28 Mimikatz Jobs

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in security architecture at PwC will focus on designing and implementing robust security frameworks to protect organisations from cyber threats. You will develop strategies and solutions to safeguard sensitive data and enable the integrity of systems and networks. Enhancing your leadership style, you motivate, develop and inspire others to deliver quality. You are responsible for coaching, leveraging team member’s unique strengths, and managing performance to deliver on client expectations. With your growing knowledge of how business works, you play an important role in identifying opportunities that contribute to the success of our Firm. You are expected to lead with integrity and authenticity, articulating our purpose and values in a meaningful way. You embrace technology and innovation to enhance your delivery and encourage others to do the same. Skills Examples of the skills, knowledge, and experiences you need to lead and deliver value at this level include but are not limited to: Analyse and identify the linkages and interactions between the component parts of an entire system. Take ownership of projects, ensuring their successful planning, budgeting, execution, and completion. Partner with team leadership to ensure collective ownership of quality, timelines, and deliverables. Develop skills outside your comfort zone, and encourage others to do the same. Effectively mentor others. Use the review of work as an opportunity to deepen the expertise of team members. Address conflicts or issues, engaging in difficult conversations with clients, team members and other stakeholders, escalating where appropriate. Uphold and reinforce professional and technical standards (e.g. refer to specific PwC tax and audit guidance), the Firm's code of conduct, and independence requirements. Basic Qualifications Job Requirements and Preferences : Minimum Degree Required Bachelor Degree Minimum Years Of Experience 4-9 year(s) Preferred Qualifications Preferred Fields of Study : Computer and Information Science, Information CyberSecurity, Information Technology, Management Information Systems, Computer Applications, Computer Engineering Certification(s) Preferred Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Certified as GIAC Web Application Penetration Tester (GWAPT) Preferred Knowledge/Skills Demonstrates extensive abilities and/or a proven record of success in the following areas: Technical concepts such as application security, network segregation, access controls, IDS/IPS devices, physical security, and information security risk management; Security testing tools, such as BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect, or other tools included within the Kali Linux distribution; Networking protocols, TCP/IP stack, systems architecture, and operating systems; Common programming and scripting languages, such as Python, PowerShell, Ruby, Perl, Bash, JavaScript, or VBScript; Well-known Cybersecurity frameworks and industry-leading practices such as OWASP, NIST CSF, PCI DSS, and NY-DFS; and, Traditional security operations, event monitoring, and Security Information and Event Management (SIEM) tools. Demonstrates extensive abilities and/or a proven record of success in the following areas: Performing penetration testing activities within a client’s environment, emphasizing manual stealthy testing techniques; Presenting technical topics at conferences highlighting aspects of adversary attack simulations, technical attack techniques, risk management, custom malware design, or zero day attacks; Leading and executing stealthy penetration testing, advanced red team, or adversary simulation engagements using commercially / freely available offensive security tools and utilities built into operating systems; Understanding Windows and Linux operating system setup, management, and power usage, e.g., cmd, bash, network troubleshooting, virtual machines; Identifying security critical vulnerabilities without utilizing a vulnerability scanning tool, i.e., knowledge of exploitable vulnerabilities and ability to execute stealthy penetration testing engagements; Compromising Active Directory environments and demonstrating business impact by identifying and obtaining access to business critical assets/information; Performing social engineering / phishing activities such as reconnaissance of targets, developing phishing campaigns (e.g., emails and websites), web hosting administrator, developing malicious phishing payloads, or pivoting through phished systems; Performing and supervising various workstreams of client engagements that emphasize identifying and addressing client needs; Participating actively in client discussions and meetings and communicating a broad range of potential add-on services based on identified weaknesses; Managing engagements with junior staff; Preparing concise and accurate documents, leveraging and utilizing MS Office and Google Docs to complete related project deliverables, as necessary; Balancing project economics management with the occurrence of unanticipated issues. Creating a positive environment by monitoring workloads of the team while meeting client expectations and respecting the work-life quality of team members; Proactively seeking guidance, clarification, and feedback; and, Keeping leadership informed of progress and issues. Year Of Experience 9-12 years

Job Title: Lead Assistant Manager - Offensive Security (IC Role) We are looking for a skilled offensive security professional to take a leading role in executing and enhancing our offensive security operations. This is an individual contributor (IC) position, with Lead reflecting the expectation to drive engagements technically and operationally - not people management. The ideal candidate will have 3-5 years of hands-on experience in red teaming, adversary simulation, or penetration testing, with a solid understanding of attacker tradecraft and the ability to execute advanced offensive assessments. You will be responsible for planning, executing, and reporting on offensive engagements that accurately reflect real-world threats, working closely with internal teams to strengthen detection and response capabilities. Key Responsibilities: Lead offensive security engagements end-to-end - from scoping and planning to execution and reporting. Conduct red team and adversary emulation campaigns across infrastructure, applications, and cloud environments. Identify and exploit security gaps using realistic tactics, techniques, and procedures (TTPs) such as privilege escalation, lateral movement, and domain dominance. Participate in Purple Team exercises to enhance defensive detection and response. Maintain and improve offensive methodologies, tools, and playbooks. Deliver high-quality technical reports and concise executive summaries, clearly outlining attack paths, risks, and recommendations. Keep up to date with evolving attack techniques and integrate them into testing activities. Experience: 3-5 years of experience in red teaming, penetration testing, or other offensive security roles. Proven ability to execute and coordinate complex offensive security operations. Hands-on experience with enterprise environments, including Active Directory and cloud platforms. Technical Skills: Strong understanding of Windows and Linux internals, enterprise AD security, and common cloud attack surfaces. Proficiency in offensive techniques: lateral movement, domain escalation, Kerberoasting, delegation abuse, and token manipulation. Experience with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic) and post-exploitation tradecraft. Familiarity with tools such as BloodHound, Mimikatz, Rubeus, Responder, SharpHound, and Burp Suite. Working knowledge of the MITRE ATT&CK framework. Scripting skills in PowerShell, Python, or Bash for automation and PoC development. Communication & Reporting: Strong technical documentation skills, translating offensive findings into clear, actionable reports. Ability to explain technical vulnerabilities and attack paths to both technical teams and leadership. Preferred Qualifications: Experience with Purple Team exercises. Familiarity with threat intelligence-led testing methodologies. Exposure to AppSec testing. Relevant certifications (e.g., OSCP, CRTO, CRTP, OSEP) are a plus.

Job Title: Lead Assistant Manager – Offensive Security (IC Role) We are looking for a skilled offensive security professional to take a leading role in executing and enhancing our offensive security operations. This is an individual contributor (IC) position, with “Lead” reflecting the expectation to drive engagements technically and operationally — not people management. The ideal candidate will have 3–5 years of hands-on experience in red teaming, adversary simulation, or penetration testing, with a solid understanding of attacker tradecraft and the ability to execute advanced offensive assessments. You will be responsible for planning, executing, and reporting on offensive engagements that accurately reflect real-world threats, working closely with internal teams to strengthen detection and response capabilities. Key Responsibilities Lead offensive security engagements end-to-end — from scoping and planning to execution and reporting. Conduct red team and adversary emulation campaigns across infrastructure, applications, and cloud environments. Identify and exploit security gaps using realistic tactics, techniques, and procedures (TTPs) such as privilege escalation, lateral movement, and domain dominance. Participate in Purple Team exercises to enhance defensive detection and response. Maintain and improve offensive methodologies, tools, and playbooks. Deliver high-quality technical reports and concise executive summaries, clearly outlining attack paths, risks, and recommendations. Keep up to date with evolving attack techniques and integrate them into testing activities. Experience 3–5 years of experience in red teaming, penetration testing, or other offensive security roles. Proven ability to execute and coordinate complex offensive security operations. Hands-on experience with enterprise environments, including Active Directory and cloud platforms. Technical Skills Strong understanding of Windows and Linux internals, enterprise AD security, and common cloud attack surfaces. Proficiency in offensive techniques: lateral movement, domain escalation, Kerberoasting, delegation abuse, and token manipulation. Experience with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic) and post-exploitation tradecraft. Familiarity with tools such as BloodHound, Mimikatz, Rubeus, Responder, SharpHound, and Burp Suite. Working knowledge of the MITRE ATT&CK framework. Scripting skills in PowerShell, Python, or Bash for automation and PoC development. Communication & Reporting Strong technical documentation skills, translating offensive findings into clear, actionable reports. Ability to explain technical vulnerabilities and attack paths to both technical teams and leadership. Preferred Qualifications Experience with Purple Team exercises. Familiarity with threat intelligence–led testing methodologies. Exposure to AppSec testing. Relevant certifications (e.g., OSCP, CRTO, CRTP, OSEP) are a plus.

