495 Metasploit Jobs - Page 16

Job Title: Penetration Tester Location: Remote Experience Required: 5 Years Employment Type: Full-Time Job Summary: We are seeking a highly skilled and experienced Senior Penetration Tester with 5 years of hands-on experience in offensive security. The ideal candidate will be responsible for conducting advanced security assessments, simulating real-world cyberattacks, and providing actionable recommendations to enhance the organization’s security posture. This role demands deep technical expertise, strong analytical skills, and the ability to communicate effectively with both technical and non-technical stakeholders. Key Responsibilities: Plan, execute, and document black-box, grey-box, and white-box penetration tests across various environments (web apps, networks, APIs, mobile, cloud, etc.) Conduct Red Team/Blue Team exercises and collaborate with threat hunters and SOC teams. Identify, exploit, and report vulnerabilities in systems, applications, and infrastructure. Develop and maintain custom exploitation tools, scripts, and payloads . Perform social engineering engagements , including phishing simulations and physical assessments (where applicable). Provide detailed, risk-based reporting , including technical findings, proof-of-concept exploits, and remediation guidance. Stay current with emerging threats, vulnerabilities, and tools in the cybersecurity domain. Mentor junior team members and contribute to the development of internal testing methodologies and frameworks. Participate in threat modeling, architecture reviews, and security design discussions . Required Skills and Qualifications: 5 years of professional experience in penetration testing, red teaming, or offensive security . Proficiency in tools such as Burp Suite, Metasploit, Nmap, Wireshark, Cobalt Strike, Nessus, etc. Deep understanding of OWASP Top 10 , MITRE ATT&CK , and NIST security frameworks . Strong knowledge of network protocols, web application architectures, cloud environments (AWS/Azure/GCP), and secure coding practices. Experience with manual testing techniques and not just automated scanners. Strong scripting and automation skills in Python, PowerShell, Bash, or Go . Experience with Active Directory exploitation , privilege escalation, and lateral movement techniques. Demonstrated ability to write clear, concise, and detailed technical reports. Strong verbal and written communication skills. Preferred Certifications (any of the following): Offensive Security Certified Professional (OSCP) Offensive Security Certified Expert (OSCE) Certified Red Team Professional (CRTP) GIAC Penetration Tester (GPEN) Certified Ethical Hacker (CEH) CREST Registered Tester or equivalent Show more Show less

Location Bangalore, Karnataka, 560048 Category Engineering Job Type Full time Job Id 1189397 No Cloud Automation Test Engineer This role has been designed as ‘’Onsite’ with an expectation that you will primarily work from an HPE office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE. Job Description: Aruba is an HPE Company, and a leading provider of next-generation network access solutions for the mobile enterprise. Helping some of the largest companies in the world modernize their networks to meet the demands of a digital future, Aruba is redefining the “Intelligent Edge” – and creating new customer experiences across intelligent spaces and digital workspaces. Join us redefine what’s next for you. What you’ll do: Design and execute complex penetration tests against cloud-native applications, infrastructure, and data stores. Exploit vulnerabilities in cloud platforms, such as AWS, Azure, and GCP, using advanced techniques and tools. Assess the security posture of cloud-native applications, microservices, and serverless architectures. Develop and execute attack scenarios that simulate real-world threats, including supply chain attacks, privilege escalation, and lateral movement. Lead and mentor a team of experienced penetration testers, providing guidance and support on advanced techniques and tools. Assign tasks, review deliverables, and ensure project timelines are met. Develop and maintain standard operating procedures for complex penetration testing activities. Must have B.E / B.Tech / M.Tech / MCA in Computer Science or Information Technology Must have a minimum of 2 to 6 years penetration testing, with a strong focus on cloud environments. In-depth understanding of cloud technologies (AWS, Azure, GCP) and their security implications. Proficiency in advanced penetration testing tools and techniques, such as Burp ,ZAP,Metasploit, Cobalt Strike, and PowerSploit. Experience with container technologies (Docker, Kubernetes) and serverless architectures. Strong scripting skills (Python, PowerShell) for automation and custom tool development. Experience with security orchestration, automation, and response (SOAR) platforms. Active security certifications such as OSCP, CSSLP or related is strongly desired . Ability to work well under minimal supervision. Requires strong interpersonal, organizational, written and verbal communication skills. What you need to bring: 4-8 years’ ofexperience Experience with threat hunting, red team assessments and intelligence gathering techniques. Knowledge of emerging security threats and vulnerabilities. Experience with cloud-native security controls and best practices. Strong understanding of cryptography and network protocols. Ability to think critically and creatively to identify and exploit vulnerabilities Additional Skills: Cloud Architectures, Cross Domain Knowledge, Design Thinking, Development Fundamentals, DevOps, Distributed Computing, Microservices Fluency, Full Stack Development, Release Management, Security-First Mindset, User Experience (UX) What We Can Offer You: Health & Wellbeing We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing. Personal & Professional Development We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division. Unconditional Inclusion We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. Let's Stay Connected: Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE. #india #aruba Job: Engineering Job Level: TCP_03 HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity. Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities. HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Job Description We are seeking a highly skilled and motivated Technical Security Professional specializing in Vulnerability Assessment and Penetration Testing (VAPT), Source Code Review, API Security, and Web Application Security. As a member of our team, you will be responsible for ensuring the security and integrity of our systems, applications, and networks. Responsibilities  Conduct comprehensive Vulnerability Assessments and Penetration Tests (VAPT) on various systems, networks, and applications to identify security weaknesses and potential vulnerabilities.  Perform thorough Source Code Reviews to identify security flaws, coding errors, and vulnerabilities in web applications and software products.  Assess and enhance API security by evaluating API designs, configurations, and implementations for potential security risks and vulnerabilities.  Evaluate and enhance the security posture of web applications by conducting thorough security assessments and implementing appropriate security controls.  Develop and implement security testing methodologies, tools, and procedures to improve the efficiency and effectiveness of security testing activities.  Provide technical expertise and guidance to development teams, system administrators, and other stakeholders on security best practices and mitigation strategies.  Collaborate with cross-functional teams to remediate identified security vulnerabilities and implement security controls to mitigate risks.  Stay updated on the latest security trends, vulnerabilities, and best practices to continuously improve the security posture of our systems and applications. Requirements:  Bachelor's degree in Computer Science, Information Security, or a related field. (Master degree preferred)  5 to 7 years of experience in conducting Vulnerability Assessments and Penetration Tests (VAPT) on enterprise systems, networks, and applications.  4 to 7 years of experience in performing Source Code Reviews for web applications and software products.  Proficiency in using industry-standard security testing tools such as Nessus, Metasploit, Burp Suite, etc.  Strong understanding of web application security principles, common vulnerabilities (e.g., OWASP Top 10), and mitigation techniques.  Experience in assessing and enhancing API security, including authentication, authorization, encryption, and access control mechanisms.  Knowledge of secure coding practices and common programming languages (e.g., Java, Python, C/C++, etc.).  Knowledge of cloud security and DevSecOps processes.  Excellent analytical and problem-solving skills with the ability to identify and mitigate complex security risks and vulnerabilities.  Strong communication and interpersonal skills with the ability to effectively collaborate with cross-functional teams and stakeholders.  Relevant security certifications such as CISSP, CEH, OSCP, etc., are preferred.

