496 Metasploit Jobs - Page 13

We are seeking a skilled and proactive Medical Device Cybersecurity Engineer to join our team. This position plays a critical role in ensuring the cybersecurity and regulatory compliance of our connected medical devices throughout the product lifecycle. The ideal candidate has hands-on experience in threat modeling, managing third-party software components, performing vulnerability scans and penetration testing, and collaborating across cross-functional teams to integrate robust cybersecurity controls in accordance with FDA and global regulatory requirements. Key Responsibilities: Perform and maintain comprehensive threat modeling (e.g., STRIDE) for embedded and connected medical devices. Perform regular vulnerability scans, penetration testing , and static/dynamic analysis using tools such as Kali Linux, Metasploit, Wireshark, NMAP, Fortify, Nessus, or similar. Develop and update cybersecurity risk assessments as part of the overall risk management process (including CVSS scoring). Define, implement, and document security controls based on threat model outcomes. Manage and maintain Software Bill of Materials (SBOM) in compliance with FDA premarket and post-market guidance and global standards (e.g., NTIA, NIST). Support secure software development lifecycle (SDLC) practices including secure coding reviews. Conduct cybersecurity surveillance for new threats, advisories, CVEs, and zero-day vulnerabilities that may impact devices post-market. Triage and assess reported vulnerabilities, coordinate remediation and update documentation accordingly. Support preparation of cybersecurity documentation for FDA submissions (e.g., premarket submissions, 510(k), PMA) including security risk management reports and architecture diagrams. Ensure compliance with FDA applicable standards (e.g., ISO 14971, IEC 62304, ANSI/AAMI SW96:2023) Collaborate with Quality, Regulatory, and Engineering to ensure cybersecurity is integrated across the product lifecycle. Collaborate with software, hardware, and systems teams to guide cybersecurity design and testing. Qualifications Required: Bachelors or Masters degree in Computer Engineering, Cybersecurity, Electrical Engineering, or related field. 57 years of experience in embedded systems or medical device cybersecurity. Strong working knowledge of SBOM, SOUP, vulnerability scanning tools, penetration testing, and threat modeling methodologies. Familiarity with relevant regulations and standards (e.g., FDA Cybersecurity Guidance, NIST SP 800-53/30/218, ANSI/AAMI SW96:2023). Experience with secure development tools and CI/CD environments. Preferred: Certified Ethical Hacker (CEH), CISSP, CSSLP, or similar certification. Experience with connected devices (IoMT), wireless protocols (BLE, Wi-Fi), and cloud security principles. Familiarity with DevSecOps practices and security tools integration. Show more Show less

Who we think will be a great fit. A passion for information security with a hacker mindset! Self-motivation and Proactiveness Communication skills What we need... We want people with preferably two or more, of the following: 1. Web Application Security Testing. Knowledge about BURP Suite, manual and automated SQLi Bypass filters that detect SQLi, XSS, etc. People who don't think Injection means only SQLi but SSTI, SSJI, ORMi [HQLi], LDAPi, Eli, XMLi etc. 2. Network Infrastructure Testing. Ability to write custom scripts and wrappers. Knowledge of tools like Responder, Ettercap, tcpdump, Empire, etc.not just Nmap and Nessus Have good knowledge about PowerShell scripting and AD/DC infrastructure. 3. Mobile App Testing. Root/jailbreak and Certificate pinning bypass without any automated tool Dynamic instrumentation using Frida De-obfuscation of APK/IPA file 4. IoT Testing. MQTT attacks Fuzzing of IoT devices Firmware extraction 5. Cloud Testing. A good understanding of the cloud infrastructure that includes AWS, Azure and Google cloud. Have a good understanding of microservices architecture. 6. Secure Code Review. Ability to visualize and compile applications without any compiler (in your mind). Has the ability to learn a new programming language on-the-go. Preferred candidate profile : Candidates with relevant professional experience will be given preference.

Job Title: Senior VAPT (Vulnerability Assessment & Penetration Testing) Engineer Location: Indore Experience Required: 5+ Years Job Type: Full-Time Job Summary: We are looking for an experienced and highly skilled VAPT Engineer with a strong background in cybersecurity and hands-on expertise in conducting vulnerability assessments and penetration testing of IT infrastructure, applications, and networks. The candidate must have in-depth knowledge of CERT-In guidelines, security best practices, and regulatory compliance requirements. Key Responsibilities: · - Perform Vulnerability Assessment & Penetration Testing (VAPT) on web applications, mobile applications, APIs, networks, cloud infrastructure, servers, and endpoints. · - Prepare and deliver detailed technical reports with findings, risk ratings, and actionable remediation recommendations. · - Simulate real-world cyberattacks to identify potential security flaws and vulnerabilities. · - Collaborate with development and IT teams to validate and fix vulnerabilities. · - Implement and monitor secure coding practices and DevSecOps principles during SDLC. · - Ensure all testing activities are in line with CERT-In guidelines and other applicable standards (ISO 27001, OWASP, NIST, etc.). · - Stay up-to-date with the latest threats, vulnerabilities, and attack vectors. · - Prepare reports and evidence required for CERT-In audits and compliance. · - Assist in developing internal security policies and SOPs for secure infrastructure. · - Guide and mentor junior security analysts, if required. Required Skills & Qualifications: · - Bachelor's degree in Computer Science, Information Security, or a related field. · - Minimum 5 years of hands-on experience in VAPT and cybersecurity. · - Expertise in tools such as Burp Suite, Nessus, Nmap, Metasploit, Acunetix, Wireshark, Nikto, OWASP ZAP, etc. · - Strong knowledge of OWASP Top 10, SANS 25, and other industry security standards. · - Solid understanding of network protocols, web application architecture, firewalls, IDS/IPS, and endpoint security. · - Familiarity with scripting and automation (Python, Bash, PowerShell). · - Experience in writing and reviewing security assessment reports for technical and non-technical stakeholders. · - In-depth knowledge of CERT-In audit requirements, documentation, and compliance process. Certifications (Preferred): · - CEH / OSCP / LPT / CRTP / CompTIA Pentest+ · - Any CERT-In empanelment project experience will be a strong advantage. Additional Information: · - Strong communication, documentation, and interpersonal skills. · - Ability to manage multiple engagements and deliver under tight timelines. · - Should be able to work independently or in a team. Job Type: Full-time Pay: ₹30,000.00 - ₹45,000.00 per month Benefits: Provident Fund Schedule: Day shift Work Location: In person

Job description As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This position offers an exciting opportunity to work on challenging projects, collaborate with talented professionals, and contribute to the advancement of cybersecurity practices. Key Responsibilities : Perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) for clients' IT infrastructure, applications, and networks. Conduct thorough security assessments using industry-standard tools and methodologies, including but not limited to, Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Identify and exploit security vulnerabilities to assess the potential impact on clients' systems and data. Prepare detailed assessment reports outlining findings, risk levels, and recommended remediation measures. Collaborate with clients' IT teams to prioritize and address identified security issues in a timely manner. Develop and implement custom scripts or tools to enhance testing capabilities and automate repetitive tasks. Stay abreast of emerging security threats, vulnerabilities, and industry best practices to continually improve testing methodologies. Provide guidance and mentorship to junior security engineers, fostering a culture of knowledge sharing and skill development within the team. Requirements: Bachelor's degree in Computer Science, Information Technology, or related field. 2+ years of experience in cybersecurity, with a focus on Vulnerability Assessment and Penetration Testing. Proficiency in using tools such as Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Hands-on experience with various operating systems, including Windows, Linux, and Unix. Strong understanding of network protocols, web application architecture, and common security vulnerabilities. Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar certifications preferred. Excellent analytical skills and attention to detail, with the ability to prioritize and manage multiple tasks effectively. Effective communication skills, both verbal and written, with the ability to convey technical concepts to non-technical stakeholders. Proven track record of delivering high-quality security assessments and actionable recommendations. Show more Show less