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe. The Cyber Penetration Testing (CPT2) team focuses on delivering threat actor simulation services, device or application assessments, and penetration tests. You will help clients understand the tangible risks they face from a variety of threat actors and what they target to include different postures, scenarios, or targeted assets. Working as a member of CPT2 also provides the opportunity to directly help clients enhance or tune their preventative, and detective controls on a proactive basis. Our team focuses on assessment and recommendation services that blend deep technical manual tradecraft with targeted automation to simulate real threats to a client’s environments. As a part of this center of excellence, you will drive change at PwC’s clients by providing risk outside of the theoretical while contributing to the technical acumen of the practice and amplifying your own personal capabilities. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. Responsibilities As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to: Use feedback and reflection to develop self awareness, personal strengths and address development areas. Delegate to others to provide stretch opportunities and coach to help deliver results. Develop new ideas and propose innovative solutions to problems. Use a broad range of tools and techniques to extract insights from from current trends in business area. Review your work and that of others for quality, accuracy and relevance. Share relevant thought leadership. Use straightforward communication, in a structured way, when influencing others. Able to read situations and modify behavior to build quality, diverse relationships. Uphold the firm's code of ethics and business conduct. Job Description –Senior Associate, Cybersecurity (Penetration Testing) Role: Penetration Testing –Senior Associate Years of Experience : 4 to 8 years Minimum Degree Required: Bachelor’s or master’s degree in Computer Science/Communications or related field from reputed Indian universities Certification(s) Preferred: Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), Certified as GIAC Web Application Penetration Tester (GWAPT). Required Experience 4-8 years of industry experience in Web and Mobile Application security assessment Familiarity with application security guidelines/requirements from OWASP, OSSTMM, NIST CSF Experience in security assessment activities within a client’s environment, emphasizing manual stealthy testing techniques using commercially / freely available offensive security tools and utilities built into operating systems Hands on experience on security testing tools, such as Burp Suite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, Web Inspect or other tools included within the Kali Linux distribution Should have common programming and scripting skills such as Python, PowerShell, Ruby, Perl, Bash, JavaScript, or VBScript Must have in-depth knowledge of modern web and mobile applications Good knowledge of security fundamentals, Networking protocols, TCP/IP stack, systems architecture, and operating systems Good understanding of cloud technologies and its security best practices Additional Qualifications Good to have experience in presenting at national and international security conferences/events Required Communication, Presentations And General Skills Excellent communication skills and executive presence that enable effective engagement with senior stakeholders Excellent written skills, ability to interpret a security scenario & document a summary Participating actively in client discussions and meetings and communicating a broad range of potential add-on services based on identified weaknesses Demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative Communicating in an organized and knowledgeable manner in written and verbal formats including delivering clear requests for information and communicating potential conflicts Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities Develop/Implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artifacts Professional and Educational Background Bachelor's Degree Preferred.

As a Detection and Response Analyst at Rapid7's Managed Detection and Response (MDR) team, you will play a crucial role in investigating and addressing high-priority security events across a variety of customer environments using Rapid7's advanced tools and threat intelligence. Your responsibilities will revolve around investigating malicious activities, ranging from account compromises to zero-day exploits, on different platforms like workstations, servers, and cloud environments. You will be expected to document your investigations using the MITRE ATT&CK Framework, including conducting forensic, malware, and root-cause analyses. Collaboration is key in this role, as you will closely work with Customer Advisors to discuss findings and recommendations. Additionally, sharing threat intelligence and best practices with fellow analysts is essential. Your feedback on improving detection capabilities will be valuable to the Threat Intelligence and Detection Engineering team. To excel in this position, you should possess a strong grasp of Windows, MacOS/Darwin, and Linux operating systems. A fundamental understanding of threat actor tactics such as lateral movement, privilege escalation, and persistence is crucial. Practical experience with CTF/HTB challenges, penetration testing tools like Mimikatz and Metasploit, as well as hands-on expertise in forensic artifact and malware sample analysis are highly desirable. Rapid7 is committed to building a secure digital environment and offers a dynamic and collaborative workplace where you can advance your career, challenge cybersecurity norms, and contribute to safeguarding over 10,000 global customers from emerging threats. If you are passionate about continuous learning, possess excellent collaboration skills, and approach problem-solving with a customer-centric mindset, this role at Rapid7 is the perfect opportunity for you.,

Position Overview We are seeking an experienced Penetration Tester with a strong background in cloud and enterprise environments to join our security team. The ideal candidate will have deep expertise in testing Microsoft Azure environments, virtual machines, Windows infrastructure, and network security controls. This role will be responsible for identifying vulnerabilities, simulating real-world attacks, and providing actionable remediation guidance to strengthen our security posture. Key Responsibilities Azure Penetration Testing Perform comprehensive penetration testing on Azure resources, including virtual machines, storage accounts, networking, and identity services. Assess Azure Active Directory configurations, RBAC roles, and conditional access policies for security gaps. Test Azure-based web applications, APIs, and serverless functions for vulnerabilities. Windows & Virtual Infrastructure Testing Conduct internal and external penetration tests on Windows servers, endpoints, and Active Directory environments. Identify privilege escalation paths, lateral movement opportunities, and misconfigurations. Test patch management, Group Policy Objects (GPOs), and endpoint security configurations. Network & Perimeter Security Perform firewall, VPN, and network segmentation testing. Simulate phishing, credential harvesting, and brute-force attacks to test detection and response. Vulnerability Analysis & Reporting Use commercial and open-source tools to identify and exploit vulnerabilities. Document findings with detailed technical reports and executive summaries. Work with DevOps, Cloud, and Infrastructure teams to validate fixes and retest remediated vulnerabilities. Compliance & Best Practices Ensure testing aligns with industry frameworks (e.g., MITRE ATT&CK, OWASP, NIST, CIS Benchmarks). Support compliance efforts for standards such as ISO 27001, SOC 2, HIPAA, and PCI-DSS. Required Qualifications 3+ years of experience in penetration testing or offensive security roles. Strong hands-on experience with Microsoft Azure security testing, including Azure AD, Azure Security Center, and cloud networking. Expertise in Windows security , including Active Directory attacks and defenses. Proficiency with tools such as Burp Suite, Nmap, Metasploit, BloodHound, Mimikatz, and PowerShell. Experience with scripting languages (PowerShell, Python, Bash) for automation and exploitation. Strong understanding of network protocols, cloud architectures, and security hardening techniques. Familiarity with MITRE ATT&CK and OWASP Top 10 . Relevant certifications such as OSCP, OSWA, AZ-500, CEH, GPEN, or CRTP. Preferred Qualifications Experience testing hybrid cloud/on-premise environments. Knowledge of container and Kubernetes security in Azure Kubernetes Service (AKS). Familiarity with SIEM and endpoint detection tools for red/blue team collaboration. Prior experience in regulated industries (healthcare, finance, government). Soft Skills Strong communication skills for both technical and executive audiences. Ability to work independently and as part of a cross-functional team. Detail-oriented with strong documentation and reporting skills. Creative thinking and problem-solving in security testing scenarios. Job Type: Full-time