Job Description : Advanced Red team ops — Analyse and exploit AD and Networks for Vulnerabilities Skills : * Python, PowerShell for various tasks, including reconnaissance, privilege escalation and lateral movement within AD * Exploitation frameworks like Metasploit, Core Impact, etc. * c2 frameworks like havoc, sliver, mythic, cobalt strike, etc. * AD exploitation tools like Bloodhound, Powersploit, mimikatz, crackmapexec, " Knowledge : * Cyber killchain, MITRE attack Framework, TIBER * Active Directory architecture, policies, services and security mechanisms * AD attack techniques such as kerberoasting, Pass—the—Ticket, Golden Ticket attacks, etc. * Network Protocols and Services, vulnerabilities, exploitation vectors, defenders response and bypass * Access and Persistence Techniques on compromised machines and mitigations * Firewalls, IPS, IDS and other network controls and evasion techniques" Experience: 3-5 years working experience in similar role Certifications (not mandatory unless otherwise indicated): Undergrad/Grad courses in Computer Sc/IT preferred Desirable: * Offensive Security Certified Professional (OSCP) * Offensive Security Certified Expert (OSCE) * CRTP(Certified Red Team Professional by eLearnSecurity) * CTP (Cracking the Perimeter by Offensive Security) Show more Show less

Hiring Manager: Abhishar Balodhi Recruiter: Archana SM Location: Gurugram Carrer Level: E Why BT We’ve always been an organisation with a purpose; to use the power of communication to make a better world. You can trace this back to our beginning as pioneers of the world’s firs telecommunications company. At our heart we’re a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed.Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale capable of achieving great things. From supporting emergency services, hospitals, banks and keeping economies around the world online, safe and secure, to delivering large scale technology infrastructure like the creation of BT Sport. Today in this fast-changing, always on, digital world our purpose remains true. Yet the market conditions, regulations and competition we face are tougher than ever before. So, if you have the drive, optimism and resilience to help propel us forward we’ll offer unrivalled personal development, a wealth of opportunities to learn, experience new things and pursue new careers. If that’s you and what you’re looking for, we’d love you to be part of our future. Why this job matters As an experienced Information Security Services provider, we will help lead a highly motivated team laser-focused on analysing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What I’ll Be Doing – Your Accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support – Protect BT ISO27001 certificate for Offensive Security team The Skills You Need Pentest Skills – Web application pen test (OWASP, NIST framework), Network pen test (Linux, windows), API & Mobile pen test. Networking Skills – TCP/IP packet level understanding, Routing, Switching, firewall understanding. Linux Skills – Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework (CVE/CVSS) and Security assessment tools (such as Nmap, Metasploit, Burp Suite, SQL map, Nessus) Regulatory Understanding- PCI DSS guidelines, GDPR. Leadership Accountabilities Accountabilities of the job: Solution focused achiever: We need this person to focus on delivering exceptional penetration testing services Customer champion: we are transforming how we communicate with our customers and need responsible person with a customer-focused attitude. Change agent: We need a tester who sees our processes and immediately thinks of better ways to do what we are doing and then leads that change. Experience You Would Be Expected To Have Mandatory 2-4 Years experience in the field on pen testing. Mandatory Bachelor’s degree or higher preferred. CEH, OSCP, CREST, LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable of working successfully with end customers PREFERRED. BT is part of BT Group, along with EE, Openreach, and Plusnet. Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding. We value diversity and celebrate difference. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’ We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help and support, learning and development. This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it. Show more Show less

Job Description We are seeking a highly skilled and motivated Technical Security Professional specializing in Vulnerability Assessment and Penetration Testing (VAPT), Source Code Review, API Security, and Web Application Security. As a member of our team, you will be responsible for ensuring the security and integrity of our systems, applications, and networks. Responsibilities  Conduct comprehensive Vulnerability Assessments and Penetration Tests (VAPT) on various systems, networks, and applications to identify security weaknesses and potential vulnerabilities.  Perform thorough Source Code Reviews to identify security flaws, coding errors, and vulnerabilities in web applications and software products.  Assess and enhance API security by evaluating API designs, configurations, and implementations for potential security risks and vulnerabilities.  Evaluate and enhance the security posture of web applications by conducting thorough security assessments and implementing appropriate security controls.  Develop and implement security testing methodologies, tools, and procedures to improve the efficiency and effectiveness of security testing activities.  Provide technical expertise and guidance to development teams, system administrators, and other stakeholders on security best practices and mitigation strategies.  Collaborate with cross-functional teams to remediate identified security vulnerabilities and implement security controls to mitigate risks.  Stay updated on the latest security trends, vulnerabilities, and best practices to continuously improve the security posture of our systems and applications. Requirements:  Bachelor's degree in Computer Science, Information Security, or a related field. (Master degree preferred)  5 to 7 years of experience in conducting Vulnerability Assessments and Penetration Tests (VAPT) on enterprise systems, networks, and applications.  4 to 7 years of experience in performing Source Code Reviews for web applications and software products.  Proficiency in using industry-standard security testing tools such as Nessus, Metasploit, Burp Suite, etc.  Strong understanding of web application security principles, common vulnerabilities (e.g., OWASP Top 10), and mitigation techniques.  Experience in assessing and enhancing API security, including authentication, authorization, encryption, and access control mechanisms.  Knowledge of secure coding practices and common programming languages (e.g., Java, Python, C/C++, etc.).  Knowledge of cloud security and DevSecOps processes.  Excellent analytical and problem-solving skills with the ability to identify and mitigate complex security risks and vulnerabilities.  Strong communication and interpersonal skills with the ability to effectively collaborate with cross-functional teams and stakeholders.  Relevant security certifications such as CISSP, CEH, OSCP, etc., are preferred. Show more Show less

We are a leading Training Institute committed to building a skilled digital workforce. We are currently looking for a Cyber Security Trainer who can educate and empower learners with real-world cyber defense techniques and strategies. Key Responsibilities: Deliver interactive training sessions on Cyber Security Fundamentals, Ethical Hacking, Network Security, Threat Detection , and Penetration Testing . Cover tools and platforms like Kali Linux, Wireshark, Metasploit, Nmap , etc. Create and maintain training content, hands-on labs, case studies, and assessments. Guide students on industry best practices, compliance standards (ISO, NIST), and incident response. Stay updated with the latest security threats, tools, and technologies. Requirements: Strong hands-on experience in cyber security, ethical hacking, or IT security roles. Proficiency in security tools, Linux OS, and networking concepts. Prior experience in training/mentoring preferred. Excellent communication and teaching skills. Ability to deliver both beginner and advanced-level training. Preferred Qualifications: Certifications like CEH, CompTIA Security+, CISSP, OSCP are a plus. Experience in cloud security, DevSecOps, or security audits. Familiarity with cyber law and regulatory frameworks (GDPR, HIPAA, etc.). Job Types: Full-time, Permanent Pay: ₹10,228.99 - ₹32,802.78 per month Schedule: Day shift Ability to commute/relocate: Thiruvananthapuram, Kerala: Reliably commute or planning to relocate before starting work (Preferred) Work Location: In person

