776 Nessus Jobs - Page 30

Introduction A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio Your Role And Responsibilities Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Preferred Education Master's Degree Required Technical And Professional Expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 4 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks Preferred Technical And Professional Experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify Show more Show less

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModelingAbility to conduct threat modeling sessions to identify and mitigate security risks Preferred technical and professional experience Vulnerability AssessmentExperience in conducting vulnerability assessments and penetration testing Application Security TestingExperience with static and dynamic application security testing (SAST/DAST) tools. Security ToolsProficiency in using security tools like Burp Suite, Nessus, or Fortify

Line of Service Advisory Industry/Sector Not Applicable Specialism Risk Management Level Associate Job Description & Summary At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In threat intelligence and vulnerability management at PwC, you will focus on identifying and analysing potential threats to an organisation's security, as well as managing vulnerabilities to prevent cyber attacks. You will play a crucial role in safeguarding sensitive information and enabling the resilience of digital infrastructure. Why PWC At PwC, you will be part of a vibrant community of solvers that leads with trust and creates distinctive outcomes for our clients and communities. This purpose-led and values-driven work, powered by technology in an environment that drives innovation, will enable you to make a tangible impact in the real world. We reward your contributions, support your wellbeing, and offer inclusive benefits, flexibility programmes and mentorship that will help you thrive in work and life. Together, we grow, learn, care, collaborate, and create a future of infinite experiences for each other. Learn more about us. At PwC, we believe in providing equal employment opportunities, without any discrimination on the grounds of gender, ethnic background, age, disability, marital status, sexual orientation, pregnancy, gender identity or expression, religion or other beliefs, perceived differences and status protected by law. We strive to create an environment where each one of our people can bring their true selves and contribute to their personal growth and the firm’s growth. To enable this, we have zero tolerance for any discrimination and harassment based on the above considerations. Job Description & Summary: In-depth knowledge and hands-on experience in VAPT , including: Web Application Vulnerability Assessment & Penetration Testing, Mobile Application Vulnerability Assessment & Penetration Testing , API and Network Penetration Testing, Cloud Security, Network Security, SOC Monitoring and Incident management. Responsibilities Vulnerability Assessment and Penetration Testing (VA/PT) Conduct VAPT Program Management including Remediation and Closure Management Conduct secure configuration review Conduct/ Manage Secure Code review Conduct/ Manage API secure testing Conduct/ Manage VA/PT for new web/ app development Conduct/ Manage Application Security Conduct/ Manage Red Teaming Conduct/ Manage DevSec/DevSecOps Conduct/ Manage Patch Management Mandatory Skill Sets VAPT In-depth knowledge of security issues, exploitation techniques and remediation measures. Hands-on Experience in Vulnerability Assessments & Penetration Testing (Automated + Manual) on business critical assets ( IP,Web,Mobile,API and AWS) Hands-on experience with well-known security tools BurpSuite, Nessus, Nmap, Accunetix, Metasploit Netsparker, Qualys etc Understanding of web application security vulnerabilities (OWASP Top 10), including XSS, SQL injection, CSRF, and others. Strong knowledge of network security concepts, firewalls, VPNs, IDS/IPS, and TCP/IP protocols. Familiarity with mobile security vulnerabilities in iOS and Android platforms, including reverse engineering, mobile app testing, and OWASP Mobile Security Project. Strong written and verbal communication skills for delivering clear, concise security reports and presenting findings to stakeholders. Preferred Skill Sets Strong organizational, teamwork, multitasking & time management skills. Outstanding communication abilities. Ability to effectively communicate the required recommendations. Years Of Experience Required 4+ Years Education Qualification Minimum Qualification: BE/ BTech Education (if blank, degree and/or field of study not specified) Degrees/Field of Study required: Bachelor of Technology, Bachelor of Engineering Degrees/Field Of Study Preferred Certifications (if blank, certifications not specified) Required Skills Burp Suite, Nessus Vulnerability Scanner, Structured Query Language (SQL) Optional Skills Teamwork Desired Languages (If blank, desired languages not specified) Travel Requirements Not Specified Available for Work Visa Sponsorship? No Government Clearance Required? No Job Posting End Date Show more Show less

Job Description for Information Security Auditor profile with SecNinjaz Technologies LLP Profile : Information Security Auditor Number of Requirements : 01 Location of Deputation : New Delhi Experience Range : 3+ years Salary Range : No Bar for Potential Candidates Role Overview: The Security Auditor will be responsible for conducting comprehensive security assessments, including audits, penetration testing, and compliance evaluations. This role requires a meticulous, analytical professional with OSCP and CEH certifications, capable of identifying vulnerabilities and recommending technical and strategic security improvements. Key Responsibilities: Perform technical security audits across internal and client infrastructures (networks, systems, and applications). Conduct vulnerability assessments and manual penetration testing, including both black-box and white-box scenarios. Analyze security policies, standards, and configurations against best practices and compliance frameworks. Develop detailed audit and assessment reports with risk ratings and mitigation strategies. Collaborate with internal teams and client stakeholders to understand business requirements and security needs. Participate in incident response planning and security awareness training initiatives. Stay informed about the latest threats, attack techniques, and regulatory developments. Required Qualifications: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience. Active OSCP (Offensive Security Certified Professional) certification. Active CEH (Certified Ethical Hacker) certification. 3+ years of experience in information security auditing, penetration testing, or ethical hacking. Strong understanding of operating systems (Linux, Windows), networking, and web application security. Hands-on experience with tools such as Burp Suite, Nmap, Metasploit, Wireshark, Nessus, etc. Excellent documentation and communication skills. Preferred Qualifications: Experience conducting audits for compliance standards (ISO 27001, PCI-DSS, HIPAA, etc.). Exposure to cloud environments (AWS, Azure, GCP) and their security models. Scripting knowledge in Python, Bash, or PowerShell. Additional certifications such as CISA, CISSP, or GPEN are a plus. Show more Show less

Job description Role Overview : The Application Security Senior Engineer will play a crucial role in safeguarding our applications and digital assets against security threats. With a primary focus on Vulnerability Assessment and Penetration Testing (VAPT), the role involves identifying, assessing, and mitigating security vulnerabilities across our application portfolio. This position requires a proactive mindset, strong technical skills, and the ability to collaborate effectively with cross-functional teams and support the security projects. Key Responsibilities : 1. Vulnerability Assessment and Penetration Testing (VAPT): - Conduct comprehensive security assessments of applications using industry-standard tools and techniques. - Perform manual testing and automated scans to identify vulnerabilities such as OWASP Top 10, SQL injection, XSS, CSRF, etc. - Analyze and interpret assessment findings, providing clear and actionable recommendations to development teams. - Support the security gating process with timely security assessment and reporting. - Provide guidance and assistance on secure software development life cycle. - Track identified vulnerabilities through to resolution, collaborating closely with development teams to ensure timely mitigation. - Provide detailed vulnerability reports and metrics to stakeholders, including risk assessments and remediation progress. 2. Support for Security Projects: - Actively participate in security projects and initiatives, providing expertise and guidance on application security best practices. - Perform Security Architecture review for existing and new security projects and guide on security best practices. - Collaborate with architects and developers to integrate security into the SDLC (Secure Development Life Cycle) and CI/CD pipelines. 3. Incident Response and Support: - Assist in incident response activities related to application security incidents. - Contribute to root cause analysis and lessons learned sessions to improve incident handling and prevention strategies. 4. Security Awareness and Training: - Develop and deliver training sessions on secure coding practices and application security awareness. - Promote a culture of security within the organization, advocating for continuous improvement and adherence to security policies. Requirements: Bachelors degree in Computer Science/Information Technology, or a related field. Minimum of 5 years of experience in application security, with a focus on VAPT and secure development practices. Proven experience with security assessment tools such as Burp Suite, Qualys, Nessus, etc. Strong understanding of web application architecture, including front-end, back-end, and APIs. Solid knowledge of OWASP guidelines and best practices for secure coding. Certifications such as CISSP, CEH, OSCP, or similar are preferred. Excellent communication skills with the ability to articulate technical concepts to non-technical stakeholders. Strong analytical and problem-solving skills, with attention to detail. Why join us? Impactful Work: Play a pivotal role in safeguarding Tanla's assets, data, and reputation in the industry. Tremendous Growth Opportunities: Be part of a rapidly growing company in the telecom and CPaaS space, with opportunities for professional development. Innovative Environment: Work alongside a world-class team in a challenging and fun environment, where innovation is celebrated. Tanla is an equal opportunity employer. We champion diversity and are committed to creating an inclusive environment for all employees. www.tanla.com Show more Show less