Job Information Date Opened 06/18/2025 Job Type Full time Industry IT Services Work Experience 4-5 years City Bangalore State/Province Karnataka Country India Zip/Postal Code 560024 Job Description About Globals: Globals has drastically grown from a small home office to a globally recognized enterprise offering world-class quality solutions on Cybersecurity, Cyberwarfare, ERP Systems, AI, and Enterprise Application Development for various industries including Defence, Education, Government, Financial Services and Transport Industries. Globals has enabled its customers to be game-changers in their industry through its disruptive and innovative solutions. Globals is certified as a "Great Place to Work" organization for its laudable work culture that helps its team members manage work-life, have dedicated hours to upskill and reskill themselves, and most important to ensure that the projects that they are working on are always unique, challenging their status quo every time. Our unique work culture has made us one of the world’s fastest-growing technology companies as recognized and featured by The Economist. Our excellence in technical stewardship and service-offering expertise has facilitated our clients ranging from individual entrepreneurs to Fortune Global 500 – to explore new business opportunities, reduce their operational costs significantly and boost their revenues. Today, Globals enjoys a strong position in the industry as a high-performing leader through its technology innovation and remarkable domain expertise. Globals is a CMMI Level 3 certified company. About the Job Role: We are seeking a skilled Offensive Security Researcher with hands-on experience in penetration testing, vulnerability research, and exploit development with a focus on Windows systems. The ideal candidate will be responsible for identifying and exploiting security weaknesses across Windows systems, applications, and networks to simulate real-world cyberattacks. This role is critical in strengthening our organization's security posture by providing actionable insights, supporting incident response, and contributing to continuous security improvements. You will work closely with security engineers, blue teams, and development teams to bridge gaps between offense and defense. Responsibilities: Identify and analyze vulnerabilities in Windows OS (e.g., Windows 10/11, Windows Server), kernel components, drivers, and user- mode applications. Research zero-day vulnerabilities and develop PoC exploits to demonstrate impact. Analyze patch diffs and reverse-engineer Windows updates to uncover exploitable conditions. Analyze obfuscated malware samples to understand attack vectors and vulnerabilities. Document vulnerabilities, exploitation techniques, and PoC code in clear, reproducible formats. Contribute to vulnerability databases, advisories, or whitepapers with the vendor and to CERT. Conduct comprehensive penetration tests (VAPT) on web applications, APIs, networks, mobile apps, and cloud environments. Collaborate with blue teams to improve defensive controls based on offensive insights. Continuously research emerging threats, attack techniques (TTPs), and security trends to keep tools and techniques up-to-date. Support incident response teams during active breaches with offensive techniques such as attacker simulation and pivoting. Participate in threat modeling and security architecture reviews from an attacker’s perspective. Requirements Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience. Deep understanding of Windows kernel, memory management, process/thread handling, security and Windows APIs (kernel32.dll, ntdll.dll) Expertise in writing exploits for Windows vulnerabilities, bypassing mitigations like ASLR, DEP, and CFG. Strong skills in C/C++, Python, and Assembly (x86/x64); familiarity with PowerShell. Knowledge of network protocols and raw packet manipulation for exploit delivery (e.g., using raw sockets or PCAP). Familiarity with offensive security tools like Metasploit, Cobalt Strike, or custom exploit frameworks. Proficiency with tools like IDA Pro, Ghidra, WinDbg, OllyDbg, or Radare2 for analyzing Windows binaries/drivers and dynamic analysis tools (Process Monitor, Process Explorer). Strong proficiency with penetration testing tools such as Burp Suite, Metasploit, Cobalt Strike, Nmap, Wireshark, Nessus, and others. Practical experience in exploit development, reverse engineering, or binary analysis is a strong plus. Familiarity with social engineering techniques and phishing campaigns is a plus. Relevant certifications are highly desirable (e.g., OSCP, CEH etc.,). Apply Now

About Zeta Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future. It was founded by Bhavin Turakhia and Ramki Gaddipati in 2015. Our f lagship processing platform - Zeta Tachyon - is the industry’s first modern, cloud-native, and fully API-enabled stack that brings together issuance, processing, lending, core banking, fraud & risk, and many more capabilities as a single-vendor stack. 15M+ cards have been issued on our platform globally. Zeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios. Zeta has over 1700+employees - with over 70%roles in R&D - across locations in the US,EMEA, and Asia. We raised$280 million at a$1.5 billion valuation from Softbank, Mastercard, and other investors in 2021.Learn more @ www.zeta.tech , careers.zeta.tech , Linkedin , Twitter The Role As part of the Risk & Compliance team within the Engineering division at Zeta, the Application Security Manager is tasked with safeguarding all mobile, web applications, and APIs. This involves identifying vulnerabilities through testing and ethical hacking, while also educating developers and DevOps teams on how to resolve them. Your primary goal will be to ensure the security of Zeta's applications and platforms. As a manager, you'llbe responsible for securing all of Zeta’s products. In this individual contributor role, you will report directly to the Chief Information Security Officer (CISO). The role involves ensuring the security of web and mobile applications, APIs, and infrastructure by conducting regular VAPT. It requires providing expert guidance to developers on how to address and fix security vulnerabilities, along with performing code reviews to identify potential security issues. The role also includes actively participating in application design discussions to ensure security is integrated from the beginning and leading Threat Modeling exercises to identify potential threats. Additionally, the profile focuses on developing and promoting secure coding practices, educating developers and QA engineers on security standards for secure coding, data handling, network security, and encryption. The role also entails evaluating and integrating security testing tools like SAST, DAST, and SCA into the CI/CD pipeline to enhance continuous security integration. Responsibilities Guide Security and Privacy Initiatives: Actively participate in design reviews and threat modeling sessions to help shape the security and privacy approach for technology projects, ensuring security is embedded at all stages of application development. Ensure Secure Application Development: Collaborate with developers and product managers to ensure that applications are securely developed, hardened, and aligned with industry best practices. Project Scope Management: Define the scope for security initiatives, ensuring continuous adherence throughout each project phase, from initiation to sustenance/maintenance. Drive Internal Adoption and Visibility: Ensure that security projects are well-understood and adopted by internal stakeholders, fostering a culture of security awareness within the organization. Security Engineering Expertise: Serve as a technical expert and security champion within Zeta, providing guidance and expertise on security best practices across the organization. Team Leadership and Development Make decisions on hiring and lead the hiring process to build a skilled security team. Define and drive improvements in the hiring process to attract top security talent. Mentor and guide developers and QA teams on secure coding practices and security awareness. Security Tool and Gap Assessment: Continuously assess and recommend tools to address gaps in application security, ensuring the team is equipped with the best resources to identify and address vulnerabilities. Stakeholder Liaison: Collaborate with both internal and external stakeholders to ensure alignment on security requirements and deliverables, acting as the main point of contact for all security-related matters within the team. Bug Bounty Program Management: Evaluate and triage security bugs reported through the Bug Bounty program, working with relevant teams to address and resolve issues effectively. Own Security Posture: Take ownership of the security posture of various applications across the business units, ensuring that security best practices are consistently applied and maintained. Skills Hands-on experience in Vulnerability Assessment (VA) and Penetration Testing (PT) across web, mobile, API, and network/Infra environments. Deep understanding of the OWASP Top 10 and their respective attack and defense mechanisms. Strong exposure to Secure SDLC activities, Threat Modeling, and Secure Coding practices. Experience with both commercial and open-source security tools, including Burp Suite, AppScan, OWASP ZAP, BEEF, Metasploit, Qualys, Nipper, Nessus andSnyk. Expertise in identifying and exploiting business logic vulnerabilities. Solid understanding of cryptography, PKI-based systems, and TLS protocols. Proficiency in various AuthN/AuthZ frameworks (OIDC, OAuth, SAML) and the ability to read, write, and understand Java code. Experience with Static Analysis and Code Reviews using tools like Snyk,Fortify,Veracode, Checkmarx, and SonarQube. Hands-on experience in reverse engineering mobile apps and using tools like Dex2jar, ADB, Drozer, Clang, iMAS, and Frida/Objection for dynamic instrumentation. Experience conducting penetration tests and security assessments on internal/external networks, Windows/Linux environments, and cloud infrastructure (primarily AWS). Ability to identify and exploit security vulnerabilities and misconfigurations in Windows and Linux servers. Proficiency in shell scripting and automating tasks with tools such as Python or Ruby. Familiarity with PA-DSS, PCI SSF (S3, SSLC), and other security standards like PCI DSS, DPSC, ASVS and NIST. Understanding of Java frameworks like Spring Boot, CI/CD processes, and tools like Jenkins & Bitrise. In-depth knowledge of cloud infrastructure (AWS, Azure), including VPC/VNet, S3 buckets, IAM,Security Groups, blob stores, Load Balancers, Docker containers, and Kubernetes. Solid understanding of agile development practices. Active participation in bug bounty programs (HackerOne, Bug Crowd, etc.) and experience with hackathons and Capture the Flag (CTF) competitions. Knowledge of AWS/Azure services, including network configuration and security management. Experience with databases (PostgreSQL, Redshift, MySQL) and other data storage solutions like Elasticsearch and S3 buckets. Preferred Certifications: OSCP, OSWE, GWAPT, AWAE, AWS Certified Security Specialist, CompTIA Security+ Experience And Qualifications 12 to 18 years of overall experience in application security, with a strong background in identifying and mitigating vulnerabilities in software applications. A background in development and experience in the fintech sector is a plus. Bachelor of Technology (BE/ B.Tech ), M.Tech , or ME in Computer Science or an equivalent degree from an Engineering college/University. Life At Zeta At Zeta, we want you to grow to be the best version of yourself by unlocking the great potential that lies within you. This is why our core philosophy is ‘People Must Grow.’ We recognize your aspirations; act as enablers by bringing you the right opportunities, and let you grow as you chase disruptive goals. is adventurous and exhilarating at the same time. You get to work with some of the best minds in the industry and experience a culture that values the diversity of thoughts. If you want to push boundaries, learn continuously and grow to be the best version of yourself, Zeta is the place to be! Explore the life at zeta Zeta is an equal opportunity employer. At Zeta, we are committed to equal employment opportunities regardless of job history, disability, gender identity, religion, race, marital/parental status, or another special status. We are proud to be an equitable workplace that welcomes individuals from all walks of life if they fit the roles and responsibilities. Show more Show less

