492 Metasploit Jobs - Page 5

Prudent Technologies and Consulting is seeking a Senior Application Security Consultant to join their rapidly expanding Cybersecurity team, dedicated to serving a diverse clientele that includes some of the world's largest organizations. In this role, you will be responsible for leading technical teams in conducting thorough security assessments and engaging in field-related research. We are looking for an experienced offensive consultant with a deep understanding of application security testing methodologies, tools, and reporting procedures across various technologies such as web, mobile, API, AI/LM, cloud, desktop, single sign-on, and OAuth. As a Senior Consultant, your responsibilities will include consulting with both technical and non-technical client stakeholders, collaborating with Sales teams to define project scopes, mentoring junior consultants, and leading projects to ensure adherence to industry best practices. You will be expected to conduct advanced penetration tests on a variety of environments, document vulnerabilities, provide proof-of-concepts, and offer tailored remediation steps. Additionally, you will actively contribute to research and development initiatives aimed at enhancing our Cybersecurity practice. The ideal candidate should possess a minimum of 8 years of hands-on experience in conducting manual penetration testing assessments on desktop applications, mobile applications, web applications, cloud environments, APIs, and AI/LM. Proficiency in utilizing penetration testing tools like Burp Suite, DAST scanners, Metasploit, and Nessus is essential for identifying and exploiting vulnerabilities effectively. Strong written and verbal communication skills are crucial for preparing comprehensive reports, executive summaries, and client presentations. Familiarity with security frameworks such as OWASP and MITRE ATT&CK, along with robust project management and leadership abilities, will be highly valued. Preferred qualifications include a Bachelor's degree in computer science, information security, or a related field, relevant certifications like OSCP and OSWE, proficiency in scripting languages such as Python and Bash, and a background in application development or systems engineering. Candidates with published CVE/CWE contributions, participation in CTF events, and independent research projects will be given preference. If you have a solid foundation in application security testing assessments and are eager to contribute to a dynamic Cybersecurity team, we encourage you to apply. Your direct work experience in this field will enable you to hit the ground running and make meaningful contributions while adhering to Prudent's specific approach and methodology.,

Job Description: As a part of SKYNET SECURE, you will play a crucial role in promoting cyber crime and internet security awareness across all sections of society. Your primary responsibility will involve providing training in Ethical Hacking, IT Security, and Cyber Forensics. Additionally, you will be involved in working on IT Security projects including Vulnerability Assessment and Penetration Testing (VAPT) projects. Your role will require the following skills: - Proficiency in tools such as Metasploit, OWASP top ten attacks, Burpsuite, Kali Linux, Acunetix, Nessus, and Nmap. - Ability to conduct Vulnerability Assessment and Network Penetration Testing. - Hands-on experience in Internal & External, Web App scanning, and Penetration testing (both Manual and Automated). - Strong understanding of Threat Intelligence and familiarity with domain tools. - Effective communication skills in English. - Experience in Application testing, especially with OWASP top 10. This position is based in Mumbai and requires candidates to hold a minimum qualification of Any Graduate. Possessing a CEH or any Equivalent Certification will be considered a bonus. Join us at SKYNET SECURE and contribute to creating a safer cyber environment while enhancing your skills in the field of IT security.,

Key Responsibilities: Assist in web, network, and system penetration testing. Conduct vulnerability scans using tools like Nmap, Nessus, and OpenVAS . Assist in social engineering or phishing assessments (if applicable). Prepare clear documentation, reports, and remediation guidance for stakeholders. Maintain knowledge of latest threats, vulnerabilities, and attack techniques. Must-Have Skills: Basic knowledge of networking, OSI model, and common protocols (TCP/IP, HTTP, DNS). Familiarity with Linux and Windows systems. Exposure to tools like Burp Suite, Nmap, Wireshark, Metasploit, Nikto. Understanding of OWASP Top 10 vulnerabilities. Basic scripting knowledge (Python, Bash preferred). Experience with Kali Linux or Parrot OS. Good to Have: Certifications such as CEH, OSCP, eJPT, or Security+. Familiarity with cloud environments (AWS/Azure/GCP) security practices. Basic understanding of firewalls, IDS/IPS, and SIEM tools. Participation in CTFs or bug bounty platforms.

