496 Metasploit Jobs - Page 15

Persevex is a leading EdTech company based in Bangalore, committed to empowering learners through high-quality, industry-relevant education. We specialize in delivering practical, career-focused training programs across domains like business, technology, finance, and cybersecurity. Position Overview We are looking for an experienced and passionate Cybersecurity Tutor to join our academic team on a contract basis . This is a remote opportunity ideal for professionals who are enthusiastic about mentoring and guiding students in the growing field of cybersecurity. Key Responsibilities Deliver engaging and structured online sessions on core cybersecurity topics. Prepare and update training materials, assignments, and case studies. Guide students through practical labs and simulated attack scenarios. Evaluate student performance and provide constructive feedback. Conduct doubt-clearing sessions, assessments, and mock interviews if required. Stay updated with industry trends to ensure content relevance. Required Skills & Qualifications Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field. Proven experience in cybersecurity (hands-on or teaching). Strong knowledge of topics such as network security, ethical hacking, cryptography, firewalls, threat modeling, and security compliance. Familiarity with tools like Wireshark, Metasploit, Burp Suite, etc. Excellent communication and presentation skills. Prior teaching or mentoring experience (online or offline) is a plus. Contract Details Type: Freelance / Contractual Mode: 100% Remote. Hours: Flexible (based on availability and batch schedule). Compensation: Competitive; based on experience and session volume. Why Join Persevex ? Work with a fast-growing, mission-driven EdTech company Flexible work schedule from anywhere. Opportunity to shape the careers of aspiring cybersecurity professionals. Be part of a collaborative and passionate team. To Apply: Send your resume and a brief cover letter to hr @persevex.com with the subject line: Application – Cybersecurity Tutor (Remote) Show more Show less

🔐 Cybersecurity Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Performance-Based) About INLIGHN TECH INLIGHN TECH is dedicated to delivering practical, industry-relevant learning experiences through immersive virtual internships. Our Cybersecurity Internship is designed to equip aspiring professionals with real-world skills in ethical hacking, threat analysis, and system defense through hands-on projects and guided mentorship. Internship Overview As a Cybersecurity Intern , you will gain critical exposure to information security principles, ethical hacking techniques, and cyber threat analysis . You will work on identifying vulnerabilities, simulating attacks, and building defenses — preparing you for roles in one of the most in-demand fields in tech. 🔧 Key Responsibilities Assist in conducting vulnerability assessments and penetration testing Analyze and monitor network traffic for suspicious activity Perform security audits and help develop incident response protocols Use industry-standard tools like Nmap, Wireshark, Burp Suite, Metasploit , etc. Research emerging threats and recommend mitigation strategies Learn and apply OWASP Top 10 concepts and security best practices Document findings and support internal cybersecurity reporting ✅ Qualifications Pursuing or recently completed a degree in Cybersecurity, IT, Computer Science , or related field Basic understanding of networking, operating systems, and web security concepts Familiarity with tools such as Kali Linux, Burp Suite, Nessus, or similar Passion for ethical hacking, threat hunting, and system security Strong analytical skills and eagerness to learn Knowledge of Linux/command-line interfaces is a plus 🎓 What You’ll Gain Hands-on experience with real-world cybersecurity tasks and tools Deep understanding of cyber threats, vulnerabilities, and protection strategies Internship Certificate of Completion Letter of Recommendation for top performers Potential Full-Time Offer based on performance A portfolio of cybersecurity assessments and reports to showcase your skills Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Director Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As a Director, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory Skill Sets Bachelor’s degree (minimum requirement). 12+years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred Skill Sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years Of Experience Required 12 + years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills Accenture Managed Detection and Response (MDR) Ops Security Engineering Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Innovation, Intellectual Curiosity, Learning Agility, Managed Services, Optimism {+ 20 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Who are we and what do we do? BrowserStack is the world's leading software testing platform powering over two million tests every day across 19 global data centers. BrowserStack's products help developers build bug-free software for the 5 billion internet users accessing websites and mobile applications through millions of combinations of digital environments—devices, browsers, operating systems, and versions. We help Tesco, Shell, NVIDIA, Discovery, Wells Fargo, and over 50,000 customers deliver quality software at speed by moving testing to our Cloud. With BrowserStack, Dev and QA teams can move fast while delivering an amazing experience for every customer. BrowserStack was founded by Ritesh Arora and Nakul Aggarwal in 2011 with the vision of becoming the testing infrastructure for the internet. We recently secured $200 million in Series B funding at a $4 billion valuation in June 2021. At BrowserStack We Solve Real Problems—each Day Is a Unique Challenge And An Opportunity To Make a Difference. We Strive To Be Open, Transparent, And Collaborative, So No Feat Is Too Big To Achieve. BrowserStack Is An Extension Of Its People And a Place Where They Can Grow Both Professionally And Personally. To That Effect, We’re Humbled To Be Recognized By Leading Organizations Around The World BrowserStack is Great Place to Work-Certified™ 2020-21 Named “SaaS Startup of the Year” in 2022 by SaaSBOOMi Ranked in Forbes Cloud 100 in 2021 - for the second time Featured in LinkedIn Top Startups India 2018 NOTE : This position is for Mumbai (Remote), please apply only if are from Mumbai or open to relocate to Mumbai. Role In a Nutshell As a Security Analyst, you will be responsible for identifying and mitigating security risks by conducting penetration tests and automating security processes. You will work closely with engineering teams to ensure vulnerabilities are effectively remediated and security is integrated into development workflows. Desired Experience - Experience of 1-3 years. Understanding of vulnerability assessment, secure code review, pentesting methodologies, OWASP Top 10, and API security. Experience with tools like Burp Suite, Nmap, Metasploit, TCPDump, etc. Proficiency in at least one scripting language (e.g., Python, Bash) for automating security tasks. Basic knowledge of Linux commands, file system navigation, and networking concepts. Strong interpersonal and communication skills (written and verbal). Ability to take initiative and deliver committed results. Exposure to cloud security principles in AWS, GCP, or Azure (good to have). What will you do? Conduct penetration tests on web applications, APIs, and infrastructure. Automate security testing and vulnerability detection. Work with developers to remediate vulnerabilities and implement security best practices. Vulnerability management - triage and manage vulnerabilities identified through scanning and manual efforts Benefits In addition to your total compensation, you will be eligible for following benefits, which will be governed by the Company policy: Medical insurance for self, spouse, upto 2 dependent children and Parents or Parents-in-law up to INR 5,00,000 Gratuity as per payment of Gratuity Act, 1972 Unlimited Time Off to ensure our people invest in their wellbeing, to rest and rejuvenate, spend quality time with family and friends Remote-First work environment that allows our people to work from anywhere in India Remote-First Benefit for home office setup, connectivity, accessories, co-working spaces, wellbeing to ensure an amazing remote work experience Show more Show less

