495 Metasploit Jobs - Page 18

WE ARE HIRING – PENETRATION TESTER Take your ethical hacking skills to the next level! Are you passionate about cybersecurity and ready to challenge real-world threats? We’re looking for skilled Penetration Testers to join our growing InfoSec team. At Proven Infosec, you’ll work on a wide range of projects including web applications, networks, cloud infrastructure and mobile security assessments for clients across various industries. What You’ll Do: ✅ Perform VAPT (Vulnerability Assessment & Penetration Testing) ✅ Simulate real-world cyber attacks ✅ Identify and report security vulnerabilities ✅ Stay updated on the latest exploits, tools and techniques Must-Have Skills: 🔸 1–2 years of hands-on experience in penetration testing 🔸 Strong understanding of OWASP Top 10, network & application security 🔸 Proficiency in tools like Burp Suite, Metasploit, Nmap, Nessus, etc. 🔸 Certifications preferred: CPENT, OSCP, CEH or equivalent 🔸 Excellent analytical, reporting and communication skills Ready to (ethically) hack your way into our team? 📧 Send your resume to office@proveninfosec.com 🌐 Learn more: www.proveninfosec.com Show more Show less

Job Purpose The candidate will be responsible for delivering Cybersecurity trainings. Trainer also have the advantage of working on various consulting projects as well. Duties and Responsibilities Candidate will be part of the Institute of Information Security – our Training Division and will report into the Training Lead / Director / Academics Head. He / She will deliver various trainings such as below but not limited to: Application Security Testing Vulnerability Assessment and Penetration Testing Secure Coding Practices - .NET, Java, PHP etc Digital Forensics Cybersecurity Threat Modeling SIEM ISO 27001 PCI DSS Candidate will be also responsible for developing new course material. Demonstrated ability to learn and adapt to new concepts in the following areas will be a significant advantage: Devops IoT Blockchain Academic / University Qualifications Graduate / Post Graduate in Computer Science Experience 1-4 Years Professional Certifications Candidates with any of the certifications will be preferred. OSCP / OSCE CEH CCNA CCNP CISSP CISA CISM ISO 27001 LA Knowledge on Tools Candidates should know any / or all the below tools. This will be an added advantage. Kali Linux Burp Suite Fiddler Netsparker Wireshark Nikto, Acunetix WAFW00f Backtrack Metasploit Show more Show less

Job Title: Cybersecurity & Ethical Hacking Trainer Company: Ducat Location: South Extension, New Delhi Job Type: Full-Time Working Days: 6 Days a Week Job Description: Ducat is seeking a dynamic and experienced Cybersecurity & Ethical Hacking Trainer to join our team at the South Extension center. The ideal candidate will have a strong foundation in cybersecurity concepts and a passion for teaching and mentoring aspiring professionals. Key Responsibilities: Deliver high-quality training sessions on: Cybersecurity fundamentals & tools Ethical Hacking techniques & methodologies Cyber Forensics principles Networking essentials & protocols Design and update training materials, modules, and practical labs Conduct hands-on workshops, real-world simulations, and assessments Provide individual guidance and mentorship to students Evaluate student performance and provide feedback Stay updated with the latest trends, threats, and tools in cybersecurity Required Skills & Qualifications: Proven experience in training or teaching cybersecurity-related subjects In-depth knowledge of: Ethical Hacking tools & frameworks (e.g., Metasploit, Nmap, Wireshark) Cyber Forensics techniques & tools Network security protocols & practices Strong communication, presentation, and interpersonal skills Ability to simplify complex technical concepts for learners Certifications such as CEH, CompTIA Security+, CHFI, CISSP (preferred but not mandatory) What We Offer: An opportunity to shape the careers of future cybersecurity professionals Supportive team environment with growth opportunities Hands-on learning ecosystem with access to the latest tools Show more Show less

Position- System security Analyst Location- Mohali Key Responsibilities: • Conduct Vulnerability Assessment and Penetration Testing (VAPT). • Perform Application Security (AppSec) reviews. • Conduct Source Code Reviews to identify and remediate security flaws. Preferred Certifications: • CEH (Certified Ethical Hacker) • OSCP (Offensive Security Certified Professional) Hands-on Experience With: • VAPT Tools: Burp Suite, Nessus, Metasploit • AppSec Tools: Acunetix, Checkmarx • Source Code Analysis Tools: Fortify, Veracode • Familiarity with scripting (Python, Bash) and DevSecOps principles is a plus.