Job Summary Business Impact & Value Re-engineer legacy applications and build state of the art platform Envision Credit Origination 2.0 platform and align it with Bank’s NextGen technology vision Consistently leads delivery of valuable features Continually looking for process improvements Proposes new ways of doing things Suggests novel ways to fulfil requirements Helps elaborate requirements where necessary. Programming In depth knowledge of IDE, language and toolset in language of choice. Excellent understanding of language & framework and a good working knowledge of the abstraction layer underneath Understanding of threads, threading model and concurrent programming Can profile and optimize code Good knowledge of other programming languages & paradigms and when to apply them Comfortable debugging/finding complex problems Key Responsibilities Design: Can identify and apply appropriate design patterns to problems. Comfortable developing large features Understands Idempotence Understands boy scout principle. Leaves code in a better state then when arrived Good understanding of cohesion, SOLID and how to apply Writes clean, maintainable code Understands importance of domain model and can coherently model a problem domain within a given context Anticipates medium term (3-6 month) vectors of change and designs and abstracts accordingly Understands & appreciates simplicity & the value of removing code Understands design patterns such as CQRS and eventual consistency Understands how to design for performance at all levels. Development Practice Automates everything by default Can build a CD pipeline Automates security scanning and performance testing as part of build Monitor systems to ensure they meet both user needs and business goals Oversee assigned programs (e.g. conduct code review), set and monitor team standards. Evaluate and select appropriate software or hardware and suggest integration methods Focus on reliability, performance and availability Infrastructure Good grasp of multiple operating systems Good grasp of scripting techniques Expertise in one database & good grasp of multiple data storage paradigms and when to apply other technologies Understands and can automate paas technologies Understands when to apply appropriate infrastructure technologies. Understanding of network communications, including TCP/IP, HTTP protocol Security Writes Secure code by default Can use tools (nmap/metasploit etc.) to perform deep security probes Understands server hardening Understating of security principles using SSL protocols and data encryptio Behaviours & Collaboration Leads group discussions on design of particular areas Comfortable presenting information Gains buy in from team and drives design Mentors and develops those around them Understands domain well enough to work with PO to drive value Shares knowledge with wider community Regulatory & Business Conduct Display exemplary conduct and live by the Group’s Values and Code of Conduct. Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters. Lead to achieve the outcomes set out in the Bank’s Conduct Principles Qualifications Education: Bachelors in Engineering or equivalent Skills And Experience We are looking for Language agnostic people, however below is the end to end tech stack we intend to use for developing our Credit Origination platforms. Java/ J2EE, Spring, Struts, Hibernate Reporting tools – OBIEE BI tools - Informatica Hands-on skills in J2EE specifications like JAX-RS, JAX-WS Cloud Solutions – Openshift or AWS Containers Management –using tools like Docker, Rocket and Drawbridge Elastic Scaling – using tools like Nginx, HAProxy or PAAS like Openshift Dynamic Discover – using tools like Zookeeper or Etcd Configuration Management – using tools like Zookeeper, Etcd, Spring, Puppet/Chef, Ansible Continuous Integration – using tools like Maven and Jenkins Continuous Deployment – using tools like Jenkins, Nolio or Go Assembly Development – using frameworks like Apache Camel or Node.js UI Development – using frameworks like Node.js, REACT, AngularJS or Backbone IDL Definition – using tools like RAML or Swagger Code Development – using IDE’s like Eclipse or IntelliJ Web API’s – for Information Exchange Collaboration – using tools like Git-Hub and JIRA Hands experience and Knowledge of microservices architecture Strong in Oracle or SQL Server PL/SQL development and designing data model. Understanding of continuous build concept and usage with maven, sonarqube or other related tools. Web services, API design, Defining Specification using swagger/RAML. Dev Ops Tools and CI/CD Processes –GitFlow, BitBucket etc. Experience with automated test configuration. Good to have experience in containerization technologies - Kubernetes About Standard Chartered We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us. Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion. Together We Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term What We Offer In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing. Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations. Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum. Flexible working options based around home and office locations, with flexible working patterns. Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning. Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Role & responsibilities Conduct Vulnerability Assessment and Penetration Testing (VAPT) on in-house web applications, iOS applications, Android applications, network infrastructure, and AWS (Cloud) services. Identify and analyze security vulnerabilities, weaknesses, and misconfigurations in the above mentioned systems. Develop comprehensive reports detailing identified vulnerabilities, potential risks, and recommended remediation strategies. Collaborate with development, operations, and IT teams to prioritize and implement security fixes and improvements. Continuously monitor and assess the security posture of internal systems and recommend proactive measures to enhance security. Stay updated with the latest security threats, vulnerabilities, and industry best practices related to web applications, mobile applications, networks, and cloud environments. Participate in incident response activities, including investigating security incidents and providing support in remediation efforts. Contribute to the development and maintenance of security policies, procedures, and standards. Provide training and awareness sessions to staff on the latest cyber security trends, best practices, and emerging threats to enhance the overall security posture of the organization.

Offensive Security Professional Job Req ID: 49030 Posting Date: 15 Jul 2025 Function: Software Engineering Unit: Networks Location: Building No 14 Sector 24 & 25A, Gurugram, India Salary: Competitive Hiring Manager: Abhishar Balodhi Recruiter: Archana SM Location: Gurugram Carrer Level: E Why BT We’ve always been an organisation with a purpose; to use the power of communication to make a better world. You can trace this back to our beginning as pioneers of the world’s firs telecommunications company. At our heart we’re a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed.Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale capable of achieving great things. From supporting emergency services, hospitals, banks and keeping economies around the world online, safe and secure, to delivering large scale technology infrastructure like the creation of BT Sport. Today in this fast-changing, always on, digital world our purpose remains true. Yet the market conditions, regulations and competition we face are tougher than ever before. So, if you have the drive, optimism and resilience to help propel us forward we’ll offer unrivalled personal development, a wealth of opportunities to learn, experience new things and pursue new careers. If that’s you and what you’re looking for, we’d love you to be part of our future. Why this job matters As an experienced Information Security Services provider we will help lead a highly motivated team laser-focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What I’ll be doing – your accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support – Protect BT ISO27001 certificate for Offensive Security team The skills you need Pentest Skills – Web application pentest (OWASP,NIST framework), Network pentest (Linux,windows),API & Mobile pentest. Networking Skills – TCP/IP packet level understanding,Routing,Switching,firewall understanding. Linux Skills – Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework(CVE/CVSS) and Security assessment tools (such as Nmap,Metasploit, Burp Suite, SQLmap, Nessus) Regulatory Understanding - PCI DSS guidelines, GDPR. Experience you would be expected to have Mandatory 2-4 Years experience in the field on pentesting. Mandatory Bachelor's Degree or higher preferred. CEH,OSCP,CREST,LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable of working successfully with end customers PREFERRED. Our leadership standards Looking in: Leading inclusively and Safely I inspire and build trust through self-awareness, honesty and integrity. Owning outcomes I take the right decisions that benefit the broader organisation. Looking out: Delivering for the customer I execute brilliantly on clear priorities that add value to our customers and the wider business. Commercially savvy I demonstrate strong commercial focus, bringing an external perspective to decision-making. Looking to the future: Growth mindset I experiment and identify opportunities for growth for both myself and the organisation. Building for the future I build diverse future-ready teams where all individuals can be at their best. About us BT is part of BT Group, along with EE, Openreach, and Plusnet. Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding. We value diversity and celebrate difference. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’ We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help and support, learning and development. This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it. A FEW POINTS TO NOTE: Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch. We will also offer reasonable adjustments for the selection process if required, so please do not hesitate to inform us. DON'T MEET EVERY SINGLE REQUIREMENT? Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.

Job Title:- Penetration Tester We are looking for Penetration Tester to join our security team & who will be responsible for Web & Mobile VAPT. Job Description : Qualysec Technologies is seeking a skilled and highly motivated Penetration Tester to join our fabulous security team in Bhubaneswar. The Penetration Tester will be mainly responsible for performing security testing of Web & Mobile applications including identifying, evaluating, and exploiting vulnerabilities in various systems, networks, and applications. Qualification :- Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. Experience :- 0 to 1 years Location :- Bhubaneswar Job Type :- Full Time Responsibilities Perform vulnerability assessments & penetration testing (VAPT) on Web, APIs and mobile applications Identify and exploit vulnerabilities in products under test prepare reports by documenting identified issues based on internal templates Collaborating with other team members to improve the overall security posture of our clients. Enhance technical skills & knowledge by Staying up-to-date with emerging threats and vulnerabilities Skills Required Knowledge in penetration testing, vulnerability assessment, and ethical hacking. Knowledge in Pentesting of various applications i.e Web, Mobile (Android & iOS), APIs, Cloud (AWS / Azur )etc. Strong knowledge of security assessment tools such as Metasploit, BurpSuite, ZAP, OWASP tools, Kali Linux tools and Fuzzing tools Hands-on experience with manual and automated penetration testing methodologies. Experience in working with Standards such as NIST, OWASP, MITRE CWE etc. Strong understanding of network protocols, operating systems, and web application technologies. Excellent written and verbal communication skills, with the ability to clearly document and communicate findings and recommendations. About Us Qualysec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services. Our tailored solutions help businesses proactively defend against evolving cyber threats. With over four years of experience, we take pride in having served more than 150 clients across 21 countries—a testament to our commitment to quality and resilience. Our dynamic work environment and employee-focused culture drive our continuous growth and success. Job Type: Full-time Schedule: Day shift Job Types: Full-time, Permanent Work Location: In person