About Globals: Globals has drastically grown from a small home office to a globally recognized enterprise offering world-class quality solutions on Cybersecurity, Cyberwarfare, ERP Systems, AI, and Enterprise Application Development for various industries including Defence, Education, Government, Financial Services and Transport Industries. Globals has enabled its customers to be game-changers in their industry through its disruptive and innovative solutions. Globals is certified as a "Great Place to Work" organization for its laudable work culture that helps its team members manage work-life, have dedicated hours to upskill and reskill themselves, and most important to ensure that the projects that they are working on are always unique, challenging their status quo every time. Our unique work culture has made us one of the world’s fastest-growing technology companies as recognized and featured by The Economist. Our excellence in technical stewardship and service-offering expertise has facilitated our clients ranging from individual entrepreneurs to Fortune Global 500 – to explore new business opportunities, reduce their operational costs significantly and boost their revenues. Today, Globals enjoys a strong position in the industry as a high-performing leader through its technology innovation and remarkable domain expertise. Globals is a CMMI Level 3 certified company. About the Job Role: We are seeking a skilled Offensive Security Researcher with hands-on experience in penetration testing, vulnerability research, and exploit development with a focus on Windows systems. The ideal candidate will be responsible for identifying and exploiting security weaknesses across Windows systems, applications, and networks to simulate real-world cyberattacks. This role is critical in strengthening our organization's security posture by providing actionable insights, supporting incident response, and contributing to continuous security improvements. You will work closely with security engineers, blue teams, and development teams to bridge gaps between offense and defense. Responsibilities: Identify and analyze vulnerabilities in Windows OS (e.g., Windows 10/11, Windows Server), kernel components, drivers, and user- mode applications. Research zero-day vulnerabilities and develop PoC exploits to demonstrate impact. Analyze patch diffs and reverse-engineer Windows updates to uncover exploitable conditions. Analyze obfuscated malware samples to understand attack vectors and vulnerabilities. Document vulnerabilities, exploitation techniques, and PoC code in clear, reproducible formats. Contribute to vulnerability databases, advisories, or whitepapers with the vendor and to CERT. Conduct comprehensive penetration tests (VAPT) on web applications, APIs, networks, mobile apps, and cloud environments. Collaborate with blue teams to improve defensive controls based on offensive insights. Continuously research emerging threats, attack techniques (TTPs), and security trends to keep tools and techniques up-to-date. Support incident response teams during active breaches with offensive techniques such as attacker simulation and pivoting. Participate in threat modeling and security architecture reviews from an attacker’s perspective. Requirements Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience. Deep understanding of Windows kernel, memory management, process/thread handling, security and Windows APIs (kernel32.dll, ntdll.dll) Expertise in writing exploits for Windows vulnerabilities, bypassing mitigations like ASLR, DEP, and CFG. Strong skills in C/C++, Python, and Assembly (x86/x64); familiarity with PowerShell. Knowledge of network protocols and raw packet manipulation for exploit delivery (e.g., using raw sockets or PCAP). Familiarity with offensive security tools like Metasploit, Cobalt Strike, or custom exploit frameworks. Proficiency with tools like IDA Pro, Ghidra, WinDbg, OllyDbg, or Radare2 for analyzing Windows binaries/drivers and dynamic analysis tools (Process Monitor, Process Explorer). Strong proficiency with penetration testing tools such as Burp Suite, Metasploit, Cobalt Strike, Nmap, Wireshark, Nessus, and others. Practical experience in exploit development, reverse engineering, or binary analysis is a strong plus. Familiarity with social engineering techniques and phishing campaigns is a plus. Relevant certifications are highly desirable (e.g., OSCP, CEH etc.,). Show more Show less

Detection and Response Analyst - MDR We are looking for SOC Analysts with a passion for cybersecurity to join us. As a Detection and Response Analyst you will work with Rapid7’s advanced tools to investigate and triage high priority security events. About The Team Rapid7’s Managed Detection and Response (MDR) team is built from the ground up to bring motivated and passionate security talent face to face with emerging threats, practical challenges, and evil at scale. Our MDR service uses an impact-driven mindset to focus efforts on effective solutions, encouraging personal and technical innovation within the SOC. MDR provides 24/7/365 monitoring, threat hunting, incident response, and more with a focus on endpoint detection and behavioral intelligence. About The Role As a Detection and Response Analyst in Rapid7’s SOC, you will be responsible for identifying and analyzing malicious activity in a multitude of customer environments. You will be enabled to complete investigation scaling in complexity from simple account compromises and commodity malware infections, to complex web server compromises and zero-day vulnerability exploitation. Your Customer Advisor colleagues will be responsible for direct communication with the customers, enabling you to dedicate your efforts to analysis. Your fellow analyst colleagues will be available to answer questions, provide guidance, and assist you in investigations if you need help. In This Role, You Will Utilize Rapid7’s world-class software and threat intelligence to identify potential compromises in customer environments. Conduct investigations into a variety of malicious activity on workstations, servers, and in the cloud. Write an Incident Report for each investigation you complete, which follows MITRE’s ATT&CK Framework and includes your own forensic, malware, and root-cause analysis. Communicate with Customer Advisors regarding investigation findings, Requests For Information from clients, and remediation and mitigation recommendations. Communicate with other analysts to share new intelligence regarding tactics, techniques, and trends utilized by threat actors. Provide continuous input to Rapid7’s Threat Intelligence and Detection Engineering team regarding new detection opportunities. The Skills You’ll Bring Include Understanding of core operating system concepts in Windows, MacOS/Darwin, and Linux. This includes at least a basic understanding of common internal system tools and directory structures. A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration. Practical experience gained through CTF and HTB challenges, as well as personal or professional usage of common penetration testing tools such as Mimikatz, Metasploit modules, BloodHound, etc. Experience with hands-on analysis of forensic artifacts and/or malware samples. Passion for continuous learning and growth in the cybersecurity world. Effective collaboration within the SOC and between departments. Dedication to putting each customer’s needs and concerns at the forefront of all decision making. We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today. About Rapid7 At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact. Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 10,000 global customers ahead of whatever’s next. Join us and bring your unique experiences and perspectives to tackle some of the world’s biggest security challenges. Show more Show less