Detection and Response Analyst - Rapid7 MDR Rapid7 is seeking passionate Detection and Response Analysts to join our Managed Detection and Response (MDR) team. In this role, you'll utilize Rapid7's advanced tools and threat intelligence to investigate and triage high-priority security events across diverse customer environments. About the Role As a core member of our 24/7/365 Security Operations Center (SOC), you will: Investigate Malicious Activity: Conduct in-depth investigations into various threats, from account compromises to complex zero-day exploits, on workstations, servers, and in the cloud. Generate Incident Reports: Document investigations using the MITRE ATT&CK Framework , including forensic, malware, and root-cause analysis. Collaborate and Communicate: Work closely with Customer Advisors on findings and recommendations, and with fellow analysts to share threat intelligence and best practices. Enhance Detections: Provide continuous feedback to our Threat Intelligence and Detection Engineering team to improve detection capabilities. What You'll Bring We're looking for individuals with: Strong understanding of Windows, MacOS/Darwin, and Linux operating systems . Fundamental knowledge of threat actor tactics (e.g., lateral movement, privilege escalation, persistence). Practical experience with CTF/HTB challenges and penetration testing tools (e.g., Mimikatz, Metasploit). Hands-on experience with forensic artifact and/or malware sample analysis . A passion for continuous learning, strong collaboration skills, and a customer-centric approach. Why Rapid7? Rapid7 is dedicated to creating a secure digital world. We foster a dynamic and collaborative environment where you can grow your career, push cybersecurity boundaries, and help protect our 10,000+ global customers from emerging threats.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Specialist Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory Skill Sets Bachelor’s degree (minimum requirement). 2-8 years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred Skill Sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years Of Experience Required 2-12 + years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Specialist Job Description & Summary A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As an L3 Analyst/SOC Manager, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: · Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. · Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. · Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. · Follow up on cybersecurity incident tickets until closure. · Guide L1 and L2 analysts in analyzing events and response activities. · Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. · Review and provide suggestions for information security policies and best practices in client environments. · Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. · Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. · Update and review documents, playbooks, and standard operational procedures. · Validate and update client systems and IT infrastructure documentation. · Share knowledge on current security threats, attack patterns, and tools with team members. · Create and review new use cases based on evolving attack trends. · Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. · Develop and maintain threat detection rules, parsers, and use cases. · Understand security analytics and flows across SaaS applications and cloud computing tools. · Validate use cases through selective testing and logic examination. · Maintain continuous improvement processes and build/groom teams over time. · Develop thought leadership within the SOC. Mandatory skill sets: · Bachelor’s degree (minimum requirement). · 2-8 years of experience in SOC operations. · Experience analyzing malicious traffic and building detections. · Experience in application security, network security, and systems security. · Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). · Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). · Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). · Experience with traditional security operations, event monitoring, and SIEM tools. · Knowledge of MITRE or similar frameworks and procedures used by adversaries. · Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: · Strong communication skills, both written and oral. · Experience with SMB and large enterprise clients. · Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). · Strong expertise in multiple SIEM tools and other SOC environment devices. · Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. · Understanding of raw log formats of various security devices. · Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). · Relevant certifications (CEH, CISA, CISM, etc.). · Strong work ethic and time management skills. · Coachability and dedication to consistent improvement. · Ability to mentor and encourage junior teammates. · Knowledge of regex and parser creation. · Ability to deploy SIEM solutions in customer environments. Years of experience required: 2-12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills SoCs Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Azure Data Factory, Communication, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Intellectual Curiosity, Managed Services, Optimism, Privacy Compliance, Regulatory Response, Security Architecture, Security Compliance Management, Security Control, Security Incident Management, Security Monitoring {+ 3 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

As a Detection and Response Analyst at Rapid7's Managed Detection and Response (MDR) team, you will have the opportunity to leverage Rapid7's advanced tools and threat intelligence to investigate and triage high-priority security events in diverse customer environments. In this role, you will be a vital member of the 24/7/365 Security Operations Center (SOC). Your responsibilities will include conducting thorough investigations on various threats such as account compromises and zero-day exploits across workstations, servers, and cloud platforms. You will document your findings using the MITRE ATT&CK Framework, encompassing forensic, malware, and root-cause analysis. Collaboration and communication are key aspects of this role, as you will closely work with Customer Advisors to provide insights and recommendations, and collaborate with fellow analysts to share threat intelligence and best practices. Additionally, you will contribute to enhancing detection capabilities by providing feedback to the Threat Intelligence and Detection Engineering team. The ideal candidate for this position should possess a strong understanding of Windows, MacOS/Darwin, and Linux operating systems. Knowledge of threat actor tactics such as lateral movement, privilege escalation, and persistence is essential. Practical experience with CTF/HTB challenges and penetration testing tools like Mimikatz and Metasploit is highly valued. Hands-on experience with forensic artifact and malware sample analysis is also desired. A passion for continuous learning, effective collaboration skills, and a customer-centric approach are qualities that we are looking for in potential candidates. Rapid7 is committed to building a secure digital world and offers a dynamic and collaborative work environment. Joining Rapid7 means being part of a team that encourages career growth, pushes the boundaries of cybersecurity, and works towards protecting over 10,000 global customers from evolving threats.,

Detection and Response Analyst - Rapid7 MDR Rapid7 is seeking passionate Detection and Response Analysts to join our Managed Detection and Response (MDR) team. In this role, you'll utilize Rapid7's advanced tools and threat intelligence to investigate and triage high-priority security events across diverse customer environments. About the Role As a core member of our 24/7/365 Security Operations Center (SOC), you will: Investigate Malicious Activity: Conduct in-depth investigations into various threats, from account compromises to complex zero-day exploits, on workstations, servers, and in the cloud. Generate Incident Reports: Document investigations using the MITRE ATT&CK Framework , including forensic, malware, and root-cause analysis. Collaborate and Communicate: Work closely with Customer Advisors on findings and recommendations, and with fellow analysts to share threat intelligence and best practices. Enhance Detections: Provide continuous feedback to our Threat Intelligence and Detection Engineering team to improve detection capabilities. What You'll Bring We're looking for individuals with: Strong understanding of Windows, MacOS/Darwin, and Linux operating systems . Fundamental knowledge of threat actor tactics (e.g., lateral movement, privilege escalation, persistence). Practical experience with CTF/HTB challenges and penetration testing tools (e.g., Mimikatz, Metasploit). Hands-on experience with forensic artifact and/or malware sample analysis . A passion for continuous learning, strong collaboration skills, and a customer-centric approach. Why Rapid7? Rapid7 is dedicated to creating a secure digital world. We foster a dynamic and collaborative environment where you can grow your career, push cybersecurity boundaries, and help protect our 10,000+ global customers from emerging threats.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Director Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As a Director, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory skill sets: Bachelor’s degree (minimum requirement). 12+years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years of experience required: 12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Accenture Managed Detection and Response (MDR) Ops Security Engineering Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Innovation, Intellectual Curiosity, Learning Agility, Managed Services, Optimism {+ 20 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date