Security Analyst/ Pen Tester Join us as a Security Analyst at Dedalus , one of the World’s leading healthcare technology companies, at our team in Chennai, India to do the best work of your career and make a profound impact in providing better care for a healthier planet. What you’ll achieve As a Security Analyst , you will be part of our highly successful team, utilising your skills for Security Vulnerability Analysis/ Penetration Testing where you will test, assess, exploit & report the security vulnerabilities in the software application, infrastructure and provide recommendations for the suitable solution/ remedy. Working with an extended highly skilled team, you will be making a profound impact throughout the healthcare sector. You will: Security Vulnerability Analysis/ Threat Modelling & Risk Assessment Executing static code review using automated SAST tools & False Positive Analysis Performing dynamic testing (DAST) using automated tools like Burp-suite, Invicti/ Nessus Manual Penetration Testing and Ethical Hacking technics to exploit vulnerabilities Prepare assessment & validation report on the vulnerabilities & risks with impact, artifacts, recommended solution/ mitigation and POCs Explain threats & present assessment reports to Developer/ Architect community Take the next step towards your dream career. At Dedalus Life flows through our software. Every day we do something special by helping caregivers and health professionals deliver better care to their served communities. Take the next step in your career that will make a profound impact. Here’s what you’ll need to succeed: Essential Requirements: Minimum four-year experience in security vulnerability analysis and Pen testing (VAPT) on cloud services, web products/ enterprise applications. Ability to execute Appsec tools; Mandatory to know industry standard tools like – Burp-suite, Invicti & Fortify (or any SAST tool), Cloud-Native tools and open-source tools like - Kali, Nmap, Wireshark, Metasploit, ZAP, Echo Mirage. Technical Knowledge on SDLC and implementation essentials of various application types - Desktop, Web, API, Mobile (Hybrid/ Native) & Cloud (AWS, Azure, or GCP). Ability to understand & review Java or .NET (must have), Angular (nice to have) code with respect to security vulnerability. Clear understanding on OWASP, GDPR/ ISO Security standards. Exposure to DevAppSec automation & scripting is preferred. Valid Certification in VAPT/ Ethical Hacking in Mobile /Web /Cloud security is must. Knowledge of AI tools & securing Docker containers like Kubernetes are advantages. Understanding of real world threats & data protection acts are preferred We are Dedalus, come join us Dedalus is committed to providing an engaging, rewarding work experience that reflects the passion our employees bring to our mission of helping clinicians and nurses deliver better care to their served communities. Our company fosters a culture where employees are encouraged to learn and innovate, and to enable and enhance clinical co-operation and processes while making a meaningful difference for millions of people around the world. Each person is the end point and the starting point of the Group’s activities and the ultimate beneficiary. For this reason, we are so proud of doing our very special jobs each day. Our company is enriched by a diverse population of 7,600 people in more than 40 countries that work together to innovate and drive better healthcare options for millions of patients around the world. We are the people of Dedalus. Application Closing date: 18th August 2025 Our Diversity & Inclusion Commitment sets out Dedalus’ approach to ensuring respect, inclusion and success for all our colleagues and the wider communities we operate in. It is imperative for us to share our commitment and dedication to ensure an inclusive and diverse workplace. We recognise that we have improvements to make and on this journey, we must remain authentic and realistic but also ambitious. Our diversity & inclusion commitment – Dedalus Global Life Flows Through Our Software

Job Description We are looking for an experienced VAPT professionals to join our cybersecurity team. The ideal candidate will have a strong background in identifying, assessing, and mitigating security vulnerabilities in network and application environments through comprehensive penetration testing and vulnerability assessments. About Us ProTechmanize Solutions is an Information Technology product and services company, established by professionals with a cumulative experience of over 20 years in the field of Cyber Security, Information Technology, IT Security & Software Development. ProTechmanize team believes in providing a right set of solutions and services to their customer by tailored programs. Key Responsibilities Conduct regular vulnerability assessments of network infrastructure, applications, and systems to identify security weaknesses. Perform detailed penetration tests to simulate cyberattacks and exploit vulnerabilities, providing a clear understanding of potential risks. Prepare detailed reports of findings, including risk levels and recommended remediation actions, and present these to stakeholders. Work with IT and development teams to address and remediate identified vulnerabilities, ensuring effective implementation of security controls. Utilize and maintain various security tools and platforms (e.g., Nessus, Metasploit, Burp Suite) to conduct assessments and tests. Provide expert advice on improving security posture and implementing best practices for vulnerability management. Stay updated with the latest security trends, threats, and technologies to continuously enhance testing methodologies and tools. Ability to lead the team and provide Expert advice on client calls. Technical Skills And Requirements Bachelor's degree in Computer Science, Information Security, or a related field. 1.5+ to 4 years of hands-on experience in vulnerability assessment and penetration testing. Proficiency in various domains such as Application security OWASP, API security testing, Network security & Mobile app security. Exposure to Secure Code Review using Checkmarx or HP Fortify is preferred. Strong understanding of common attack vectors, vulnerability exploitation techniques, and security testing methodologies (OWASP,). Soft Skills Excellent analytical and problem-solving skills with a meticulous attention to detail. Strong verbal and written communication skills, with the ability to convey complex security issues to non-technical stakeholders. Ability to work collaboratively with cross-functional teams in a fast-paced environment Note : Only candidates with the required experience should apply. This position requires hands-on experience in VAPT. (ref:hirist.tech)

Hands-on experience with testing frameworks in line with Web App, Mobile, Web Services/APIs, Network & blockchain. Experience in both commercial and open source tools likeBurp Professional, Nmap, Kali, Metasploit, etc. Experience with Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. Experience in preparing a security threat model and associated test plans. Experience in translating the complex security threats to simpler procedures for web application developers, systems administrators, and management to understand security testing results. In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) is preferred. Knowledge of current information security threats Primary Skills Web App, Mobile, Web Services/APIs, Network & blockchain. Burp Professional, Nmap, Kali, Metasploit, etc. Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. Security threat model and associated test plans. Java, Scala, C#, Ruby, Perl, Python, PowerShell.