Job Summary: We are seeking a highly experienced “Senior VAPT & Penetration Testing Specialist” to lead and ensure the quality and effectiveness of our vulnerability assessment and penetration testing operations. This role involves findings, validating findings, reviewing technical reports, ensuring compliance with standards (OWASP, PTES, NIST, etc.), and improving methodologies and tools. Key Responsibilities: Conduct in-depth vulnerability assessments and penetration tests on web, mobile, network, API, and cloud infrastructure using manual and automation. Utilize industry-standard tools like SQLMap, Burp Suite, Nessus, Nmap, and custom scripts for advanced exploitation techniques. Simulate various cyber-attacks including DDoS, Brute Force, XSS, SQL Injection, DNS attacks, and Social Engineering to identify system vulnerabilities. Perform peer reviews of technical deliverables and verify accuracy of findings and recommendations. Ensure that all assessments are aligned with industry standards such as OWASP, PTES, MITRE ATT&CK, and NIST. Act as a technical lead and mentor for junior VAPT team and QA team members. Identify gaps in the current testing methodologies and implement process improvements. Prepare detailed documentation and the VA report and ensure clear, actionable, and risk-rated reporting. Collaborate with clients and internal teams to understand scope and provide post-assessment clarifications. Present the client meeting for the future VAPT assignments. Stay updated with emerging threats, tools, techniques, and frameworks. Required Skills & Qualifications: Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field. 3 to 5 years of hands-on experience in VAPT and penetration testing. In-depth knowledge of web, network, mobile, cloud, and API security. Strong understanding of secure coding practices and vulnerability management. Expertise in tools like Burp Suite, Nmap, Nessus, Metasploit, Qualys, Kali Linux, Wireshark, etc. Familiarity with SIEM, IDS/IPS, EDR tools is a plus. Excellent report writing and documentation skills. Strong communication and overseas client-interaction skills. Preferred Certifications: OSCP (Offensive Security Certified Professional) – Highly preferred CEH (Certified Ethical Hacker) CREST / GPEN / GWAPT / CISSP – Optional but desirable ISO 27001 Lead Auditor or Lead Implementer – Added advantage Job Type: Full-time Pay: Up to ₹1,800,000.00 per year Schedule: Monday to Friday UK shift Work Location: In person Speak with the employer +91 9429521724

Job Description Role Profile: The Cyber and IT Audit Manager will oversee IT and cybersecurity audits, managing a team of auditors to assess IT processes and Operational Technology (OT) environments. The manager will ensure audits are aligned with the company’s strategic objectives and regulatory requirements, with a focus on delivering value and identifying critical risks in IT and cybersecurity. This role includes responsibility for overseeing security assessments and implementing audit methodologies that support continuous improvement. Responsibilities ' Manage and execute a portfolio of IT and cybersecurity audits, focusing on complex audits related to IT general controls, cybersecurity frameworks, and OT environments. Oversee medium complexity security assessments for IT and OT systems, ensuring comprehensive audit coverage. Collaborate with the CAE, IT audit Director and IT stakeholders to build an audit pipeline, addressing emerging risks and identifying areas for process improvement. Lead the development of audit programs and methodologies, ensuring alignment with industry best practices and regulatory frameworks (e.g., NIST, COBIT, IEC 62443). Manage audit staff, providing guidance and ensuring adherence to professional standards (IIA, ITGC). Present audit findings to senior management, communicating risks, recommendations, and opportunities for improvement. Qualifications ' 7+ years of experience in IT auditing, cybersecurity, and OT systems. Proven experience managing audits and teams, with a focus on IT governance, cybersecurity, and risk management. Expertise with security assessment tools (e.g., Nmap, Nessus, Kali Linux, Metasploit, Burp Suite) and audit methodologies for IT and OT systems. Strong understanding of industry frameworks (NIST, COBIT, ISO 27001, MITRE ATT&CK) and IEC 62443 for OT environments. OT knowledge and experience is highly desirable. Certifications such as CISSP, CISA, CISM, OSCP, OSWP, CRTP, CEH, HTB CPTS, HTB CBBH, HTB CWEE are preferred. Bachelor’s or Master’s degree in Information Technology, Cybersecurity, or related disciplines. Strong leadership, project management, and communication skills, with the ability to influence stakeholders at all levels. At Nextracker, we are leading in the energy transition, providing the most comprehensive portfolio of intelligent solar tracker and software solutions for solar power plants, as well as strategic services to capture the full value of solar power plants for our customers. Our talented worldwide teams are transforming PV plant performance every day with smart technology, data monitoring and analysis services. For us at Nextracker, sustainability is not just a word. It's a core part of our business, values and our operations. Our sustainability efforts are based on five cornerstones: People, Community, Environment, Innovation, and Integrity. We are creative, collaborative and passionate problem-solvers from diverse backgrounds, driven by our shared mission to provide smart solar and software solutions for our customers and to mitigate climate change for future generations. Culture is our Passion Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Responsibilities In this position, you will primarily be researching and implementing detections for vulnerabilities on all the latest web application technologies. You will also be expected to fine-tune existing logic and payloads to detect vulnerabilities and CVEs with zero false positives for the Qualys Web Application Security product. Efficient problem-solving and troubleshooting skills are necessary, as well as using the latest tools in the industry. Required Skills: 3-5 years of industry experience in web application security Create exploits, proof-of-concept for web application vulnerabilities Strong JavaScript programming skills Knowledge of HTTP protocol (Requests, responses, Cookies, etc.) Understanding of web application vulnerabilities, OWASP top 10 in Web Applications, API, and LLMs Exposure to DAST/BlackBox tools Web application security scanning tools like BURP/ZAP, SQLMap, CURL Experience with network analysis tools and analysis of packet captures. Proficient with regular expressions. System administrator experience on Windows or Unix platforms. Strong analytical and problem-solving skills Passion for web security and attention to detail Experience with scripting languages, including Python and Bash Exposure to JAVA programming Experience with selenium, postman scripting Experience with Metasploit/Nessus exploits (especially HTTP-related ) Experience with web application firewalls (WAF) rules, ModSecurity Exposure to WEB 2.0, XML/XPath, JSON, Swagger Database/SQL knowledge Experienced in the use of various scanners and open-source security tools. Experience in developing security-related tools/programs. Ability to work independently Published research Security certifications Show more Show less

Description Design, implement, and manage deception strategies and technologies within the organisation's cybersecurity infrastructure. Responsibilities Hands-on experience in working with Deception Technology and SIEM Tool. Design and development of scalable, reliable, and fault-tolerant systems. Integrate/Modify existing open-source software according to the requirements. Prepare presentations and reports. Authoring research papers. Hands-on experience in virtualisation, cloud deployments, and networking. Ability to debug code and overcome fundamental challenges while coding. Hands-on experience in Python. Knowledge of tools like -- nmap, Metasploit, Wireshark, Burp suite, etc. Comfortable in using Linux OS. Good writing and communication skills to assist the group in technical writing. Eligibility A Bachelor's degree in computer science or a similar subject is required 2 years of experience in the same domain as mentioned under the category of responsibilities Travel As and when required, across the country for project execution and monitoring as well as for coordination with geographically distributed teams. Communication Submit a cover letter summarising your experience in relevant technologies and software along with a resume and the Latest passport-size photograph. Show more Show less

🔐 Cyber Security Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Based on Performance) About INLIGHN TECH INLIGHN TECH is focused on equipping students and graduates with practical, hands-on experience in emerging tech fields through structured virtual internships. Our Cyber Security Internship is designed to build a strong foundation in ethical hacking, threat detection, and system defense , making you industry-ready for a high-demand domain. 🚀 Internship Overview As a Cyber Security Intern , you will work on projects that simulate real-world cyber threats, learn to identify and mitigate vulnerabilities, and explore techniques used by security professionals to protect systems and data. 🔧 Key Responsibilities Conduct vulnerability assessments and basic penetration testing Analyze logs and traffic to identify potential threats or breaches Assist in incident response and threat mitigation activities Learn and work with tools such as Kali Linux, Burp Suite, Nmap, Metasploit, and Wireshark Study and apply the OWASP Top 10 and other security standards Support the development of security protocols and documentation Stay updated on emerging cyber threats and protection mechanisms ✅ Qualifications Currently pursuing or recently completed a degree in Cybersecurity, IT, Computer Science , or a related field Basic knowledge of networking concepts, operating systems, and system vulnerabilities Familiarity with ethical hacking techniques and cybersecurity tools Understanding of firewalls, encryption, and authentication methods Strong problem-solving skills and a desire to learn more about cyber defense Passion for cybersecurity and protecting digital environments 🎓 What You’ll Gain Hands-on experience with real-world cybersecurity tools and challenges Insight into threat analysis, penetration testing, and security compliance Internship Certificate upon successful completion Letter of Recommendation for high performers Opportunity for a Full-Time Offer based on performance A strong foundation for pursuing careers like Ethical Hacker, SOC Analyst, or Penetration Tester Show more Show less