Manager EXL/M/1426791 Global TechnologyNoida Posted On 22 Jul 2025 End Date 05 Sep 2025 Required Experience 5 - 7 Years Basic Section Number Of Positions 1 Band C1 Band Name Manager Cost Code G070401 Campus/Non Campus NON CAMPUS Employment Type Permanent Requisition Type New Max CTC 1800000.0000 - 2400000.0000 Complexity Level Not Applicable Work Type Hybrid – Working Partly From Home And Partly From Office Organisational Group Enabling Sub Group Global Technology Organization Global Technology LOB Global Technology SBU Global Technology Country India City Noida Center Noida - Centre 59 Skills Skill OTHER Minimum Qualification B.TECH/B.E Certification No data available Job Description Job Title: Manager – Offensive Security (IC Role / Operational Lead) We’re seeking a highly skilled offensive security specialist to lead and drive offensive security operations within our cybersecurity program. While this is an individual contributor (IC) position, the title “Manager” reflects the role’s strategic and operational leadership — not people management. The ideal candidate will have 5–7 years of hands-on experience in red teaming, adversary simulation, or penetration testing, with a strong grasp of attack techniques and the ability to plan, coordinate, and execute advanced offensive assessments. You will be responsible for shaping offensive engagements, guiding technical direction, collaborating with internal teams, and ensuring that offensive operations align with real-world threats and business risk. If you're a technically strong operator who can lead from the front , connect offensive insights to organizational impact, and drive continuous improvement in testing capabilities, this role is for you. Key Responsibilities: Lead offensive security operations end-to-end — from scoping and planning to execution and reporting. Design, coordinate, and execute advanced attack simulations aligned to the MITRE ATT&CK framework. Develop and lead Red Team and adversary emulation campaigns across infrastructure, applications, and cloud environments. Identify and exploit security gaps using real-world TTPs including privilege escalation, lateral movement, and domain dominance. Collaborate closely with defensive teams during Purple Team exercises to enhance detection and response capabilities. Own and improve Red Team methodologies, tools, playbooks, and workflows. Deliver high-quality technical reports and executive-level summaries with clear articulation of attack paths, risks, and mitigations. Stay ahead of the curve on evolving attacker techniques and incorporate them into offensive strategy. Mentor junior red teamers and act as the primary technical escalation point for offensive assessments. Represent offensive operations in internal security reviews and technical steering meetings. Experience: 5–7 years of hands-on experience in Red Teaming, Penetration Testing, or Offensive Security roles. Proven experience in leading complex offensive assessments across enterprise environments. Experience in managing offensive operations, engagement lifecycle, and cross-team coordination. Technical Skills: Deep understanding of Windows and Linux internals, enterprise AD security, and cloud attack surfaces. Proficient in lateral movement techniques, domain escalation, Kerberoasting, delegation abuse, and token manipulation. Comfortable with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic) and OPSEC-aware post-exploitation. Hands-on experience with tools like BloodHound, Mimikatz, Rubeus, Responder, SharpHound, Burp Suite, etc. Strong familiarity with the MITRE ATT&CK framework and applying it operationally. Scripting experience in PowerShell, Python, or Bash for PoCs, tooling, or automation. Communication & Reporting: Strong technical documentation and reporting skills — ability to translate offensive findings into structured, actionable reports. Ability to confidently present findings, attack paths, and risk narratives to both technical and leadership stakeholders. Skilled in articulating the business impact of technical vulnerabilities and threat scenarios. Preferred Qualifications: Experience leading Purple Team engagements and cross-functional security exercises. Exposure to threat intelligence-led Red Teaming methodologies (e.g., TIBER-EU, CBEST). Familiarity with Application Security (AppSec) testing methodologies. Exposure to AI/ML Red Teaming or adversarial testing of AI models and pipelines. Understanding of EDR/AV evasion, payload delivery, and defense bypass strategies. Experience in building offensive tools or attack automation frameworks. Relevant certifications: OSCP, CRTO, CRTP, OSEP , or equivalent. Workflow Workflow Type L&S-DA-Consulting

Job Title: Manager - Offensive Security (IC Role / Operational Lead) We're seeking a highly skilled offensive security specialist to lead and drive offensive security operations within our cybersecurity program. While this is an individual contributor (IC) position, the title Manager reflects the role's strategic and operational leadership - not people management. The ideal candidate will have 5-7 years of hands-on experience in red teaming, adversary simulation, or penetration testing, with a strong grasp of attack techniques and the ability to plan, coordinate, and execute advanced offensive assessments. You will be responsible for shaping offensive engagements, guiding technical direction, collaborating with internal teams, and ensuring that offensive operations align with real-world threats and business risk. If you're a technically strong operator who can lead from the front , connect offensive insights to organizational impact, and drive continuous improvement in testing capabilities, this role is for you. Key Responsibilities: Lead offensive security operations end-to-end - from scoping and planning to execution and reporting. Design, coordinate, and execute advanced attack simulations aligned to the MITRE ATT&CK framework. Develop and lead Red Team and adversary emulation campaigns across infrastructure, applications, and cloud environments. Identify and exploit security gaps using real-world TTPs including privilege escalation, lateral movement, and domain dominance. Collaborate closely with defensive teams during Purple Team exercises to enhance detection and response capabilities. Own and improve Red Team methodologies, tools, playbooks, and workflows. Deliver high-quality technical reports and executive-level summaries with clear articulation of attack paths, risks, and mitigations. Stay ahead of the curve on evolving attacker techniques and incorporate them into offensive strategy. Mentor junior red teamers and act as the primary technical escalation point for offensive assessments. Represent offensive operations in internal security reviews and technical steering meetings. Experience: 5-7 years of hands-on experience in Red Teaming, Penetration Testing, or Offensive Security roles. Proven experience in leading complex offensive assessments across enterprise environments. Experience in managing offensive operations, engagement lifecycle, and cross-team coordination. Technical Skills: Deep understanding of Windows and Linux internals, enterprise AD security, and cloud attack surfaces. Proficient in lateral movement techniques, domain escalation, Kerberoasting, delegation abuse, and token manipulation. Comfortable with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic) and OPSEC-aware post-exploitation. Hands-on experience with tools like BloodHound, Mimikatz, Rubeus, Responder, SharpHound, Burp Suite, etc. Strong familiarity with the MITRE ATT&CK framework and applying it operationally. Scripting experience in PowerShell, Python, or Bash for PoCs, tooling, or automation. Communication & Reporting: Strong technical documentation and reporting skills - ability to translate offensive findings into structured, actionable reports. Ability to confidently present findings, attack paths, and risk narratives to both technical and leadership stakeholders. Skilled in articulating the business impact of technical vulnerabilities and threat scenarios. Preferred Qualifications: Experience leading Purple Team engagements and cross-functional security exercises. Exposure to threat intelligence-led Red Teaming methodologies (e.g., TIBER-EU, CBEST). Familiarity with Application Security (AppSec) testing methodologies. Exposure to AI/ML Red Teaming or adversarial testing of AI models and pipelines. Understanding of EDR/AV evasion, payload delivery, and defense bypass strategies. Experience in building offensive tools or attack automation frameworks. Relevant certifications: OSCP, CRTO, CRTP, OSEP , or equivalent.