Skills: Nessus, Burp Suite, Metasploit, OWASP ZAP, Nmap, Qualys, Wireshark, Kali Linux, Position: VAPT Engineer Reporting to: Platform Lead Infrastructure Security Employment Type: Employee - Full Time Work Location: Guwahati Key Focus area: Infrastructure Penetration Tester Key Responsibilities Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility. Identifying and maintaining Key metrics and SLA on Infrastructure Security. Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems. Thorough experience in configurations reviews against CIS benchmarks and security standards. Ensure all Hardening and Patching activities are conducted and tracked as per defined policies. Create/Update hardening documents and build audit file for automated testing. Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations. Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings. Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments. Safeguarding information, infrastructures, applications, and business processes against cyber threats. Proactively create, share, and read reports as part of the penetration testing activities. Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation. Qualification And Work Experience Qualification: BE / BTech (Similar Education Background) Work experience: 7-15 Years 7+ years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems. Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion. Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc. The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng. Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications) Preferred: Script writing skills (Python/Ruby/bash/PowerShell). Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS. Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms. Expertise in performing grey box/Black box testing. Experience devising methods to automate testing activities and streamline testing processes. Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises. Competencies / Expertise Required (Functional & Behavioral) Systematic strong analytical thinking and problem-solving skills. Excellent in analytical thinking for translating data into informative visuals and reports. Adaptable to change. Quick Learner Open learn and work on new technologies and products. If you're interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Regards, Ashwini Chakor Show more Show less

We are seeking an experienced and highly skilled Penetration Tester with expertise in mobile application security, specifically for both Android and iOS platforms. As a Senior Penetration Tester, you will be responsible for identifying and exploiting vulnerabilities in mobile applications, networks, APIs, and other critical systems. Your primary responsibility will be performing thorough security assessments, including reverse engineering, malware analysis, and incident forensics, to ensure the security and resilience of mobile applications and systems. The ideal candidate should have hands-on experience with penetration testing tools, mobile application testing, and advanced exploitation techniques. You will also be expected to collaborate with various teams, including Red Teams, to develop strategic security initiatives and offer expert-level recommendations for security improvements. Key Responsibilities: Mobile Application Penetration Testing: Conduct in-depth security assessments of mobile applications for both Android and iOS platforms, identifying vulnerabilities and recommending remediation strategies. Red Team Activities: Participate in Red Team exercises to simulate real-world attacks, uncover hidden threats, and assess the effectiveness of security controls. Security Assessments: Perform penetration testing on applications, networks, mobile platforms, APIs, cloud environments, and critical systems to identify advanced threats and vulnerabilities. Custom Exploit Development: Develop custom exploit code and scripts to demonstrate potential security risks to stakeholders and stakeholders, providing hands-on demonstrations of vulnerabilities. Reverse Engineering & Malware Analysis: Use reverse engineering techniques and tools to analyze complex threats, malware, and incidents, providing detailed reports on findings. Collaboration with Leadership: Collaborate with executive leadership and senior management to develop and execute strategic security initiatives and roadmaps to mitigate security risks. Security Architecture Guidance: Provide expert-level guidance on secure coding practices, cryptography, architecture design principles, and implementation to mitigate risks effectively. Tool Development & Automation: Develop custom penetration testing tools and scripts to automate testing processes and enhance capabilities for thorough assessments. Incident Forensics: Lead efforts to analyze and investigate security incidents, determining the root causes and recommending improvements for better prevention. Required Skills and Qualifications: Mobile Pen Testing Expertise: Strong experience in mobile application penetration testing for both Android and iOS platforms. Penetration Testing Tools: Expertise in tools and frameworks such as Metasploit, Burp Suite, Nessus, NMAP, and custom/open-source tools. Red Teaming & Advanced Exploitation: Advanced proficiency in red teaming, black box testing, and using advanced exploitation techniques to identify vulnerabilities. Malware Analysis & Reverse Engineering: Experience in malware analysis and reverse engineering to assess complex threats and incidents. Cryptography & Secure Coding: In-depth knowledge of cryptography, secure coding practices, and secure architecture design principles. Custom Tools & Scripting: Hands-on experience in developing custom scripts and tools to automate testing processes and enhance the effectiveness of assessments. Penetration Testing Methodologies: Expertise in applying penetration testing methodologies, including both network and application-level security assessments. Certifications (Preferred): o OSCP (Offensive Security Certified Professional) o CRTP (Certified Red Team Professional) o eLearn Security Certified Professional Penetration Tester V2.0 o Any other relevant certifications are a plus. Required Experience: Overall Experience: 12+ years in penetration testing, security assessments, and threat analysis. Relevant Experience: 10 years of hands-on experience specifically in penetration testing for mobile applications (Android & iOS), network security, cloud environments, and APIs. Experience working in Red Team environments is a plus.

Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomo us Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles And Responsibilities Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Preferred Skills Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks. Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. < Back to search results BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,638,100 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Show more Show less

The Security Engineer is responsible for designing, implementing, and maintaining security across all products and infrastructure, with a focus on both blockchain/wallet and general application security. This role requires a strategic mindset, strong risk management skills, and the ability to communicate security concepts to both technical and non-technical stakeholders. The ideal candidate is proactive, detail-oriented, and committed to fostering a culture of security throughout the organization. Responsibilities Develop and enforce security policies, standards and best practices. Lead security architecture reviews and risk assessments. Collaborate with engineering, product, and operations teams to ensure secure design and implementation. Oversee incident response, forensics, and post-incident analysis. Conduct security awareness training and promote a security-first culture. Stay current with emerging threats, vulnerabilities, and security technologies. Ensure compliance with relevant regulations and industry standards. Coordinate with external auditors, partners, and vendors on security matters. Qualifications and Experience Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience). Relevant security certifications (CISSP, CISM, CEH, OSCP, etc.). 5+ years of experience in security engineering or related roles. Demonstrated experience with both blockchain and traditional application/infrastructure security. Experience leading security initiatives and incident response. Deep understanding of security frameworks, standards, and regulations (NIST, ISO 27001, GDPR, etc.). Awareness of current threat landscape and security technologies. Familiarity with blockchain security and smart contract vulnerabilities.

Job Title: Ethical Hacker (Cyber security Specialist) Location: Delhi Job Type: Full time Experience Level: Senior-Level Industry: Information Technology / Cyber security Department: IT / Security About the Role: We are seeking a highly skilled and ethical cyber security professional to join our team as an Ethical Hacker . This role is critical in protecting our organization’s digital infrastructure by identifying vulnerabilities, simulating cyber-attacks, and ensuring we stay one step ahead of malicious threats. If you’re passionate about cyber security, proactive defense, and enjoy solving complex challenges, we want to hear from you. Key Responsibilities: Perform penetration testing on network, web applications, and other systems. Identify, document, and report security vulnerabilities with detailed analysis. Simulate attacks to test the resilience of infrastructure and applications. Collaborate with the IT and development teams to implement security improvements. Stay updated on the latest cyber threats, trends, and technologies. Conduct vulnerability assessments and provide actionable remediation guidance. Maintain confidentiality, integrity, and ethical standards in all assessments. Required Qualifications: Proven experience as an Ethical Hacker, Penetration Tester, or similar role. Strong understanding of network protocols, firewalls, IDS/IPS systems, and operating systems. Familiarity with tools like Metasploit, Burp Suite, Nmap, Nessus, Wire shark, etc. Knowledge of OWASP Top 10 and secure coding practices. Certifications such as CEH (Certified Ethical Hacker), OSCP, or similar are highly desirable. Bachelor’s degree in Computer Science, Information Security, or a related field (preferred). Preferred Skills: Scripting and programming knowledge (Python, Bash, PowerShell, etc.). Cloud security experience (AWS, Azure, Google Cloud). Incident response and forensic analysis skills. Ability to communicate technical information to non-technical stakeholders. Job Types: Full-time, Permanent Pay: Up to ₹50,000.00 per month Schedule: Day shift Morning shift Night shift Rotational shift Work Location: In person

Looking for a skilled & experienced freelance VA&PT Specialists to perform our VA&PT tasks. Candidate should have minimum 4 years of experience in VAPT roles and should capable to perform VA&PT Tasks independently, and can able to generate VAPT &, CAP reports. Independent VAPT consultants, or a small team of fascinating VAPT experts can apply as a single team. Key Responsibilities • Conduct Vulnerability Assessments using tools like Nessus, Qualys, OpenVAS • Perform Penetration Testing on web applications, networks, APIs, and mobile platforms • Simulate real-world attacks to uncover security gaps and provide actionable recommendations • Prepare detailed technical reports and executive summaries of findings • Collaborate with development, infrastructure, and security teams to address vulnerabilities • Stay updated on emerging threats, vulnerabilities, and attack techniques • Support compliance audits and security assessments (e.g., ISO 27001, PCI-DSS) Skill Set & Requirements • Minimum 4 years of hands-on experience in Red Teaming and VA&PT activities • Ability to independently handle on-call tasks, conduct VA&PT, and deliver comprehensive reports • Deep understanding of network protocols, web technologies, and operating systems • Proficient with tools like Burp Suite, Metasploit, Nmap, Wireshark, Nikto, etc. • Strong knowledge of OWASP Top 10, MITRE ATT&CK, and CVE databases How to Apply Send your CV to careers@isstechnologies.in with Job Code: CVPT4-0625 in the subject line. Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary We are seeking a highly skilled Sailpoint Developer .If candidate has experience of 2-3 years, he/she must be Sailpoint Certified, above 3 years experience sailpoint certification is not mandatory but good to have. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary : We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure . Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements , maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall , web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory skill sets: Bachelor’s degree ( minimum requirement). 2 -8 years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite , Mimikatz , Cobalt Strike, PowerSploit , Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.) . Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years of experience required : 2 - 12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Access Control Models, Access Control System, Access Management, Active Listening, Analytical Thinking, Authorization Compliance, Authorization Management Systems, Azure Active Directory, Cloud Identity and Access Management (IAM), Communication, Creativity, CyberArk Management, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Federated Identity Management, ForgeRock Identity Platform, Identity and Access Management (IAM), Identity-Based Encryption, Identity Federation, Identity Governance Framework (IGF) {+ 22 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Senior Associate Job Description & Summary We are seeking a highly skilled Sailpoint Developer .If candidate has experience of 2-3 years, he/she must be Sailpoint Certified, above 3 years experience sailpoint certification is not mandatory but good to have. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory Skill Sets Bachelor’s degree (minimum requirement). 2-8 years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred Skill Sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years Of Experience Required 2-12 + years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Access Control Models, Access Control System, Access Management, Active Listening, Analytical Thinking, Authorization Compliance, Authorization Management Systems, Azure Active Directory, Cloud Identity and Access Management (IAM), Communication, Creativity, CyberArk Management, Cybersecurity, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Federated Identity Management, ForgeRock Identity Platform, Identity and Access Management (IAM), Identity-Based Encryption, Identity Federation, Identity Governance Framework (IGF) {+ 22 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