We are looking for a highly skilled and experienced Senior VAPT Engineer to lead and conduct comprehensive vulnerability assessments and penetration tests across applications, networks, and systems. The ideal candidate will be responsible for identifying security risks, reporting vulnerabilities, and providing mitigation strategies to ensure enterprise-wide cybersecurity. 🛠️ Key Responsibilities: Conduct vulnerability assessments and penetration testing for networks, web/mobile applications, APIs, and cloud infrastructure Perform manual and automated testing using industry-standard tools (e.g., Burp Suite, Nmap, Nessus, Metasploit, Kali Linux, etc.) Identify, exploit, and document security flaws, misconfigurations, and weaknesses Prepare detailed assessment reports with technical findings, risk ratings, and remediation recommendations Collaborate with development, network, and infrastructure teams to guide and verify remediation efforts Stay updated on the latest security threats, attack vectors, and tools Contribute to the development and improvement of internal VAPT methodologies and checklists Ensure compliance with industry standards and frameworks (OWASP, ISO 27001, NIST, etc.) ✅ Requirements: Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field 4–7 years of experience in VAPT or ethical hacking Strong knowledge of OWASP Top 10, CVSS scoring, MITRE ATT&CK framework Experience with tools like Burp Suite Pro, Nessus, Acunetix, Wireshark, and scripting (Python, Bash, etc.) Familiarity with cloud environments (AWS, Azure, GCP) and container security (Docker/Kubernetes) is a plus CEH, OSCP, or other cybersecurity certifications preferred Excellent analytical and report writing skills Show more Show less

Company: Innovesta Group Location: Onsite – Sydney / Bella Vista, NSW, Australia Experience: 4 to 8 Years Employment Type: Full Time Salary: Best in Industry About Innovesta Group Innovesta Group is a dynamic technology advisory and investment firm driving innovation and digital transformation across Australia and APAC markets. We partner with high-growth technology companies to accelerate business outcomes by providing strategic leadership, operational excellence, and cutting-edge technical expertise. Our team thrives on excellence, collaboration, and delivering measurable value to our clients globally. Role Summary We are seeking a passionate and skilled Penetration Tester (OSCP Certified) to join our team onsite in Australia. The ideal candidate will have a strong offensive security background and a drive to identify and mitigate vulnerabilities in complex environments. Key Responsibilities Perform comprehensive penetration tests on applications, networks, and infrastructure. Provide clear, actionable security reports with remediation guidance. Work closely with cross-functional teams to improve security posture. Keep abreast of emerging security threats and attack methodologies. Develop and maintain automation tools and scripts to support penetration testing. Lead red team exercises and threat simulation activities. Mentor junior security engineers and contribute to security training initiatives. Required Qualifications & Experience 4-8 years in penetration testing/offensive security roles. OSCP certification required. Experience with Kali Linux, Burp Suite, Metasploit, Nmap, Wireshark, etc. Solid understanding of OWASP Top 10 and other common vulnerabilities. Strong reporting skills with ability to translate technical risks to business impact. Proficient in network protocols, operating systems, and encryption technologies. Excellent problem-solving and communication abilities. Preferred Skills Additional certifications such as OSCE, CEH, CISSP, GPEN are a plus. Cloud security experience (AWS, Azure, GCP). Scripting/programming skills in Python, Bash, PowerShell. Familiarity with threat hunting, red teaming, incident response. Understanding of DevSecOps and CI/CD security processes. Why Innovesta? Work with a fast-growing tech advisory firm driving impactful digital transformations. Engage with top-tier clients and cutting-edge projects. Opportunities for professional growth and skill development. Collaborative and innovative work culture. Show more Show less

Vice President - Cyber Security Operations Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a proven, high energy, results oriented Cybersecurity Operations Leader, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established SecOps Leader, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security posture. This is an opportunity for you to showcase your strong communication skills and experience in SOC operations, security governance & advisory, security risk management, security architecture, and cyber incident response programs. Job responsibilities: Service Delivery Management: Oversee the end-to-end delivery of Managed XDR, Attack Surface Reduction, and Advisory services to clients, ensuring high-quality outcomes and client satisfaction. SOC Operations Leadership: Lead and manage Security Operations Center (SOC) operations, ensuring effective monitoring, incident management, and response processes are in place. Incident & Escalation Management: Take responsibility for escalations arising from security event monitoring, incident management, and response. Ensure timely resolution and process improvements. SLA & Process Compliance: Ensure that service level agreements (SLAs) are met, while also driving process adherence, continuous improvements, and operational excellence. Governance & Metrics: Establish and refine operational foundations, defining key metrics and KPIs to drive governance, quality, and efficiency. Influence operational change to improve performance. Threat Management & Detection: Lead efforts in threat management, modeling, and hunting. Identify threat vectors and develop use cases and detection rules to enhance security monitoring capabilities. Team Training & Development: Ensure that the team’s skill development and training needs are adequately addressed to maintain cutting-edge security expertise. Cybersecurity Maturity & Resilience: Assist clients in identifying potential threats, vulnerabilities, and deficiencies, advising on measures to enhance their cybersecurity maturity and resilience. Solution Design & Communication: Evaluate client needs, create tailored security solutions, and effectively communicate the value proposition of complex security concepts to both technical and non-technical stakeholders. Security Assessments: Plan and execute IT security assessments of on-premise/cloud IT assets. Understand organizational objectives, policies, and regulations to identify risk areas and prepare comprehensive review programs. Stakeholder Communication: Possess strong communication skills to engage with senior management, board members, technical teams, and key client stakeholders to convey complex security concepts effectively. Sales & Proposal Support: Contribute to sales pursuits, proposals, and the development of security practice eminence. Drive business growth through strategic client relationships. Project Delivery: Lead and deliver complex security projects in a fast-paced, team-driven environment. Knowledge Sharing & Collaboration: Foster a collaborative environment by promoting and participating in forums that enhance the firm’s collective knowledge and assist clients with complex challenges. Enterprise Security Leadership: Provide leadership and strategic direction to the organization’s information security initiatives. Cybersecurity Strategy & Technology Update: Regularly update and refine the cybersecurity strategy to incorporate new technologies and emerging threat information. Client Relationship Management: Establish and maintain strong client relationships to further expand the service portfolio and ensure long-term client success. Job specifications: 1. Qualification: A bachelor’s degree in a related field (e.g., Computer Science, Cybersecurity, or Information Technology) and a minimum of 15 years of relevant work experience. Certifications Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA). Cloud security certifications from major Cloud Service Providers (AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect), or Certified Cloud Security Professional (CCSP) / Certificate of Cloud Security Knowledge (CCSK). 2. Desired Skills: Desired Skills & Experience : SOC Expertise: Strong understanding of SOC operations, design, and management. Experience with domain administration, network architecture, and change control procedures. Risk Management Knowledge: Familiarity with IT risk management standards and frameworks, including ISO 31000, NIST Cybersecurity Framework, ISO 27001/27002, GDPR, PCI DSS, SOC 1/SOC 2, COBIT, and HITRUST. Networking & Security Technologies: Knowledge of networking (TCP/IP, OSI model), operating systems (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS), and programming languages (C, Java, Perl, Shell). Threat Landscape Awareness: In-depth understanding of cyber-attacks, threat vectors, risk management, and incident response. Security Solutions Proficiency: Hands-on experience with MDR, EDR, XDR, SIEM, Vulnerability Management, IDS/IPS, NTA, UEBA, DLP, and other security technologies. Penetration Testing Tools: Familiarity with penetration testing and application security tools (Kali Linux, Metasploit, Burp Suite, Nessus, NMAP). Security Frameworks & Methodologies: Understanding of OWASP, the MITRE Attack Framework, Cyber Kill Chain, and the SDLC (Software Development Lifecycle). Cloud Security Expertise: Advanced knowledge of cloud security practices and implementations. Vendor/Partner & Client Management: Strong experience in vendor/partner management, client management, and the ability to lead client relationships effectively. Offerings Development: Ability to research and develop innovative security risk-based offerings that meet client needs. Shaping Client Expectations: Expertise in managing and shaping client expectations throughout engagement cycles. #CybersecurityLeadership #VPOfOperations #SecurityOperations #CyberOpsLeadership #OperationsLeadership #CybersecurityVP #SecurityOps #CybersecurityExec #TechOperations #InfoSecLeadership #VPJobs #LeadershipHiring #CybersecurityCareers #OperationsExcellence #SecurityLeadershipRoles #HyderabadJobs #HyderabadHiring #HyderabadCareers #HyderabadTech #HyderabadVP #HyderabadOperations Show more Show less