We are hiring a full-time Information Security Analyst who is technical, dedicated to learning new things, security-minded, has strong initiative, and is able to manage projects autonomously. The Information Security team defends the company’s digital infrastructure by designing, implementing, and improving the company’s cybersecurity architecture. This is a critical role responsible for protecting infrastructure, cloud, edge devices, and data against unauthorized use, modification, exfiltration, or damage. If you’re excited to be part of a fast-growing, then Medpace is a great place to grow your career. Responsibilities Engineer security solutions without oversight while collaborating with multiple internal departments and vendors; Analyze security systems and seek continuous improvements; Research vulnerabilities, perform vulnerability scanning and alleviate threats; Mature security best practices and policies internal to the organization; Develop new processes while cross-training coworkers and assisting employees on security-related matters; Provide security awareness training and testing for employees to verify proper security protocols are being adhered to; Performing cyber security incident triage, reviewing logs, and performing remediation activities; and Review and reduce inappropriate/overprovisioned access to drive least privileged access. Qualifications Minimum of bachelor's degree, preferably in Cybersecurity or Information Technology’ Prior Internship/co-op experience within Information Security; Understanding of security best practices and how to implement them at a business-wide level; Experience with managing, configuring, and deploying enterprise-grade security solutions in some of the following: SIEM Privileged Access Management/Identity Access Endpoint Detection & Response Cloud based architecture such as Azure/AWS Active Directory Exceptional communication skills; and Fundamental scripting skills, such as PowerShell/Python. Nice to have: Experience with vulnerability assessment tools such as Nessus and Tenable; Experience with enterprise web proxy solutions, web filters, and VPN such as Zscaler; Experience with governing Windows environment including GPO; Previous employment or experience in a highly regulated industry such as healthcare, financial, or defense experience with standards such as ISO, NIST, HIPPA, and/or SOC2; and Auditing and policy-writing experience. Medpace Overview Medpace is a full-service clinical contract research organization (CRO). We provide Phase I-IV clinical development services to the biotechnology, pharmaceutical and medical device industries. Our mission is to accelerate the global development of safe and effective medical therapeutics through its scientific and disciplined approach. We leverage local regulatory and therapeutic expertise across all major areas including oncology, cardiology, metabolic disease, endocrinology, central nervous system, anti-viral and anti-infective. Headquartered in Cincinnati, Ohio, employing more than 5,000 people across 40+ countries. Why Medpace? People. Purpose. Passion. Make a Difference Tomorrow. Join Us Today. The work we’ve done over the past 30+ years has positively impacted the lives of countless patients and families who face hundreds of diseases across all key therapeutic areas. The work we do today will improve the lives of people living with illness and disease in the future. Medpace Perks Flexible work environment Competitive compensation and benefits package Competitive PTO packages Structured career paths with opportunities for professional growth Company-sponsored employee appreciation events Employee health and wellness initiatives Awards Recognized by Forbes as one of America's Most Successful Midsize Companies in 2021, 2022, 2023 and 2024 Continually recognized with CRO Leadership Awards from Life Science Leader magazine based on expertise, quality, capabilities, reliability, and compatibility What To Expect Next A Medpace team member will review your qualifications and, if interested, you will be contacted with details for next steps. EO/AA Employer M/F/Disability/Vets Show more Show less

Cybersecurity Intern Company: INLIGHN TECH Location: Remote (100% Virtual) Duration: 3 Months Stipend for Top Interns: ₹15,000 Certificate Provided | Letter of Recommendation | Full-Time Offer Based on Performance About the Company: INLIGHN TECH empowers students and fresh graduates with real-world experience through hands-on, project-driven internships. The Cybersecurity Internship provides a deep dive into the world of digital security, offering practical exposure to threat analysis, system hardening, and security operations across live projects and simulated environments. Role Overview: As a Cybersecurity Intern, you will work on identifying vulnerabilities, monitoring network traffic, and helping secure digital assets. This internship will enhance your foundational knowledge and technical proficiency in protecting systems, detecting threats, and responding to security incidents. Key Responsibilities: Assist in identifying and mitigating cybersecurity threats across simulated networks Conduct risk assessments and vulnerability scans Monitor and analyze logs for unusual or malicious activity Document findings and help develop security reports Support security awareness initiatives and documentation Learn and apply incident response techniques and security best practices Qualifications: Pursuing or recently completed a degree in Cybersecurity, Information Technology, Computer Science, or a related field Understanding of networking fundamentals, firewalls, and common security protocols Familiarity with security tools such as Wireshark, Nmap, Nessus, or Splunk Awareness of cybersecurity frameworks and best practices (e.g., NIST, ISO 27001) Strong analytical and troubleshooting skills Eagerness to learn, explore, and adapt in a fast-paced cybersecurity environment Internship Benefits: Practical experience with cybersecurity tools and frameworks Certificate of Internship upon successful completion Letter of Recommendation for top performers Build a strong portfolio of cybersecurity case studies and analysis Show more Show less