Hiring Manager: Abhishar Balodhi Recruiter: Archana SM Location: Gurugram Carrer Level: E Why BT We’ve always been an organisation with a purpose; to use the power of communication to make a better world. You can trace this back to our beginning as pioneers of the world’s firs telecommunications company. At our heart we’re a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed.Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale capable of achieving great things. From supporting emergency services, hospitals, banks and keeping economies around the world online, safe and secure, to delivering large scale technology infrastructure like the creation of BT Sport. Today in this fast-changing, always on, digital world our purpose remains true. Yet the market conditions, regulations and competition we face are tougher than ever before. So, if you have the drive, optimism and resilience to help propel us forward we’ll offer unrivalled personal development, a wealth of opportunities to learn, experience new things and pursue new careers. If that’s you and what you’re looking for, we’d love you to be part of our future. Why this job matters As an experienced Information Security Services provider we will help lead a highly motivated team laser-focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What I’ll Be Doing – Your Accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support – Protect BT ISO27001 certificate for Offensive Security team The skills you need Pentest Skills – Web application pentest (OWASP,NIST framework), Network pentest (Linux,windows),API & Mobile pentest. Networking Skills – TCP/IP packet level understanding,Routing,Switching,firewall understanding. Linux Skills – Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework(CVE/CVSS) and Security assessment tools (such as Nmap,Metasploit, Burp Suite, SQLmap, Nessus) Regulatory Understanding- PCI DSS guidelines, GDPR. Experience you would be expected to have Mandatory 2-4 Years experience in the field on pentesting. Mandatory Bachelor's Degree or higher preferred. CEH,OSCP,CREST,LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable Of Working Successfully With End Customers PREFERRED. Our leadership standards Looking in: Leading inclusively and Safely I inspire and build trust through self-awareness, honesty and integrity. Owning outcomes I take the right decisions that benefit the broader organisation. Looking out: Delivering for the customer I execute brilliantly on clear priorities that add value to our customers and the wider business. Commercially savvy I demonstrate strong commercial focus, bringing an external perspective to decision-making. Looking to the future: Growth mindset I experiment and identify opportunities for growth for both myself and the organisation. Building for the future I build diverse future-ready teams where all individuals can be at their best. About Us BT is part of BT Group, along with EE, Openreach, and Plusnet. Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding. We value diversity and celebrate difference. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’ We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help and support, learning and development. This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it. A FEW POINTS TO NOTE: Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch. We will also offer reasonable adjustments for the selection process if required, so please do not hesitate to inform us. DON'T MEET EVERY SINGLE REQUIREMENT? Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.

Description and Requirements "At BMC trust is not just a word - it's a way of life!" Description And Requirements CareerArc Code CA-DN Hybrid "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles And Responsibilities Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Optional: Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks. Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,725,800 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply.

