations, Network Security, Python Scripting, Security Consulting, Training Delivery, Student Mentorship, Assessment and Evaluation

This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2 days per week from an HPE office. Who We Are Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description Job Family Definition: Designs, develops, troubleshoots and debugs software programs for software enhancements and new products. Develops software including operating systems, compilers, routers, networks, utilities, databases and Internet-related tools. Determines hardware compatibility and/or influences hardware design. Management Level Definition Contributes to assignments of limited scope by applying technical concepts and theoretical knowledge acquired through specialized training, education, or previous experience. Acts as team member by providing information, analysis and recommendations in support of team efforts. Exercises independent judgment within defined parameters. What You'll Do Juniper Networks is hiring Security Research Engineers/IDS-IPS Signature Developer for their Next Generation Firewalls. You will be part of Juniper Networks L4-L7 Next General Firewall Team responsible for providing protection against latest network vulnerabilities and threats. You will be part of a highly dynamic and engaging team that protects customers network against malicious actors. What You Need To Bring Knowledge in network vulnerabilities, detection tools and technologies Knowledge in exploitation and mitigation techniques. Hands on experience using wireshark/tcpdump or a similar network analysis tool on a daily basis Experience with any open source or commercial IDS/IPS Signature writing/validation. Experience in scripting languages like Python/Shell scripting. Understanding of IP/TCP/UDP and ICMP protocols including header contents and protocol flow concepts. Solid understanding at the packet level of common internet protocols such as HTTP, DNS, SMTP, POP3, IMAP, SSL, Telnet, SSH, SNMP, etc. Experience in penetration testing tools like metasploit and coreimpact desirable. The candidate must possess excellent communication skills, both verbal and written. Additional Skills Cloud Architectures, Cross Domain Knowledge, Design Thinking, Development Fundamentals, DevOps, Distributed Computing, Microservices Fluency, Full Stack Development, Security-First Mindset, Solutions Design, Testing & Automation, User Experience (UX) What We Can Offer You Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #networking Job Engineering Job Level TCP_01 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.