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Vulnerability Assessment Specialist is a seasoned subject matter expert, responsible for conducting advanced vulnerability assessments, identifying vulnerabilities, and provides expert recommendations to mitigate security risks to ensure the security and integrity of the organization's systems and infrastructure. This role requires collaboration with cross-functional teams, and they lead/perform vulnerability assessments, analyze findings, and provide recommendations to mitigate security risks and contributes to the improvement of vulnerability management practices. What You'll Be Doing Key Responsibilities: Conducts vulnerability assessments using automated scanning tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components. Conducts penetration tests using automated tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components. Analyzes scan results and prioritizes vulnerabilities based on severity, impact, and exploitability. Assesses the potential risks associated with identified vulnerabilities. Analyzes the business impact, likelihood of exploitation, and potential attack vectors to prioritize remediation efforts based on risk severity. Provides detailed remediation recommendations to system owners, administrators, and IT teams. Collaborates to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities. Utilizes vulnerability scanning tools such as Nessus, OpenVAS, Qualys, or similar tools to conduct scans, configure scan policies, and fine-tune scan parameters for accurate and comprehensive assessments. Utilizes penetration testing tools such as Metasploit, Burp Suite, and similar tools to conduct tests, configure test policies, and fine-tune test parameters for accurate and comprehensive assessments. Prepares vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions. Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner. Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, coordination, and alignment on vulnerability management efforts. Communicates technical concepts and recommendations to non-technical stakeholders. Participates in security awareness programs and provides training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Promotes a culture of security awareness within the organization. Collaborates with incident response teams to identify and address vulnerabilities associated with security incidents. Provides support during incident response efforts and contribute to post-incident analysis and remediation. Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices. Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools. Shares knowledge and provides guidance to improve vulnerability management practices. Shares knowledge and provides guidance to improve penetration testing practices. Contributes to open source security projects and the security community. Performs any other related task as required. Knowledge and Attributes: Seasoned understanding of vulnerability assessment methodologies, tools, and industry best practices. Seasoned understanding of penetration testing methodologies, tools, and industry best practices. Seasoned understanding of networking concepts, operating systems, and common software vulnerabilities. Solid proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Solid proficiency in using penetration testing tools such as Metasploit, Burp Suite, and similar tools. Seasoned knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities. Solid knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases. Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions. Excellent written and verbal communication skills to prepare vulnerability assessment reports and effectively communicate technical information to diverse stakeholders. Excellent collaboration and teamwork skills to work effectively with cross-functional teams and stakeholders. Seasoned familiarity with security frameworks, standards, and regulatory compliance requirements. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP) GIAC Penetration Tester (GPEN) or GIAC Certified Vulnerability Assessor (GCVA) are beneficial. Required Experience: Seasoned demonstrated experience in information security or related roles, with a focus on conducting vulnerability assessments and providing remediation recommendations. Seasoned demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, network security assessments, penetration testing, or code review. Experience in bug bounty programs and identifying zero-day vulnerabilities is a plus. Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today. Show more Show less

Role: Product Security Engineer Experience: 3+ Years Location: Noida Job Description: Security Specialist in areas of Security Vulnerability Assessment & Penetration Testing. Responsible for periodic assessment and implementation of remediation with the help of node owners. Job Key Tasks & Responsibilities: · Experience in developing trailored Vulnerability Assessment Profiles in collaboration with clients, outlining assessment scope, methodologies, risk assessment criteria, and reporting structures. · Have created and configured custom scan policies for vulnerability scanners, ensuring accurate, tailored scans to meet organizational needs and risk tolerance. · Configure scan policies for full network scans, application scans, compliance checks, and sensitive data exposure detection. · Performed both authenticated and unauthenticated scans across telecom networks and cloud environments (VNF, CNF). Troubleshooting and debugging scans. · Performed automated and manual scans against the CIS Benchmarks (e.g., CIS AWS Foundations, CIS Linux, CIS Windows) to ensure compliance with industry best practices. · Performed comprehensive risk triage by analyzing vulnerability reports, verifying false positives, and assigning accurate severity levels to vulnerabilities based on CVSS matrix. · Evaluate the impact of vulnerabilities and prioritize vulnerabilities based on CVSS scoring and considering exploitability in telecom environments (e.g., SS7, Diameter, GTP, VoIP, IoT, 5G). · Perform cloud-specific vulnerability assessments for containers and orchestration platforms (Docker, Kubernetes). · Provide remediation recommendations based on scan findings, including patching, work arounds, configuration hardening, and compensating controls. · Worked on remediation of non-compliant configurations and security issues based on CIS recommendations. · Experience in threat intelligence gathering to identify known exploits and determine the current exploitation risk of vulnerabilities (e.g., availability of exploit POC, exploit in wild). · Experience of working in ticketing tools i.e. ServiceNow, Jira. · Proficiency in Linux, Windows, and cloud security hardening. · Knowledge security frameworks and standards (e.g., NIST, ISO 27001, CIS) Experience & Certification: · Minimum 3+ years of relevant experience in a combination of security and operations technology jobs · Vulnerability Scanning tools: Nessus, Qualys, OpenVAS · Cloud Scanning Tools: Redhat ACS, Anchore, Trivy · Ticketing Systems: Jira, ServiceNow, Remedy Telecom Expertise: Telecom architecture(2G,3G,4G,5G), Nokia Nodes and functionalities Show more Show less

Job Title : Cybersecurity Analyst (Entry-Level) Location: Hyderabad, TS, India – Work From Office Must. Department : Information Technology / Cybersecurity Employment Type : Full-Time Reports To : Cybersecurity Manager Job Purpose The Cybersecurity Analyst (Fresher) will support the organization’s security operations by monitoring, analysing, and responding to cyber threats. This entry-level role is designed for recent graduates passionate about cybersecurity, eager to apply foundational knowledge, and grow into skilled professionals safeguarding critical systems and data. Key Responsibilities Threat Monitoring and Analysis : Monitor security alerts using tools like Splunk, CrowdStrike, or SIEM platforms to identify potential threats. Analyse logs and network traffic for suspicious activities under senior team guidance. Incident Response Support : Assist in investigating security incidents, documenting findings, and escalating issues as needed. Participate in containment and remediation efforts for low-level threats. Vulnerability Assessments : Support vulnerability scans using tools like Nessus or Qualys to identify system weaknesses. Help prioritize remediation based on risk severity with team input. Security Awareness : Contribute to employee training programs on phishing, password hygiene, and cyber best practices. Create basic awareness content under supervision. Documentation and Reporting : Maintain records of security events, incidents, and mitigation steps. Assist in preparing compliance reports for standards like ISO 27001 or GDPR. Learning and Development : Stay updated on emerging threats, attack vectors, and cybersecurity trends. Participate in training programs to gain certifications like CompTIA Security+ or CEH. Qualifications and Skills Education : Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field (2024/2025 graduates preferred). Relevant certifications (e.g., CompTIA Security+, CySA+, or equivalent) are a plus but not mandatory. Technical Skills : Basic understanding of networking concepts (TCP/IP, DNS, firewalls). Familiarity with operating systems (Windows, Linux) and command-line tools. Exposure to cybersecurity tools like Wireshark, Splunk, or endpoint detection platforms. Knowledge of common attack vectors (e.g., phishing, malware, DDoS). Soft Skills : Analytical mindset with strong problem-solving abilities. Clear communication to document findings and collaborate with teams. Eagerness to learn and adapt in a fast-paced environment. Attention to detail for identifying anomalies in data. Preferred but Not Required : Internship or project experience in cybersecurity, IT, or network administration. Basic scripting knowledge (e.g., Python, Bash) for automating tasks. Awareness of compliance frameworks (e.g., NIST, GDPR). Key Competencies Curiosity : Proactively seeks to understand cyber threats and solutions. Teamwork : Collaborates with senior analysts and cross-functional teams. Time Management : Prioritizes tasks effectively under tight deadlines. Ethics : Maintains integrity and confidentiality in handling sensitive data. Why Join Us? Growth Opportunities : Access to mentorship, certifications, and hands-on projects to build a cybersecurity career. Innovative Environment : Work with cutting-edge tools like AI-driven threat detection and cloud security platforms. Impactful Work : Protect critical systems and data, contributing to organizational and societal security. Inclusive Culture : Join a diverse team committed to collaboration and innovation. Show more Show less

Experience: 1 - 3 years Location: New Delhi Job Description : The Security Auditor will be responsible for conducting comprehensive security assessments, including audits, penetration testing, and compliance evaluations. This role requires a meticulous, analytical professional with OSCP and CEH certifications, capable of identifying vulnerabilities and recommending technical and strategic security improvements. Number of Requirements : 01 Key Responsibilities : Perform technical security audits across internal and client infrastructures (networks, systems, and applications). Conduct vulnerability assessments and manual penetration testing, including both black-box and white-box scenarios. Analyze security policies, standards, and configurations against best practices and compliance frameworks. Develop detailed audit and assessment reports with risk ratings and mitigation strategies. Collaborate with internal teams and client stakeholders to understand business requirements and security needs. Participate in incident response planning and security awareness training initiatives. Stay informed about the latest threats, attack techniques, and regulatory developments. Required Qualifications : Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or equivalent experience. Active OSCP (Offensive Security Certified Professional) certification. Active CEH (Certified Ethical Hacker) certification. 3+ years of experience in information security auditing, penetration testing, or ethical hacking. Strong understanding of operating systems (Linux, Windows), networking, and web application security. Hands-on experience with tools such as Burp Suite, Nmap, Metasploit, Wireshark, Nessus, etc. Excellent documentation and communication skills. Preferred Qualifications : Experience conducting audits for compliance standards (ISO 27001, PCI-DSS, HIPAA, etc.). Exposure to cloud environments (AWS, Azure, GCP) and their security models. Scripting knowledge in Python, Bash, or PowerShell. Additional certifications such as CISA, CISSP, or GPEN are a plus.