ISA is a premier technology solution provider for the Aviation industry. We are backed by Air Arabia and headquartered in Sharjah, UAE, while the Research and Development center is located in Colombo, Sri Lanka and Pune, India. We are a 100% owned subsidiary of Air Arabia Location: Pune https://isa.ae/ Address : Smartworks Building, Nexa Soft, Core Ops,5th Floor, 43EQ, Survey No 44, PLOT A, H. No. 8/1 (P, opp. Opp. Ravindranath Tagore School of Excellence, Balewadi, Pune, Maharashtra 411045 Job Title: Security Engineer (Penetration Tester) Job Type: Full-time Reports To: Security Architect Job Overview: We are seeking a highly skilled Security Engineer to design, implement, and manage the security architecture of our organization. The ideal candidate will be responsible for firewall and endpoint security, WAF implementation, VAPT, fraud investigation, dark web monitoring, brand monitoring, email security, and compliance enforcement . The role requires expertise in securing IT infrastructure, conducting risk assessments, ensuring compliance, and implementing Microsoft security layers to strengthen the organization's security posture. Key Responsibilities: 1. Firewall, Endpoint & WAF Security Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point). Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF). Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne . Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles . 2. Microsoft Security Layer Implementation a. Microsoft Email Security Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats. Implement Safe Links, Safe Attachments, and Anti-Phishing policies . Monitor and respond to email security alerts in Microsoft Security Portal . Conduct email security threat hunting using Defender for O365 and advanced hunting queries. b. Microsoft Endpoint Security Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices. Enforce attack surface reduction (ASR) rules for endpoint protection. Configure endpoint compliance policies using Microsoft Intune . Implement DLP (Data Loss Prevention) policies to prevent data exfiltration. c. Compliance & Risk Management Implement and monitor Microsoft Purview Compliance Manager for risk assessment. Enforce Information Protection & Encryption Policies using Microsoft Purview. Configure and manage Conditional Access Policies in Microsoft Entra ID . Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR . 3. Dark Web Monitoring & Brand Protection Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats. Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence. Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains . Collaborate with legal and compliance teams to enforce takedowns of malicious content. 4. Fraudulent Incident Investigation & Threat Hunting Investigate fraud incidents, phishing attempts, and business email compromise (BEC) . Conduct forensic analysis on compromised endpoints, servers, and email accounts. Develop and implement threat intelligence and threat hunting processes. Work closely with SOC teams for incident response and mitigation . 5. VAPT & IT Security Operations Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments. Implement and manage intrusion detection/prevention systems (IDS/IPS) . Monitor, analyze, and mitigate vulnerabilities from external and internal security scans . Work with teams to remediate vulnerabilities and harden IT assets. 6. IT Security & Compliance Management Develop and enforce security policies, standards, and procedures . Implement Zero Trust Architecture and IAM policies . Conduct security awareness training and phishing simulations. Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards . Required Qualifications & Skills: Technical Skills: ✅ Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point ✅ Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance ✅ Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne ✅ WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare ✅ VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP ✅ SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK ✅ Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center ✅ IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM ✅ Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence Soft Skills: Strong analytical and problem-solving skills. Excellent communication and stakeholder management abilities. Ability to work independently and in cross-functional teams. Proactive security mindset with attention to detail. Certifications (Preferred, but not mandatory): ✔️ CISSP – Certified Information Systems Security Professional ✔️ CEH – Certified Ethical Hacker ✔️ OSCP – Offensive Security Certified Professional ✔️ CISM/CISA – Certified Information Security Manager/Auditor ✔️ Microsoft Certified: Cybersecurity Architect (SC-100) ✔️ Microsoft Certified: Security Operations Analyst (SC-200) ✔️ Microsoft Certified: Information Protection Administrator (SC-400) Experience Required: 🔹 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence . 🔹 Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance . 🔹 Strong experience in fraud investigation, dark web monitoring, and brand protection . 🔹 Proven ability to secure cloud, hybrid, and on-premise environments . . Please send resumes to careers@isa.ae Show more Show less

BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles and Responsibilities: Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills: 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Preferred Skills: Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks.