Job Title: Consultant / Manager / Senior Manager – VAPT Location: Gurgaon Experience Required: 2 to 10 years Work Mode: Onsite (Gurgaon) Certification: OSCP – Mandatory Role Overview: We are looking for skilled cybersecurity professionals across levels ( Consultant to Senior Manager ) to join our Vulnerability Assessment & Penetration Testing (VAPT) team in Gurgaon . You will play a critical role in executing and leading security assessments across applications, infrastructure, network, and source code to identify vulnerabilities and recommend effective remediation. Key Responsibilities: For All Levels: Perform end-to-end VAPT on web applications, mobile applications, network, infrastructure, cloud, and source code . Identify, exploit, and document vulnerabilities with clear technical and business impact. Use both manual and automated tools to conduct deep-dive penetration testing. Prepare and present technical reports with actionable recommendations. Ensure adherence to OWASP, NIST, ISO 27001, PCI-DSS, and RBI cybersecurity guidelines . Additional Responsibilities Based on Experience Level: Manager / Senior Manager: Lead a team of consultants and guide them through complex assessments. Oversee project timelines, quality, and client deliverables. Engage with senior stakeholders (CIOs, CISOs, Security Heads) to discuss findings and mitigation strategies. Support practice development, training initiatives, and RFP support. Consultants / Senior Consultants: Execute hands-on penetration testing under guidance from seniors. Maintain high-quality documentation and assist in tool integration. Continuously upgrade skills through research and certification prep. Required Skills & Qualifications: 2 to 10 years of hands-on experience in penetration testing and vulnerability assessment . Strong knowledge of manual testing techniques beyond automated scanners. Expertise with tools such as Burp Suite, Metasploit, Nmap, Nessus, Qualys, AppScan, Fortify, Wireshark , etc. OSCP certification is mandatory. Familiarity with secure coding , scripting, and one or more programming languages (e.g., Python, Java, JavaScript). Good understanding of cloud security testing (AWS, Azure, GCP) is a plus. Strong analytical, communication, and report-writing skills. Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Director Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As a Director, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory skill sets: Bachelor’s degree (minimum requirement). 12+years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years of experience required: 12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Accenture Managed Detection and Response (MDR) Ops Security Engineering Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Innovation, Intellectual Curiosity, Learning Agility, Managed Services, Optimism {+ 20 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

🛡️ Cyber Security Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Based on Performance) About INLIGHN TECH INLIGHN TECH is an emerging edtech platform that empowers students through hands-on, real-world learning experiences. Our Cyber Security Internship is designed to equip aspiring professionals with practical skills in ethical hacking, network defense, and vulnerability assessment through project-based learning. 🚀 Internship Overview As a Cyber Security Intern , you will gain real-world exposure to security tools, frameworks, and attack simulations . You will assist in identifying potential vulnerabilities, analyzing threats, and learning how to protect digital assets in real-time environments. 🔧 Key Responsibilities Assist in network monitoring , intrusion detection, and log analysis Conduct basic vulnerability scans and help remediate identified risks Use tools such as Wireshark, Nmap, Burp Suite, Metasploit , and Kali Linux Understand and apply frameworks like OWASP Top 10 and NIST Work on ethical hacking simulations and penetration testing Prepare basic reports on threats, vulnerabilities, and risk mitigation strategies Stay up to date with the latest cybersecurity trends and attack vectors ✅ Qualifications Currently pursuing or recently completed a degree in Cyber Security, IT, Computer Science , or a related field Basic understanding of networking, Linux systems, and cybersecurity principles Familiarity with ethical hacking tools and scripting (Python/Bash) is a plus Strong analytical and problem-solving skills Eagerness to learn, explore, and grow in the field of information security 🎓 What You’ll Gain Hands-on experience with cybersecurity tools and techniques Understanding of real-world security challenges and responses A portfolio of cybersecurity tasks/projects to showcase your skills Internship Certificate upon successful completion Letter of Recommendation for top-performing interns Opportunity for a Full-Time Offer based on performance Show more Show less

🔐 Cybersecurity Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Performance-Based) About INLIGHN TECH INLIGHN TECH is dedicated to delivering practical, industry-relevant learning experiences through immersive virtual internships. Our Cybersecurity Internship is designed to equip aspiring professionals with real-world skills in ethical hacking, threat analysis, and system defense through hands-on projects and guided mentorship. Internship Overview As a Cybersecurity Intern , you will gain critical exposure to information security principles, ethical hacking techniques, and cyber threat analysis . You will work on identifying vulnerabilities, simulating attacks, and building defenses — preparing you for roles in one of the most in-demand fields in tech. 🔧 Key Responsibilities Assist in conducting vulnerability assessments and penetration testing Analyze and monitor network traffic for suspicious activity Perform security audits and help develop incident response protocols Use industry-standard tools like Nmap, Wireshark, Burp Suite, Metasploit , etc. Research emerging threats and recommend mitigation strategies Learn and apply OWASP Top 10 concepts and security best practices Document findings and support internal cybersecurity reporting ✅ Qualifications Pursuing or recently completed a degree in Cybersecurity, IT, Computer Science , or related field Basic understanding of networking, operating systems, and web security concepts Familiarity with tools such as Kali Linux, Burp Suite, Nessus, or similar Passion for ethical hacking, threat hunting, and system security Strong analytical skills and eagerness to learn Knowledge of Linux/command-line interfaces is a plus 🎓 What You’ll Gain Hands-on experience with real-world cybersecurity tasks and tools Deep understanding of cyber threats, vulnerabilities, and protection strategies Internship Certificate of Completion Letter of Recommendation for top performers Potential Full-Time Offer based on performance A portfolio of cybersecurity assessments and reports to showcase your skills Show more Show less

Description And Requirements CareerArc Code CA-DN Hybrid "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles And Responsibilities Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Optional: Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks. BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,638,100 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Min salary 1,228,575 Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. Mid point salary 1,638,100 Max salary 2,047,625 Show more Show less

Job Description Develop and deliver comprehensive training programs, focusing on Cybersecurity topics , fundamentals & concepts. Conduct Research , Design and Update curriculum for beginners and advanced learners in order to stay updated with evolving cybersecurity threats, tools, and technologies to ensure the curriculum remains relevant. Train and mentor students on tools, such as Wireshark, Metasploit, Burp Suite, and Splunk. Prepare Students for Certification - Train students to achieve industry-recognized certifications, such as CompTIA Security+, AZ-900, AZ-500, and Certified Ethical Hacker (CEH). This role requires a strong passion for teaching and mentoring students Required Skills with Qualification and Certification : Post Graduate in Computer Science/Information Technology Certifications such as CEH, CompTIA Security+, OSCP, CHFI, CISA/CISM, CPT/CVAPT, or GIAC certifications are required. Experience with cloud security (AWS, Azure, or GCP) , AWS GuardDuty, Azure Defender . Knowledge of data encryption, tokenization, and secure coding practices. Understanding of secure coding practices and CI/CD pipeline security Deep knowledge of firewalls (e.g., Palo Alto, Fortinet, Cisco ASA) Data Loss Prevention (DLP) Experience with IAM tools (Okta, Azure AD, ForgeRock, Ping Identity) with knowledge in Single Sign-On (SSO), Multi-Factor Authentication (MFA), LDAP, SAML, OAuth2 Knowledge of Container and Kubernetes Security Must have knowledge on network defence, Python programming, ethical hacking, intrusion detection, penetration testing, digital forensics, governance risk, cybersecurity fundamentals, and compliance. Should have a detailed understanding of cybersecurity methodologies with solid networking and Linux skills, Minimum 5 years of industry experience in cybersecurity with an experience in instructional design and curriculum development in Cyber Security is preferable. Location - Kolkata Freshers please do not apply. For those interested in applying for this position please send your resume at career@moople.in or call Veronica at 99033 97861 Show more Show less