Senior Security Consultant (Thick Application Penetration Tester) NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most. NetSPI secures the most trusted brands on Earth through Penetration Testing as a Service (PTaaS), External Attack Surface Management (EASM), Cyber Asset Attack Surface Management (CAASM), and Breach and Attack Simulation (BAS). Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI brings a proactive approach to cybersecurity with more clarity, speed, and scale than ever before. NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers. Join the mission as a Senior Security Consultant. We are seeking a skilled expert and detail-oriented Penetration Tester to conduct thorough security assessments, identify vulnerabilities, and provide expert recommendations to strengthen our clients' security posture. As a Penetration Tester supporting Thick Applications, you will be responsible for performing Thick and Web Application Testing, while working closely with clients to deliver clear, actionable reports and contribute to the development of security best practices. Responsibilities : Conduct engagements independently and provide technical oversight on: Thick Application Penetration Testing Includes Web Application Penetration (WaPen) testing. Occasionally includes Mobile (MaPen) and IOT/embedded penetration testing. Review reports for accuracy in technical oversight, perform weekly QA oversight, and provide mentoring support to others Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes Participate in development, implementation, and oversight of testing, delivery, and management strategies for key client accounts Research and develop innovative techniques, tools, and methodologies for penetration testing services. Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations. Minimum Qualifications : Bachelors degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience Minimum of 5+ years of work experience in Thick Application Penetration Testing for applications written in managed (e.g. Java, C#, etc.) and unmanaged (e.g. C, C++, Swift, Rust, etc.) code Includes experience with offensive toolkits used in web application penetration testing. Experience with disassemblers and debuggers Examples include WinDbg, IDA, Ghidra, gdb and lldb. Experience with dynamic instrumentation toolkits Examples include Frida. Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus) Familiarity with offensive and defensive IT concepts and protocols Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks. Working knowledge of Windows, Linux and MacOS operating systems internals Experience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences Ability to work independently and as part of a team Proficient communication skills, both written and verbal This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs Preferred Qualifications: Ability to provide technical and QA oversight on Thick Application service line. Experience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#) Experience performing fuzz testing. The ability to reverse engineer proprietary application layer protocols. Experience with IOT/embedded penetration testing. Offensive Security Certifications (e.g., GXPN, GPEN, OSCP, GWAPT) We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.

The HiLabs Story HiLabs is a leading provider of AI-powered solutions to clean dirty data, unlocking its hidden potential for healthcare transformation. HiLabs is committed to transforming the healthcare industry through innovation, collaboration, and a relentless focus on improving patient outcomes. HiLabs Team Multidisciplinary industry leaders Healthcare domain experts AI/ML and data science experts Professionals hailing from the worlds best universities, business schools, and engineering institutes including Harvard, Yale, Carnegie Mellon, Duke, Georgia Tech, Indian Institute of Management (IIM), and Indian Institute of Technology (IIT). Be a part of a team that harnesses advanced AI, ML, and big data technologies to develop cutting-edge healthcare technology platform, delivering innovative business solutions. Job Title : Security Test Engineer Job Location : Pune, Maharashtra, India Job summary: We are a leading Software as a Service (SaaS) company that specializes in the transformation of data in the US healthcare industry through cutting-edge Artificial Intelligence (AI) solutions. HiLabs is looking for highly motivated and technical Sr. Software Development Engineers focused on the application of emerging technologies, who should continually strive to advance engineering excellence and technology innovation. The mission is to power the next generation of digital products and services through innovation, collaboration, and transparency. Responsibilities Design, implement, and manage security controls across cloud environments. Conduct regular vulnerability assessments, penetration tests, and risk analyses. Develop and execute test plans, test cases, and security automation scripts. Lead incident response activities including identification, containment, mitigation, and post-incident analysis. Collaborate with cross-functional teams to remediate vulnerabilities and strengthen defenses Work collaboratively with IT and engineering teams to integrate security best practices into daily operations and development cycles. Assess security controls and ensure compliance with relevant standards (e.g., OWASP, NIST, HIPAA, SocII Type2) by working closely with the compliance team. Maintain detailed security documentation and provide periodic reports to management Stay up to date with emerging threats, vulnerabilities, and security best practices. Desired Profile Bachelor’s degree in Computer Science, Information Security, or a related field. 3-6 years of experience in IT security, or related roles. Strong knowledge of IT security frameworks, best practices, and standards (e.g., NIST, ISO 27001). Hands-on experience with vulnerability management tools, SIEM solutions, and endpoint security technologies. Hands-on experience with security tools such as Kali Linux, Metasploit, Burpsuite, Wireshark, SonarQube, AppSec, Nmap, OWASP ZAP, and Nessus Understanding of security vulnerabilities, exploits, and mitigation techniques Proficiency in cloud security (AWS, Azure, or GCP) is a plus Solid understanding of network protocols, firewalls, VPNs, and IDS/IPS systems. Knowledge of security frameworks and standards (e.g., OWASP Top 10, CVSS, CIS Benchmarks). Excellent problem-solving skills and the ability to respond effectively under pressure Passionate about technology and delivering solutions to solve complex business problems Great collaboration and interpersonal skills Ability to work with team members and lead by example in code, feature development, and knowledge sharing Nice to Have Certifications such as CEH, OSCP or CompTIA Security+. Experience in the healthcare industry and knowledge of HIPAA compliance. Familiarity with container security and DevSecOps practices. Experience with automation and scripting (Python, Bash) for security tasks HiLabs is an equal opportunity employer (EOE). No job applicant or employee shall receive less favorable treatment or be disadvantaged because of their gender, marital or family status, color, race, ethnic origin, religion, disability, or age; nor be subject to less favorable treatment or be disadvantaged on any other basis prohibited by applicable law. HiLabs is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse and inclusive workforce to support individual growth and superior business results. Thank you for reviewing this opportunity with HiLabs! If this position appears to be a good fit for your skillset, we welcome your application. HiLabs Total Rewards Competitive Salary, Accelerated Incentive Policies, H1B sponsorship, Comprehensive benefits package that includes ESOPs, financial contribution for your ongoing professional and personal development, medical coverage for you and your loved ones, 401k, PTOs & a collaborative working environment, Smart mentorship, and highly qualified multidisciplinary, incredibly talented professionals from highly renowned and accredited medical schools, business schools, and engineering institutes. CCPA disclosure notice - https://www.hilabs.com/privacy Show more Show less