Information Protection Lead Analyst - HIH - Evernorth Job Description: Position Summary: The Information Protection Lead Analyst - Penetration Testing is responsible for conducting vulnerability assessments, threat modeling, penetration tests, and red team campaigns of Cigna’s IT infrastructure and applications. This role will work closely with the Information Protection Senior Manager to identify, evaluate, and remediate potential weaknesses in Cigna’s systems using both manual and automated methods. As a member of the Cyber Security Incident Response Team, this role will provide second and third level incident response services to the global Cigna enterprise to address Cyber Security threats to the enterprise. Daily activities will include analysis of logs, memory and disc artifacts and the use of a variety of commercial and open source security tools to respond to and triage threats in global enterprise. This role will focus on Threat Hunting and Incident Response capabilities within Cloud Service Provider environments. About Cigna: Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we don’t just care about your well –being, we care about your career health too. That’s why when you work with us, you can count on a different kind of career – you’ll make a difference, learn a ton and share in changing the way people think about healthcare. Responsibilities : Lead and execute internal and external penetration tests against corporate web applications, APIs, networks, Windows and Unix variants to discover vulnerabilities Lead and execute mobile application penetration tests for both Android and iOS based devices Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation Develop scripts, tools or methodologies to enhance Cigna’s penetration testing processes Experience in application vulnerability assessment tools (Burp OR ZAP.) Experience with network and server assessment tools (e.g. Nessus, metasploit, nmap, nikto, etc.) Understanding of web application frameworks (React, Springboot, Ruby on Rails, J2EE, PHP, ASP.NET) Strong experience in manual and automated techniques for penetration testing and executing vulnerability assessments Knowledge of Windows and *nix-based operating systems Knowledge of networking fundamentals and common attacks Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell) Understanding of Android/iOS based platforms (e.g. Java, Swift, Objective C) Exploit development and validation skills Ability to analyze vulnerabilities, appropriately characterize threats, and provide remediation recommendations Understanding of core Internet protocols (e.g. DNS, HTTP, TCP, UDP, TLS, IPsec) Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.) Demonstrated ability to coordinate people and lead teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities Qualifications: High School diploma; Bachelor's degree preferred 5-8 years or more of penetration testing experience One or more professional certifications such as PNPT, CBBH, CPTS, OSCP GPEN, GWAPT, GMOB Passionate about security and finding new ways to break into systems as well as defend them Strong analytical and problem solving skills with the ability to “think outside the box” Ability to work in a flexible environment where requirements and procedures continuously evolve Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Information Protection Senior Analyst - HIH - Evernorth Job Description Summary The Information Protection Senior Analyst - Penetration Testing , is responsible for conducting vulnerability assessments, threat modeling, penetration tests of Cigna’s IT infrastructure and applications. This role will work closely with the Information Protection Senior Manager to identify, evaluate, and remediate potential weaknesses in Cigna’s systems, using both manual and automated methods. About Cigna Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we don’t just care about your well–being, we care about your career health too. That’s why, when you work with us, you can count on a different kind of career – you’ll make a difference, learn a ton, and share in changing the way people think about healthcare. Responsibilities Execute internal and external penetration tests against corporate web applications, APIs, networks, infrastructure and operating systems in order to discover vulnerabilities. Execute mobile application penetration tests for both Android and iOS based devices. Execute penetration tests in cloud-hosted environments. Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation, and communicate risk findings with development and infrastructure teams. Develop scripts, tools, or methodologies to enhance Cigna’s penetration testing processes. Work as part of a team to identify risks, communicate to key stakeholders, and provide value to the organization. Skills required Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment. Coordinate with people and teams to forecast activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Knowledge of Windows and *nix-based operating systems. Understanding of core Internet protocols (e.g. TCP, UDP, DNS, HTTP, TLS, IPsec) and the OSI model. Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.). Understanding of Cloud environments such as SaaS, PaaS and IaaS. Basic exploit development and validation skills. Proficiency in application vulnerability assessment tools (Burp or ZAP Proxy). Proficiency in network and server assessment tools (e.g. Nessus, metasploit, nmap, nikto, etc.) Understanding of web application frameworks (React, Springboot, Ruby on Rails, J2EE, PHP, ASP.NET). Proficiency in manual and automated techniques for penetration testing and executing vulnerability assessments. Knowledge of networking fundamentals and common attacks. Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell.) Understanding of Android/iOS based platforms (e.g. Java, Swift, Objective C). Ability to analyze vulnerabilities and misconfigurations, appropriately characterize threats, and provide remediation recommendations. Qualifications High School diploma; Bachelor's degree preferred. 3-5 years or more of penetration testing experience. Pentest+, CEH, PJPT - Certified in or similar experience ( any of these) Passionate about security and finding new ways to break into systems, as well as defend them. Strong analytical and problem solving skills, with the ability to “think outside the box”. Ability to work in a flexible environment where requirements and procedures continuously evolve. Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences. About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Information Protection Analyst - HIH - Evernorth Job Description Summary The Information Protection Analyst - Penetration Testing , is responsible for conducting vulnerability assessments, threat modeling, penetration tests of Cigna’s IT infrastructure and applications. This role will work closely with the Information Protection Senior Manager to identify, evaluate, and remediate potential weaknesses in Cigna’s systems, using both manual and automated methods. About Cigna Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we don’t just care about your well–being, we care about your career health too. That’s why, when you work with us, you can count on a different kind of career – you’ll make a difference, learn a ton, and share in changing the way people think about healthcare. Responsibilities Execute internal and external penetration tests against corporate web applications, APIs, networks, infrastructure and operating systems in order to discover vulnerabilities. Execute mobile application penetration tests for both Android and iOS based devices. Execute penetration tests in cloud-hosted environments. Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation, and communicate risk findings with development and infrastructure teams. Develop scripts, tools, or methodologies to enhance Cigna’s penetration testing processes. Work as part of a team to identify risks, communicate to key stakeholders, and provide value to the organization. Skills required Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment. Coordinate with people and teams to forecast activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Knowledge of Windows and *nix-based operating systems. Understanding of core Internet protocols (e.g. TCP, UDP, DNS, HTTP, TLS, IPsec) and the OSI model. Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.). Understanding of Cloud environments such as SaaS, PaaS and IaaS. Basic exploit development and validation skills. Proficiency in application vulnerability assessment tools (e.g. Burp, Checkmarx, AppScan, WebInspect, Cenzic, etc.). Proficiency in network and server assessment tools (e.g. Nessus, metasploit, nmap, nikto, etc.) Understanding of web application frameworks (React, Springboot, Ruby on Rails, J2EE, PHP, ASP.NET). Proficiency in manual and automated techniques for penetration testing and executing vulnerability assessments. Knowledge of networking fundamentals and common attacks. Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell.) Mobile application coding experience with Android/iOS based platforms (e.g. Java, Swift, Objective C). Ability to analyze vulnerabilities and misconfigurations, appropriately characterize threats, and provide remediation recommendations. Qualifications High School diploma; Bachelor's degree preferred. 1-3 years of penetration testing experience. Passionate about security and finding new ways to break into systems, as well as defend them. Strong analytical and problem solving skills, with the ability to “think outside the box”. Ability to work in a flexible environment where requirements and procedures continuously evolve. Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences. About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Job Title: Consultant – VAPT Location: Navi Mumbai Experience Required: 2+ years Industry: Consulting Domain: Banking and Financial Services Work Mode: Work from Office (WFO) Joining: Immediate joiners preferred Key Responsibilities: Conduct end-to-end Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, network, and cloud infrastructure. Perform security assessments as per OWASP Top 10, SANS 25, and relevant standards. Identify, exploit, and document vulnerabilities with detailed remediation recommendations. Prepare technical and executive-level reports and present findings to internal teams and clients. Coordinate with client IT/security teams for fixes and re-validation. Maintain documentation and ensure adherence to security governance frameworks. Support audit and compliance requirements (e.g., RBI, ISO 27001, etc.). Work with Banking and Financial Services clients in a consulting environment. Desired Skills & Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field. Relevant certifications preferred: CEH, OSCP (or working toward it) . Strong knowledge of security tools (Burp Suite, Nessus, Nmap, Metasploit, etc.). Understanding of BFS sector security needs and regulatory landscape. Good communication skills and client handling experience. Exposure to security governance and policy frameworks is a plus.