Key Responsibilities: Conduct advanced red team exercises to simulate real-world attack scenarios for clients. Analyze and develop sophisticated malware to test client defenses. Design and execute complex phishing campaigns to assess user awareness and response. Perform comprehensive OSINT to gather information on potential targets and vulnerabilities. Develop and deploy advanced offensive security tools and payloads. Evaluate and bypass EDR/XDR solutions to test and improve detection capabilities. Document findings and provide actionable recommendations to clients to enhance their security defenses. Qualifications: Bachelor's degree in Computer Science, Information Security, or related field. 2+ years of experience in red teaming or offensive security. Significant practical/industry experience in red teaming. Well-versed in defense evasion TTPs. Average or above proficiency in at least one coding/scripting language. Experience in malware analysis - static and dynamic. Proficiency in conducting phishing campaigns and advanced OSINT techniques. Experience with offensive security tools such as Cobalt Strike, Metasploit, and Kali Linux. Familiarity with EDR/XDR solutions and their bypass techniques. Excellent analytical and problem-solving skills. Relevant certifications such as OSCP, OSCE, CEH, or equivalent are a plus. Skills: Red Teaming Malware Analysis Phishing Open Source Intelligence (OSINT) Offensive Security Payload Development EDR/XDR Solutions Cobalt Strike, Metasploit, Kali Linux Job Types: Full-time, Permanent Pay: ₹7,000.00 - ₹13,000.00 per month Work Location: In person

General Information Job ID 29191 Location Noida, India Work Types Full Time, Permanent Categories Information Technology We never ask for payment as part of our selection process, and we always contact candidates via our corporate accounts and platforms. If you are approached for payment, this is likely to be fraudulent. Please check to see whether the role you are interested in is posted here, on our website. About TMF Group TMF Group is a leading global provider of high-value business services to clients operating and investing globally. We focus on providing specialized and business-critical financial and administrative services that enable our clients to operate their corporate structures, finance vehicles and investment funds in different geographical locations. TMF India is a Great Place to Work, ISO & ISAE certified organization. Discover the Role We are seeking an experienced Red Team Specialist with 6-8 years of expertise in cybersecurity, penetration testing, and phishing campaign execution. The ideal candidate will possess the OSCP certification and demonstrate proficiency in simulating real-world attack scenarios to identify vulnerabilities and improve organizational security. Key Responsibilities Conduct advanced red team operations, including penetration testing, social engineering, and phishing campaigns. Develop and execute phishing simulations to assess employee awareness and organizational defenses. Set up and manage phishing infrastructure using tools like GoPhish or similar frameworks. Utilize tactics, techniques, and procedures (TTPs) aligned with the MITRE ATT&CK framework. Perform vulnerability assessments and exploit weaknesses in network, system, and application security. Collaborate with blue teams to provide detailed reports on vulnerabilities and recommend mitigation strategies. Stay updated on emerging threats, tools, and techniques relevant to red teaming. Governance & Reporting: Track and report Red Team KPIs, operational maturity, and progress to senior leadership. Ensure operations comply with legal, ethical, and regulatory standards Contribute to board-level risk discussions and red team readiness exercises. Key Requirements OSCP certification is mandatory. Proficiency in red team tools (e.g., Metasploit, Cobalt Strike) and scripting languages (Python, PowerShell, Bash). Strong knowledge of phishing techniques, including crafting convincing emails and domain setup. Expertise in social engineering tactics to simulate real-world attack scenarios. Familiarity with network protocols, operating systems (Windows/Linux), cloud security, and secure communication protocols. Ability to conduct threat modeling and risk assessments. Preferred Qualifications Bachelor's degree in computer science or related field. Experience with lateral movement techniques and privilege escalation. Knowledge of cryptographic principles and forensic analysis. What’s in it for you? What's in it for you? Pathways for career development Work with colleagues and clients around the world on interesting and challenging work. We provide internal career opportunities, so you can take your career further within TMF. Continuous development is supported through global learning opportunities from the TMF Business Academy. Making an impact You’ll be helping us to make the world a simpler place to do business for our clients. Through our corporate social responsibility program, you’ll also be making a difference in the communities where we work. A supportive environment Strong feedback culture to help build an engaging workplace. Regardless of where you are in your career, TMF Group opens a world of opportunity where you will be part of our team and is supported in your global career journey. Our inclusive work environment allows you to work from our offices around the world, as well as from home, helping you find the right work-life balance to perform at your best. At TMF Group, it’s our people who make us who we are. Our company thrives on entrepreneurial spirit and is full of proactive people who combine enthusiasm with responsibility and accountability. Other Benefits Anniversary & Birthday Leave policy Be part of One TMF Paternity & Adoption leaves Salary advance policy Work flexibility – Hybrid work model Talk about growth opportunities (we invest in talent) Well-being initiatives We’re looking forward to getting to know you!

Job Summary: We are seeking an experienced Penetration Tester (Pentester) Engineer with 4+ years of hands-on experience in identifying, assessing, and mitigating vulnerabilities across web applications, networks, APIs, and infrastructure. The ideal candidate should have deep knowledge of security testing tools, methodologies, and frameworks, and be able to think like a hacker to protect our digital assets. Key Responsibilities: Conduct manual and automated penetration testing on web applications, APIs, mobile applications, and network infrastructure. Identify and exploit security flaws in systems and provide clear, actionable remediation steps. Create and deliver comprehensive vulnerability assessment and penetration test reports . Collaborate with developers, DevOps, and IT teams to assist in fixing identified security issues. Stay current on emerging threats, tools, and security trends to keep systems secure. Assist in the design and implementation of secure SDLC and DevSecOps processes . Simulate real-world attack scenarios to evaluate system resilience. Perform security audits, risk assessments , and red team/blue team exercises as needed. Review and analyze code for security vulnerabilities (code review/secure coding practices). Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field. 4+ years of hands-on penetration testing or ethical hacking experience. Proficient in tools such as Burp Suite, OWASP ZAP, Metasploit, Nmap, Wireshark, Nessus , etc. Deep understanding of OWASP Top 10 , SANS Top 25, and common web/mobile/API vulnerabilities. Experience with scripting and automation using Python, Bash, or PowerShell . Strong knowledge of network security, system hardening, and secure coding principles . Familiarity with compliance standards (e.g., ISO 27001, PCI-DSS, HIPAA) is a plus. Ability to write detailed and technically accurate reports for both technical and non-technical stakeholders. Relevant certifications preferred: OSCP, CEH, GPEN, or similar . Nice to Have: Experience in cloud security (AWS, Azure, GCP) and containerized environments (Docker, Kubernetes). Exposure to threat modeling, red teaming, and bug bounty programs . Contribution to open-source security tools or active participation in CTFs or security forums. Understanding of CI/CD pipelines and integration of security into DevOps.