Job Description -: Experience of 4+ years • Hands-on experience of conducting security assessments of Web Applications, Mobile Applications, Web Services/APIs, Thick-clients. • Experience in tools such as burpsuite, nessus, nmap, acunetix, metasploit, checkmarx, etc. • Experience with Open Web Application Security Project (OWASP),SANS, Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. • Ability to explain technical vulnerabilities to both technical and non technical audience highlighting business risk. • Knowledge of at least one cloud technology (AWS, Azure,GCP) is desirable, preferrably AWS and Azure. • Good understanding of coding best practices and standards. • Good knowledge of at least one of the following programming/scripting languages viz. python, ruby, C#, powershell, C/C++, Java • Good communication skills. • Critical thinking and good problem-solving abilities. • Organized in planning and time management skills are preferred. • Certification on CEH (Certified Ethical Hacker) or OSCP (Offensive Security Certified Professional) is desirable. Roles & Responsibilities -: Conduct vulnerability assessment and penetration testing for application, and other infrastructure Conduct application security assessment of web applications, mobile applications, thick-client application and API. Conduct configuration reviews for Operating System, Database, Middleware, Firewall, Routers, Switches and other infrastructure. Conduct red-team assessments Conduct cloud security assessments Conduct source-code review using automated and manual approaches Ensure timely execution of projects, delivery of status updates and final reports. Stay abreast of the latest updates in technology, security trends, vulnerabilities, exploit techniques and security news. Proficient in Ms-Excel and Powerpoint.

Dear Candidate Tata Consultancy Services is hiring for VAPT EXCLUSIVE WALK IN DRIVE AT: Hyderabad: TCS Synergy Park Phase1, Premises No 2-56/1/36, Gachibowli, Opposite IIIT Hyderabad Campus, Seri Lingampally, RR District, Hyderabad, Telangana 500019 Bangalore: TCS L-Center, Vydehi RC-1 Block, EPIP Industrial Area, 82, 6th Rd, KIADB Export Promotion Industrial Area, Whitefield, Bengaluru, Karnataka 560066 Chennai: TCS Siru Seri ATL Building- 1/G1, SIPCOT IT Park Navalur, Siruseri, Tamil Nadu 603103 Mumbai: TCS OLYMPUS, Hiranandani Estate, Thane West, Thane, Maharashtra 400615 Noida: TCS Yamuna, first floor, Assotech Business Cressterra, VI Plot 22, Sector 135, Noida, Uttar pradesh- 201301 Kolkata: Tata Consultancy Services Limited | Gitanjali Park - IT/ITES SEZ, Plot-IIF / 3 Action Area-II, New Town, Rajarhat, Kolkata-700156, West Bengal, India. DRIVE DATE: 7-Jun-2025 REGISTRATION TIME 9:30 AM to 2:30PM EXPERIENCE: 6 to 15 Years JOB LOCATION: PAN INDIA Job description: Expertise and experience of conducting VAPT (Vulnerability Assessment and Penetration Testing) as per standards such as OWASP Top 10, SANS Top 25 and WASC, NIST, CISA Experience in Web Application Security Testing, Network security testing, Source code Review and Vulnerability Assessment and Penetration testing (SAST and DAST) Strong Experience of using open- source tools and commercials tools such as but not limited to Burp Suite, Metasploit, Nessus, Acunetix and open source with operating systems Windows and Linux. Perform research on new vulnerabilities, attack vectors, exploits, tools and industry trends for the above- mentioned services. CEH Certification Mandatory. Candidates with CISM, OSCP are preferred. Strong presentation and analytic skills, critical thinking and problem-solving skills are mandatory IF Interested in Walk-In Kindly share the details Interested professionals send your updated CV & the below details to varsha.muthukrishnan@tcs.com Kindly don't apply if you have given an interview in the last 1 month Full Name: Email: Contact Number: Total Experience: Relevant Experience: Current Location: Preferred Location: Notice Period: Current Company Name: All Previous Companies Names: Education or career gap in months/years (kindly mention if there's a gap between your education and your first organization): Reason for gap: Year of 10th Completion: Year of 12th Completion: Year of Under graduation Completion: Year of Post graduation Completion (if applicable): Highest Full-Time Education qualification: Highest Qualification Fulltime Y/N (Part-time courses are NOT eligible): University Name: Current CTC (Voluntary Disclosure): Expected CTC (Voluntary Disclosure): EP Reference Number (if already registered with TCS): Show more Show less

Company Overview: Jetking Gwalior Center is a premier IT training institute located in the heart of Gwalior, Madhya Pradesh. As an authorized training center of Jetking Infotrain Ltd., a renowned name in the IT education sector, we specialize in providing industry-relevant courses in areas such as Ethical Hacking, Cybersecurity, CCNA, Linux, Cloud Computing, and more. With over 78 years of legacy and more than 1.1 million students trained nationwide, Jetking stands as a testament to quality education and successful career placements. Our Gwalior center is committed to delivering hands-on training, real-time scenario-based learning, and a 100% job guarantee to our students. We pride ourselves on our state-of-the-art infrastructure, certified faculty, and a curriculum designed to meet the evolving demands of the IT industry. At Jetking Gwalior, we aim to empower individuals with the skills and knowledge necessary to excel in the ever-changing world of technology. Job Description: We are seeking a passionate and skilled Ethical Hacking & Cybersecurity Trainer to join our team. The ideal candidate will be responsible for delivering comprehensive training sessions, both online and in-person, covering various aspects of ethical hacking and cybersecurity. This role requires a deep understanding of networking, security protocols, and hands-on experience with industry-standard tools and certifications. Key Responsibilities: Design and deliver training modules on ethical hacking, penetration testing, and cybersecurity fundamentals. Conduct practical lab sessions to demonstrate real-world scenarios and solutions. Evaluate and assess student progress through assignments, quizzes, and practical exams. Stay updated with the latest trends, tools, and techniques in the cybersecurity field. Provide mentorship and guidance to students pursuing certifications like CEH, and CompTIA Security+. Collaborate with the curriculum development team to enhance training materials. Required Skills & Qualifications: Proficiency in networking concepts and protocols (TCP/IP, DNS, HTTP, etc.). Hands-on experience with Linux operating systems and command-line tools. Familiarity with Fortinet products and security solutions. Strong communication and presentation skills. Ability to explain complex concepts in a clear and understandable manner. Prior teaching or training experience is a plus. Certified Ethical Hacker (CEH) or equivalent certification. CompTIA A+ certification or equivalent. CompTIA Security+ certification or equivalent. Strong communication and presentation skills. Ability to explain complex concepts in a clear and understandable manner. Prior teaching or training experience is a plus. Preferred Skills: Experience with penetration testing tools like Metasploit, Burp Suite, and Wireshark. Knowledge of scripting languages such as Python or Bash. Understanding of security frameworks and compliance standards. Experience in setting up and managing virtual labs for training purposes. Job Type: Full-time Pay: ₹25,000.00 - ₹30,000.00 per month Schedule: Day shift Fixed shift Language: English (Preferred) Work Location: In person