Job Title: Manager – Offensive Security (IC Role / Operational Lead) We’re seeking a highly skilled offensive security specialist to lead and drive offensive security operations within our cybersecurity program. While this is an individual contributor (IC) position, the title “Manager” reflects the role’s strategic and operational leadership — not people management. The ideal candidate will have 5–7 years of hands-on experience in red teaming, adversary simulation, or penetration testing, with a strong grasp of attack techniques and the ability to plan, coordinate, and execute advanced offensive assessments. You will be responsible for shaping offensive engagements, guiding technical direction, collaborating with internal teams, and ensuring that offensive operations align with real-world threats and business risk. If you're a technically strong operator who can lead from the front , connect offensive insights to organizational impact, and drive continuous improvement in testing capabilities, this role is for you. Key Responsibilities Lead offensive security operations end-to-end — from scoping and planning to execution and reporting. Design, coordinate, and execute advanced attack simulations aligned to the MITRE ATT&CK framework. Develop and lead Red Team and adversary emulation campaigns across infrastructure, applications, and cloud environments. Identify and exploit security gaps using real-world TTPs including privilege escalation, lateral movement, and domain dominance. Collaborate closely with defensive teams during Purple Team exercises to enhance detection and response capabilities. Own and improve Red Team methodologies, tools, playbooks, and workflows. Deliver high-quality technical reports and executive-level summaries with clear articulation of attack paths, risks, and mitigations. Stay ahead of the curve on evolving attacker techniques and incorporate them into offensive strategy. Mentor junior red teamers and act as the primary technical escalation point for offensive assessments. Represent offensive operations in internal security reviews and technical steering meetings. Experience 5–7 years of hands-on experience in Red Teaming, Penetration Testing, or Offensive Security roles. Proven experience in leading complex offensive assessments across enterprise environments. Experience in managing offensive operations, engagement lifecycle, and cross-team coordination. Technical Skills Deep understanding of Windows and Linux internals, enterprise AD security, and cloud attack surfaces. Proficient in lateral movement techniques, domain escalation, Kerberoasting, delegation abuse, and token manipulation. Comfortable with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic) and OPSEC-aware post-exploitation. Hands-on experience with tools like BloodHound, Mimikatz, Rubeus, Responder, SharpHound, Burp Suite, etc. Strong familiarity with the MITRE ATT&CK framework and applying it operationally. Scripting experience in PowerShell, Python, or Bash for PoCs, tooling, or automation. Communication & Reporting Strong technical documentation and reporting skills — ability to translate offensive findings into structured, actionable reports. Ability to confidently present findings, attack paths, and risk narratives to both technical and leadership stakeholders. Skilled in articulating the business impact of technical vulnerabilities and threat scenarios. Preferred Qualifications Experience leading Purple Team engagements and cross-functional security exercises. Exposure to threat intelligence-led Red Teaming methodologies (e.g., TIBER-EU, CBEST). Familiarity with Application Security (AppSec) testing methodologies. Exposure to AI/ML Red Teaming or adversarial testing of AI models and pipelines. Understanding of EDR/AV evasion, payload delivery, and defense bypass strategies. Experience in building offensive tools or attack automation frameworks. Relevant certifications: OSCP, CRTO, CRTP, OSEP, or equivalent.

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe. The Cyber Penetration Testing (CPT2) team focuses on delivering threat actor simulation services, device or application assessments, and penetration tests. You will help clients understand the tangible risks they face from a variety of threat actors and what they target to include different postures, scenarios, or targeted assets. Working as a member of CPT2 also provides the opportunity to directly help clients enhance or tune their preventative, and detective controls on a proactive basis. Our team focuses on assessment and recommendation services that blend deep technical manual tradecraft with targeted automation to simulate real threats to a client’s environments. As a part of this center of excellence, you will drive change at PwC’s clients by providing risk outside of the theoretical while contributing to the technical acumen of the practice and amplifying your own personal capabilities. To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future. As a Senior Associate, You'll Work As Part Of a Team Of Problem Solvers, Helping To Solve Complex Business Issues From Strategy To Execution. PwC Professional Skills And Responsibilities For This Management Level Include But Are Not Limited To: Use feedback and reflection to develop self awareness, personal strengths and address development areas. Delegate to others to provide stretch opportunities and coach to help deliver results. Develop new ideas and propose innovative solutions to problems. Use a broad range of tools and techniques to extract insights from from current trends in business area. Review your work and that of others for quality, accuracy and relevance. Share relevant thought leadership. Use straightforward communication, in a structured way, when influencing others. Able to read situations and modify behavior to build quality, diverse relationships. Uphold the firm's code of ethics and business conduct. As a Technical Writer, You Will Work As Part Of a Team, Helping To Producing High-quality Documentation For Threat Actor Simulation Services, Device And Application Assessments, And Penetration Test Results. PwC Professional Skills And Responsibilities For This Management Level Include But Are Not Limited To: Work closely with business team to gather information and understand documentation requirements; Create, edit, and maintain documentation for penetration testing reports, procedures, guidelines, and standards. Explain complex technical concepts clearly and concisely; Write clear, concise, and user-friendly content tailored to various audiences, including technical and non-technical stakeholders; Stay updated on the latest cybersecurity trends and technologies to ensure documentation reflects current practices and solutions; Analyze existing content to recommend and implement improvements; Ensure documentation meets industry standards, regulatory requirements, and organizational compliance needs; Identify opportunities to improve documentation processes and tools; Manage a variety of viewpoints to build consensus and create positive outcomes for all parties; Focus on building trusted relationships; and, Uphold the firm's code of ethics and business conduct. Basic Qualifications : Job Requirements and Preferences : Minimum Degree Required : bachelor’s degree Minimum Years Of Experience : 4-9 year(s) Preferred Qualifications : Preferred Fields of Study : Computer and Information Science, Information Security, Information Technology, Management Information Systems, Computer Applications, Computer Engineering Certification(s) Preferred : Certification in Technical Writing Preferred Knowledge/Skills : Demonstrates extensive abilities and/or a proven record of success in the following areas: Familiarity with technical concepts such as application security, network segregation, access controls, IDS/IPS devices, physical security, and information security risk management; Familiarity with security testing tools, such as BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Responder, Nmap, or other tools included within the Kali Linux distribution; Knowledge of networking protocols, TCP/IP stack, systems architecture, and operating systems; Familiarity with well-known Cybersecurity frameworks and industry-leading practices such as OWASP, NIST CSF, PCI DSS, and NY-DFS; and, Demonstrates extensive abilities and/or a proven record of success in the following areas: Experience in writing about cybersecurity articles, reports, tools, protocols, and best practices; Experience in translating technical jargon into clear, concise, and accessible language for various audiences; Experience in developing and maintaining a library of technical documentation that meets organizational standards; Experience in collaborating with cybersecurity professionals to gather information and clarify technical details; Proven skills in analyzing and synthesizing information from multiple sources to produce comprehensive and accurate documentation; Ability to manage multiple documentation requirements effectively, ensuring timely delivery and adherence to deadlines; Ability to ensure accuracy and consistency in all documentation, minimizing errors and omissions to meet quality standards; Adapting writing styles and content formats to suit different platforms and audience needs; Ability to leverage graphic design and visualization tools to enhance documentation clarity and user engagement; Proactively seeking feedback. Guidance, clarification and making iterative improvements to documentation processes and outputs; and, Keeping leadership informed of progress and issues. Professional and Educational Background Bachelor's Degree Preferred.