Tesco India • Bengaluru, Karnataka, India • Full-Time • Permanent • Apply by 13-Jun-2025 About the role Systems Engineer III - Performance Engineer What is in it for you At Tesco, we are committed to providing the best for you. As a result, our colleagues enjoy a unique, differentiated, market- competitive reward package, based on the current industry practices, for all the work they put into serving our customers, communities and planet a little better every day. Our Tesco Rewards framework consists of pillars - Fixed Pay, Incentives, and Benefits. Total Rewards offered at Tesco is determined by four principles -simple, fair, competitive, and sustainable. Salary - Your fixed pay is the guaranteed pay as per your contract of employment. Leave & Time-off - Colleagues are entitled to 30 days of leave (18 days of Earned Leave, 12 days of Casual/Sick Leave) and 10 national and festival holidays, as per the company’s policy. Making Retirement Tension-FreeSalary - In addition to Statutory retirement beneets, Tesco enables colleagues to participate in voluntary programmes like NPS and VPF. Health is Wealth - Tesco promotes programmes that support a culture of health and wellness including insurance for colleagues and their family. Our medical insurance provides coverage for dependents including parents or in-laws. Mental Wellbeing - We offer mental health support through self-help tools, community groups, ally networks, face-to-face counselling, and more for both colleagues and dependents. Financial Wellbeing - Through our financial literacy partner, we offer one-to-one financial coaching at discounted rates, as well as salary advances on earned wages upon request. Save As You Earn (SAYE) - Our SAYE programme allows colleagues to transition from being employees to Tesco shareholders through a structured 3-year savings plan. Physical Wellbeing - Our green campus promotes physical wellbeing with facilities that include a cricket pitch, football field, badminton and volleyball courts, along with indoor games, encouraging a healthier lifestyle. You will be responsible for Collaborate with product managers and developers to understand product requirements and contribute to performance-focused design discussions. Create and maintain comprehensive non-functional test cases and use cases tailored to performance testing needs. Translate NFRs into detailed performance and security test plans, including SLAs, SLOs, and capacity benchmarks. Develop detailed performance test plans, including test cases and test data, and ensure alignment with business expectations. Execute various types of performance testing such as load, stress, scalability, and endurance tests to assess system behaviour under different conditions. Analyse performance test results to identify bottlenecks and inefficiencies and provide actionable insights for resolution. Monitor system performance using diagnostic tools and provide real-time feedback during testing cycles. Automate performance tests using modern, open-source tools and scripting languages to streamline testing processes. Collaborate with DevSecOps to integrate security testing into CI/CD workflows and enforce shift-left security practices. Document and report security vulnerabilities with risk ratings, reproduction steps, and remediation guidance. Work closely with QE, DevOps, and Development teams to ensure performance and security best practices are embedded throughout the SDLC. Provide detailed test reports, dashboards, and technical documentation for stakeholders. You will need Bachelor’s degree in computer science or a related engineering discipline. 12+ years of experience in Quality Engineering preferably in retail orgs or product organisations Application Testing: Hands-on experience in performance testing of APIs, microservices, web applications, and native mobile apps. Performance Testing Tools: Proficient in industry-standard tools such as JMeter, K6, Locust, Gatling, etc for load and stress testing. Scripting & Automation: Strong programming skills in Java, Python, and Shell scripting for developing and automating performance test scripts. Monitoring & Diagnostics: Expertise in using APM and logging tools - AppDynamics, Dynatrace, Splunk, New Relic, RunScope, Grafana to monitor & analyze system performance. Cloud & Containerization: Solid understanding of cloud platforms (Azure), container orchestration (Kubernetes), and containerization (Docker) for scalable performance testing. Database Performance: Ability to analyze and optimize SQL queries and database performance; familiarity with SQL, NoSQL databases, and pub-sub messaging systems. Infrastructure Knowledge: Understanding of load balancers, infrastructure design, and application architecture in both Azure cloud and on-premises environments. Security Tools: Experience with security and vulnerability assessment tools such as Burp Suite, OWASP ZAP, Metasploit, Nessus, and Nmap. Security Best Practices: Strong grasp of OWASP Top 10, CWE/SANS Top 25, and secure coding principles. Operating Systems: Comfortable working in Linux/Unix environments. Analytical Skills: Excellent problem-solving, debugging, and troubleshooting abilities. Communication: Strong verbal and written communication skills, with the ability to convey complex technical concepts clearly. About us Tesco in Bengaluru is a multi-disciplinary team serving our customers, communities, and planet a little better every day across markets. Our goal is to create a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility through technological solutions, and empowering our colleagues to do even more for our customers. With cross-functional expertise, a wide network of teams, and strong governance, we reduce complexity, thereby offering high-quality services for our customers. Tesco in Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 3,30,000 colleagues Tesco Technology Today, our Technology team consists of over 5,000 experts spread across the UK, Poland, Hungary, the Czech Republic, and India. In India, our Technology division includes teams dedicated to Engineering, Product, Programme, Service Desk and Operations, Systems Engineering, Security & Capability, Data Science, and other roles. At Tesco, our retail platform comprises a wide array of capabilities, value propositions, and products, essential for crafting exceptional retail experiences for our customers and colleagues across all channels and markets. This platform encompasses all aspects of our operations – from identifying and authenticating customers, managing products, pricing, promoting, enabling customers to discover products, facilitating payment, and ensuring delivery. By developing a comprehensive Retail Platform, we ensure that as customer touchpoints and devices evolve, we can consistently deliver seamless experiences. This adaptability allows us to respond flexibly without the need to overhaul our technology, thanks to the creation of capabilities we have built.

Location Bangalore, Karnataka, 560048 Category Engineering Job Type Full time Job Id 1189397 No Cloud Security Test Engineer This role has been designed as ‘’Onsite’ with an expectation that you will primarily work from an HPE office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: Aruba is an HPE Company, and a leading provider of next-generation network access solutions for the mobile enterprise. Helping some of the largest companies in the world modernize their networks to meet the demands of a digital future, Aruba is redefining the “Intelligent Edge” – and creating new customer experiences across intelligent spaces and digital workspaces. Join us redefine what’s next for you. What you’ll do: Design and execute complex penetration tests against cloud-native applications, infrastructure, and data stores. Exploit vulnerabilities in cloud platforms, such as AWS, Azure, and GCP, using advanced techniques and tools. Assess the security posture of cloud-native applications, microservices, and serverless architectures. Develop and execute attack scenarios that simulate real-world threats, including supply chain attacks, privilege escalation, and lateral movement. Lead and mentor a team of experienced penetration testers, providing guidance and support on advanced techniques and tools. Assign tasks, review deliverables, and ensure project timelines are met. Develop and maintain standard operating procedures for complex penetration testing activities. Must have B.E / B.Tech / M.Tech / MCA in Computer Science or Information Technology Must have a minimum of 2 to 6 years penetration testing, with a strong focus on cloud environments. In-depth understanding of cloud technologies (AWS, Azure, GCP) and their security implications. Proficiency in advanced penetration testing tools and techniques, such as Burp ,ZAP,Metasploit, Cobalt Strike, and PowerSploit. Experience with container technologies (Docker, Kubernetes) and serverless architectures. Strong scripting skills (Python, PowerShell) for automation and custom tool development. Experience with security orchestration, automation, and response (SOAR) platforms. Active security certifications such as OSCP, CSSLP or related is strongly desired . Ability to work well under minimal supervision. Requires strong interpersonal, organizational, written and verbal communication skills. What you need to bring: 4-8 years’ ofexperience Experience with threat hunting, red team assessments and intelligence gathering techniques. Knowledge of emerging security threats and vulnerabilities. Experience with cloud-native security controls and best practices. Strong understanding of cryptography and network protocols. Ability to think critically and creatively to identify and exploit vulnerabilities Additional Skills: Cloud Architectures, Cross Domain Knowledge, Design Thinking, Development Fundamentals, DevOps, Distributed Computing, Microservices Fluency, Full Stack Development, Release Management, Security-First Mindset, User Experience (UX) What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #aruba Job: Engineering Job Level: TCP_03 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Description and Requirements "At BMC trust is not just a word - it's a way of life!" Description And Requirements CareerArc Code CA-DN Hybrid "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles And Responsibilities Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Optional: Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks. BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,638,100 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Show more Show less