Job Purpose Provides hands-on technical and security support across enterprise environments, including performing manual security testing, assisting with vulnerability identification and remediation, and supporting threat response activities. Contributes to cloud security posture monitoring, participates in responsible disclosure and bug bounty processes, and supports ongoing compliance initiatives. Aids in the investigation and response to security incidents, monitors threat intelligence sources, and helps implement security controls across systems, applications, and Office365 environments. Also assists with maintaining documentation and gathering evidence for audits related to SOC 2 Type 2, PCI-DSS, and ISO 27001 frameworks. Supports sales and client teams by contributing to responses for security audits, risk assessments, and customer security questionnaires. Job Responsibilities Essential Functions: Responsibilities This position operates under limited supervision with a high degree of independence in day-to-day security tasks. The Security Engineer supports enterprise security operations, infrastructure protection, and compliance efforts. Key responsibilities include: Perform manual security testing and assist with 2nd and 3rd level investigation and resolution of security-related support tickets. Participate in vulnerability management processes, including scanning, tracking, reporting, and remediation assistance. Monitor and support cloud security posture across environments (e.g., AWS, Azure), contributing to secure configuration and alerting. Support Office365 security administration and monitoring efforts Assist in monitoring threat intelligence feeds and help correlate findings with internal environments to identify potential risks. Respond to and support the triage and resolution of security incidents in coordination with internal teams and vendors to minimize business impact. Contribute to the intake and triage process for responsible disclosure reports and bug bounty submissions. Provide security support for customer audits and sales enablement activities by helping to complete security questionnaires and assessments. Assist with maintaining and collecting evidence for compliance frameworks such as SOC 2 Type 2, PCI-DSS, and ISO 27001. Help train and support internal teams in secure configurations and processes. Work with internal infrastructure, development, and compliance teams to implement and maintain security standards and controls. Research, test, and provide input on new security tools, products, and practices. Maintain accurate records of work performed, including documentation and ticketing of changes and issues. Non-Essential Functions May be required to participate in an on-call rotation outside of normal business hours to support security incident response or high-priority investigations. May assist with ad-hoc security-related tasks or projects outside of core responsibilities Requirements Required Education and Experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent technical experience Minimum 3+ years of experience in information security, cybersecurity, or in a security engineering role Hands-on experience with manual security testing and vulnerability management practices Working knowledge of private and public cloud environments and cloud security posture management (e.g., AWS, Azure, or GCP) Familiarity with security compliance frameworks (SOC 2 Type 2, PCI-DSS, ISO 27001) Experience with MS Azure security and Office365 security tools (e.g., Microsoft Defender, Purview, Security & Compliance Center) Understanding of incident response processes and tools Exposure to responsible disclosure or bug bounty program workflows Ability to document technical findings and produce support materials for audit and remediation purposes Minimum 2+ years of experience with Penetration Testing tools such as Nmap, Burp Suite, OWASP ZAP, Nikito, SQLmap, Postman, MetaSploit, Mimikatz, Bloodhound, Maltego and others Preferred Education And Experience Bachelor’s degree or equivalent experience. Related certifications Expected Competencies Strong verbal and written communication skills Must be able to prioritize and take initiative Demonstrate excellent service skills Strong English communication skills, both written and verbal Work Schedule Monday through Friday from 12 PM to 9 PM IST. This will provide healthy overlap between India team and US team and supporting both to ensure adequate collaboration. This role will be working in Hybrid Mode and will require at least 2 days’ work from office at Hyderabad or Gurugram Travel This position may require up to 10% travel. Travel may be outside the local area and overnight EEO Statement Cendyn provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Cendyn complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Cendyn expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Cendyn’s employees to perform their job duties may result in discipline up to and including discharge. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Product-Security Technology Centre is responsible for ensuring that IBM products are secure by conducting timely Security reviews, penetration testing and following SPbD practices. As a penetration tester you will perform security testing of IBM product and SAAS offerings in development and production environment. You will also closely work with IBM product development teams to strengthen the security posture of their products by participating in threat model, source code security testing and share best practices / lessons learnt for secure coding/design. Key responsibilities Plan the penetration test Select, design and create appropriate tools for testing Perform the penetration test on computer systems, networks, web-based and mobile applications Document your methodologies, findings Gather the data intelligence not only from the output of the automated penetration tools but also from information gathered from interaction with product teams , previous results , threat model and source code scanning inputs. Review your findings and feedback to development teams Analyse the outcomes and make recommendations for security improvements Carry out application, network, systems and infrastructure penetration tests Review physical security and perform social engineering tests where appropriate Evaluate and select from a range of penetration testing tools Keep up to date with latest testing and ethical hacking methods Deploy the testing methodology and collect data Report on findings to a range of stakeholders Make suggestions for security improvements Enhance existing methodology material Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Experience – More than 5years in Cybersecurity Web Application Testing Basic understanding of HTTP Protocol HTTP Methods, Request/Response Headers, Cookies, TCP/IP connections over HTTP etc. Basic understanding of HTML/JavaScript Good Understanding of security vulnerabilities, OWASP Top 10 vulnerabilities Automated Testing Must have knowledge of at least one of IBM AppScan OR BurpSuite scanner. (Good to have knowledge of both the tools.) Should be able to configure automated scanner (such as Login sequence, manually exploring critical flaws, Policy customization, scan throttling, etc) to perform successful scan. Assessment of scanner results and intelligently identifying false positives from the scan results. Knowledge of Burp features mainly, Spider, Intruder, Scanner, Repeater and Extender. Manual Testing. Should be able to understand the above mentioned OWASP Top 10 categories to perform manual testing. Flaws like, Authentication (session management) testing, CSRF, business logic testing which are not detected by an automated scanner must be identified using manual testing. Understanding of the workflow of the application and identifying the entry points to detect possible vulnerabilities. Preferred Professional and Technical Expertise : Webservice Testing SOAP/REST APIs testing. Configuring cURL commands and POSTMAN tool to capture the request in automated scanner. Network Testing Basic understanding of networking protocols such as TCP, UDP, DNS, DHCP etc. Basic understanding of network devices like router, switches, firewall/IDS/IPS etc.. Network scanning tools such as Nessus, Nmap, Metasploit etc. Exploitation and Post Exploitation of network vulnerabilities. Threat Model and Source code security scanning Perform/Participate in threat model creation/design or review Perform source code security scanning using (SAST) tools like Sonarqube, AppScan, Mend and other popular open-source tools. Preferred technical and professional experience Security Certifications Any of the security certifications such as CEH, ECSA, EWPT, EWPTX, OSCP, GPEN, GWAPT etc

Job Title: Cyber Security Analyst Location: Indore, Madhya Pradesh, India Company: Cyber Mindsets Experience: 1 to 3 Years Employment Type: Full-time Company Website: www.cybermindsets.com Job Description: Cyber Mindsets is seeking a skilled and motivated Cyber Security Analyst to join our Security Operations Centre (SOC) in Indore. The ideal candidate will have 1 to 3 years of hands-on experience in security monitoring, incident response, and threat hunting. You must have strong working knowledge of offensive security tools such as Burp Suite and others. Additionally, experience in training and development—especially conducting classroom sessions on cybersecurity concepts—is a key requirement for this role . Key Responsibilities: Monitor, analyse, and respond to security events and alerts from SIEM and other security tools Investigate security incidents, conduct root cause analysis, and provide timely resolution Perform vulnerability assessments and penetration tests using tools such as Burp Suite , Nmap, Metasploit, etc. Identify security gaps and recommend improvements in systems and networks Create detailed reports and maintain security documentation and playbooks Stay current with evolving cybersecurity threats, trends, and best practices Conduct classroom-based training sessions on cybersecurity topics for junior team members and other stakeholders Mentor junior analysts and contribute to their skill development through structured learning programs Requirements: 1–3 years of experience working in a Security Operations Center (SOC) Hands-on expertise with offensive security tools (e.g., Burp Suite, OWASP ZAP, Kali Linux) Good understanding of network protocols, operating systems, and common attack vectors Experience delivering technical classroom training on cybersecurity concepts Familiarity with SIEMs, IDS/IPS, EDR, firewalls, and endpoint protection solutions Strong analytical, troubleshooting, and documentation skills Excellent communication and interpersonal abilities Relevant certifications such as CEH, OSCP, or Security+ are preferred Why Join Cyber Mindsets? Be part of a dynamic cybersecurity firm with a strong focus on real-world threat detection and red-team operations Work in a collaborative and knowledge-sharing environment Take the lead in shaping future talent through training and mentoring opportunities Continuous learning and professional development encouraged and supported Learn more about us at: www.cybermindsets.com Job Type: Full-time Pay: ₹240,000.00 - ₹360,000.00 per year Benefits: Cell phone reimbursement Internet reimbursement Paid sick time Supplemental Pay: Performance bonus Shift allowance Application Question(s): Are you available immediately? Do you have experience in training and mentorship ? Are you available in Indore Madhya Pradesh or willing to relocate? Experience: Information security: 1 year (Preferred) Work Location: In person