Summary Position Summary Position: Cyber Security Senior BISO Analyst (L3) Location: USI Job Summary Cyber Security BISO Team works with the Deloitte Function Specific Subsidiaries (FSS) & Chief Information Security Officer (CISO) organization directly supporting Deloitte’s Enabling Areas functions. The role involves close integration with various internal and external client-service leaders, technical and non-technical stakeholders to drive widespread cyber security program adoption. The Business Information Security Officer (BISO) Analyst will work closely with the Application teams of various lines of businesses (LOB), including the Office of Chief Information Officer (OCIO). In this role, you will support a group/team to develop a deep understanding of the business to facilitate specialized information security risk-based discussions. This role requires a proactive individual with a keen eye for detail and a strong understanding of cybersecurity frameworks such as, ISO, NIST, CIS. This fast-paced multi-faceted environment requires a highly motivated, self-driven, strong team player who demonstrates an intrinsic desire for continuous personal and professional growth. Key Responsibilities: Oversight & Alignment: Partner with Deloitte’s central Cyber Security organization to ensure consistent adoption of security frameworks, policies, and controls within business units and client teams. Security Strategy Development: Collaborate with business leaders to develop and implement information security strategies that align with business goals and regulatory requirements. Risk Management: Identify, assess, and prioritize information security risks within the enabling areas. Develop and implement risk mitigation strategies. Policy and Compliance: Ensure compliance with relevant information security policies, standards, and regulations (e.g., ISO 27001, NIST, SOC 2, HIPAA). Maintain ongoing audit readiness. Incident Response: Lead the response to security incidents within the enabling areas, including investigation, containment, and remediation efforts. Vulnerability Management: Monitor cyber threats relevant to the business domain. Support risk assessments, issue management, and incident response coordination. Stakeholder Engagement: Serve as the primary point of contact for information security matters within the enabling areas. Build strong relationships with business leaders and other stakeholders. Mitigation Projects: Lead or support projects involving third-party risk, vulnerability remediation, data protection, secure application development, and identity & access governance Security Architecture: Work with IT and business teams to design and implement secure systems and processes that support business operations. Continuous Improvement: Stay current with emerging security threats and trends. Recommend and implement improvements to the organization's security posture Qualifications: Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Experience: Minimum of 4 years of experience in information security 2-3 years of risk management experience or direct participation in risk management processes, including application risk classification and application control assessments. 2-3 years of experience in vulnerability management, cybersecurity, or a related field. Experience with vulnerability assessment tools (e.g., Nessus, Qualys, Rapid7). Experience with GRC platforms (e.g., ServiceNow, Archer, or similar). Certifications: Relevant certifications such as CISSP, CISM, CISA, or equivalent. Technical Skills: Strong understanding of information security principles, technologies, and best practices. Experience with risk management, incident response, and security architecture. Business Acumen: Ability to understand business operations and align security strategies with business objectives. Communication: Excellent verbal and written communication skills. Ability to effectively communicate complex security concepts to non-technical stakeholders. Leadership: Proven ability to lead cross-functional teams and manage multiple projects simultaneously. Soft Skills: Excellent analytical and problem-solving skills. Strong communication skills, both written and verbal. Ability to work independently and as part of a team. Detail-oriented with a strong focus on accuracy and quality. Ability to work in a fast-paced environment and manage multiple tasks simultaneously. This role is ideal for a motivated individual who is passionate about cybersecurity and eager to contribute to the organization's security posture. If you have a strong background in vulnerability management and a commitment to continuous improvement, we encourage you to apply. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Professional development From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. Requisition code: 302394 Show more Show less

Security engineer Protect our users and their data. 4+ years in security engineering. Encryption expertise. Threat modeling experience.

Job Title: Manager Application Security Company Name: Info Edge India Ltd Job Description: As the Manager Application Security, you will be responsible for leading the application security initiatives within Info Edge India Ltd. You will work closely with development teams to ensure that security is integrated into the software development lifecycle. The role involves assessing potential vulnerabilities in applications, implementing security best practices, and ensuring compliance with security standards. You will also be responsible for conducting security assessments, managing security incidents, and providing guidance on secure coding practices. Additionally, you will collaborate with cross-functional teams to promote a culture of security awareness throughout the organization. Key Responsibilities: - Lead application security assessments and conduct security reviews of applications. - Develop and implement application security policies, standards, and guidelines. - Collaborate with development teams to integrate security into the software development lifecycle. - Conduct threat modeling and vulnerability assessments to identify security risks. - Provide training and support to developers on secure coding practices. - Monitor security trends and stay updated on emerging threats and vulnerabilities. - Respond to security incidents and coordinate incident response efforts. - Prepare reports and presentations for management on application security metrics and status. Skills and Tools Required: - Strong understanding of application security principles and best practices. - Experience with application security testing tools, such as static and dynamic analysis tools. - Familiarity with secure coding practices and frameworks (e.g., OWASP Top Ten). - Knowledge of security standards and compliance frameworks (e.g., ISO 27001, NIST). - Proficiency in one or more programming languages (e.g., Java, Python, C#). - Experience in conducting threat modeling and risk assessment. - Strong analytical skills and attention to detail. - Excellent communication and interpersonal skills to work collaboratively with various teams. - Certifications in application security (e.g., Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Systems Security Professional (CISSP)) are a plus.