Job Purpose Provides hands-on technical and security support across enterprise environments, including performing manual security testing, assisting with vulnerability identification and remediation, and supporting threat response activities. Contributes to cloud security posture monitoring, participates in responsible disclosure and bug bounty processes, and supports ongoing compliance initiatives. Aids in the investigation and response to security incidents, monitors threat intelligence sources, and helps implement security controls across systems, applications, and Office365 environments. Also assists with maintaining documentation and gathering evidence for audits related to SOC 2 Type 2, PCI-DSS, and ISO 27001 frameworks. Supports sales and client teams by contributing to responses for security audits, risk assessments, and customer security questionnaires. Job Responsibilities Essential Functions: Responsibilities This position operates under limited supervision with a high degree of independence in day-to-day security tasks. The Security Engineer supports enterprise security operations, infrastructure protection, and compliance efforts. Key responsibilities include: Perform manual security testing and assist with 2nd and 3rd level investigation and resolution of security-related support tickets. Participate in vulnerability management processes, including scanning, tracking, reporting, and remediation assistance. Monitor and support cloud security posture across environments (e.g., AWS, Azure), contributing to secure configuration and alerting. Support Office365 security administration and monitoring efforts Assist in monitoring threat intelligence feeds and help correlate findings with internal environments to identify potential risks. Respond to and support the triage and resolution of security incidents in coordination with internal teams and vendors to minimize business impact. Contribute to the intake and triage process for responsible disclosure reports and bug bounty submissions. Provide security support for customer audits and sales enablement activities by helping to complete security questionnaires and assessments. Assist with maintaining and collecting evidence for compliance frameworks such as SOC 2 Type 2, PCI-DSS, and ISO 27001. Help train and support internal teams in secure configurations and processes. Work with internal infrastructure, development, and compliance teams to implement and maintain security standards and controls. Research, test, and provide input on new security tools, products, and practices. Maintain accurate records of work performed, including documentation and ticketing of changes and issues. Non-Essential Functions May be required to participate in an on-call rotation outside of normal business hours to support security incident response or high-priority investigations. May assist with ad-hoc security-related tasks or projects outside of core responsibilities Requirements Required Education and Experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent technical experience Minimum 3+ years of experience in information security, cybersecurity, or in a security engineering role Hands-on experience with manual security testing and vulnerability management practices Working knowledge of private and public cloud environments and cloud security posture management (e.g., AWS, Azure, or GCP) Familiarity with security compliance frameworks (SOC 2 Type 2, PCI-DSS, ISO 27001) Experience with MS Azure security and Office365 security tools (e.g., Microsoft Defender, Purview, Security & Compliance Center) Understanding of incident response processes and tools Exposure to responsible disclosure or bug bounty program workflows Ability to document technical findings and produce support materials for audit and remediation purposes Minimum 2+ years of experience with Penetration Testing tools such as Nmap, Burp Suite, OWASP ZAP, Nikito, SQLmap, Postman, MetaSploit, Mimikatz, Bloodhound, Maltego and others Preferred Education And Experience Bachelor’s degree or equivalent experience. Related certifications Expected Competencies Strong verbal and written communication skills Must be able to prioritize and take initiative Demonstrate excellent service skills Strong English communication skills, both written and verbal Work Schedule Monday through Friday from 12 PM to 9 PM IST. This will provide healthy overlap between India team and US team and supporting both to ensure adequate collaboration. This role will be working in Hybrid Mode and will require at least 2 days’ work from office at Hyderabad or Gurugram Travel This position may require up to 10% travel. Travel may be outside the local area and overnight EEO Statement Cendyn provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Cendyn complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Cendyn expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Cendyn’s employees to perform their job duties may result in discipline up to and including discharge. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Detection and Response Analyst - MDR We are looking for SOC Analysts with a passion for cybersecurity to join us. As a Detection and Response Analyst you will work with Rapid7’s advanced tools to investigate and triage high priority security events. About The Team Rapid7’s Managed Detection and Response (MDR) team is built from the ground up to bring motivated and passionate security talent face to face with emerging threats, practical challenges, and evil at scale. Our MDR service uses an impact-driven mindset to focus efforts on effective solutions, encouraging personal and technical innovation within the SOC. MDR provides 24/7/365 monitoring, threat hunting, incident response, and more with a focus on endpoint detection and behavioral intelligence. About The Role As a Detection and Response Analyst in Rapid7’s SOC, you will be responsible for identifying and analyzing malicious activity in a multitude of customer environments. You will be enabled to complete investigation scaling in complexity from simple account compromises and commodity malware infections, to complex web server compromises and zero-day vulnerability exploitation. Your Customer Advisor colleagues will be responsible for direct communication with the customers, enabling you to dedicate your efforts to analysis. Your fellow analyst colleagues will be available to answer questions, provide guidance, and assist you in investigations if you need help. In This Role, You Will Utilize Rapid7’s world-class software and threat intelligence to identify potential compromises in customer environments. Conduct investigations into a variety of malicious activity on workstations, servers, and in the cloud. Write an Incident Report for each investigation you complete, which follows MITRE’s ATT&CK Framework and includes your own forensic, malware, and root-cause analysis. Communicate with Customer Advisors regarding investigation findings, Requests For Information from clients, and remediation and mitigation recommendations. Communicate with other analysts to share new intelligence regarding tactics, techniques, and trends utilized by threat actors. Provide continuous input to Rapid7’s Threat Intelligence and Detection Engineering team regarding new detection opportunities. The Skills You’ll Bring Include Understanding of core operating system concepts in Windows, MacOS/Darwin, and Linux. This includes at least a basic understanding of common internal system tools and directory structures. A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration. Practical experience gained through CTF and HTB challenges, as well as personal or professional usage of common penetration testing tools such as Mimikatz, Metasploit modules, BloodHound, etc. Experience with hands-on analysis of forensic artifacts and/or malware samples. Passion for continuous learning and growth in the cybersecurity world. Effective collaboration within the SOC and between departments. Dedication to putting each customer’s needs and concerns at the forefront of all decision making. We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today. About Rapid7 At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact. Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 10,000 global customers ahead of whatever’s next. Join us and bring your unique experiences and perspectives to tackle some of the world’s biggest security challenges. Show more Show less

Detection and Response Analyst - MDR We are looking for SOC Analysts with a passion for cybersecurity to join us. As a Detection and Response Analyst you will work with Rapid7’s advanced tools to investigate and triage high priority security events. About the Team Rapid7’s Managed Detection and Response (MDR) team is built from the ground up to bring motivated and passionate security talent face to face with emerging threats, practical challenges, and evil at scale. Our MDR service uses an impact-driven mindset to focus efforts on effective solutions, encouraging personal and technical innovation within the SOC. MDR provides 24/7/365 monitoring, threat hunting, incident response, and more with a focus on endpoint detection and behavioral intelligence. About the Role As a Detection and Response Analyst in Rapid7’s SOC, you will be responsible for identifying and analyzing malicious activity in a multitude of customer environments. You will be enabled to complete investigation scaling in complexity from simple account compromises and commodity malware infections, to complex web server compromises and zero-day vulnerability exploitation. Your Customer Advisor colleagues will be responsible for direct communication with the customers, enabling you to dedicate your efforts to analysis. Your fellow analyst colleagues will be available to answer questions, provide guidance, and assist you in investigations if you need help. In this role, you will: Utilize Rapid7’s world-class software and threat intelligence to identify potential compromises in customer environments. Conduct investigations into a variety of malicious activity on workstations, servers, and in the cloud. Write an Incident Report for each investigation you complete, which follows MITRE’s ATT&CK Framework and includes your own forensic, malware, and root-cause analysis. Communicate with Customer Advisors regarding investigation findings, Requests For Information from clients, and remediation and mitigation recommendations. Communicate with other analysts to share new intelligence regarding tactics, techniques, and trends utilized by threat actors. Provide continuous input to Rapid7’s Threat Intelligence and Detection Engineering team regarding new detection opportunities. The skills you’ll bring include: Understanding of core operating system concepts in Windows, MacOS/Darwin, and Linux. This includes at least a basic understanding of common internal system tools and directory structures. A fundamental understanding of how threat actors utilize tactics such as lateral movement, privilege escalation, defense evasion, persistence, command and control, and exfiltration. Practical experience gained through CTF and HTB challenges, as well as personal or professional usage of common penetration testing tools such as Mimikatz, Metasploit modules, BloodHound, etc. Experience with hands-on analysis of forensic artifacts and/or malware samples. Passion for continuous learning and growth in the cybersecurity world. Effective collaboration within the SOC and between departments. Dedication to putting each customer’s needs and concerns at the forefront of all decision making. We know that the best ideas and solutions come from multi-dimensional teams. That’s because these teams reflect a variety of backgrounds and professional experiences. If you are excited about this role and feel your experience can make an impact, please don’t be shy - apply today. About Rapid7 At Rapid7, we are on a mission to create a secure digital world for our customers, our industry, and our communities. We do this by embracing tenacity, passion, and collaboration to challenge what’s possible and drive extraordinary impact. Here, we’re building a dynamic workplace where everyone can have the career experience of a lifetime. We challenge ourselves to grow to our full potential. We learn from our missteps and celebrate our victories. We come to work every day to push boundaries in cybersecurity and keep our 10,000 global customers ahead of whatever’s next. Join us and bring your unique experiences and perspectives to tackle some of the world’s biggest security challenges.