We are seeking a dynamic and experienced Technical Trainer to join our engineering department. The ideal candidate will be responsible for designing and delivering technical training sessions to B.Tech students across various domains, ensuring they are industry-ready and equipped with practical, job-oriented skills. Role & Responsibility To train the students in new age technology (computer Science Engineering) to bridge the industry & academia gap leading to increase in the employability of the students. Knowledge Proven experience in devising technical training programs to UG/PG Engineering students in Higher Education Institutions To be abreast in latest software as per Industry standard & having knowledge of modern training techniques and tools to deliver the technical subjects To prepare training material (presentations, worksheets etc.) To execute training sessions, webinars, workshops for students To determine overall effectiveness of programs and make improvements Technical Skills (Subject Areas of delivering Training with Practical Approach) 1. Core Programming Skills Languages: C, Python, Java, C++, JavaScript 2. Web Development Frontend: HTML, CSS, JavaScript, React.js/Next.js Backend: Node.js, Express, Django, or Spring Boot Full-Stack: MERN stack (MongoDB, Express, React, Node.js) 3. Data Science & Machine Learning Languages: Python (NumPy, pandas, scikit-learn, TensorFlow/PyTorch) Tools: Jupyter Notebook, Google Colab, MLFlow 4. AI & Generative AI LLMs (Large Language Models): Understand how GPT, BERT, Llama models work Prompt Engineering Fine-tuning & RAG (Retrieval-Augmented Generation) Hugging Face Transformers, LangChain, OpenAI APIs 5. Cloud Computing & DevOps Cloud Platforms: AWS, Microsoft Azure, Google Cloud Platform (GCP) DevOps Tools: Docker, Kubernetes, GitHub Actions, Jenkins, Terraform CI/CD Pipelines: Automated testing and deployment 6. Cybersecurity Basics: OWASP Top 10, Network Security, Encryption, Firewalls Tools: Wireshark, Metasploit, Burp Suite 7. Mobile App Development Native: Kotlin (Android), Swift (iOS) Cross-platform: Flutter, React Native 8. Blockchain & Web3 Technologies: Ethereum, Solidity, Smart Contracts Frameworks: Hardhat, Truffle 9. Database & Big Data Databases: SQL (MySQL, PostgreSQL), NoSQL (MongoDB, Redis) Big Data Tools: Apache Hadoop, Spark, Kafka Qualification & Years of Experience as per norms: B.Tech./MCA/M.Tech (IT/CSE) from Top tier Institutes & reputed universities Industry Experience is desirable. Candidate must have minimum 2 years of training experience in the same domain. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Staff As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, mobile application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Perform penetration testing which includes internet, intranet, web application, Mobile app (Android & iOS), APIs, wireless, Cloud Security, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, Metasploit and Nessus for effective vulnerability assessment and penetration testing. Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams Understanding of TCP/IP network protocols. Develop automated solutions that mitigate risks throughout the organization. Provide technical leadership and advise to junior team members on attack and penetration test engagements. Skills And Attributes For Success Understanding of web-based application vulnerabilities (OWASP Top 10). Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Ability to communicate detailed technical information to a non-technical audience clearly Good to have experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory penetration testing Strong understanding of security principles, policies, and industry best practices Demonstrable flair for technical writing, including engagement reports, presentations and operating procedures To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 2 years of work experience in penetration testing which may include at least three of the following: internet, intranet, web app, APIs, Mobile App, wireless, Cloud Security, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, CRTP, CRTO, eCPTX, ejpt or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 2+ years of work experience in performing Penetration testing. Good to have Strong Excel, Word and PowerPoint skills. Ideally, you’ll also have Certifications: ejpt, OSCP, CRTP, ECSA. What We Look For Who can perform penetration testing which includes Network, wireless, web application, mobile application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Hiring expert Product Security Engineers to be part of a young and leading Enterprise SaaS Product Company that's redefining the Loyalty domain!. At Loyalty Juggernaut, we're on a mission to revolutionize customer loyalty through AI-driven SaaS solutions. We are THE JUGGERNAUTS, driving innovation and impact in the loyalty ecosystem with GRAVTY- , our SaaS Product that empowers multinational enterprises to build deeper customer connections. Designed for scalability and personalization, GRAVTY- delivers cutting-edge loyalty solutions that transform customer engagement across diverse industries including Airlines, Airport, Retail, Hospitality, Banking, F&B, Telecom, Insurance and Ecosystem. Visit www.lji.io to know more about us. As a Product Security Engineer, you'll to ensure the security of GRAVTY- throughout the development lifecycle. In this role, you will work closely with Engineering, DevOps, and Product teams to design and implement security controls, identify vulnerabilities, and drive secure coding practices. Your Responsibilities Will Include And Not Limited To Conduct Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, API, and infrastructure. Think like an attacker and simulate advanced threat scenarios to proactively identify security gaps. Utilize leading security tools such as Burp Suite, Acunetix, OWASP ZAP, Snyk, Wiz, and others. Leverage offensive security platforms and toolkits like Wireshark, Metasploit, Kali Linux, and more. Perform API and mobile platform security testing, including vulnerability discovery and exploit validation. Execute and document Open-Source Intelligence (OSINT) investigations. Collaborate closely with DevOps/Engineering to integrate security tools into CI/CD pipelines and promote DevSecOps best practices. Contribute to secure coding reviews and vulnerability triage, and assist in patch, compliance, and access control management. Monitor and respond to production security alerts and assist with security incident handling. To be successful in this role, you should have : A Bachelor's degree in Engineering, preferably CS/IT. 3+ years of proven experience in penetration testing and vulnerability management. Minimum of 1-3 years of experience in Red Teaming. Strong coding/scripting proficiency in Python, Java, Ruby, or similar. Familiarity with AWS cloud, Linux systems, Docker containers, and infrastructure security practices. Exposure to DevSecOps, including implementing security tools in CI/CD, and production environment protection. Experience in Secure Development Lifecycles, access controls, and patch & compliance frameworks. Industry-recognized certifications like CEH, eWPT, eWPTX, or equivalent are a plus. Excellent analytical, communication, and collaboration skills. A curious mind, a passion for security, and a knack for staying one step ahead of adversaries. (ref:hirist.tech) Show more Show less

Techvantage.ai is a next-generation technology and product engineering company at the forefront of innovation in Generative AI, Agentic AI, and autonomous intelligent systems. We build intelligent, secure, and scalable digital platforms that power the future of AI across industries. Role Overview We are looking for a Senior Security Specialist with 8+ years of experience in cybersecurity, cloud security, and application security. You will be responsible for identifying, mitigating, and preventing threats across our technology landscape - particularly in AI-powered, data-driven environments. This role involves leading penetration testing efforts, managing vulnerability assessments, and implementing best-in-class security tools and practices to protect our platforms and clients. Key Responsibilities Design and implement robust security architectures for cloud-native and on-prem environments. Conduct penetration testing (internal/external, network, application, API) and deliver clear remediation strategies. Perform regular vulnerability assessments using industry-standard tools and frameworks. Lead threat modeling and risk assessments across systems, services, and data pipelines. Collaborate with development and DevOps teams to integrate security in SDLC and CI/CD pipelines (DevSecOps). Define and enforce security policies, incident response procedures, and access controls. Monitor for security breaches and investigate security events using SIEM and forensic tools. Ensure compliance with global standards such as ISO 27001, SOC 2, GDPR, and HIPAA. Provide guidance on secure implementation of AI/ML components and data protection strategies. Requirements 8+ years of experience in information security, application security, or cybersecurity engineering. Proficient in penetration testing methodologies and use of tools such as Burp Suite, Metasploit, Nmap, Wireshark, Nessus, OWASP ZAP, Qualys, etc. Deep experience in vulnerability management, patching, and security hardening practices. Strong understanding of OWASP Top 10, CWE/SANS Top 25, API security, and secure coding principles. Hands-on experience with cloud security (AWS, Azure, or GCP), IAM, firewalls, WAFs, encryption, and endpoint security. Familiarity with SIEM, EDR, IDS/IPS, and DLP solutions. Knowledge of DevSecOps and tools like Terraform, Kubernetes, Docker, etc. Excellent problem-solving, analytical, and incident-handling capabilities. Preferred Qualifications Certifications such as CISSP, CISM, CEH, OSCP, or AWS Security Specialty. Experience working on security aspects of AI/ML platforms, data pipelines, or model inferencing. Familiarity with governance and compliance frameworks (e.g, PCI-DSS, HIPAA). Experience in secure agile product environments and threat modeling techniques. What We Offer A mission-critical role securing next-gen AI systems. Opportunity to work with an innovative and fast-paced tech company. High visibility and leadership opportunities in a growing security function. Compensation is not a constraint for the right candidate. (ref:hirist.tech) Show more Show less