Job Description We are seeking a skilled and experienced Cybersecurity Specialist to join our dynamic team. The ideal candidate will have 3-7 years of experience in cybersecurity roles and a strong technical background in information security. If you're passionate about protecting data, identifying vulnerabilities, and implementing robust security measures. Key Responsibilities Develop, implement, and maintain cybersecurity policies, firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint security solutions, and data encryption. Conduct regular security assessments, risk analyses, and vulnerability assessments to identify potential weaknesses and mitigate risks. Experience in Web/Mobile/Network Penetration Testing and/or Vulnerability Assessment. Experience with web application vulnerability scanner (BurpSuite, AppScan, Acunetix, Web Inspect, etc). Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25. Deep knowledge of HTTP protocol and the ability to construct/manipulate HTTP requests. Ability to suggest/recommend remediation to fix vulnerability. Manual Penetration Testing skills and techniques are required besides automated tools and frameworks. Knowledge on Tools: Nmap, Kali Linux, Metasploit, Maltego, Burp Suite, Nessus, nexpose, Wireshark, sqlmap etc. Proficiency in Conducting API (REST, SOAP, XML, JSON) Security testing activities to identify and mitigate security : 3-7 years of experience in cyber security or a related field. Bachelor's degree in Computer Science, Information Security, Cyber Operations, or a related field (or equivalent experience). Strong understanding of networking concepts, security principles, and cyber threats. Proven experience with vulnerability scanning and penetration testing tools. Knowledge of regulatory requirements and compliance frameworks (e.g., PCI DSS, NIST, CIS Controls). Experience in Information security controls, and doing IT audits, ISO certifications is preferred. (ref:hirist.tech) Show more Show less

Description What We Are Looking For: Meltwater’s collaborative Security Team needs a passionate Security Engineer to continue to advance Meltwater’s security. Working with a group of fun loving people who are genuinely excited and passionate about security, there will be more laughs than facepalms! If you believe that improving security is about constantly moving technology forward to be more secure, and shifting security tools and checks earlier in the development lifecycle, then you’ll feel at home on Meltwater’s Security Team! At Meltwater we want to ensure that we can have autonomous, empowered and highly efficient teams. Our Security Team charges head on into the challenge of ensuring our teams can maintain their autonomy without compromising the security of our systems, services and data. Through enablement and collaboration with teams, Security Engineers ensure that our development and infrastructure practices have security defined, integrated and implemented in a common-sense manner that reduces risk for our business. Security Engineers define best practices, build tools, implement security checks and controls together with the broader Engineering and IT teams to ensure that our employees and our customers' data stays safe. As part of this, we leverage AWS as a key component of our cloud infrastructure. Security Engineers play a critical role in securing and optimizing AWS environments by implementing best practices, automating security controls, and collaborating with teams to ensure scalability, resilience, and compliance with industry standards. What You’ll do: In this role, you will be designing and implementing security functions ranging from checks on IaC (Infrastructure as Code) to SAST/DAST scanners in our CI/CD pipelines. You will be collaborating closely with almost every part of the Meltwater organization and help create security impact across all teams with strong support from the business. Collaborate closely with teams to help identify and implement frictionless security controls throughout the software development lifecycle Propose and implement solutions to enhance the overall cloud infrastructure and toolset. Perform ongoing security testing, including static (SAST), dynamic (DAST), and penetration testing, along with code reviews, vulnerability assessments, and regular security audits to identify risks, improve security, and develop mitigation strategies. Educate and share knowledge around secure coding practices Identify applicable industry best practices and consult with development teams on methods to continuously improve the risk posture. Build applications that improve our security posture and monitoring/alerting capabilities Implement and manage security technologies including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and security information and event management (SIEM) tools. Conduct vulnerability assessments, penetration testing, and regular security audits to identify risks and develop mitigation strategies. Monitor and respond to security incidents and alerts, performing root cause analysis and incident handling. Participate in incident response and disaster recovery planning, testing, and documentation. Manage identity and access management (IAM) solutions to enforce least privilege and role-based access controls (RBAC). Assist in the development of automated security workflows using scripting (Python, Bash, or similar). What You'll Bring: Strong collaboration skills with experience working cross functionally with a diverse group of stakeholders Strong communication skills with the ability to provide technical guidance to both technical and non-technical audiences Experience in implementing security controls early in the software development life cycle Knowledge of industry accepted security best practices/standards/policies such as NIST, OWASP, CIS, MITRE&ATT@CK Software developer experience in one or more of the following languages: JavaScript, Java, Kotlin or Python Experience in at least one public cloud provider, preferably AWS, with experience in security, infrastructure, and automation. Hands-on experience with SIEM platforms such as Splunk, QRadar, or similar. Proficiency in Linux operating system, network security, including firewalls, VPNs, IDS/IPS, and monitoring tools. Experience with vulnerability management tools (Snyk, Nessus, Dependabot) and penetration testing tools (Kali Linux, Metasploit). Experience in forensics and malware analysis. Self-motivated learner that continuously wants to share knowledge to improve others The ideal candidate is someone from a Software Development background with a passion for security. If you’re someone who understands the value of introducing security early in the software development lifecycle, and want to do so by enabling and empowering teams by building tools they WANT to use, we want to hear from you! What We Offer: Enjoy flexible paid time off options for enhanced work-life balance. Comprehensive health insurance tailored for you. Employee assistance programs cover mental health, legal, financial, wellness, and behaviour areas to ensure your overall well-being. Complimentary CalmApp subscription for you and your loved ones, because mental wellness matters. Energetic work environment with a hybrid work style, providing the balance you need. Benefit from our family leave program, which grows with your tenure at Meltwater. Thrive within our inclusive community and seize ongoing professional development opportunities to elevate your career. Where You'll Work: Hitec city, Hyderabad. When You'll Join: As per the offer letter Our Story At Meltwater, we believe that when you have the right people in the right environment, great things happen. Our best-in-class technology empowers our 27,000 customers around the world to make better business decisions through data. But we can’t do that without our global team of developers, innovators, problem-solvers, and high-performers who embrace challenges and find new solutions for our customers. Our award-winning global culture drives everything we do and creates an environment where our employees can make an impact, learn every day, feel a sense of belonging, and celebrate each other’s successes along the way. We are innovators at the core who see the potential in people, ideas and technologies. Together, we challenge ourselves to go big, be bold, and build best-in-class solutions for our customers. We’re proud of our diverse team of 2,200+ employees in 50 locations across 25 countries around the world. No matter where you are, you’ll work with people who care about your success and get the support you need to unlock new heights in your career. We are Meltwater. We love working here, and we think you will too. "Inspired by innovation, powered by people." Equal Employment Opportunity Statement Meltwater is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: At Meltwater, we are dedicated to fostering an inclusive and diverse workplace where every employee feels valued, respected, and empowered. We are committed to the principle of equal employment opportunity and strive to provide a work environment that is free from discrimination and harassment. All employment decisions at Meltwater are made based on business needs, job requirements, and individual qualifications, without regard to race, color, religion or belief, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, marital status, veteran status, or any other status protected by the applicable laws and regulations. Meltwater does not tolerate discrimination or harassment of any kind, and we actively promote a culture of respect, fairness, and inclusivity. We encourage applicants of all backgrounds, experiences, and abilities to apply and join us in our mission to drive innovation and make a positive impact in the world. Show more Show less