Key Responsibilities: · Conduct advanced network vulnerability assessments and penetration tests for client infrastructures. · Utilize Nessus for comprehensive vulnerability scanning and management. · Perform advanced penetration testing using industry-standard tools. · Conduct detailed configuration reviews of network devices, servers, and other infrastructure components. · Develop and implement remediation strategies to address identified vulnerabilities. · Collaborate with client IT teams to enhance their security posture. · Provide detailed security reports and actionable recommendations to clients. · Stay current with emerging security threats and technologies. Qualifications: · Bachelor's degree in Information Security, Computer Science, or related field. · 3+ years of experience in infrastructure security. · Proficiency in using Nessus and other vulnerability scanning tools. · Strong understanding of network security principles and advanced penetration testing techniques. · Experience with security tools such as Metasploit, Nmap, Kali Linux · Excellent analytical and problem-solving skills. · Relevant certifications such as OSCP, CEH or equivalent are a plus. Skills: · Network Vulnerability Assessment and Penetration Testing (VAPT) · Nessus · Advanced Penetration Testing · Configuration Review · Metasploit, Nmap, Wireshark, Kali Linux · Vulnerability Management Stay updated on our latest job openings and industry insights by following us on LinkedIn: eSec Forte® Technologies

Penetration testing JD Job Description (Senior Cyber Security Analyst – Network Penetration Testing) Responsibilities: Perform comprehensive security assessments on network infrastructure, including routers, switches, firewalls, and VPNs, to identify weaknesses and potential entry points for attackers. In-depth understanding of the assumed breach methodology in the active directory environment. Identify, exploit, and document security vulnerabilities to demonstrate potential impact and provide remediation recommendations. Evaluate wireless networks for vulnerabilities such as WPA/WPA2 cracking, rogue access points, and misconfigured wireless security settings. Conduct web application penetration testing, including SQL injection, cross-site scripting (XSS), and authentication bypass techniques, to uncover vulnerabilities in web-based systems. Knowledge of regulatory requirements, compliance frameworks, and industry standards related to cybersecurity (e.g., PCI DSS, NIST, ISO 27001) is beneficial. Proficiency in multiple operating systems (Windows, Linux, macOS), networking protocols, and security tools such as Nessus, Metasploit, Cobalt Strike, Empire, BloodHound, and Burp Suite. Profile Required: 3+ years of experience. Good to have certifications: OSCP CRTO PNPT ECPTX #ActiveDirectory #RedTeam #WifiPentest #WindowsPrivilegeEscalation #LinuxPrivilegeEscalation #WebApplicationSecurity Specific Context Within Societe Generale Global Solution Center (SGGSC), you will join Global Cybersec Capability Centre (G3C) team based out of Bengaluru, working in Pentest team to contribute in the Global pentest practice. Environment At Société Générale, we are convinced that people are drivers of change, and that the world of tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious. Whether you’re joining us for a period of months, years or your entire career, together we can have a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA. If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a daily basis and develop or strengthen your expertise, you will feel right at home with us! Still hesitating? You should know that our employees can dedicate several days per year to solidarity actions during their working hours, including sponsoring people struggling with their orientation or professional integration, participating in the financial education of young apprentices and sharing their skills with charities. There are many ways to get involved.

Job Title: Cyber Security Analyst Location: Indore, Madhya Pradesh, India Company: Cyber Mindsets Experience: 1 to 3 Years Employment Type: Full-time Company Website: www.cybermindsets.com Job Description: Cyber Mindsets is seeking a skilled and motivated Cyber Security Analyst to join our Security Operations Centre (SOC) in Indore. The ideal candidate will have 1 to 3 years of hands-on experience in security monitoring, incident response, and threat hunting. You must have strong working knowledge of offensive security tools such as Burp Suite and others. Additionally, experience in training and development—especially conducting classroom sessions on cybersecurity concepts—is a key requirement for this role . Key Responsibilities: Monitor, analyse, and respond to security events and alerts from SIEM and other security tools Investigate security incidents, conduct root cause analysis, and provide timely resolution Perform vulnerability assessments and penetration tests using tools such as Burp Suite , Nmap, Metasploit, etc. Identify security gaps and recommend improvements in systems and networks Create detailed reports and maintain security documentation and playbooks Stay current with evolving cybersecurity threats, trends, and best practices Conduct classroom-based training sessions on cybersecurity topics for junior team members and other stakeholders Mentor junior analysts and contribute to their skill development through structured learning programs Requirements: 1–3 years of experience working in a Security Operations Center (SOC) Hands-on expertise with offensive security tools (e.g., Burp Suite, OWASP ZAP, Kali Linux) Good understanding of network protocols, operating systems, and common attack vectors Experience delivering technical classroom training on cybersecurity concepts Familiarity with SIEMs, IDS/IPS, EDR, firewalls, and endpoint protection solutions Strong analytical, troubleshooting, and documentation skills Excellent communication and interpersonal abilities Relevant certifications such as CEH, OSCP, or Security+ are preferred Why Join Cyber Mindsets? Be part of a dynamic cybersecurity firm with a strong focus on real-world threat detection and red-team operations Work in a collaborative and knowledge-sharing environment Take the lead in shaping future talent through training and mentoring opportunities Continuous learning and professional development encouraged and supported Learn more about us at: www.cybermindsets.com Job Type: Full-time Pay: ₹240,000.00 - ₹360,000.00 per year Benefits: Cell phone reimbursement Internet reimbursement Paid sick time Supplemental Pay: Performance bonus Shift allowance Application Question(s): Are you available immediately? Do you have experience in training and mentorship ? Are you available in Indore Madhya Pradesh or willing to relocate? Experience: Information security: 1 year (Preferred) Work Location: In person