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Director Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As a Director, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory Skill Sets Bachelor’s degree (minimum requirement). 12+years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred Skill Sets Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years Of Experience Required 12 + years Education Qualification B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills Accenture Managed Detection and Response (MDR) Ops Security Engineering Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Innovation, Intellectual Curiosity, Learning Agility, Managed Services, Optimism {+ 20 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Line of Service Advisory Industry/Sector FS X-Sector Specialism Risk Management Level Director Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. As a cybersecurity generalist at PwC, you will focus on providing comprehensive security solutions and experience across various domains, maintaining the protection of client systems and data. You will apply a broad understanding of cybersecurity principles and practices to address diverse security challenges effectively. *Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us . At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. " Job Description & Summary: We are seeking a professional to join our Cybersecurity and Privacy services team, where you will have the opportunity to help clients implement effective cybersecurity programs that protect against threats, drive transformation, and foster growth. As companies increasingly adopt digital business models, the generation and sharing of data among organizations, partners, and customers multiply. We play a crucial role in ensuring that our clients are protected by developing transformation strategies focused on security, efficiently integrating and managing new or existing technology systems, and enhancing their cybersecurity investments. As a Director, you will be responsible for overseeing regular operations, driving continuous improvement processes, and managing client and vendor interactions. This role involves managing complex incidents escalated from L2 analysts, operating the Security Incident process, and mentoring junior team members to build a cohesive and motivated unit. Responsibilities: Review cybersecurity events analyzed by L2 security analysts, serving as the escalation point for detection, response, and remediation activities. Monitor and guide the team in triaging cybersecurity events, prioritizing, and recommending/performing response measures. Provide technical support for IT teams in response and remediation activities for escalated cybersecurity events/incidents. Follow up on cybersecurity incident tickets until closure. Guide L1 and L2 analysts in analyzing events and response activities. Expedite cyber incident response and remediation activities when delays occur, coordinating with L1 and L2 team members. Review and provide suggestions for information security policies and best practices in client environments. Ensure compliance with SLAs and contractual requirements, maintaining effective communication with stakeholders. Review and share daily, weekly, and monthly dashboard reports with relevant stakeholders. Update and review documents, playbooks, and standard operational procedures. Validate and update client systems and IT infrastructure documentation. Share knowledge on current security threats, attack patterns, and tools with team members. Create and review new use cases based on evolving attack trends. Analyze and interpret Windows, Linux OS, firewall, web proxy, DNS, IDS, and HIPS log events. Develop and maintain threat detection rules, parsers, and use cases. Understand security analytics and flows across SaaS applications and cloud computing tools. Validate use cases through selective testing and logic examination. Maintain continuous improvement processes and build/groom teams over time. Develop thought leadership within the SOC. Mandatory skill sets: Bachelor’s degree (minimum requirement). 12+years of experience in SOC operations. Experience analyzing malicious traffic and building detections. Experience in application security, network security, and systems security. Knowledge of security testing tools (e.g., BurpSuite, Mimikatz, Cobalt Strike, PowerSploit, Metasploit, Nessus, HP Web Inspect). Proficiency in common programming and scripting languages (Python, PowerShell, Ruby, Perl, Bash, JavaScript, VBScript). Familiarity with cybersecurity frameworks and practices (OWASP, NIST CSF, PCI DSS, NY-DFS). Experience with traditional security operations, event monitoring, and SIEM tools. Knowledge of MITRE or similar frameworks and procedures used by adversaries. Ability to develop and maintain threat detection rules and use cases. Preferred skill sets: Strong communication skills, both written and oral. Experience with SMB and large enterprise clients. Good understanding of ITIL processes (Change Management, Incident Management, Problem Management). Strong expertise in multiple SIEM tools and other SOC environment devices. Knowledge of firewalls, IDS/IPS, AVI, EDR, Proxy, DNS, email, AD, etc. Understanding of raw log formats of various security devices. Foundational knowledge of networking concepts (TCP/IP, LAN/WAN, Internet network topologies). Relevant certifications (CEH, CISA, CISM, etc.). Strong work ethic and time management skills. Coachability and dedication to consistent improvement. Ability to mentor and encourage junior teammates. Knowledge of regex and parser creation. Ability to deploy SIEM solutions in customer environments. Years of experience required: 12 + years Education qualification: B.Tech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Engineering Degrees/Field of Study preferred: Certifications (if blank, certifications not specified) Required Skills Accenture Managed Detection and Response (MDR) Ops Security Engineering Optional Skills Accepting Feedback, Accepting Feedback, Active Listening, Agile Methodology, Analytical Thinking, Azure Data Factory, Coaching and Feedback, Communication, Creativity, Cybersecurity, Cybersecurity Framework, Cybersecurity Policy, Cybersecurity Requirements, Cybersecurity Strategy, Embracing Change, Emotional Regulation, Empathy, Encryption Technologies, Inclusion, Influence, Innovation, Intellectual Curiosity, Learning Agility, Managed Services, Optimism {+ 20 more} Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Job Description : Advanced Red team ops — Analyse and exploit AD and Networks for Vulnerabilities Skills : * Python, PowerShell for various tasks, including reconnaissance, privilege escalation and lateral movement within AD * Exploitation frameworks like Metasploit, Core Impact, etc. * c2 frameworks like havoc, sliver, mythic, cobalt strike, etc. * AD exploitation tools like Bloodhound, Powersploit, mimikatz, crackmapexec, " Knowledge : * Cyber killchain, MITRE attack Framework, TIBER * Active Directory architecture, policies, services and security mechanisms * AD attack techniques such as kerberoasting, Pass—the—Ticket, Golden Ticket attacks, etc. * Network Protocols and Services, vulnerabilities, exploitation vectors, defenders response and bypass * Access and Persistence Techniques on compromised machines and mitigations * Firewalls, IPS, IDS and other network controls and evasion techniques" Experience: 3-5 years working experience in similar role Certifications (not mandatory unless otherwise indicated): Undergrad/Grad courses in Computer Sc/IT preferred Desirable: * Offensive Security Certified Professional (OSCP) * Offensive Security Certified Expert (OSCE) * CRTP(Certified Red Team Professional by eLearnSecurity) * CTP (Cracking the Perimeter by Offensive Security) Show more Show less

Job Description : Advanced Red team ops Analyse and exploit AD and Networks for Vulnerabilities Skills : * Python, PowerShell for various tasks, including reconnaissance, privilege escalation and lateral movement within AD * Exploitation frameworks like Metasploit, Core Impact, etc. * c2 frameworks like havoc, sliver, mythic, cobalt strike, etc. * AD exploitation tools like Bloodhound, Powersploit, mimikatz, crackmapexec, " Knowledge : * Cyber killchain, MITRE attack Framework, TIBER * Active Directory architecture, policies, services and security mechanisms * AD attack techniques such as kerberoasting, Pass—the—Ticket, Golden Ticket attacks, etc. * Network Protocols and Services, vulnerabilities, exploitation vectors, defenders response and bypass * Access and Persistence Techniques on compromised machines and mitigations * Firewalls, IPS, IDS and other network controls and evasion techniques" Experience: 3-5 years working experience in similar role Certifications (not mandatory unless otherwise indicated): Undergrad/Grad courses in Computer Sc/IT preferred Desirable: * Offensive Security Certified Professional (OSCP) * Offensive Security Certified Expert (OSCE) * CRTP(Certified Red Team Professional by eLearnSecurity) * CTP (Cracking the Perimeter by Offensive Security)