Your day at NTT DATA The Vulnerability Assessment Specialist is a seasoned subject matter expert, responsible for conducting advanced vulnerability assessments, identifying vulnerabilities, and provides expert recommendations to mitigate security risks to ensure the security and integrity of the organization's systems and infrastructure. This role requires collaboration with cross-functional teams, and they lead/perform vulnerability assessments, analyze findings, and provide recommendations to mitigate security risks and contributes to the improvement of vulnerability management practices. What you'll be doing Key Responsibilities: Conducts vulnerability assessments using automated scanning tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components. Conducts penetration tests using automated tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components. Analyzes scan results and prioritizes vulnerabilities based on severity, impact, and exploitability. Assesses the potential risks associated with identified vulnerabilities. Analyzes the business impact, likelihood of exploitation, and potential attack vectors to prioritize remediation efforts based on risk severity. Provides detailed remediation recommendations to system owners, administrators, and IT teams. Collaborates to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities. Utilizes vulnerability scanning tools such as Nessus, OpenVAS, Qualys, or similar tools to conduct scans, configure scan policies, and fine-tune scan parameters for accurate and comprehensive assessments. Utilizes penetration testing tools such as Metasploit, Burp Suite, and similar tools to conduct tests, configure test policies, and fine-tune test parameters for accurate and comprehensive assessments. Prepares vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions. Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner. Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, coordination, and alignment on vulnerability management efforts. Communicates technical concepts and recommendations to non-technical stakeholders. Participates in security awareness programs and provides training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Promotes a culture of security awareness within the organization. Collaborates with incident response teams to identify and address vulnerabilities associated with security incidents. Provides support during incident response efforts and contribute to post-incident analysis and remediation. Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices. Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools. Shares knowledge and provides guidance to improve vulnerability management practices. Shares knowledge and provides guidance to improve penetration testing practices. Contributes to open source security projects and the security community. Performs any other related task as required. Knowledge and Attributes: Seasoned understanding of vulnerability assessment methodologies, tools, and industry best practices. Seasoned understanding of penetration testing methodologies, tools, and industry best practices. Seasoned understanding of networking concepts, operating systems, and common software vulnerabilities. Solid proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Solid proficiency in using penetration testing tools such as Metasploit, Burp Suite, and similar tools. Seasoned knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities. Solid knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases. Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions. Excellent written and verbal communication skills to prepare vulnerability assessment reports and effectively communicate technical information to diverse stakeholders. Excellent collaboration and teamwork skills to work effectively with cross-functional teams and stakeholders. Seasoned familiarity with security frameworks, standards, and regulatory compliance requirements. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP)GIAC Penetration Tester (GPEN) or GIAC Certified Vulnerability Assessor (GCVA) are beneficial. Required Experience: Seasoned demonstrated experience in information security or related roles, with a focus on conducting vulnerability assessments and providing remediation recommendations. Seasoned demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, network security assessments, penetration testing, or code review. Experience in bug bounty programs and identifying zero-day vulnerabilities is a plus.

Experience: 1 - 3 years Location: New Delhi Job Description : The Security Analyst will be responsible for conducting comprehensive security assessments, including audits, penetration testing, and compliance evaluations. This role requires a meticulous, analytical professional with OSCP and CEH certifications, capable of identifying vulnerabilities and recommending technical and strategic security improvements. Number of Requirements : 01 Key Responsibilities : Perform technical security audits across internal and client infrastructures (networks, systems, and applications). Conduct vulnerability assessments and manual penetration testing, including both black-box and white-box scenarios. Analyze security policies, standards, and configurations against best practices and compliance frameworks. Develop detailed audit and assessment reports with risk ratings and mitigation strategies. Collaborate with internal teams and client stakeholders to understand business requirements and security needs. Participate in incident response planning and security awareness training initiatives. Stay informed about the latest threats, attack techniques, and regulatory developments. Required Qualifications : Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience. Active OSCP (Offensive Security Certified Professional) certification. Active CEH (Certified Ethical Hacker) certification. 3+ years of experience in information security auditing, penetration testing, or ethical hacking. Strong understanding of operating systems (Linux, Windows), networking, and web application security. Hands-on experience with tools such as Burp Suite, Nmap, Metasploit, Wireshark, Nessus, etc. Excellent documentation and communication skills. Preferred Qualifications : Experience conducting audits for compliance standards (ISO 27001, PCI-DSS, HIPAA, etc.). Exposure to cloud environments (AWS, Azure, GCP) and their security models. Scripting knowledge in Python, Bash, or PowerShell. Additional certifications such as CISA, CISSP, or GPEN are a plus.