About BNP Paribas India Solutions Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions. About BNP Paribas Group BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability Commitment to Diversity and Inclusion At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. About Business Line/Function For 150 years, BNP Paribas Wealth Management has been committed to protecting clients’ wealth, developing it, and eventually passing it on to their loved ones. We deliver tailor-made experience, with outstanding attention to detail and expertise from precise local knowledge to the global know-how that we access from the Group. Our goal is to create a new wealth management experience fit for a world where digital interactions have come to enhance human ones. Wealth Management Investment Solution Hub (WMIS Hub) provides a global IT solution for BNP Paribas Wealth Management where we develop, maintain and evolve IT applications which fits to the specific needs of BNP Paribas Wealth Management business users. Job Title Cybersecurity Manager Date Department: Wealth Management Location: Chennai Business Line / Function ITRCS Reports To (Direct) Grade (if applicable) (Functional) Number Of Direct Reports 16 Directorship / Registration NA Position Purpose Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the team’s goal. Main Scope Role of Wealth Management India IT Risk and Information Systems Security Manager, being understood this role includes delegations from APAC WM CISO for the team located in India territory and fully participates in overall WMIS Cybersecurity and IT Risk objectives. Participate to IT project security reviews conducted both on a global and APAC basis across all platforms. Participate in the Security Operation meetings in APAC, EMEA & CH regions. This requires the incumbent to foster close working relationships with other business areas and IT Development/Production/CSIRT/Production Security teams. The incumbent will work hand in hand with the IT Dev, Prod teams and the business, as an enabler and a facilitator. Responsibilities Direct Responsibilities WM IT Risk and Security Manager Manage the WM IT Risk and Security local team in India by managing the recruitment, performances review as well as training and career-path development. Coordinate with APAC WM security actors, including India-based resources. Coordinate with APAC WM IT teams on risk and security topics, while promoting a secure development and deployment culture Assist for a Risk Treatment for any APAC WM issue, based on the WM GAIM generic process. Periodic reporting of security status to WM CISO APAC and WM Global CISO Contribute to the IT Risk and Cybersecurity Governance including procedural framework, Cybersecurity awareness and communication. Ensure the regular reporting for management follow-up IT Security Compliance (delegation on WM APAC scope) Ensure the alignment with the Group and WM GAIM security policies, for both project and production assets. Ensure the protection of WM business data with an adequate security level of WM assets, based on project assessment and production review processes. Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS), EU (GDPR), Switzerland (FINMA) Leveraging on a deep knowledge of Security standards such as NIST, CIS,ISO2700x , ensure the compliance with the IT security requirements Ensure the compliance with the Third-party Technology risks and Cloud security. Identify the process gaps and provide solutions. Application Security Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices. Identify and implement the latest security standards for internet facing and internal assets. Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing – SAST, Dynamic Acceptance Security Testing – DAST and Software Composition Analysis – SCA). Perform Security risk assessments and reviews to be presented to respective committees. Ensure the adequate security level for all WM GAIM applications, whatever the IT project manager’s location and hosting provider. Production Security Oversight (delegation on WM APAC scope) Identify the production security requirements and ensure a smooth integration of WM assets within APAC IT Production, including network flow opening and Application Zoning compliance. Identify the compliance level of the production environment and contribute to remediation actions definition while keeping the oversight on actions progress. Keep an overview and ensure the adequate Vulnerability Management at the server and middleware level leveraging on production scans and liaising with relevant production stakeholders. Contribute to the management of Cybersecurity incidents. CyberSecurity Program (delegation on WM APAC scope) Contribute to the steering and driving of the security initiatives on the APAC scope expected by the WM Cybersecurity Program. Contributing Responsibilities Coordination with IT Security actors Reporting line to the WM GAIM Global CISO: alignment on the objectives and means, contribution to the different global reporting (WM Cybersecurity Committee, Wholesale Application Security Dashboard…) Coordination and control of security activities performed by APAC CIB Business Information Security and Production Security teams, including project assessment from production point of view, production security review, user security awareness for the WM scope. Coordination with the Swiss Security team concerning integration of WM assets within Swiss IT production. Keeping abreast of initiatives by the IT Security community within the Group and other IT Security stakeholders within the Group. Technical & Behavioral Competencies Cybersecurity / Technical Value-added Competencies ü Cybersecurity Governance: framework (NIST / CIS framework), Security incident management, Logging & Detection (SIEM – ELK products) ü DevSecOps: CI/CD toolchain knowledge of various tools Source code management: sonarQuabe, bibucket, github/gitlab Security application scanning (e.g. Sonatype/NexusIQ, Fortify, AppSpider, Qualys, DTR scan…) Automation/orchestration: Ansible tower, Jenkins ü Application Security: Threat modeling, Security architecture key concepts, exposure to various development framework and applicative landscape (Java/Web, Mobile applications, containerization/docker, kubernetes, API management, Cloud security) ü Vulnerability Management Nexpose, Nessus ü Ethical Hacking Knowledge Kali Linux knowledge (metasploit, nmap) Specific Qualifications (if Required) Qualifications and Experience ü 10 years' experience in information security evaluation and design of technical architectures ü Functional as well as technical knowledge of the applications used within BNP Paribas ü Knowledge of the Norms and Standards of the BNP Paribas Group, in particular with respect to ITRM & Wholesale IT Security Norms and Policies ü Team management experience is a must ü Preferred Master level in Computer science and Information Security Skills Referential Behavioural Skills: (Please select up to 4 skills) Communication skills - oral & written Ability to collaborate / Teamwork Decision Making Ability to deliver / Results driven Transversal Skills: (Please select up to 5 skills) Ability to set up relevant performance indicators Ability to develop and adapt a process Ability to manage a project Ability To Develop Others & Improve Their Skills Ability to manage / facilitate a meeting, seminar, committee, training… Education Level Master Degree or equivalent Experience Level At least 10 years Other/Specific Qualifications (if Required) Other Value-added Competencies ü Advanced IT security certifications may be advantageous (such as CISM, CCSP, CSK, CEH, CISSP…). ü Operational Risk and Permanent Control ü Data Analytics solutions (Tableau, PowerBI) and strong expertise in Dashboard/reporting Show more Show less

Description Design, implement, and manage deception strategies and technologies within the organisation's cybersecurity infrastructure. Responsibilities Hands-on experience in working with Deception Technology and SIEM Tools Design and development of scalable, reliable, and fault-tolerant systems. Integrate/Modify existing open-source software according to the requirements. Prepare presentations and reports. Authoring research papers. Hands-on experience in virtualisation, cloud deployments, and networking. Ability to debug code and overcome fundamental challenges while coding. Hands-on experience in Python. Knowledge of tools like -- nmap, Metasploit, Wireshark, Burp suite, etc. Comfortable in using Linux OS. Good writing and communication skills to assist the group in technical writing. Eligibility A Bachelor's degree in computer science or a similar subject is required. 2 years of experience in the same domain as mentioned under the category of responsibilities. Travel As and when required, across the country for project execution and monitoring as well as for coordination with geographically distributed teams. Communication Submit a cover letter summarising your experience in relevant technologies and software along with a resume and the Latest passport-size photograph. Show more Show less