Security Test Engineer Hyderabad, India Information Technology 307720 Job Description About The Role: Grade Level (for internal use): 10 The Team: Security Testing Team In The Quality Engineering Space Plays A Crucial Role In Safeguarding Business Operations By Identifying Vulnerabilities And Ensuring Robust Protection Against Cyber Threats. Through Meticulous Testing Practices, We Enhance The Security Posture Of Applications, Thereby Reducing The Risk Of Data Breaches And Financial Loss. By Integrating Security Measures Early In The Development Lifecycle, The Team Helps Streamline Processes, Minimize Disruptions, And Ultimately Contribute To Greater Business Efficiency And Resilience. S&P Global Ratings Is The World’s Leading Provider Of Independent Credit Ratings. Our Ratings Are Essential To Driving Growth, Providing Transparency, And Helping Educate Market Participants So They Can Make Decisions With Confidence. We Have More Than One Million Credit Ratings Outstanding On Government, Corporate, Financial Sector And Structured Finance Entities And Securities. We Offer An Independent View Of The Market Built On A Unique Combination Of Broad Perspective And Local Insight. We Provide Our Opinions And Research About Relative Credit Risk; Market Participants Gain Independent Information To Help Support The Growth Of Transparent, Liquid Debt Markets Worldwide. What Is In It For You: Serve As A Highly Technical Security Expert To Bring Security Transformation To Both New And Legacy Applications In Quality Engineering Space. Using A Wide Range Of Cutting-Edge Technology To Innovate While Testing. An Ever-Challenging Environment To Hone Your Existing Skills In Security Testing, Automation, Python Programming, Bash Scripting Etc. Being A Part Of An Organization Which Values ‘Culture Of Urgency’ And ‘Shift Left’ Approaches. Gain The Opportunity To Apply Your Strategic Thinking Alongside Technical Skills To Safeguard Our Systems Defending Against Emerging Cyber Threats. A Plenty Of Skill Building, Knowledge Sharing, And Innovation Opportunities. Building A Fulfilling Career With A Global Financial Technology Company. Responsibilities: This Role Will Involve Designing And Executing Security Tests, Identify Vulnerabilities, And Drive Remediation Strategies While Collaborating With Cross-Functional Teams In An Agile Environment. Understand The Application’s Security Requirements And Identify & Document The Scope Of The Test. Develop And Maintain Security Testing Automation Using Tools Like Burp Suite, ZAP, Or Similar Tools. Integrate Security Testing Into CI/CD Pipelines. Automate Processes And Workflows Using Python To Minimize Manual Work. Collaborate With Development, QE, And DevOps Teams To Investigate Security Incidents, Perform Root Cause Analysis, And Validate Security Fixes. Oversee Results And Logs To Analyze, Prioritize, And Initiate Remediation For Findings Identified By Security Tools During SAST, DAST, SCA, Artifact Scanning, Container Scanning, Etc... Prepare Detailed Reports Summarizing Test Results, Logs, Findings, And Recommendations For Strengthening Overall Security Of An Application. Create And Track Security Metrics, KPIs, And KRIs To Measure Operational Effectiveness. Prepare Comprehensive Reports For Senior Management On Security Performance And Strategic Initiatives. Work Independently, Providing Recommendations, And Leading The Accomplishments Of The Tasks From Inception To Completion. Demonstrate Outstanding Flexibility And Leadership With Proper Communication Of Security Testing Result Interpretation And Explanation To Audience. Participate In Daily Stand-Up Calls, Works Closely With The Agile Manager To Know The Deliverables And Commitments Of Each Release. Actively Taking Part In Resolving Critical Security Issues And Coming Up With Solutions To Mitigate The Same. Basic Qualifications Bachelor's Or Master’s Degree In Electronics And Communication, Computer Science, Cybersecurity, Or Related Fields. 6 To 9 Years Of IT Experience With Relevant Professional Experience Of Minimum 4 Years In The Field Of Cyber Security Testing. Should Have Strong Hands-On Experience In Security Testing, Penetration Testing, And Vulnerability Assessment. Strong Experience In Web, API, And Cloud Security Testing. Clear Understanding Of Security Vulnerabilities, Exploits, And Mitigation Techniques Strong Grasp Of The OWASP Top 10 Vulnerabilities And Effective Mitigation Strategies. Hands-On Experience With Security Testing Tools Such As Burp Suite, OWASP ZAP, Wireshark, Nessus, OpenSSL And Crypto Validation Tools. Proficiency In SAST/DAST Tools And Security Frameworks Like OWASP Top 10, CIS Benchmarks, And CVSS. Hands-On Experience With Selenium, Pytest, And RestAssured API Testing Using Python. Strong Hands-On Experience With Scripting And Programming Languages Including Python, PowerShell, Bash For Security Tasks. Familiarity With RESTful APIs, Webhooks, And Integration Of Third-Party Security Tools And Services Via Automation. Knowledge Of DevSecOps Practices And Integrating Security In CI/CD Pipelines. Self-Motivated And Driven To Stay Updated With The Latest Security Trends, Technologies, And Best Practices, Maintain High Level Of Accuracy In Security Assessments. Ability To Analyze And Communicate Complex Cybersecurity And Technical Challenges To Technical And Non-Technical Users, Leaders, And Stakeholders. Experience Collaborating With Cross Functional Global And Remote Teams With Diverse Backgrounds. Should Be Able To Work Under A Competitive Time Frame And Deliver. Should Be A Very Fast Learner And Have The Excellent Problem-Solving Ability. Should Have Excellent Written And Verbal Communication Skills. Nice To Have Skills: Security Certifications Like CISSP, CEH, CISM, OSCP Or CompTIA Security+ Shall Be Having The Preference. Hands-On Experience In Building AI-Powered Security Tools, Chatbots, And Agent-Driven Automation Pipelines. Knowledge On Agentic AI Frameworks, LLMs, And Orchestration Libraries Like LangChain, CrewAI Or RAG-Based Architectures. Grade: 10 Location: Hyderabad Shift Time: 11am To 8pm / 12pm To 9pm IST Hybrid Model: Twice A Week Work From Office About S&P Global Ratings At S&P Global Ratings, our analyst-driven credit ratings, research, and sustainable finance opinions provide critical insights that are essential to translating complexity into clarity so market participants can uncover opportunities and make decisions with conviction. By bringing transparency to the market through high-quality independent opinions on creditworthiness, we enable growth across a wide variety of organizations, including businesses, governments, and institutions. S&P Global Ratings is a division of S&P Global (NYSE: SPGI). S&P Global is the world’s foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets. With every one of our offerings, we help many of the world’s leading organizations navigate the economic landscape so they can plan for tomorrow, today. For more information, visit www.spglobal.com/ratings What’s In It For You? Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body. Flexible Downtime: Generous time off helps keep you energized for your time on. Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills. Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference. For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. S&P Global has a Securities Disclosure and Trading Policy (“the Policy”) that seeks to mitigate conflicts of interest by monitoring and placing restrictions on personal securities holding and trading. The Policy is designed to promote compliance with global regulations. In some Divisions, pursuant to the Policy’s requirements, candidates at S&P Global may be asked to disclose securities holdings. Some roles may include a trading prohibition and remediation of positions when there is an effective or potential conflict of interest. Employment at S&P Global is contingent upon compliance with the Policy. - Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only: The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf - 20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.1 - Middle Professional Tier I (EEO Job Group) Job ID: 307720 Posted On: 2025-06-12 Location: Hyderabad, Telangana, India

Company Description TVS Credit Services Ltd. empowers Indians from various socio-economic backgrounds with timely and affordable credit, furthering financial inclusion across the nation. As part of the $8.5 billion TVS Group, the company offers financial products like two-wheeler, used car, three-wheeler, and tractor loans. These products are designed to support growth in India's small towns and rural areas. With an innovative entrepreneurial culture and initiatives like AIM and GURU, TVS Credit Services has won numerous awards and serves over 11 million customers, boasting a long-term CRISIL rating of AA (Stable). Role Description This is a full-time, on-site role located in Chennai for a Deputy Manager - Application Security. The Deputy Manager will be responsible for ensuring the security of applications by performing security assessments, managing security incidents, developing security standards, and collaborating with development teams to implement secure coding practices. Daily tasks include vulnerability assessments, threat modeling, risk assessments, and compliance monitoring. Qualifications Experience in Application Security, Security Assessments, and Vulnerability Assessments Knowledge of Secure Coding Practices, with hands on experience in Burp suite, Nessus and Postman API security testing VAPT - VA using nessus or related , PT - using Burpsuite/kalilinux Proficiency in Application Security and API security Strong Knowledge in SAST, SCA, DAST Familiarity with Security Standards and Frameworks (e.g., OWASP, NIST, ISO 27001) Strong analytical and problem-solving skills Excellent communication and collaboration abilities Ability to work independently and as part of a team Bachelor's degree in Computer Science, Information Security, or a related field Relevant certifications such as CISSP, CEH, or CISM are a plus Show more Show less