Your Role and Responsibilities Product-Security Technology Centre is responsible for ensuring that IBM products are secure by conducting timely Security reviews, penetration testing and following SPbD practices. As a penetration tester you will perform security testing of IBM product and SAAS offerings in development and production environment. You will also closely work with IBM product development teams to strengthen the security posture of their products by participating in threat model, source code security testing and share best practices / lessons learnt for secure coding/design. Key responsibilities Plan the penetration test Select, design and create appropriate tools for testing Perform the penetration test on computer systems, networks, web-based and mobile applications Document your methodologies, findings Gather the data intelligence not only from the output of the automated penetration tools but also from information gathered from interaction with product teams , previous results , threat model and source code scanning inputs. Review your findings and feedback to development teams Analyse the outcomes and make recommendations for security improvements Carry out application, network, systems and infrastructure penetration tests Review physical security and perform social engineering tests where appropriate Evaluate and select from a range of penetration testing tools Keep up to date with latest testing and ethical hacking methods Deploy the testing methodology and collect data Report on findings to a range of stakeholders Make suggestions for security improvements Enhance existing methodology material Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Experience – 2 to 5 years in Cybersecurity Web Application Testing Basic understanding of HTTP Protocol HTTP Methods, Request/Response Headers, Cookies, TCP/IP connections over HTTP etc. Basic understanding of HTML/JavaScript Good Understanding of security vulnerabilities, OWASP Top 10 vulnerabilities Automated Testing Must have knowledge of at least one of IBM AppScan OR BurpSuite scanner. (Good to have knowledge of both the tools.) Should be able to configure automated scanner (such as Login sequence, manually exploring critical flaws, Policy customization, scan throttling, etc) to perform successful scan. Assessment of scanner results and intelligently identifying false positives from the scan results. Knowledge of Burp features mainly, Spider, Intruder, Scanner, Repeater and Extender. Manual Testing: Should be able to understand the above mentioned OWASP Top 10 categories to perform manual testing. Flaws like, Authentication (session management) testing, CSRF, business logic testing which are not detected by an automated scanner must be identified using manual testing. Understanding of the workflow of the application and identifying the entry points to detect possible vulnerabilities. Preferred technical and professional experience Preferred Professional and Technical Expertise Webservice Testing SOAP/REST APIs testing. Configuring cURL commands and POSTMAN tool to capture the request in automated scanner. Network Testing Basic understanding of networking protocols such as TCP, UDP, DNS, DHCP etc. Basic understanding of network devices like router, switches, firewall/IDS/IPS etc.. Network scanning tools such as Nessus, Nmap, Metasploit etc. Exploitation and Post Exploitation of network vulnerabilities. Threat Model and Source code security scanning Perform/Participate in threat model creation/design or review Perform source code security scanning using (SAST) tools like Sonarqube, AppScan, Mend and other popular open-source tools. Security Certifications Any of the security certifications such as CEH, ECSA, EWPT, EWPTX, OSCP, GPEN, GWAPT etc

Job Title:- Penetration Tester We are looking for Penetration Tester to join our security team & who will be responsible for Web & Mobile VAPT. Job Description : Qualysec Technologies is seeking a skilled and highly motivated Penetration Tester to join our fabulous security team in Bhubaneswar. The Penetration Tester will be mainly responsible for performing security testing of Web & Mobile applications including identifying, evaluating, and exploiting vulnerabilities in various systems, networks, and applications. Qualification :- Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. Experience :- 0 to 1 years Location :- Bhubaneswar Job Type :- Full Time Responsibilities Perform vulnerability assessments & penetration testing (VAPT) on Web, APIs and mobile applications Identify and exploit vulnerabilities in products under test prepare reports by documenting identified issues based on internal templates Collaborating with other team members to improve the overall security posture of our clients. Enhance technical skills & knowledge by Staying up-to-date with emerging threats and vulnerabilities Skills Required Knowledge in penetration testing, vulnerability assessment, and ethical hacking. Knowledge in Pentesting of various applications i.e Web, Mobile (Android & iOS), APIs, Cloud (AWS / Azur )etc. Strong knowledge of security assessment tools such as Metasploit, BurpSuite, ZAP, OWASP tools, Kali Linux tools and Fuzzing tools Hands-on experience with manual and automated penetration testing methodologies. Experience in working with Standards such as NIST, OWASP, MITRE CWE etc. Strong understanding of network protocols, operating systems, and web application technologies. Excellent written and verbal communication skills, with the ability to clearly document and communicate findings and recommendations. About Us Qualysec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services. Our tailored solutions help businesses proactively defend against evolving cyber threats. With over four years of experience, we take pride in having served more than 150 clients across 21 countries—a testament to our commitment to quality and resilience. Our dynamic work environment and employee-focused culture drive our continuous growth and success. Job Type: Full-time Schedule: Day shift Note: Preference will be given to Odisha candidates. Job Types: Full-time, Permanent Schedule: Day shift Work Location: In person

Category: Administration Main location: India, Karnataka, Bangalore Position ID: J0625-0283 Employment Type: Full Time Position Description: Company Profile: Founded in 1976, CGI is among the largest independent IT and business consulting services firms in the world. With 94,000 consultants and professionals across the globe, CGI delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at cgi.com. Job Title: Cyber Security Engineer Position: Senior Systems Engineer/Lead Analyst Experience: 7+ yrs Category: IT Infrastructure Main location: Bangalore Position ID: J0625-0283 Employment Type: Full Time Qualification: Bachelor's degree in Computer Science or related field or higher with minimum 3 years of relevant experience. Job Description: At least 7+ years’ Experience in Vulnerability Assessment and Penetration testing of web applications, mobile applications, API and thick client applications. Good knowledge on web application security, OWASP, Application Security testing, Network Penetration testing, Code Review, Vulnerability Assessment and Appscan Experience in cyber security penetration testing (Manual, PT, VAPT, DAST, SAST, API) Hands on experience in setting up the network environment for VAPT Manual penetration testing skills and techniques are required besides automated tools and frameworks. Hands on experience in identifying false positives Hands on knowledge on tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, Sqlmap, Checkmarx etc Strong knowledge of tools for mobile application security, including but not limited to Appuse, MOBSF, Geny Motion, Kali Linux, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify On Demand Good Understanding of OWASP Top 10 for web application security and Mobile application security. Perform mobile vulnerability assessment and Penetration testing. Good understanding of Microservice based architecture Experience working in a DevSecOps environment with knowledge of continuous integration, containers, DAST/SAST tools Good understanding of Database security requirements. Good knowledge of cloud environments and should be able to perform VAPT on AWS, Azure etc. Scripting and coding experience(good to have) Certifications: OSCP, CEH Must have Skills : Good knowledge on web application security, OWASP, Application Security testing, Network Penetration testing, Code Review, Vulnerability Assessment and Appscan Experience in cyber security penetration testing (Manual, PT, VAPT, DAST, SAST, API) Hands on experience in identifying false positives Hands on knowledge on tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, Sqlmap, Checkmarx etc Good to have Skills : Excellent customer interfacing skills. Excellent written and verbal communication skills. Participating in Daily Standups and weekly reviews Strong attention to detail and outstanding analytical and Problem-solving skills. Understanding of Business, emerging technologies in relevant industry (Banking/CIAM ) , strong understanding of trends (market and technology) in areas of specialization. CGI is an equal opportunity employer. In addition, CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs. Life at CGI: It is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons Come join our team, one of the largest IT and business consulting services firms in the world Skills: Vulnerability Assessment(IAVA) What you can expect from us: Together, as owners, let’s turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction. Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team—one of the largest IT and business consulting services firms in the world.