Position: Security Test Manager Location: Yerwada Pune Experience: 7-10 yrs Work Mode : Hybrid What will be your responsibility: • Lead and perform advanced application security testing (SAST, DAST, IAST) for web, mobile, and cloud-native applications. • Design security test strategies, perform vulnerability assessments, and report findings with risk prioritization and remediation recommendations. • Collaborate with development, QA, and DevOps teams to integrate security testing into CI/CD workflows. • Conduct threat modelling sessions and define security requirements early in the project lifecycle. • Simulate real-world attacks (ethical hacking, red teaming) and ensure application hardening against OWASP Top 10 and CWE vulnerabilities. • Review code, architecture, and infrastructure for security compliance and weaknesses. • Stay updated on evolving security threats, tools, and best practices. • Mentor junior analysts and contribute to the security knowledge base. What is needed from you: • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related discipline. • 7 to 10 years of experience in security testing, application security, or security engineering. • Proficiency in tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Veracode, Metasploit, Kali Linux. • In-depth understanding of threat modelling, risk assessment methodologies, and secure development practices. • Strong knowledge of OWASP Top 10, SANS CWE Top 25, and secure coding practices. • Experience with scripting languages such as Python, Bash, or PowerShell. • Hands-on experience integrating security into DevOps/DevSecOps pipelines (e.g., GitHub Actions, Jenkins, GitLab CI). • Familiarity with cloud platforms (AWS, Azure, GCP) and their security controls. • Certifications like OSCP, CEH, GWAPT, CISSP, or SANS GIAC are highly desirable. What will you get: • Opportunity to work in Product Development and excellent learning opportunities • Healthy work environment, peer to peer collaborative work culture • Individual growth and encouraging opportunities with highly motivated team • Work-Life Balance and utmost effort and environment where you enjoy your work Show more Show less

Job Description: We are seeking a highly experienced VP to lead and enhance our cybersecurity audit and assurance programs. The ideal candidate will have extensive experience in conducting and managing penetration testing, red teaming, social engineering assessments, secure code reviews, and full-scale IT and cybersecurity assessments. This leadership role involves overseeing security audits, and strengthening our client’s overall security posture. #Immediate Joiner. Key Responsibilities: Lead cybersecurity audits and assurance programs across IT systems, applications, and infrastructure for our clients. Oversee penetration testing, red teaming, and social engineering assessments, ensuring effective security testing strategies. Manage secure code reviews and application security assessments to identify and remediate vulnerabilities. Collaborate with SOC teams, vulnerability management teams, and security engineers to enhance threat detection and mitigation. Lead security audit and certification efforts, including ISO 27001, SOC 2 attestations, GDPR etc. Ensure compliance with international security frameworks and data protection regulations (ISO 27001, SOC 2, GDPR, CCPA, NIST, HIPAA, etc.). Evaluate third-party security risks and conduct supplier security assessments. Provide executive-level reports on security assurance findings, risks, and mitigation strategies. Ensure compliance with global security standards and frameworks. Mentor and develop a team of cybersecurity auditors, penetration testers, and security analysts. Qualifications and Skills: 18-20 years of experience in cybersecurity audits, security assessments, and assurance programs. Deep expertise in penetration testing, red teaming, social engineering tactics, and secure coding. Strong knowledge of security frameworks such as OWASP, SANS, CIS, NIST 800-53, ISO 27001, SOC 2, and PCI DSS, HIPAA, GDPR. Experience with security testing tools (Burp Suite, Metasploit, Kali Linux, etc.). Ability to engage with executive leadership and present security risks effectively. Certifications preferred: CISSP, CISA, OSCP, CEH, CRTP, or equivalent. Show more Show less