Job Overview: We are looking for an experienced and dynamic Freelance Cybersecurity Trainer to deliver high-quality training sessions to professionals and/or students. The ideal candidate will have a solid background in cybersecurity practices, hands-on industry experience, and a passion for teaching and mentoring. Key Responsibilities: Design, develop, and deliver cybersecurity training content (live sessions, workshops, online modules, etc.). Conduct sessions on topics such as network security, ethical hacking, threat analysis, incident response, risk management, and security compliance. Prepare hands-on labs, case studies, and real-world scenarios to enhance learner engagement. Customize training based on audience skill level (beginner to advanced). Evaluate learner progress through assessments, projects, and feedback. Stay up-to-date with industry trends, emerging threats, and latest tools/technologies. Provide mentorship and answer technical questions during and after sessions as needed. Requirements: Significant years of hands-on experience in cybersecurity roles. Proven experience in delivering training or workshops in-person. Proficiency with Cybersecurity tools such as Kali Linux, Metasploit, Wireshark, Nessus, etc. In-depth knowledge of information security principles, risk assessment, and regulatory frameworks (e.g., ISO 27001, NIST, GDPR). Excellent communication and presentation skills. Relevant certifications (e.g., CEH, CISSP, CompTIA Security+, OSCP) are highly desirable. Preferred Qualifications: Prior experience working with training companies or educational platforms. Ability to develop custom course materials and content. Flexibility to conduct sessions across different time zones if needed. Compensation: Competitive freelance/hourly rates (based on experience and course complexity). Show more Show less

Who We Are: Headquartered in Canada with locations across the United States and around the globe with a footprint on six continents, Bulletproof, a GLI company has decades of technology, security, and compliance expertise. Bulletproof’s work in the security space has been recognized nationally and globally with Microsoft’s global Security Partner of the Year in 2021 and five Microsoft Canada Impact Award wins from 2019 to present-day. At Bulletproof, our vision is to serve, secure, and empower the world through people and technology; one customer at a time. We believe everyone has the right to feel safe and secure. Our mission is to serve and protect organizations to ensure their success. What We Have To Offer Challenging Work - We love solving highly complex problems. Across our teams and in all roles, every employee is empowered to bring their best ideas forward and to jump in and solve the problems they're passionate about. Great People - We are stronger, together, when we are open, honest, and above all, real. Every person is valued here and plays an important role in our shared success. Global Impact - As a global team spanning continents, boundaries, and cultures, every day we are inspired by the impact our work has on our colleagues, our customers, our communities, and the world at large. Diversity, Equity and Inclusion - We celebrate each other’s differences, continuously strive for equality and recognize that inclusion makes us stronger as individuals, a company and a global citizen. What the Role Does… As a pentester, you will conduct security assessments by probing for and exploiting security vulnerabilities in web-based applications, networks and systems and finding ways to ensure that any risk to our client is mitigated. We highly prefer if you live in Noida (India) because you will need to be in the office. Duties and Responsibilities include, but are not limited to: Conducts security assessments that can be multi-faceted for a wide variety of assigned clients Defines the scope for security testing assignments Creates quality assurance security test reports and other documentation as needed Works with clients to develop appropriate remediation plans Provides clients with exceptional service in a professional, courteous and timely manner Provides technical support as a subject matter expert in the sale of security testing assignments on an as needed basis Provides thought leadership and direction for the Information Security practice on malware, attack vectors and methods to protect against threats Teams up with colleagues in other lines of services in support of client needs for Information Security services Stays up to date on current tools, technologies and vulnerabilities to incorporate into testing practices Other related duties as assigned Requirements: Degree in Computer Science, Information Systems, Engineering or related major from an accredited University or College Diploma equivalent Experience performing vulnerability assessments and/or penetration tests would be preferred Application and/or infrastructure penetration testing experience above and beyond running automated tools A good understanding of Linux, Windows and network security skills Excellent written and oral communication skills in English Ability to meet deadlines and deliver a high-quality product (reports) Strong attention to detail Ability to work both independently and in a team environment. Familiar with (if not qualified in) test suites such as: Nessus MetaSploit Burp Suite Kali NMap Fortify Acunetix Certifications - One or more of the following certifications are considered an asset: EC-Council Certified Ethical Hacker (CEH) EC-Council Licensed Penetration Tester (LPT) GIAC Certified Penetration Tester (CPEN) IACRB Certified Penetration Tester (CPT) Offensive Security Certified Professional (OSCP) CREST Registered Tester (CRT) CREST Infrastructure Certification CESG CHECK Team Leader CESG CHECK Team Member Tiger Scheme Senior Security Tester Tiger Scheme Qualified Security Tester Any other recognized penetration testing certification/accreditation The following skills are preferred but not required: PCI ASV CREST recognized penetration testing certification/accreditation (CREST Certified Tester (CCT) or CHECK Team Leader (CTL) Experience developing custom scripts or tools used for vulnerability scanning and identification Familiarity with threat modelling and security design review methodologies Support team technical development (e.g. through service development or research) and contribute to company technical processes overall Development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, or Java and/or Fortify, Veracode, Brakeman and/or IDA Pro Experience with physical security testing, phishing and social engineering techniques. Experience with mobile applications such as Android DeBug Bridge (ADS), OWASP ZAP, Drozer, Mobile Security Framework (MobSF), Smartphone Pentest Framework (SPF), Burp Suite, Android SDK, Friday, Cydia and/or IDB This job description should not be interpreted as all-inclusive; it is intended to identify major responsibilities and requirements of the job. The incumbent may be requested to perform other job-related task and responsibilities than those stated above. Equal Opportunity Statement Bulletproof is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Bulletproof is also committed to compliance with all fair employment practices regarding citizenship and immigration Show more Show less