Cloud Automation Test Engineer This role has been designed as ‘’Onsite’ with an expectation that you will primarily work from an HPE office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: Aruba is an HPE Company, and a leading provider of next-generation network access solutions for the mobile enterprise. Helping some of the largest companies in the world modernize their networks to meet the demands of a digital future, Aruba is redefining the “Intelligent Edge” – and creating new customer experiences across intelligent spaces and digital workspaces. Join us redefine what’s next for you. What you’ll do: Design and execute complex penetration tests against cloud-native applications, infrastructure, and data stores. Exploit vulnerabilities in cloud platforms, such as AWS, Azure, and GCP, using advanced techniques and tools. Assess the security posture of cloud-native applications, microservices, and serverless architectures. Develop and execute attack scenarios that simulate real-world threats, including supply chain attacks, privilege escalation, and lateral movement. Lead and mentor a team of experienced penetration testers, providing guidance and support on advanced techniques and tools. Assign tasks, review deliverables, and ensure project timelines are met. Develop and maintain standard operating procedures for complex penetration testing activities. Must have B.E / B.Tech / M.Tech / MCA in Computer Science or Information Technology Must have a minimum of 2 to 6 years penetration testing, with a strong focus on cloud environments. In-depth understanding of cloud technologies (AWS, Azure, GCP) and their security implications. Proficiency in advanced penetration testing tools and techniques, such as Burp ,ZAP,Metasploit, Cobalt Strike, and PowerSploit. Experience with container technologies (Docker, Kubernetes) and serverless architectures. Strong scripting skills (Python, PowerShell) for automation and custom tool development. Experience with security orchestration, automation, and response (SOAR) platforms. Active security certifications such as OSCP, CSSLP or related is strongly desired . Ability to work well under minimal supervision. Requires strong interpersonal, organizational, written and verbal communication skills. What you need to bring: 4-8 years’ ofexperience Experience with threat hunting, red team assessments and intelligence gathering techniques. Knowledge of emerging security threats and vulnerabilities. Experience with cloud-native security controls and best practices. Strong understanding of cryptography and network protocols. Ability to think critically and creatively to identify and exploit vulnerabilities Additional Skills: Cloud Architectures, Cross Domain Knowledge, Design Thinking, Development Fundamentals, DevOps, Distributed Computing, Microservices Fluency, Full Stack Development, Release Management, Security-First Mindset, User Experience (UX) What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #aruba Job: Engineering Job Level: TCP_03 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Our Company Techvantage.ai is a next-generation technology and product engineering company at the forefront of innovation in Generative AI, Agentic AI , and autonomous intelligent systems . We build intelligent, secure, and scalable digital platforms that power the future of AI across industries. Role Overview We are looking for a Senior Security Specialist with 8+ years of experience in cybersecurity, cloud security, and application security. You will be responsible for identifying, mitigating, and preventing threats across our technology landscape — particularly in AI-powered, data-driven environments. This role involves leading penetration testing efforts , managing vulnerability assessments , and implementing best-in-class security tools and practices to protect our platforms and clients. What we are looking from an ideal candidate? Design and implement robust security architectures for cloud-native and on-prem environments. Conduct penetration testing (internal/external, network, application, API) and deliver clear remediation strategies. Perform regular vulnerability assessments using industry-standard tools and frameworks. Lead threat modeling and risk assessments across systems, services, and data pipelines. Collaborate with development and DevOps teams to integrate security in SDLC and CI/CD pipelines (DevSecOps). Define and enforce security policies, incident response procedures, and access controls. Monitor for security breaches and investigate security events using SIEM and forensic tools. Ensure compliance with global standards such as ISO 27001, SOC 2, GDPR, and HIPAA. Provide guidance on secure implementation of AI/ML components and data protection strategies. Preferred Skills What skills do you need? Requirements 8+ years of experience in information security, application security, or cybersecurity engineering. Proficient in penetration testing methodologies and use of tools such as Burp Suite, Metasploit, Nmap, Wireshark, Nessus, OWASP ZAP, Qualys, etc. Deep experience in vulnerability management, patching, and security hardening practices. Strong understanding of OWASP Top 10, CWE/SANS Top 25, API security, and secure coding principles. Hands-on experience with cloud security (AWS, Azure, or GCP), IAM, firewalls, WAFs, encryption, and endpoint security. Familiarity with SIEM, EDR, IDS/IPS, and DLP solutions. Knowledge of DevSecOps and tools like Terraform, Kubernetes, Docker, etc. Excellent problem-solving, analytical, and incident-handling capabilities. Preferred Qualifications Certifications such as CISSP, CISM, CEH, OSCP, or AWS Security Specialty. Experience working on security aspects of AI/ML platforms, data pipelines, or model inferencing. Familiarity with governance and compliance frameworks (e.g., PCI-DSS, HIPAA). Experience in secure agile product environments and threat modeling techniques. What We Offer A mission-critical role securing next-gen AI systems Opportunity to work with an innovative and fast-paced tech company High visibility and leadership opportunities in a growing security function Compensation is not a constraint for the right candidate Show more Show less