We are seeking a highly skilled and motivated Technical Security Professional specializing in Vulnerability Assessment and Penetration Testing (VAPT), Source Code Review, API Security, and Web Application Security. As a member of our team, you will be responsible for ensuring the security and integrity of our systems, applications, and networks. Responsibilities Conduct comprehensive Vulnerability Assessments and Penetration Tests (VAPT) on various systems, networks, and applications to identify security weaknesses and potential vulnerabilities. Perform thorough Source Code Reviews to identify security flaws, coding errors, and vulnerabilities in web applications and software products. Assess and enhance API security by evaluating API designs, configurations, and implementations for potential security risks and vulnerabilities. Evaluate and enhance the security posture of web applications by conducting thorough security assessments and implementing appropriate security controls. Develop and implement security testing methodologies, tools, and procedures to improve the efficiency and effectiveness of security testing activities. Provide technical expertise and guidance to development teams, system administrators, and other stakeholders on security best practices and mitigation strategies. Collaborate with cross-functional teams to remediate identified security vulnerabilities and implement security controls to mitigate risks. Stay updated on the latest security trends, vulnerabilities, and best practices to continuously improve the security posture of our systems and applications. : Bachelor's degree in Computer Science, Information Security, or a related field. (Master degree preferred) 5 to 7 years of experience in conducting Vulnerability Assessments and Penetration Tests (VAPT) on enterprise systems, networks, and applications. 4 to 7 years of experience in performing Source Code Reviews for web applications and software products. Proficiency in using industry-standard security testing tools such as Nessus, Metasploit, Burp Suite, etc. Strong understanding of web application security principles, common vulnerabilities (e.g., OWASP Top 10), and mitigation techniques. Experience in assessing and enhancing API security, including authentication, authorization, encryption, and access control mechanisms. Knowledge of secure coding practices and common programming languages (e.g., Java, Python, C/C++, etc.). Knowledge of cloud security and DevSecOps processes. Excellent analytical and problem-solving skills with the ability to identify and mitigate complex security risks and vulnerabilities. Strong communication and interpersonal skills with the ability to effectively collaborate with cross-functional teams and stakeholders. Relevant security certifications such as CISSP, CEH, OSCP, etc., are preferred.

Job Title: Cybersecurity Intern (Paid) Company: Ziya Academy LLP Location: Muppathadam, Aluva, Kerala (On-site) About the Internship Are you interested in ethical hacking, network defense, and cybersecurity practices? Join Ziya Academy LLP as a Cybersecurity Intern and gain real-world experience identifying security vulnerabilities, defending systems, and using professional tools to protect digital assets. This internship is designed to equip you with practical skills and project experience to launch your career in cyber security. What You'll Learn Hands-on training with cyber security tools Real-time project exposure: vulnerability scans, network audits, and simulations Internship Certificate & Performance Letter upon completion Familiarity with tools like Wireshark , Nmap , Burp Suite , Metasploit , and Kali Linux Opportunity to grow into a full-time cybersecurity analyst or ethical hacker role Eligibility Students, freshers, or graduates in Computer Science, IT, or Cybersecurity fields Basic knowledge of networking , Linux , or information security Strong interest in ethical hacking and cyber defense Must be available to work on-site at our Aluva location Key Learning Areas Cybersecurity Fundamentals & Threat Models Networking, TCP/IP & Web Security (OWASP Top 10) Vulnerability Assessment & Reporting Basics of Ethical Hacking & Penetration Testing Firewalls, VPNs, IDS/IPS Cyber Laws & Risk Assessment Tools: Kali Linux, Wireshark, Metasploit, Burp Suite Internship Duration 3 to 6 Months (Duration based on candidate availability and performance) Stipend & Growth Path Monthly Stipend: ₹3,000 – ₹6,000 (performance-based) Initial pay : 5000/- Top performers may receive a full-time job offer: ₹10,000 – ₹25,000/month Work Schedule & Mode Timing: Day Shift Mode: On-site (Muppathadam, Aluva) Perks & Benefits Mentorship from experienced cybersecurity professionals Access to live case studies & real-world security simulations Resume and LinkedIn profile development Internship Certificate & Letter of Recommendation Opportunity for full-time placement upon successful completion How to Apply Call or WhatsApp: +91 73063 53515 Email: ziyaacademyedu@gmail.com Job Details Job Types: Internship, Fresher, Full-time (Post-internship opportunity) Expected Post-Internship Salary: ₹10,000 – ₹25,000/month Supplemental Pay Options: ✔ Performance Bonus ✔ Overtime Pay ✔ Commission Pay ✔ Quarterly / Yearly Bonus ✔ Shift Allowance Work Location: In person (Aluva, Kerala) Job Types: Full-time, Permanent, Fresher, Internship Pay: ₹8,000.00 - ₹30,000.00 per month Schedule: Day shift Morning shift Supplemental Pay: Commission pay Overtime pay Performance bonus Quarterly bonus Shift allowance Yearly bonus Work Location: In person

Location: Mumbai/Bangalore Experience: 5 to 8 years Responsibilities: Conduct comprehensive security assessments, including network penetration testing and vulnerability analysis, to identify security gaps in critical systems. Simulate real-world attacks to test the effectiveness of security measures and identify potential weaknesses. Develop and execute red team operations, including social engineering, network exploitation, and physical security testing. Create detailed reports documenting findings, attack vectors, and remediation strategies. Stay up-to-date with the latest security trends, tools, and techniques to ensure cutting-edge testing methodologies. Complete the projects within budgeted efforts and deliver high quality reports. Open for onsite deployments anywhere across the world as business demands Required skill set: Bachelors degree in computer science, Information Security, or a related field. Strong understanding of network protocols, operating systems, and security architectures. Proficiency in using penetration testing tools such as Nessus, Metasploit, Burp Suite, and Wireshark and similar. Flexible and creative in helping to find acceptable solutions for customers. Excellent problem-solving skills and the ability to think like an attacker. Strong verbal and written communication skills to effectively convey complex security issues to technical and non-technical stakeholders. Relevant certifications such as OSCP, OSCE, CRTP or similar. Good to have Skills: Experience with reverse engineering and exploit development. Knowledge of cloud security and containerization technologies. Familiarity with regulatory requirements and industry standards (e.g., GDPR, PCI-DSS, ISO) Ability to work on multiple complex assignments simultaneously.