Job Summary : We are seeking a highly skilled and curious Security Researcher to join our cybersecurity team. As a Security Researcher, you will investigate vulnerabilities, analyze malware, and uncover emerging threats to protect our infrastructure and products. This role is ideal for someone passionate about offensive and defensive security, reverse engineering, and continuous learning. Key Responsibilities : Research and discover new vulnerabilities in software, systems, and protocols (zero-day and known CVEs) Analyze malware samples, APT techniques, and exploit kits to understand their behavior and implications Monitor threat intelligence sources to identify trends, TTPs (tactics, techniques, and procedures), and threat actors Develop and refine detection signatures, proof-of-concepts (PoCs), and mitigation strategies Contribute to open-source tools, whitepapers, or technical blogs on cybersecurity topics Participate in bug bounty programs and responsible disclosure initiatives Stay up to date with the latest security technologies, exploits, and research trends Cloud security best practices and CIS benchmark Required Skills & Qualifications: Solid understanding of operating system internals (Windows, Linux, macOS) 5+ years in cybersecurity or related field . Strong knowledge of network protocols, encryption standards, and web/app security Experience with scripting/programming languages (e.g., Python, C/C++, Go, Bash) Familiarity with vulnerability research, fuzzing, and exploit development Comfortable with tools such as Wireshark, Burp Suite, Metasploit, and custom scripts Understanding of MITRE ATT&CK, threat modeling, and IOC analysis Experience with static and dynamic analysis of malware Experience with AWS, Azure, GCP Preferred Qualifications: Contributions to security research communities (e.g., CVEs, open-source tools, DEF CON/Black Hat presentations) Familiarity with cloud security (AWS, Azure, GCP) Exploitation Kubernetes cluster security best practices Experience with binary exploitation, ROP chains, and sandbox evasion techniques Offensive Security certifications (e.g., OSCP, OSCE, OSEP) or GIAC (e.g., GREM, GXPN) Education: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field or equivalent practical experience Show more Show less

Job Description Develop comprehensive test plans for network equipment, adhering to ITSAR standards. Design and implement methodologies, tools, and frameworks to assess the security of IP Routers, Wi-Fi CPE devices, 5G components and other ITSAR as well . Conduct in-depth security assessments and penetration tests on IP Routers and Wi-Fi CPE devices to identify potential threats and vulnerabilities. Analyze vulnerabilities, misconfigurations, and weaknesses, providing detailed reports on findings. Identify, analyze, and document vulnerabilities in IP Routers and Wi-Fi CPE devices, ensuring compliance with ITSAR security requirements. Collaborate with network architects, engineers, and developers to design and implement secure configurations for network equipment. Develop and propose effective remediation strategies to address identified security issues, improving the overall security posture of network equipment. Provide actionable recommendations to stakeholders and management to enhance network security. Execute vulnerability assessments, penetration tests, and security reviews to identify weaknesses and potential security threats. Validate security configurations, system hardening practices, and patch management processes to ensure they meet NCCS ITSAR standards. Evaluate third-party software and hardware products for compliance with NCCS ITSAR requirements before deployment. Create and maintain comprehensive documentation, including security policies, procedures, audit reports, and technical assessments. Provide regular status updates, risk assessments, and recommendations to senior management on the organization's security posture. Support internal and external audits, ensuring accurate documentation and evidence of compliance with NCCS ITSAR. Stay informed about emerging threats, vulnerabilities, and best practices related to IP Routers, Wi-Fi CPE devices, and related technologies. Participate in incident response activities and investigations related to security breaches or incidents involving network equipment. Act as a subject matter expert on NCCS ITSAR, offering guidance and training to security team members and other departments. Collaborate with software developers, IT operations, and business units to ensure secure design, deployment, and operation of systems. Mentor junior engineers and security analysts, fostering a culture of continuous learning, collaboration, and improvement. Contribute to the development and refinement of security policies, standards, and procedures, with a focus on 5G network security and emerging technologies. Qualifications B. Tech/B.E in ECE/Computer Science/Telecommunication Related field or MCA or MSc (Computer Science or M.Sc. IT) or M.Sc. in Cybersecurity or equivalent. 3+ years of security engineering experience, focusing on system and network security. Proven experience with NCCS ITSAR or similar security assurance frameworks (e.g., Common Criteria, ISO/IEC 27001, Pentesting). Strong understanding of network protocols, encryption technologies, and cybersecurity tools. Proficiency in risk assessment, threat modeling, and vulnerability management. Experience with security testing tools (e.g., Nmap, Nessus, Metasploit, Burp Suite, Nessus and other kali OS tools). Relevant certifications preferred: CEH, CCNA, OSCP, CCNP and eJPT Excellent problem-solving skills, with the ability to work independently and lead teams for the technical aspect in a fast-paced environment. Strong communication and interpersonal skills, with the ability to convey complex technical information to non-technical stakeholders. About Us A global leader in applied safety science, UL Solutions (NYSE: ULS) transforms safety, security and sustainability challenges into opportunities for customers in more than 110 countries. UL Solutions delivers testing, inspection and certification services, together with software products and advisory offerings, that support our customers’ product innovation and business growth. The UL Mark serves as a recognized symbol of trust in our customers’ products and reflects an unwavering commitment to advancing our safety mission. We help our customers innovate, launch new products and services, navigate global markets and complex supply chains, and grow sustainably and responsibly into the future. Our science is your advantage. Show more Show less