JOB PURPOSE: The Head of mXDR Operations is responsible for leading and managing the operational aspects of cybersecurity at the airport, including oversight of the Managed Security Services Provider (MSSP) delivering SOC operations, Threat Hunting, Detection & Prevention, and Incident Response. The role also encompasses direct accountability for Information Security Operations covering both IT and OT (Operational Technology) domains, ensuring a unified and effective defense posture against cyber threats in a critical infrastructure environment. PRINCIPAL ACCOUNTABILITIES: SOC & mXDR Oversight Lead daily operations and governance of MSSP-managed Security Operations Center (SOC) and mXDR services. Review and validate alerts, use cases, playbooks, and tuning recommendations submitted by MSSP. Define and track service level agreements (SLAs), mean time to detect/respond (MTTD/MTTR), and other performance KPIs. Ensure continuous coverage across IT, cloud, and OT assets within the SOC’s visibility and telemetry scope. Collaborate with MSSP to plan capability upgrades (e.g., EDR, NDR, cloud telemetry integration). Optimize the performance of managed XDR solutions to proactively identify and mitigate risks. Monitor and evaluate partner performance, addressing any issues related to quality, cost, or delivery. Threat Hunting & Detection Engineering Guide the proactive hunting of threats across endpoints, networks, OT environments, and cloud workloads. Review hunting hypotheses and analytics built on threat intelligence, behavior analytics, and anomaly detection. Oversee development and refinement of detection rules, correlation logic, and behavioral models. Drive periodic reviews of MITRE ATT&CK coverage and detection effectiveness. Support threat simulation and emulation exercises (e.g., purple teaming) to enhance detection posture. Incident Response & Management Ensure a well-defined incident response plan is in place and regularly tested through simulations. Continuously improve detection and response capabilities based on threat intelligence and industry trends. Conduct post-incident reviews to identify lessons learned and improve processes. Act as the lead coordinator for high-severity and regulatory-reportable cyber incidents. Ensure MSSP follows incident response procedures and escalates as per predefined thresholds. Maintain and test incident response playbooks, RACI charts, and communication protocols. Coordinate evidence collection, forensic analysis, and root cause investigations. Oversee the implementation and verification of post-incident recovery and lessons learned. OT Cybersecurity Operations Work with the ICS Security SME to oversee deployment and operations of OT-specific security controls (e.g., ICS firewalls, passive monitoring). Support ICS Security SME in working with OT vendors and facilities teams to ensure security of SCADA, BMS, and other critical systems. Track vulnerabilities in OT assets and coordinate with ICS Security SME and stakeholders for safe remediation. Monitor lateral movement risks between IT and OT environments and enforce network segmentation. Ensure OT environments are covered in threat detection, logging, and alerting workflows. Information Security Operations Manage day-to-day internal security operations including DLP, endpoint protection, and access monitoring. Review all Change Requests and provide insight & recommendations ensuring CRs/amendments are fit for purpose, negotiated and executed by working with all stakeholders. Ensure critical patches, vulnerabilities, and security misconfigurations are tracked and remediated. Maintain visibility of high-value assets and enforce control compliance (e.g., logging, backup, access). Investigate user behavior anomalies and enforce insider threat detection measures. Coordinate identity and access management reviews for privileged and third-party access. Governance, Reporting & Compliance Generate monthly and quarterly dashboards covering alerts, incidents, SLAs, and threat trends. Report on MSSP adherence to contract deliverables, including risk exposure and gap analysis. Manage escalations as per contracted frameworks. Ensure unresolved escalations are tabled in governance forums and taken up for resolution. Drive the resolution of such escalations by working with all concerned stakeholders Coordinate with compliance teams for audits and regulatory inspections related to cybersecurity. Contribute to cyber risk assessments for critical airport systems and digital services. Ensure alignment with international frameworks (e.g., NIST CSF, ISO 27001, NIS2) and aviation-specific mandates. Strategic Leadership Provide strategic direction and leadership to the MSSP, fostering a culture of excellence and continuous improvement. Drive innovation in information security solutions and practices, ensuring the organization remains competitive and forward-looking. Act as a key advisor on Information Security matters, contributing to strategic decision-making. DIMENSIONS: Financial Optimize operational expenses while delivering high-value outcomes through effective vendor negotiations. Support financial risk mitigation by safeguarding against data breaches, penalties, and other cyber-related losses. Non-Financial Manage the MSSP (both remote and no-premises resources) with day-to-day tasks, review, and guidance on in-scope activities. Assess the skills, capabilities & expectations of the MSSP from time to time and work with MSSP management for right sourcing in BIAL account. Provide inputs on team capacity planning & hiring plans if any Lead and mentor MSSP team, fostering a high-performing team culture. Enhance the organization's ability to respond to and recover from cyber incidents effectively. Competency - Proficiency Level - Description: Cybersecurity Operations - Expert - Deep knowledge in SOC, SIEM, XDR, endpoint, network, and cloud security Threat Detection & Threat Hunting - Advanced - Experience in proactively identifying advanced threats and anomalies Incident Response & Forensics - Advanced - Skilled in leading structured incident response and root cause analysis OT Security - Intermediate - Understanding of OT systems and securing industrial environments Vendor & MSSP Management - Advanced - Strong experience in managing MSSP contracts and delivery governance Information Security Frameworks - Advanced - ISO 27001, NIST, MITRE ATT&CK, CIS Controls Communication & Reporting - Advanced - Capable of translating technical issues into business impact for leadership Risk Management & Compliance - Intermediate - Knowledge of regulatory and critical infrastructure compliance requirements Team Leadership & Collaboration - Advanced - Experience in leading internal security teams and cross-functional teams JOB SPECIFICATION: Knowledge and work skills: Comprehensive understanding of cybersecurity frameworks, technologies, and methodologies (e.g., NIST CSF, ISO 27001, MITRE ATT&CK, ITIL v3, PMP, TOGAF, ISO 20k & 27k and COBIT). Expertise in managed XDR operations, incident response, threat intelligence, and identity management. Familiarity with security architecture principles, ICS/OT security frameworks, and industrial protocols. Adequate knowledge of regulatory standards applicable to the industry. Proficient in process improvement and development practices Strong knowledge of SLA & service management, and operations management. Knowledge with InfoSec tools like: AV/EDR, Data Leakage Prevention, Metasploit, TripWire, Rapid7, Tenable, Snort, Nessus, Burp Suite, Appscan, Nmap, Wireshark, Firewalls, SIEM, SOAR, , SSE, CASB, PIM/PAM, WAF, O365 suite (Intune, Conditional access, Data classification and protection). Skills Minimum 10–12 years of experience in cybersecurity operations, with at least 5 years in a leadership or MSSP governance role. Experience in driving initiatives centered on continuous improvement, innovation, execution excellence, customer centricity and automation Analytical and problem-solving skills for assessing threats, vulnerabilities, and risks in complex environments. Exceptional communication and stakeholder management skills to influence decision-making and secure buy-in. Proven ability to lead cross-functional teams. Ability to build and maintain relationships with internal teams, partners, and external vendors. Qualifications Bachelor’s degree in computer science, Information Security, or a related field (Master’s degree preferred). Certifications such as CISSP, CISM, CISA, CEH, or equivalent are highly desirable. **Please note that this position requires 5 days work from Office. Show more Show less

Dear Candidate, TCS has been a great pioneer in feeding the fire of Young Techies like you. We are a global leader in the technology arena and there's nothing that can stop us from growing together. Role**: Application Penetration Tester Experience Range: 4+ years Joining Location: Bangalore/ Bhubaneshwar Desired Skill Set Any: Application Penetration testing Knowledge OWASP Vulnerabilities Experience with Secure Source Code Review using tools like Snyk, Checkmarx Experience with DAST tools like BrightSec Preferably having Development background and understanding of Multiple Coding language for Vulns eg .Net , Java, Python etc Good communication skills We are seeking skilled penetration tester to assess our systems, application and network through structured and unstructured testing. The candidate should have strong experience using tools such as Burp Suite, kali Linux, Metasploit and other offensive security frameworks to identify vulnerabilities and propose actionable mitigations Key Responsibilities Conduct penetration test on web , applications, API , internal and external networks. Perform vulnerability assessments and exploit the weakness using manual techniques and automated tools (e.g. Burp Suite , Kali Linux etc) Create comprehensive reports outlining findings , potential impact and remediation guidance Collaborate with development and infrastructure to prepare the plan for conducting the test and also mitigate the finding identified during the exercise. Required skills & Experience Proven experience in penetration testing and ethical hacking (5+ experience preferred) Strong knowledge and hands-on experience with Burp Suite, Kali Linux, NMAP, Metasploit etc. Proficiency in scripting languages for automating tasks and exploits Deep understanding of OWASP top 10 , MITRE ATT&CK framework and CVSS scoring Familiarity with various operating systems Ability to document technical findings in a clear, concise manner Regards, Priscilla Nancy HR TAG - Cyber Security Tata Consultancy Services Show more Show less

Vulnerability Assessment, Vulnerability Mitigation, Manual Penetration Testing using OWASP checklists, Penetration Testing, Cloud Security Assessment, Cyber Security Assessment Consulting, Cybersecurity, Cyber Security Perform comprehensive penetration testing and vulnerability assessments on enterprise networks, firewalls, routers, switches other infrastructure components Identify and exploit vulnerabilities to assess the security posture of network components Provide detailed reports with risk ratings, remediation steps, and security recommendations Work with IT DevOps teams to ensure timely resolution of vulnerabilities Utilize industry-standard tools such as Nessus, Nmap, Metasploit, Burp Suite, Wireshark, Open VAS Implement and manage vulnerability scanning solutions across the organization Collaborate with IT, DevOps security teams to ensure patches and mitigations are applied effectively Conduct security assessments for cloud environments (AWS, Azure, GCP) including configuration audits Identify misconfigurations, privilege escalations security risks in cloud infrastructure Implement continuous monitoring logging solutions for cloud security visibility