Mizuho Global Services Pvt Ltd (MGS) is a subsidiary company of Mizuho Bank, Ltd, which is one of the largest banks or so called ‘Mega Banks’ of Japan. MGS was established in the year 2020 as part of Mizuho’s long-term strategy of creating a captive global processing center for remotely handling banking and IT related operations of Mizuho Bank’s domestic and overseas offices and Mizuho’s group companies across the globe. At Mizuho we are committed to a culture that is driven by ethical values and supports diversity in all its forms for its talent pool. Direction of MGS’s development is paved by its three key pillars, which are Mutual Respect, Discipline and Transparency, which are set as the baseline of every process and operation carried out at MGS. What’s in it for you? o Immense exposure and learning o Excellent career growth o Company of highly passionate leaders and mentors o Ability to build things from scratch Know more about MGS: https://www.mizuhogroup.com/asia-pacific/mizuho-global-services Walk-in drive in Mumbai Time : Between 3-5pm Date : 19-05-2025 to 23-05-2025 Relevant Skills and Experience for EDR Defender - - Project and delivery management experience 3+ years EDR administration (CrowdStrike Falcon, VMware Carbon Black, Palo Alto Network Cortex XDR, Microsoft Windows Defender, Cylance, Tanium etc.) - 3 + years of working with EDR tools performing requirements gathering, deployment, configuration, and conducting threat hunting. Relevant Skills and Experience for VAPT - • 5-7 years of experience in vulnerability assessment, penetration testing, or a related field. • Strong understanding of vulnerability management concepts, principles, and best practices. • Proficiency in using vulnerability assessment tools (e.g., Nessus, Tenable, Qualys). • Experience in conducting penetration testing using various methodologies (e.g., black box, gray box, white box). • Knowledge of common security threats, vulnerabilities, and attack vectors. • Experience with network and system security tools (e.g., firewalls, intrusion detection systems, antivirus). • Experience with scripting languages (e.g., Python, PowerShell). • Experience with cloud security (e.g., AWS, Azure, GCP). Relevant Skills and Experience for IAM - • 7-10 years of experience in IAM engineering or a related field. • Strong understanding of IAM concepts, principles, and best practices. •Experience with industry leading IAM solutions, such as SailPoint, Okta, Ping Identity, or ForgeRock. •Experience with scripting languages (e.g., Python, PowerShell). •Experience with cloud platforms (e.g., AWS, Azure, GCP). •Experience with directory services (e.g., Active Directory, LDAP). •Experience with security frameworks (e.g., NIST, ISO 27001). Relevant Experience FOR Splunk - · 7-10 years of experience in Splunk administration, engineering, or a related field. · Strong understanding of Splunk architecture, components, and workflows. · Experience with designing and implementing Splunk search processing orders (SPOs). · Experience with developing and optimizing Splunk dashboards, alerts, and reports. · Experience with integrating Splunk with other enterprise applications and systems. · Experience with data security and compliance best practices. · Experience with cloud platforms (e.g., AWS, Azure, GCP). Relevant Experience FOR ServiceNow - · 12+ years of experience in IT Service Management, with a strong focus on ServiceNow implementation. · Proven experience in leading teams and managing complex projects. · In-depth knowledge of ServiceNow modules and functionalities. · Experience with developing and optimizing ServiceNow dashboards, alerts, and reports. · Ability to communicate complex / technical issues to non-technical audiences · Proven track record of leading technical teams and managing managed services projects. Interested candidates can send resume on mgs.rec@mizuho-cb.com along with the below details. Current CTC Expected CTC NP Experience Current residential location Availability for F2F Address:Mizuho Global Services India Pvt. Ltd, 11th Floor, Q2 Building Aurum Q Park, Gen 4/1, Ttc, Thane Belapur Road, MIDC Industrial Area, Ghansoli, Navi Mumbai- 400710. Show more Show less

Eventus Security requires a Technical Manager - Cyber Resilience with strong understanding of cybersecurity practices, extensive experience in vulnerability assessment and penetration testing (VAPT), leadership skills to manage a team of security professionals, and the ability to identify, prioritize, and remediate critical vulnerabilities across an organization's systems and applications, ensuring compliance with security standards and regulations; key responsibilities would include leading VAPT projects, overseeing vulnerability scanning, managing penetration testing activities, generating detailed reports, and collaborating with stakeholders to implement security improvements. Job Title: Technical Manager - Cyber Resilience Experience: 7-15yrs Key Responsibilities: VAPT Strategy Development: · Define and implement a comprehensive VAPT strategy aligned with organizational security goals and compliance requirements. · Establish VAPT methodologies, standards, and best practices for conducting assessments. · Prioritize critical assets and systems for regular VAPT scans. Team Management : · Lead a team of VAPT analysts, penetration testers, and vulnerability assessors. · Assign tasks, monitor performance, and provide technical guidance to team members. · Develop and maintain team skills through training and certifications. · Vulnerability Assessment and Penetration Testing: · Conduct comprehensive vulnerability assessments across networks, systems, applications, and web services using automated tools and manual techniques. · Execute penetration testing engagements to identify exploitable vulnerabilities and assess potential security risks. · Analyze test results, prioritize vulnerabilities based on severity and impact, and generate detailed reports with actionable remediation recommendations. Risk Management: · Collaborate with security stakeholders to assess the risk associated with identified vulnerabilities. · Communicate security risks to relevant decision-makers and advocate for timely remediation. · Track remediation progress and ensure vulnerabilities are addressed effectively. Compliance Management: · Ensure VAPT activities align with industry standards and regulatory compliance requirements (e.g., PCI DSS, HIPAA, GDPR). · Maintain documentation and reporting to demonstrate compliance with security policies. Required Skills and Qualifications: Technical Expertise: · Deep understanding of network security concepts, protocols, and vulnerabilities. · Proficient in various VAPT tools and frameworks (e.g., Nessus, Burp Suite, Nmap, Metasploit). · Familiarity with web application security, OWASP Top 10, and secure coding practices Leadership Skills : · Proven ability to lead and mentor a team of security professionals. · Strong communication and presentation skills to effectively convey technical information to stakeholders. Analytical Skills: · Ability to analyze complex security issues, identify root causes, and prioritize remediation actions. · Critical thinking and problem-solving skills to evaluate potential security threats. Certifications: Relevant cybersecurity certifications such as CISSP, CISA, OSCP, CEH, or equivalent. Show more Show less

About Gruve Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks. Position Summary We are seeking a System Test Engineer with expertise in SaaS applications providing cybersecurity solution to join our dynamic team. The ideal candidate will play a critical role in testing, validating, and ensuring the reliability and security of our SaaS-based cyber security platform. This position requires strong analytical skills, hands-on experience with automation, and a deep understanding of cloud environments, networking protocols, firewalls and security frameworks. Key Responsibilities Design, develop, and execute system-level test plans, test cases, and automated test scripts for a SaaS-based cyber security platform. Validate end-to-end functionality, scalability, and performance of security applications integrated with external ITSM systems. Develop and maintain automation frameworks to streamline test execution and enhance test coverage. Conduct security, performance, and regression testing to identify vulnerabilities, bottlenecks, and reliability issues. Test and validate the functionality of agents that connect with the SaaS platform. Work closely with development, product management, and DevOps teams to troubleshoot issues and ensure high-quality product releases. Implement and execute API testing, system integration testing, and user acceptance testing. Participate in test strategy planning and provide feedback for continuous improvement of the test process. Required Skills & Qualifications A bachelor’s or master’s degree in computer science, electronics engineering or a related field 8-10 years of experience in system testing for SaaS applications and Cyber Security platforms. Strong knowledge of networking protocols (TCP/IP, HTTP/HTTPS, DNS, VPN, IPSec, TLS, etc.). Strong understanding of security concepts such as firewalls, IDS/IPS, zero-trust architecture, and cloud security controls. Hands-on experience with test automation tools (Selenium, Robot Framework, PyTest, etc.). Proficiency in scripting and automation using Python, Bash, or similar languages. Experience working with cloud platforms such as AWS, Azure, or Google Cloud. Familiarity with containerization and orchestration tools like Docker and Kubernetes. Experience with CI/CD pipelines and DevOps processes. Strong troubleshooting and debugging skills in distributed systems and cloud environments. Preferred Qualifications Knowledge of security frameworks such as SOC2, ISO 27001, and compliance standards. Experience with security testing tools such as Burp Suite, Nessus, Wireshark, or Metasploit. Familiarity with Infrastructure as Code (IaC) tools such as Terraform or Ansible. Certifications such as AWS Certified Security - Specialty, CCNA Security, CISSP, or CEH are a plus. Why Gruve At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you. Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted. Show more Show less

Introduction In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world. Your Role And Responsibilities Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Preferred Education Master's Degree Required Technical And Professional Expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding Practices: Knowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat Modelling: Ability to conduct threat modelling sessions to identify and mitigate security risks Preferred Technical And Professional Experience Vulnerability Assessment: Experience in conducting vulnerability assessments and penetration testing Application Security Testing: Experience with static and dynamic application security testing (SAST/DAST) tools. Security Tools: Proficiency in using security tools like Burp Suite, Nessus, or Fortify Show more Show less