Job Purpose: Provides hands-on technical and security support across enterprise environments, including performing manual security testing, assisting with vulnerability identification and remediation, and supporting threat response activities. Contributes to cloud security posture monitoring, participates in responsible disclosure and bug bounty processes, and supports ongoing compliance initiatives. Aids in the investigation and response to security incidents, monitors threat intelligence sources, and helps implement security controls across systems, applications, and Office365 environments. Also assists with maintaining documentation and gathering evidence for audits related to SOC 2 Type 2, PCI-DSS, and ISO 27001 frameworks. Supports sales and client teams by contributing to responses for security audits, risk assessments, and customer security questionnaires. Job Responsibilities: Essential Functions: This position operates under limited supervision with a high degree of independence in day-to-day security tasks. The Security Engineer supports enterprise security operations, infrastructure protection, and compliance efforts. Key responsibilities include: Perform manual security testing and assist with 2nd and 3rd level investigation and resolution of security-related support tickets. Participate in vulnerability management processes, including scanning, tracking, reporting, and remediation assistance. Monitor and support cloud security posture across environments (e.g., AWS, Azure), contributing to secure configuration and alerting. Support Office365 security administration and monitoring efforts Assist in monitoring threat intelligence feeds and help correlate findings with internal environments to identify potential risks. Respond to and support the triage and resolution of security incidents in coordination with internal teams and vendors to minimize business impact. Contribute to the intake and triage process for responsible disclosure reports and bug bounty submissions. Provide security support for customer audits and sales enablement activities by helping to complete security questionnaires and assessments. Assist with maintaining and collecting evidence for compliance frameworks such as SOC 2 Type 2, PCI-DSS, and ISO 27001. Help train and support internal teams in secure configurations and processes. Work with internal infrastructure, development, and compliance teams to implement and maintain security standards and controls. Research, test, and provide input on new security tools, products, and practices. Maintain accurate records of work performed, including documentation and ticketing of changes and issues. Non-Essential Functions: May be required to participate in an on-call rotation outside of normal business hours to support security incident response or high-priority investigations. May assist with ad-hoc security-related tasks or projects outside of core responsibilities Requirements: Required Education and Experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent technical experience Minimum 3+ years of experience in information security, cybersecurity, or in a security engineering role Hands-on experience with manual security testing and vulnerability management practices Working knowledge of private and public cloud environments and cloud security posture management (e.g., AWS, Azure, or GCP) Familiarity with security compliance frameworks (SOC 2 Type 2, PCI-DSS, ISO 27001) Experience with MS Azure security and Office365 security tools (e.g., Microsoft Defender, Purview, Security & Compliance Center) Understanding of incident response processes and tools Exposure to responsible disclosure or bug bounty program workflows Ability to document technical findings and produce support materials for audit and remediation purposes Minimum 2+ years of experience with Penetration Testing tools such as Nmap, Burp Suite, OWASP ZAP, Nikito, SQLmap, Postman, MetaSploit, Mimikatz, Bloodhound, Maltego and others Preferred Education and Experience: Bachelor’s degree or equivalent experience. Related certifications Expected Competencies: Strong verbal and written communication skills Must be able to prioritize and take initiative Demonstrate excellent service skills Strong English communication skills, both written and verbal Work Schedule: Monday through Friday from 12 PM to 9 PM IST. This will provide healthy overlap between India team and US team and supporting both to ensure adequate collaboration. This role will be working in Hybrid Mode and will require at least 2 days’ work from office at Hyderabad or Gurugram Travel: This position may require up to 10% travel. Travel may be outside the local area and overnight EEO Statement Cendyn provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Cendyn complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Cendyn expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Cendyn’s employees to perform their job duties may result in discipline up to and including discharge. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Job Purpose Provides hands-on technical and security support across enterprise environments, including performing manual security testing, assisting with vulnerability identification and remediation, and supporting threat response activities. Contributes to cloud security posture monitoring, participates in responsible disclosure and bug bounty processes, and supports ongoing compliance initiatives. Aids in the investigation and response to security incidents, monitors threat intelligence sources, and helps implement security controls across systems, applications, and Office365 environments. Also assists with maintaining documentation and gathering evidence for audits related to SOC 2 Type 2, PCI-DSS, and ISO 27001 frameworks. Supports sales and client teams by contributing to responses for security audits, risk assessments, and customer security questionnaires. Job Responsibilities Essential Functions: Responsibilities This position operates under limited supervision with a high degree of independence in day-to-day security tasks. The Security Engineer supports enterprise security operations, infrastructure protection, and compliance efforts. Key responsibilities include: Perform manual security testing and assist with 2nd and 3rd level investigation and resolution of security-related support tickets. Participate in vulnerability management processes, including scanning, tracking, reporting, and remediation assistance. Monitor and support cloud security posture across environments (e.g., AWS, Azure), contributing to secure configuration and alerting. Support Office365 security administration and monitoring efforts Assist in monitoring threat intelligence feeds and help correlate findings with internal environments to identify potential risks. Respond to and support the triage and resolution of security incidents in coordination with internal teams and vendors to minimize business impact. Contribute to the intake and triage process for responsible disclosure reports and bug bounty submissions. Provide security support for customer audits and sales enablement activities by helping to complete security questionnaires and assessments. Assist with maintaining and collecting evidence for compliance frameworks such as SOC 2 Type 2, PCI-DSS, and ISO 27001. Help train and support internal teams in secure configurations and processes. Work with internal infrastructure, development, and compliance teams to implement and maintain security standards and controls. Research, test, and provide input on new security tools, products, and practices. Maintain accurate records of work performed, including documentation and ticketing of changes and issues. Non-Essential Functions May be required to participate in an on-call rotation outside of normal business hours to support security incident response or high-priority investigations. May assist with ad-hoc security-related tasks or projects outside of core responsibilities Requirements Required Education and Experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent technical experience Minimum 3+ years of experience in information security, cybersecurity, or in a security engineering role Hands-on experience with manual security testing and vulnerability management practices Working knowledge of private and public cloud environments and cloud security posture management (e.g., AWS, Azure, or GCP) Familiarity with security compliance frameworks (SOC 2 Type 2, PCI-DSS, ISO 27001) Experience with MS Azure security and Office365 security tools (e.g., Microsoft Defender, Purview, Security & Compliance Center) Understanding of incident response processes and tools Exposure to responsible disclosure or bug bounty program workflows Ability to document technical findings and produce support materials for audit and remediation purposes Minimum 2+ years of experience with Penetration Testing tools such as Nmap, Burp Suite, OWASP ZAP, Nikito, SQLmap, Postman, MetaSploit, Mimikatz, Bloodhound, Maltego and others Preferred Education And Experience Bachelor’s degree or equivalent experience. Related certifications Expected Competencies Strong verbal and written communication skills Must be able to prioritize and take initiative Demonstrate excellent service skills Strong English communication skills, both written and verbal Work Schedule Monday through Friday from 12 PM to 9 PM IST. This will provide healthy overlap between India team and US team and supporting both to ensure adequate collaboration. This role will be working in Hybrid Mode and will require at least 2 days’ work from office at Hyderabad or Gurugram Travel This position may require up to 10% travel. Travel may be outside the local area and overnight EEO Statement Cendyn provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Cendyn complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Cendyn expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Cendyn’s employees to perform their job duties may result in discipline up to and including discharge. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. Show more Show less