Job Title: VAPT Consultant Location: Coimbatore (Work from Office) Experience: 3+ years Availability: Immediate Joiners Preferred Job Description: We are looking for a skilled Vulnerability Assessment and Penetration Testing (VAPT) Consultant to join our team in Coimbatore. The ideal candidate will have a solid understanding of information security principles and hands-on experience in identifying and exploiting vulnerabilities across a variety of platforms. Key Responsibilities: Conduct end-to-end VAPT assessments for web applications, networks, APIs, cloud, and mobile applications Identify security vulnerabilities and provide detailed risk analysis reports Recommend appropriate remediation measures and assist in retesting Maintain documentation of all testing results, tools used, and findings Collaborate with clients and internal teams to ensure implementation of security best practices Stay updated with the latest vulnerabilities, exploits, and security trends Requirements: Minimum 3 years of relevant experience in VAPT Strong knowledge of tools like Burp Suite, Nessus, Metasploit, Nmap, etc. Familiarity with OWASP Top 10 and SANS CWE Good communication and reporting skills Certifications like CEH, OSCP (preferred but not mandatory) Show more Show less

Job description As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This position offers an exciting opportunity to work on challenging projects, collaborate with talented professionals, and contribute to the advancement of cybersecurity practices. Key Responsibilities : Perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) for clients' IT infrastructure, applications, and networks. Conduct thorough security assessments using industry-standard tools and methodologies, including but not limited to, Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Identify and exploit security vulnerabilities to assess the potential impact on clients' systems and data. Prepare detailed assessment reports outlining findings, risk levels, and recommended remediation measures. Collaborate with clients' IT teams to prioritize and address identified security issues in a timely manner. Develop and implement custom scripts or tools to enhance testing capabilities and automate repetitive tasks. Stay abreast of emerging security threats, vulnerabilities, and industry best practices to continually improve testing methodologies. Provide guidance and mentorship to junior security engineers, fostering a culture of knowledge sharing and skill development within the team. Requirements: Bachelor's degree in Computer Science, Information Technology, or related field. 2+ years of experience in cybersecurity, with a focus on Vulnerability Assessment and Penetration Testing. Proficiency in using tools such as Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Hands-on experience with various operating systems, including Windows, Linux, and Unix. Strong understanding of network protocols, web application architecture, and common security vulnerabilities. Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar certifications preferred. Excellent analytical skills and attention to detail, with the ability to prioritize and manage multiple tasks effectively. Effective communication skills, both verbal and written, with the ability to convey technical concepts to non-technical stakeholders. Proven track record of delivering high-quality security assessments and actionable recommendations. Show more Show less

Job Description: Position - Security Incident Responder Exp. - 4+ Years Location - Gurgaon ( 5 Days WFO ) Apply Here : https://forms.gle/1PVR9KTHvRaeMBuj8 Snowbit is looking for an experienced Security Incident Responder to join our Managed Detection and Response (MDR) team. This role requires expertise in incident response, threat hunting, and forensic investigations, with a strong emphasis on cloud environments and Kubernetes. You will lead efforts to protect our customers from advanced cyber threats while contributing to the continuous improvement of Snowbit’s methodologies, processes, and technology stack. What You’ll Do: Leverage Snowbit’s advanced MDR platform to lead large-scale incident response investigations and proactive threat-hunting initiatives. Conduct log analysis, and cloud artifact reviews using EDR and similar tools depending on availability, to support incident resolution and root-cause investigations. Investigate and respond to security incidents in containerized environments, with a specific focus on Kubernetes security and architecture. Research evolving cyberattack tactics, techniques, and procedures (TTPs) to strengthen customer defenses and codify insights for our services. Provide technical and executive briefings to customers, including recommendations to mitigate risk and enhance cybersecurity posture. Collaborate with internal teams, including engineering and research, to enhance Snowbit’s MDR and incident response capabilities. Partner with customer teams (IT, DevOps, and Security) to ensure seamless integration and adoption of Snowbit’s MDR services. Share expertise through presentations, research publications, and participation in the global cybersecurity community. Experience: 3-5 years in incident response, threat hunting with strong experience in cloud security (AWS, Azure, GCP) and Kubernetes environments. Proven Incident response experience in complex environments. Technical Skills: Demonstrates strong expertise in understanding adversary tactics and techniques, translating them into actionable investigation tasks, conducting in-depth analysis, and accurately assessing the impact. Familiarity with attack vectors, malware families, and campaigns. Deep understanding of network architecture, protocols, and operating system internals (Windows, Linux, Unix). Expertise in Kubernetes security, including container orchestration, workload isolation, and cluster hardening. Experience securing Kubernetes infrastructure, runtime security, and security monitoring. Problem-Solving: Ability to work independently and collaboratively in dynamic, fast-paced environments. Communication: Excellent written and verbal communication skills to interact with technical and non-technical stakeholders. Preferred Skills: Scripting skills (e.g., Python, PowerShell) Experience with Red Team operations, penetration testing, or cyber operations. Hands-on knowledge of attack frameworks (e.g., MITRE ATT&CK, Metasploit, Cobalt Strike). Proficiency in host forensics, memory forensics, and malware analysis. Show more Show less

Job Title: Cybersecurity Intern (Paid) Company: Ziya Academy LLP Location: Muppathadam, Aluva, Kerala (On-site) About the Internship Are you interested in ethical hacking, network defense, and cybersecurity practices? Join Ziya Academy LLP as a Cybersecurity Intern and gain real-world experience identifying security vulnerabilities, defending systems, and using professional tools to protect digital assets. This internship is designed to equip you with practical skills and project experience to launch your career in cyber security. What You'll Learn Hands-on training with cyber security tools Real-time project exposure: vulnerability scans, network audits, and simulations Internship Certificate & Performance Letter upon completion Familiarity with tools like Wireshark , Nmap , Burp Suite , Metasploit , and Kali Linux Opportunity to grow into a full-time cybersecurity analyst or ethical hacker role Eligibility Students, freshers, or graduates in Computer Science, IT, or Cybersecurity fields Basic knowledge of networking , Linux , or information security Strong interest in ethical hacking and cyber defense Must be available to work on-site at our Aluva location Key Learning Areas Cybersecurity Fundamentals & Threat Models Networking, TCP/IP & Web Security (OWASP Top 10) Vulnerability Assessment & Reporting Basics of Ethical Hacking & Penetration Testing Firewalls, VPNs, IDS/IPS Cyber Laws & Risk Assessment Tools: Kali Linux, Wireshark, Metasploit, Burp Suite Internship Duration 3 to 6 Months (Duration based on candidate availability and performance) Stipend & Growth Path Monthly Stipend: ₹3,000 – ₹6,000 (performance-based) Initial pay : 5000/- Top performers may receive a full-time job offer: ₹10,000 – ₹25,000/month Work Schedule & Mode Timing: Day Shift Mode: On-site (Muppathadam, Aluva) Perks & Benefits Mentorship from experienced cybersecurity professionals Access to live case studies & real-world security simulations Resume and LinkedIn profile development Internship Certificate & Letter of Recommendation Opportunity for full-time placement upon successful completion How to Apply Call or WhatsApp: +91 73063 53515 Email: ziyaacademyedu@gmail.com Job Details Job Types: Internship, Fresher, Full-time (Post-internship opportunity) Expected Post-Internship Salary: ₹10,000 – ₹25,000/month Supplemental Pay Options: ✔ Performance Bonus ✔ Overtime Pay ✔ Commission Pay ✔ Quarterly / Yearly Bonus ✔ Shift Allowance Work Location: In person (Aluva, Kerala) Job Types: Full-time, Permanent, Fresher, Internship Pay: ₹8,000.00 - ₹30,000.00 per month Schedule: Day shift Morning shift Supplemental Pay: Commission pay Overtime pay Performance bonus Quarterly bonus Shift allowance Yearly bonus Work Location: In person