Position: VAPT Specialist Experience: 2+ Years Location: Mumbai/ Thane Notice Period: Immediate Joiners Primary Skills: VAPT, CEH Certification, Metasploit, Penetration Testing, Linux Key Responsibilities: Perform Web Application Vulnerability Assessments and Penetration Testing to identify and exploit vulnerabilities in web applications. Conduct Mobile Application Vulnerability Assessments and Penetration Testing on Android and iOS platforms, identifying weaknesses and suggesting appropriate fixes. Lead Network Penetration Testing to evaluate the security posture of internal and external networks. Reverse engineer malware, analyze data obfuscation techniques, and work with cryptographic ciphers to detect and mitigate threats. Utilize industry-leading penetration testing tools such as Metasploit, BurpSuite, w3af, Kali Linux, SQLMap, Skipfish, MObSF, Androbugs, Nessus, and others to automate and perform testing. Leverage Linux/UNIX environments, including proficiency in Bash and PowerShell scripting, to perform testing and automate tasks. Document findings, provide detailed reports, and assist in remediation by working closely with internal teams. Stay up-to-date with emerging threats, vulnerabilities, and penetration testing methodologies. Qualifications & Requirements: 2-4 years of hands-on experience in performing web application, mobile application, and network penetration testing. Strong expertise in Web Application Vulnerability Assessment & Penetration Testing. Hands-on experience with Mobile Application Vulnerability Assessment & Penetration Testing (Android and iOS). Proficient in Network Penetration Testing and Security Assessment techniques. Experience with reverse engineering malware, analyzing obfuscated data, and cryptographic analysis. Strong command of penetration testing tools such as Metasploit, BurpSuite, w3af, Kali Linux, SQLMap, Skipfish, MObSF, Androbugs, Nessus, and others. CEH (Certified Ethical Hacker) certification is mandatory. Knowledge of Linux/UNIX operating systems and Bash or PowerShell scripting. Excellent problem-solving skills and the ability to think creatively in assessing security weaknesses. Strong communication skills for writing technical reports and working with cross-functional teams. Show more Show less

Description Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. Requirements Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. Job responsibilities Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. What we offer Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally. Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today. Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way! High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do. About GlobalLogic GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services. Show more Show less

Description Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. Requirements Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. Job responsibilities Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. What we offer Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally. Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today. Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way! High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do. About GlobalLogic GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services. Show more Show less

Description Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. Requirements Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. Job responsibilities Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. What we offer Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally. Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today. Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way! High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do. About GlobalLogic GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services. Show more Show less

Description Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. Requirements Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. Job responsibilities Perform security penetration testing and vulnerability assessment for web and Micro services applications. Able to identify pre-requisites of the test environment , plan, and prioritizes the vulnerabilities based on application architecture and functionality Able to identify the combination of different vulnerability while execution of test scenarios/test cases Good knowledge of automation to be used for security testing. Strong understanding of cloud security practices in environments like AWS, Azure, or GCP. Proven experience in identifying and exploiting business logic and framework related vulnerabilities Vast experience in removing false positives, analyzing dynamic scan web inspect, ZAP reports Knowledge of Secure SDLC and Security standards like OWASP, CWE Provide expert advice and recommendation to the application development team Extensive experience in addressing WEB and API application security issues Strong knowledge of Application Security throughout the SDLC Penetration testing skills including the use of security assessment and hacker tools; e.g. ZAP, ZAP Docker, Qualys ssllabs , SSLYZE, Metasploit etc. Strong knowledge in OWASP TOP 10 vulnerability standards Strong experience in cloud technologies especially in Azure Familiarity with DevSecOps principles and practices, including CI/CD pipeline integration and container security. What we offer Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally. Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today. Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way! High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do. About GlobalLogic GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services. Show more Show less