Senior Security Consultant (VAPT Specialist) Company Overview We are seeking a highly skilled and experienced Senior VAPT Specialist to join our cybersecurity team. This role is ideal for a security professional who excels in a client-facing environment and possesses in-depth expertise in both offensive and defensive security practices. Position Summary As a Senior VAPT Specialist, you will be responsible for conducting comprehensive security assessments, managing client relationships, and delivering high-quality penetration testing services. You will work with diverse clients to identify vulnerabilities, assess security postures, and provide actionable recommendations to enhance their cybersecurity defenses but not limited to. Key ResponsibilitiesClient Management & Communication Serve as the primary technical point of contact for assigned clients during security assessments Conduct client briefings, status updates, and final presentation meetings Translate complex technical findings into business-relevant insights for stakeholders Maintain professional relationships and ensure client satisfaction throughout project lifecycles Prepare and deliver comprehensive reports with clear remediation guidance Security Testing & Assessment Perform comprehensive vulnerability assessments and penetration testing across multiple domains: Web Application Security Testing : Identify and exploit vulnerabilities in web applications, including but not limited to OWASP Top 10 vulnerabilities Mobile Application Security Testing : Assess the security of iOS and Android applications, including static and dynamic analysis API Security Testing : Evaluate REST, SOAP, and GraphQL APIs for security weaknesses Network Penetration Testing : Conduct internal and external network assessments, including wireless security testing Source Code Review : Perform manual and automated static code analysis to identify security flaws Cloud Security Configuration Review : Assess cloud infrastructure configurations across AWS, Azure, and GCP platforms Threat Modeling & Risk Assessment Develop comprehensive threat models for client applications and infrastructure Conduct risk assessments and prioritize security findings based on business impact Design attack scenarios and security test cases based on threat intelligence Collaborate with development teams to integrate security into SDLC processes Red Team Operations Plan and execute red team exercises to simulate real-world attack scenarios Develop custom tools and exploits for specific client environments Conduct social engineering assessments and physical security testing when required Provide post-exercise debriefings and improvement recommendations Documentation & Reporting Create detailed technical reports documenting vulnerabilities, exploitation methods, and remediation steps Develop executive summaries tailored for C-level audiences Maintain accurate project documentation and testing methodologies Contribute to internal knowledge base and best practices documentation Required QualificationsExperience & Background 3-5 years of hands-on experience in vulnerability assessment and penetration testing Proven track record of successful client engagements and project delivery Experience with enterprise-level security assessments across various industries Demonstrated ability to work independently and manage multiple projects simultaneously Technical Expertise Deep understanding of security frameworks and standards : Penetration Testing Execution Standard (PTES) OWASP Top 10 and OWASP Testing Guide SANS Top 25 Most Dangerous Software Errors NIST Cybersecurity Framework CIS Critical Security Controls MITRE ATT&CK Framework Development & Programming Experience Software Development Background : Hands-on experience in application development and an understanding of secure coding practices are highly recommended. Programming and Scripting Languages : Strong proficiency in Python and Bash as minimum requirements, with additional experience in PowerShell, and at least one compiled language (C/C++, Go, Java, or C#) Custom Tool Development : Ability to develop custom security tools, exploits, and automation scripts Security Tools Expertise : Expert-level proficiency with: Burp Suite Professional, OWASP ZAP Nmap, Nessus, OpenVAS Metasploit, Cobalt Strike Wireshark, tcpdump Static analysis tools (SonarQube, Checkmarx, Veracode) Custom exploit development tools Social Engineering & Phishing Expertise Social Engineering Assessments : Design and execute social engineering campaigns to test human-factor security Phishing Simulations : Develop and conduct sophisticated phishing campaigns, including email, SMS, and voice-based attacks Physical Security Testing : Conduct on-site assessments including tailgating, badge cloning, and facility penetration Awareness Training : Provide security awareness training based on assessment findings OSINT (Open Source Intelligence) : Gather and analyze publicly available information for reconnaissance and social engineering preparation Communication & Language Skills Excellent English communication skills (both written and spoken) Ability to communicate complex technical concepts to non-technical stakeholders Strong presentation and public speaking abilities Professional writing skills for technical documentation and reports Professional Attributes Strong analytical and problem-solving abilities Attention to detail and a methodical approach to testing Ability to think like an attacker and anticipate security threats Commitment to ethical hacking principles and professional conduct Continuous learning mindset to stay current with emerging threats and technologies Research-Oriented Mindset : Conduct deep research activities to understand emerging vulnerabilities, attack vectors, and security trends Innovation and Tool Development : Proactive approach to developing custom security tools, scripts, and methodologies to enhance testing capabilities Creative thinking for developing novel attack scenarios and bypassing security controls Preferred QualificationsCertifications (Added Advantage) OSCP - Highly Preferred GPEN CRTO CRT Additional Experience (Added Advantage) Experience with DevSecOps practices and CI/CD pipeline security Background in software development or system administration Knowledge of compliance frameworks (PCI DSS, HIPAA, GDPR, SOC2, ISO 27001) Experience with threat intelligence platforms and indicators of compromise Familiarity with containerization security (Docker, Kubernetes) Previous consulting or client-facing experience What We OfferProfessional Development Continuous learning opportunities and professional development Support for professional certifications and training Mentorship opportunities and knowledge-sharing sessions Work Environment Collaborative and innovative team environment Flexible work arrangements and remote work options Opportunity to work with diverse clients across various industries Exposure to the latest cybersecurity trends and emerging technologies Compensation & Benefits Competitive salary commensurate with experience Performance-based bonuses and incentives Professional development and certification reimbursement Application Process Qualified candidates should submit: Current resume highlighting relevant experience and certifications Cover letter demonstrating communication skills and explaining interest in the role Professional references from previous clients or employers We are an equal-opportunity employer committed to diversity and inclusion in our workforce. Job Type: Full-time Benefits: Flexible schedule Health insurance Paid time off Provident Fund Schedule: Monday to Friday Work Location: In person

Job Description Hands-on experience with testing frameworks in line with Web App, Mobile, Web Services/APIs, Network & blockchain. Experience in both commercial and open source tools like: Burp Professional, Nmap, Kali, Metasploit, etc. Experience with Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. Experience in preparing a security threat model and associated test plans. Experience in translating the complex security threats to simpler procedures for web application developers, systems administrators, and management to understand security testing results. In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) is preferred. Knowledge of current information security threats Primary Skills Web App, Mobile, Web Services/APIs, Network & blockchain. Burp Professional, Nmap, Kali, Metasploit, etc. Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. Security threat model and associated test plans. Java, Scala, C#, Ruby, Perl, Python, PowerShell.

You will be responsible for providing onsite and offsite training programs to clients in the role of Cyber Security Trainer and consultant. Your duties will include pre-requisites in Metasploit, OWASP top ten attacks, Burpsuite, Kali Linux, Acunetix, Nessus, Nmap tools, among others. You will be involved in Vulnerability Assessment, Network Penetration Testing, Internal & External as well as Web App scanning, and Penetration testing using both manual techniques and Automated tools. A good understanding of Threat Intelligence and familiarity with domain tools is essential. Effective communication skills in English will be required for this role. This is a Full-time position suitable for both Freshers and experienced candidates. The work schedule is in the Morning shift. The location is near VR mall, Mohali - 160055, Punjab. Candidates must be able to reliably commute or plan to relocate before starting work. Preferred candidates will have a total work experience of 1 year.,