Job Summary: We are seeking an experienced Cybersecurity Expert to join our team and lead efforts in IT infrastructure auditing, web application security assessments, and compliance readiness. The ideal candidate will possess deep expertise in cybersecurity best practices, hands-on experience in security audits, and hold certifications like CISA, CISSP, or CEH. Key Responsibilities: Perform IT infrastructure audits across network, server, and endpoint environments. Conduct website and web application security audits , including vulnerability assessments and penetration testing. Develop and implement security policies, procedures, and standards aligned with best practices. Assist in achieving and maintaining compliance with standards such as ISO 27001, PCI-DSS, and CERT-In guidelines. Identify risks and propose effective mitigation strategies . Prepare detailed audit reports , risk assessments, and recommendations. Work closely with IT teams to monitor, detect, and respond to cybersecurity incidents. Stay up to date with emerging threats, vulnerabilities, and regulatory requirements. Required Qualifications: Bachelor’s degree in Computer Science, Information Technology, or a related field. 3–6 years of experience in cybersecurity, IT audit, or security assessment. Hands-on experience with security tools like Nessus, Burp Suite, Nmap, Metasploit, Wireshark, etc. Familiarity with CERT-In audit requirements , VAPT, and SIEM tools. Strong understanding of firewalls, IDS/IPS, VPNs , and access control systems. Certifications (Must have any one or more): CISA (Certified Information Systems Auditor) CISSP (Certified Information Systems Security Professional) CEH (Certified Ethical Hacker) Preferred Skills: Knowledge of compliance frameworks (e.g., NIST, GDPR, HIPAA) Experience in cloud security (AWS, Azure) ISO 27001 implementation and auditing experience Strong analytical, communication, and documentation skills Job Types: Full-time, Permanent Pay: From ₹500,000.00 per year Schedule: Day shift Work Location: In person

Were looking for an experienced and strategic Cyber Security Engineer with 35 years of hands-on expertise in securing enterprise environments. The ideal candidate will be responsible for enhancing the organizations security posture by proactively identifying risks, implementing defense mechanisms, and driving compliance initiatives across systems, networks, and applications. Experience: 35 Years Location: Indore Job Type: Full-time Bond: 1 Year Key Responsibilities Design, implement, and maintain robust cybersecurity architectures and defense strategies. Lead vulnerability assessments, threat modeling, penetration testing, and risk mitigation. Monitor and manage SIEM systems to detect, analyze, and respond to threats in real-time. Collaborate with infrastructure, DevOps, and development teams to embed security across the SDLC. Define, update, and enforce security policies, SOPs, and incident response plans. Conduct periodic internal/external audits and coordinate compliance efforts (ISO 27001, GDPR, etc.). Investigate security breaches and generate detailed post-incident reports. Evaluate and recommend advanced tools and technologies for endpoint, network, and cloud security. Deliver cybersecurity awareness training to internal teams and stakeholders. Technical Skills Required Strong understanding of security frameworks (NIST, ISO 27001, CIS Controls). Deep knowledge of firewalls, VPNs, IDS/IPS, endpoint protection, and network monitoring tools. Hands-on with tools such as Wireshark, Metasploit, Nessus, Nmap, Burp Suite, and SIEM platforms like Splunk, ELK, or QRadar. Solid experience with cloud security (AWS, Azure, or GCP). Competency in scripting or automation using Python, PowerShell, or Bash. Familiarity with secure configuration management and patch management practices. Excellent analytical, documentation, and incident management skills. Show more Show less

Job Description Some careers shine brighter than others. If you’re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Vulnerability Assessments – Senior Consultant Specialist In this role, you will: Leading the review of all newly discovered vulnerabilities, to assess if the provided risk score is correctly reflecting the risk to HSBC. Monitoring external threat feeds to identify any newly reported external risks. Managing the review of assigned tickets, determining potential false positive and/ or mitigation on approaches, and providing expert guidance/ advice on remediation. Ensuring all patterns identified for remediation and/ or false positive identification, are clearly documented within the central tools and applied across the HSBC identified threat estate. Identify critical paths of operation and ensure that they are followed to provide the most streamlined and efficient method of operating. Leading and managing thematic reviews in order to drive and maintain systematic uplifts and enhancements to CSAT and wider inter-operational units that help protect the bank. Maintain operational documentation on what reports are available and how to access and utilise existing filters. Conduct holistic reviews of the overall baseline security posture. Clear accountability and ownership of the Vulnerability Assessment and Response key control indicators and key risk indicators. Contribute to and inform requests from Regulators, Internal/ External Audit, and 2LOD challenges/ Papers. Supporting the commentary for routine governance submissions e.g. Cybersecurity Executive Committee Monthly Update, Risk Map, KCIs, KRIs. Supporting Imminent threat review sessions, and deputising for the chair when required. Engaging with the Global Head of Vulnerability Management, and relevant team members to review and gain approval for submissions and ensure information requests are aligned with the group risk appetite providing the expected responses. Adhoc tasks as required, including support to CSAT operational activities, handling escalations and requests from any team or angle. Requirements To be successful in this role, you should meet the following requirements: The ability to understanding, apply, and improve elements of the Vulnerability Management Lifecycle. The ability to use multiple toolsets to convey information, obtain data, and make it meaningful to future plans. Lateral thinking and creative form to deploy expertise in the uplift of people skills, process identifications, and technological adjustments. The ability to recognise threats and risk, and act with insight to deliver a core part of the Cyber Security Operational model in HSBC. Multiple functions will come together to ensure the safety of the bank and the ability to continue business under any circumstances. Ability to produce clear and concise reports for targeted audiences across internal and external stakeholders. Understanding and experience in the practical application and execution of: Vulnerability scanning technologies and their application (e.g. Nessus, SAST/MAST/DAST (Checkmarx, Netsparker, Fortify, IBM AppScan, etc.), OWASP top10 and SANS top25 vulnerabilities and their mitigations Tenable.io, Security Center (or similar Vulnerability Scanning products), risk consolidation platforms). Vulnerability assessments, scoring and ratings and how they are applied. Patch Management. Business and architectural design, including controls analysis, process flows and data flows. Cyber security principles, global financial services business models, regional compliance regulations and laws. Cryptography, SSL/TLS, Encryption. MS Excel to interrogate large data sets. SharePoint, Microsoft Teams and Confluence. Excellent organisational, administrative, analytical, and problem-solving skills with the ability to work accurately and methodically whilst under pressure to meet deadlines. Instinctive and creative, with an ability to create and contribute to bespoke solutions. Flexible approach to shifting or competing priorities. Process orientated, outstanding organizational skills. Proven track record on delivering activities on time to a high standard. High level of integrity and strong ethical values. Pro-active, independent, collaborative team player with a positive attitude. Strong interpersonal skills with the ability to create and maintain relationships - Internal relationships extend to peers across other functions within IT and externally to HSBC global businesses, which include external relationships with vendors, typically audit, legal, and technology where the need arises. Experience of working in roles within Cyber Security Operations, Risk Management, and Governance, within a mid to large enterprise or equivalent organisation. Minimum of 8+ years’ experience in working in IT Security or similar role. Ability to work remotely. You’ll achieve more when you join HSBC. www.hsbc.com/careers HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. Issued by – HSBC Software Development India Show more Show less