Company Overview: Jetking Gwalior Center is a premier IT training institute located in the heart of Gwalior, Madhya Pradesh. As an authorized training center of Jetking Infotrain Ltd., a renowned name in the IT education sector, we specialize in providing industry-relevant courses in areas such as Ethical Hacking, Cybersecurity, CCNA, Linux, Cloud Computing, and more. With over 78 years of legacy and more than 1.1 million students trained nationwide, Jetking stands as a testament to quality education and successful career placements. Our Gwalior center is committed to delivering hands-on training, real-time scenario-based learning, and a 100% job guarantee to our students. We pride ourselves on our state-of-the-art infrastructure, certified faculty, and a curriculum designed to meet the evolving demands of the IT industry. At Jetking Gwalior, we aim to empower individuals with the skills and knowledge necessary to excel in the ever-changing world of technology. Job Description: We are seeking a passionate and skilled Ethical Hacking & Cybersecurity Trainer to join our team. The ideal candidate will be responsible for delivering comprehensive training sessions, both online and in-person, covering various aspects of ethical hacking and cybersecurity. This role requires a deep understanding of networking, security protocols, and hands-on experience with industry-standard tools and certifications. Key Responsibilities: Design and deliver training modules on ethical hacking, penetration testing, and cybersecurity fundamentals. Conduct practical lab sessions to demonstrate real-world scenarios and solutions. Evaluate and assess student progress through assignments, quizzes, and practical exams. Stay updated with the latest trends, tools, and techniques in the cybersecurity field. Provide mentorship and guidance to students pursuing certifications like CEH, and CompTIA Security+. Collaborate with the curriculum development team to enhance training materials. Required Skills & Qualifications: Proficiency in networking concepts and protocols (TCP/IP, DNS, HTTP, etc.). Hands-on experience with Linux operating systems and command-line tools. Familiarity with Fortinet products and security solutions. Strong communication and presentation skills. Ability to explain complex concepts in a clear and understandable manner. Prior teaching or training experience is a plus. Certified Ethical Hacker (CEH) or equivalent certification. CompTIA A+ certification or equivalent. CompTIA Security+ certification or equivalent. Strong communication and presentation skills. Ability to explain complex concepts in a clear and understandable manner. Prior teaching or training experience is a plus. Preferred Skills: Experience with penetration testing tools like Metasploit, Burp Suite, and Wireshark. Knowledge of scripting languages such as Python or Bash. Understanding of security frameworks and compliance standards. Experience in setting up and managing virtual labs for training purposes. Job Type: Full-time Pay: ₹25,000.00 - ₹30,000.00 per month Schedule: Day shift Fixed shift Language: English (Preferred) Work Location: In person

Job Purpose: Provides hands-on technical and security support across enterprise environments, including performing manual security testing, assisting with vulnerability identification and remediation, and supporting threat response activities. Contributes to cloud security posture monitoring, participates in responsible disclosure and bug bounty processes, and supports ongoing compliance initiatives. Aids in the investigation and response to security incidents, monitors threat intelligence sources, and helps implement security controls across systems, applications, and Office365 environments. Also assists with maintaining documentation and gathering evidence for audits related to SOC 2 Type 2, PCI-DSS, and ISO 27001 frameworks. Supports sales and client teams by contributing to responses for security audits, risk assessments, and customer security questionnaires. Job Responsibilities: Essential Functions: This position operates under limited supervision with a high degree of independence in day-to-day security tasks. The Security Engineer supports enterprise security operations, infrastructure protection, and compliance efforts. Key responsibilities include: Perform manual security testing and assist with 2nd and 3rd level investigation and resolution of security-related support tickets. Participate in vulnerability management processes, including scanning, tracking, reporting, and remediation assistance. Monitor and support cloud security posture across environments (e.g., AWS, Azure), contributing to secure configuration and alerting. Support Office365 security administration and monitoring efforts Assist in monitoring threat intelligence feeds and help correlate findings with internal environments to identify potential risks. Respond to and support the triage and resolution of security incidents in coordination with internal teams and vendors to minimize business impact. Contribute to the intake and triage process for responsible disclosure reports and bug bounty submissions. Provide security support for customer audits and sales enablement activities by helping to complete security questionnaires and assessments. Assist with maintaining and collecting evidence for compliance frameworks such as SOC 2 Type 2, PCI-DSS, and ISO 27001. Help train and support internal teams in secure configurations and processes. Work with internal infrastructure, development, and compliance teams to implement and maintain security standards and controls. Research, test, and provide input on new security tools, products, and practices. Maintain accurate records of work performed, including documentation and ticketing of changes and issues. Non-Essential Functions: May be required to participate in an on-call rotation outside of normal business hours to support security incident response or high-priority investigations. May assist with ad-hoc security-related tasks or projects outside of core responsibilities Requirements: Required Education and Experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent technical experience Minimum 3+ years of experience in information security, cybersecurity, or in a security engineering role Hands-on experience with manual security testing and vulnerability management practices Working knowledge of private and public cloud environments and cloud security posture management (e.g., AWS, Azure, or GCP) Familiarity with security compliance frameworks (SOC 2 Type 2, PCI-DSS, ISO 27001) Experience with MS Azure security and Office365 security tools (e.g., Microsoft Defender, Purview, Security & Compliance Center) Understanding of incident response processes and tools Exposure to responsible disclosure or bug bounty program workflows Ability to document technical findings and produce support materials for audit and remediation purposes Minimum 2+ years of experience with Penetration Testing tools such as Nmap, Burp Suite, OWASP ZAP, Nikito, SQLmap, Postman, MetaSploit, Mimikatz, Bloodhound, Maltego and others Preferred Education and Experience: Bachelor’s degree or equivalent experience. Related certifications Expected Competencies: Strong verbal and written communication skills Must be able to prioritize and take initiative Demonstrate excellent service skills Strong English communication skills, both written and verbal Work Schedule: Monday through Friday from 12 PM to 9 PM IST. This will provide healthy overlap between India team and US team and supporting both to ensure adequate collaboration. This role will be working in Hybrid Mode and will require at least 2 days’ work from office at Hyderabad or Gurugram Travel: This position may require up to 10% travel. Travel may be outside the local area and overnight EEO Statement Cendyn provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Cendyn complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Cendyn expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Cendyn’s employees to perform their job duties may result in discipline up to and including discharge. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Conduct Web Application and API Security Testing using both Manual and Automated Penetration Testing Methodologies Conduct Vulnerability Assessments of Network Devices, DB and servers using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices Conduct penetration test and launch exploits using Nessus, Metaspoilt, Core Impact, Backtrack penetration testing distribution tools sets Prepare a detailed VAPT findings manually Strong experience with performing VAPT as per OWASP Top 10, SANS Top 25, and NIST, and SANS Security Guidelines. Hands on knowledge on Tools: Nmap, Kali Linux, Metasploit, Maltego, Burp, Nessus, nexpose, wireshark, sqlmap, MobSF, burpsuite etc. Conduct android and IOS mobile application VAPT Ability to suggest remediation to vulnerabilities observed in Application and configuration. Minimum 2-3 years of work experience in the information security domain only Job Types: Full-time, Permanent Pay: ₹20,000.00 - ₹65,000.00 per month Benefits: Internet reimbursement Supplemental Pay: Performance bonus Application Question(s): Did you worked in the domains like API Testing, IOS, Android Testing, Web Application Testing, Network Penetration Testing, Mobile Application Testing? Experience: minimum: 1 year (Required) Language: English (Required) Location: Gurugram, Haryana (Required) Work Location: In person