Job Title: Cybersecurity Intern (Paid) Company: Ziya Academy LLP Location: Muppathadam, Aluva, Kerala (On-site) About the Internship Are you interested in ethical hacking, network defense, and cybersecurity practices? Join Ziya Academy LLP as a Cybersecurity Intern and gain real-world experience identifying security vulnerabilities, defending systems, and using professional tools to protect digital assets. This internship is designed to equip you with practical skills and project experience to launch your career in cyber security. What You'll Learn Hands-on training with cyber security tools Real-time project exposure: vulnerability scans, network audits, and simulations Internship Certificate & Performance Letter upon completion Familiarity with tools like Wireshark , Nmap , Burp Suite , Metasploit , and Kali Linux Opportunity to grow into a full-time cybersecurity analyst or ethical hacker role Eligibility Students, freshers, or graduates in Computer Science, IT, or Cybersecurity fields Basic knowledge of networking , Linux , or information security Strong interest in ethical hacking and cyber defense Must be available to work on-site at our Aluva location Key Learning Areas Cybersecurity Fundamentals & Threat Models Networking, TCP/IP & Web Security (OWASP Top 10) Vulnerability Assessment & Reporting Basics of Ethical Hacking & Penetration Testing Firewalls, VPNs, IDS/IPS Cyber Laws & Risk Assessment Tools: Kali Linux, Wireshark, Metasploit, Burp Suite Internship Duration 3 to 6 Months (Duration based on candidate availability and performance) Stipend & Growth Path Monthly Stipend: ₹3,000 – ₹6,000 (performance-based) Initial pay : 5000/- Top performers may receive a full-time job offer: ₹10,000 – ₹25,000/month Work Schedule & Mode Timing: Day Shift Mode: On-site (Muppathadam, Aluva) Perks & Benefits Mentorship from experienced cybersecurity professionals Access to live case studies & real-world security simulations Resume and LinkedIn profile development Internship Certificate & Letter of Recommendation Opportunity for full-time placement upon successful completion How to Apply Call or WhatsApp: +91 73063 53515 Email: ziyaacademyedu@gmail.com Job Details Job Types: Internship, Fresher, Full-time (Post-internship opportunity) Expected Post-Internship Salary: ₹10,000 – ₹25,000/month Supplemental Pay Options: ✔ Performance Bonus ✔ Overtime Pay ✔ Commission Pay ✔ Quarterly / Yearly Bonus ✔ Shift Allowance Work Location: In person (Aluva, Kerala) Job Types: Full-time, Permanent, Fresher, Internship Pay: ₹8,000.00 - ₹30,000.00 per month Schedule: Day shift Morning shift Supplemental Pay: Commission pay Overtime pay Performance bonus Quarterly bonus Shift allowance Yearly bonus Work Location: In person

Job Title: Cybersecurity Intern (Paid) Company: Ziya Academy LLP Location: Muppathadam, Aluva, Kerala (On-site) About the Internship Are you interested in ethical hacking, network defense, and cybersecurity practices? Join Ziya Academy LLP as a Cybersecurity Intern and gain real-world experience identifying security vulnerabilities, defending systems, and using professional tools to protect digital assets. This internship is designed to equip you with practical skills and project experience to launch your career in cyber security. What You'll Learn Hands-on training with cyber security tools Real-time project exposure: vulnerability scans, network audits, and simulations Internship Certificate & Performance Letter upon completion Familiarity with tools like Wireshark , Nmap , Burp Suite , Metasploit , and Kali Linux Opportunity to grow into a full-time cybersecurity analyst or ethical hacker role Eligibility Students, freshers, or graduates in Computer Science, IT, or Cybersecurity fields Basic knowledge of networking , Linux , or information security Strong interest in ethical hacking and cyber defense Must be available to work on-site at our Aluva location Key Learning Areas Cybersecurity Fundamentals & Threat Models Networking, TCP/IP & Web Security (OWASP Top 10) Vulnerability Assessment & Reporting Basics of Ethical Hacking & Penetration Testing Firewalls, VPNs, IDS/IPS Cyber Laws & Risk Assessment Tools: Kali Linux, Wireshark, Metasploit, Burp Suite Internship Duration 3 to 6 Months (Duration based on candidate availability and performance) Stipend & Growth Path Monthly Stipend: ₹3,000 – ₹6,000 (performance-based) Initial pay : 5000/- Top performers may receive a full-time job offer: ₹10,000 – ₹25,000/month Work Schedule & Mode Timing: Day Shift Mode: On-site (Muppathadam, Aluva) Perks & Benefits Mentorship from experienced cybersecurity professionals Access to live case studies & real-world security simulations Resume and LinkedIn profile development Internship Certificate & Letter of Recommendation Opportunity for full-time placement upon successful completion How to Apply Call or WhatsApp: +91 73063 53515 Email: ziyaacademyedu@gmail.com Job Details Job Types: Internship, Fresher, Full-time (Post-internship opportunity) Expected Post-Internship Salary: ₹10,000 – ₹25,000/month Supplemental Pay Options: ✔ Performance Bonus ✔ Overtime Pay ✔ Commission Pay ✔ Quarterly / Yearly Bonus ✔ Shift Allowance Work Location: In person (Aluva, Kerala) Job Types: Full-time, Permanent, Fresher, Internship Pay: ₹8,000.00 - ₹30,000.00 per month Schedule: Day shift Morning shift Supplemental Pay: Commission pay Overtime pay Performance bonus Quarterly bonus Shift allowance Yearly bonus Work Location: In person

Job Title: Cybersecurity Intern (Paid) Company: Ziya Academy LLP Location: Muppathadam, Aluva, Kerala (On-site) About the Internship Are you interested in ethical hacking, network defense, and cybersecurity practices? Join Ziya Academy LLP as a Cybersecurity Intern and gain real-world experience identifying security vulnerabilities, defending systems, and using professional tools to protect digital assets. This internship is designed to equip you with practical skills and project experience to launch your career in cyber security. What You'll Learn Hands-on training with cyber security tools Real-time project exposure: vulnerability scans, network audits, and simulations Internship Certificate & Performance Letter upon completion Familiarity with tools like Wireshark , Nmap , Burp Suite , Metasploit , and Kali Linux Opportunity to grow into a full-time cybersecurity analyst or ethical hacker role Eligibility Students, freshers, or graduates in Computer Science, IT, or Cybersecurity fields Basic knowledge of networking , Linux , or information security Strong interest in ethical hacking and cyber defense Must be available to work on-site at our Aluva location Key Learning Areas Cybersecurity Fundamentals & Threat Models Networking, TCP/IP & Web Security (OWASP Top 10) Vulnerability Assessment & Reporting Basics of Ethical Hacking & Penetration Testing Firewalls, VPNs, IDS/IPS Cyber Laws & Risk Assessment Tools: Kali Linux, Wireshark, Metasploit, Burp Suite Internship Duration 3 to 6 Months (Duration based on candidate availability and performance) Stipend & Growth Path Monthly Stipend: ₹3,000 – ₹6,000 (performance-based) Initial pay : 5000/- Top performers may receive a full-time job offer: ₹10,000 – ₹25,000/month Work Schedule & Mode Timing: Day Shift Mode: On-site (Muppathadam, Aluva) Perks & Benefits Mentorship from experienced cybersecurity professionals Access to live case studies & real-world security simulations Resume and LinkedIn profile development Internship Certificate & Letter of Recommendation Opportunity for full-time placement upon successful completion How to Apply Call or WhatsApp: +91 73063 53515 Email: ziyaacademyedu@gmail.com Job Details Job Types: Internship, Fresher, Full-time (Post-internship opportunity) Expected Post-Internship Salary: ₹10,000 – ₹25,000/month Supplemental Pay Options: ✔ Performance Bonus ✔ Overtime Pay ✔ Commission Pay ✔ Quarterly / Yearly Bonus ✔ Shift Allowance Work Location: In person (Aluva, Kerala) Job Types: Full-time, Permanent, Fresher, Internship Pay: ₹8,000.00 - ₹30,000.00 per month Schedule: Day shift Morning shift Supplemental Pay: Commission pay Overtime pay Performance bonus Quarterly bonus Shift allowance Yearly bonus Work Location: In person