Job Title: Senior SOC Analyst (SIEM, Threat Hunting & Incident Response) Department: Cybersecurity & IT Risk Management Reports To: CISO / Director – Cybersecurity & GRC Location: Manesar, Haryana (On-site at Client Location) Employer: VVNT SEQUOR, Noida Summary: VVNT SEQUOR is hiring a Senior SOC Analyst to strengthen the cybersecurity posture of a leading client in Manesar, Haryana. This is a full-time on-site role requiring deep hands-on expertise in threat detection, incident response, SIEM management, and vulnerability assessments. As a senior member of the Security Operations Center (SOC), you will lead advanced threat-hunting efforts, optimize detection logic, and ensure rapid response to cybersecurity events. Your key responsibilities will include: Leading 24x7 SOC operations , threat monitoring, triage, and escalations using tools like ArcSight, Splunk, and ELK . Creating and fine-tuning correlation rules , dashboards, and playbooks to enhance detection capabilities. Executing proactive threat hunting using MITRE ATT&CK , EDR telemetry, threat intel feeds, and custom threat models. Coordinating and leading incident response , performing forensic investigations using CHFI methodologies , memory analysis, and endpoint data. Performing and overseeing Vulnerability Assessment & Penetration Testing (VAPT) using Nessus, Qualys, OpenVAS, Metasploit , and Burp Suite . Managing EDR and SOAR platforms , integrating automated responses and threat intelligence feeds. Administering and securing firewalls (FortiGate, Palo Alto), WAFs, IDS/IPS, and Anti-DDoS infrastructure. Maintaining compliance with ISO 27001, NIST CSF, and internal security baselines , conducting regular audits and patch validations. Documenting Root Cause Analyses (RCA) , incident timelines, and post-incident review reports. Leading security awareness programs (e.g., KnowBe4) and mentoring junior analysts. We are looking for someone with: Bachelor's degree in Cybersecurity, Information Security, or related field. 7–9 years of SOC and cybersecurity operations experience. Strong knowledge of SIEMs (e.g., ArcSight, Splunk), EDRs (CrowdStrike, SentinelOne) , and log correlation techniques . Proven skills in threat analysis, IOC handling, malware analysis , and incident lifecycle management . Working experience with security automation (SOAR) and scripting (e.g., Python, PowerShell) for response actions. Solid understanding of MITRE ATT&CK, NIST 800-61, OWASP Top 10 , and compliance mandates . Proven experience in writing technical incident reports, security playbooks, and conducting RCA. Bonus points for: Certifications like CEH, CHFI, Security+, GCIA, GCFA, Splunk Certified Analyst, PCNSE . Experience with Tripwire SCM, KnowBe4 , or cloud-native security tools (AWS GuardDuty, Azure Sentinel). Exposure to OT/ICS security , manufacturing, or automotive environments. Familiarity with Purple Teaming, Red Team/Blue Team drills , and Threat Intelligence Platforms (TIPs) . Why join VVNT SEQUOR? Lead and influence real-time SOC strategies for a mission-critical enterprise. Gain hands-on experience with top-tier cybersecurity technologies and threat landscapes. Subsidized Cab and Lunch facilities at client site. Work in a client-focused, innovation-driven cybersecurity environment. To Apply: Please submit your resume along with the cover letter to chaitali@vvntsequor.in or parveen.arora@vvntsequor.in Also, you can connect over WhatsApp +91-9891810196 or +91-8802801739 IMPORTANT: Do mention clearly to Job Role that you are applying for along with your Last Salary Drawn information as well as your Earliest Joining Date in your covering letter or email. Show more Show less

Job Title: Vulnerability Assessment and Penetration Testing Internship for Technical services - (Performance based conversion to full-time Role) Job Location: Mumbai (On-site) Duration: 6 Months Note: Looking only for Immediate joiners (5 Days) Qualifications: BE/B. Tech with specialization in cyber security, MCA, M. Tech / Master’s in Information security, or Forensics Analysis Knowledge. Mandatory Certifications: CEH-EC-council / EJPT / PNPT / EWPT / CRTP Role and Responsibility: • Conduct Network/ System Vulnerability Assessments, Penetration Testing using tools to evaluate attack vectors, identify system vulnerabilities, and provide appropriate remediation plans for mitigation of the identified vulnerabilities. • Conduct Application vulnerability assessments, Penetration Testing for web applications, identify and report vulnerabilities, provide recommendations, and track closure of identified vulnerabilities. • Perform Configuration compliance assessments for Endpoints / Assets /network devices and help maintain the security settings at compliant level with Specific Security Standards. • Perform regular monitoring of patch compliance of the assets in the network, Analyze Patch Advisories and provide remediation steps for the stakeholders. • Performing comprehensive review and threat adversary modeling for web applications. • Conduct Vulnerability Assessments, Penetration Testing, Device Hardening, Application Security Assessments, Log Review, Review of Documents, Network Monitoring and Reporting • Conduct and compile findings on new vulnerabilities, new tools for departmental use. • Create project deliverables / reports and assist the client with remediations and discussions. • Abide by the project timelines and maintain project discipline. Technical Skills Required: • Hands-on Experience in performing Network Security Assessment and vulnerability Assessment. • Good understanding of OSI layers and fundamental Operating system concepts, security settings for various flavors of Windows and Linux platforms. • Sound knowledge about Application vulnerability assessments and relevant knowledge of OWASP top 10 vulnerabilities and SANS. • Hands on knowledge on Tools: Nmap, Kali Linux, Metasploit, Armitage, Maltego, Burp Suite, Paros Proxy Nessus, nexpose, Wireshark, sqlmap etc. • Manual Penetration Testing skills and techniques are required besides automated tools and frameworks. • Familiar working with Publicly available exploits codes. • Sound knowledge about infrastructure vulnerability scans, identifying security vulnerabilities, weaknesses, threats, and assessing related risks that exists within an IT Infrastructure or business processes. • Good understanding of firewalls, Switches, and Router’s configuration settings and policies, relevant experience in performing rule base reviews and configuration reviews for network devices. Show more Show less