1268 Nessus Jobs - Page 4

Key Responsibilities Conduct Security Audits: Perform regular security audits and vulnerability assessments on IT systems and network infrastructure to identify security loopholes and weaknesses. Remediate Vulnerabilities: Analyze scan results from tools like Tenable Nessus or Rapid7 InsightVM and work with IT teams to remediate identified security holes. System Hardening: Apply CIS Benchmarking to harden operating systems, servers, and network devices to reduce the attack surface. Penetration Testing: Conduct penetration tests using tools like Kali Linux and Metasploit to simulate attacks and validate the effectiveness of security controls. Forensic Analysis: Assist with digital forensic analysis and incident response using tools such as Wireshark to investigate security incidents and breaches. Policy & Compliance: Contribute to the development and enforcement of security policies and procedures in line with industry best practices and regulatory requirements. Required Qualifications Proven experience in a cybersecurity role with a focus on system hardening and vulnerability management. Strong knowledge of networking protocols, operating systems (Windows, Linux), and security principles. Hands-on experience with security tools such as vulnerability scanners, penetration testing frameworks, and intrusion detection systems. Familiarity with compliance frameworks like NIST or CIS. Excellent problem-solving skills and the ability to communicate technical issues to non-technical staff. Relevant certifications such as CompTIA Security+, CISSP, or OSCP are highly desirable.

Summary Job Description – Security Analyst We are looking for a skilled Security Analyst with expertise in application and network security. The candidate will be responsible for conducting DAST, SAST, and VAPT assessments to identify and remediate vulnerabilities across web, mobile, APIs, and infrastructure. The role involves working with multiple stakeholders, performing manual and automated testing, and ensuring the overall security posture of applications and networks. Role & Responsibilities Perform Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) for web and mobile applications. Conduct Vulnerability Assessment & Penetration Testing (VAPT) for applications, APIs, and networks. Identify, validate, and exploit security flaws including OWASP Top 10 and SANS 25 vulnerabilities. Perform network security assessments (firewalls, servers, cloud, configurations). Collaborate with development and IT teams to provide remediation guidance. Prepare detailed security reports with findings, risk ratings, and recommendations. Stay updated on latest threats, CVEs, and zero-day vulnerabilities. Support in secure SDLC and DevSecOps initiatives. Skills & Competencies Strong knowledge of application security, API security, and network security. Hands-on with tools like Burp Suite, OWASP ZAP, Nessus, OpenVAS, WPScan, Metasploit, Postman. Understanding of TLS/SSL, authentication, encryption, access controls, cloud security. Good analytical, reporting, and communication skills. Knowledge of compliance frameworks (ISO 27001, PCI-DSS, OWASP, CIS). Experience Required 1-3 years of experience in Application and Network Security (VAPT, DAST, SAST). Strong background in manual penetration testing is essential. Knowledge and experience in automated penetration testing are expected. Exposure to secure coding practices and remediation support. Certifications like CEH or equivalent is a prerequisite.

About The Role Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SailPoint IdentityIQ Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. A typical day involves collaborating with various teams to implement security measures, conducting risk assessments, and ensuring compliance with security policies. You will also engage in proactive monitoring of systems to identify vulnerabilities and respond to potential threats, all while maintaining a focus on safeguarding information and business processes against cyber threats. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Facilitate project planning and execution, ensuring alignment with organizational goals.- Mentor junior team members, providing guidance and support in their professional development. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityIQ.- Strong understanding of identity governance and administration.- Experience with security compliance frameworks and best practices.- Ability to analyze and troubleshoot security issues effectively.- Familiarity with project management methodologies and tools. Additional Information:- The candidate should have minimum 3 years of experience in SailPoint IdentityIQ.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Position: VAPT Engineer Reporting to: Platform Lead Infrastructure Security Employment Type : Employee - Full Time Work Location: Guwahati Key Focus area : Infrastructure Penetration Tester Employment Type : Employee - Full Time Work Location: Guwahati Key Responsibilities : Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility. Identifying and maintaining Key metrics and SLA on Infrastructure Security. Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems. Thorough experience in configurations reviews against CIS benchmarks and security standards. Ensure all Hardening and Patching activities are conducted and tracked as per defined policies. Create/Update hardening documents and build audit file for automated testing. Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations. Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings. Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments. Safeguarding information, infrastructures, applications, and business processes against cyber threats. Proactively create, share, and read reports as part of the penetration testing activities. Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation. Qualification and Work Experience Qualification : BE / BTech (Similar Education Background) Work experience : 7-15 Years 7+ years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems. Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc. The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng. Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications) Preferred: Script writing skills (Python/Ruby/bash/PowerShell). Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS. Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms. Expertise in performing grey box/Black box testing. Experience devising methods to automate testing activities and streamline testing processes. Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises. Competencies /Expertise Required (Functional & Behavioral) Systematic strong analytical thinking and problem-solving skills. Excellent in analytical thinking for translating data into informative visuals and reports. Adaptable to change. Quick Learner Open learn and work on new technologies and products If you're interested, please share below mention details for the same. Preferred Location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Email ID: ashwini.chakor@ril.com

About The Role Skill required: Tech for Operations - Security Governance Designation: Security Delivery Associate Manager Qualifications: BE/Master of Engineering Years of Experience: 10 to 14 years About Accenture Accenture is a global professional services company with leading capabilities in digital, cloud and security.Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities.Visit us at www.accenture.com What would you do? You will be part of the Technology for Operations team that acts as a trusted advisor and partner to Accenture Operations. The team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. We work closely with the sales, offering and delivery teams to identify and build innovative solutions.The Tech For Operations (TFO) team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. Works closely with the sales, offering and delivery teams to identify and build innovative solutions. Major sub deals include AHO(Application Hosting Operations), ISMT (Infrastructure Management), Intelligent AutomationA process of establishing and maintaining a security governance framework. Support management structure and processes to provide assurance that information security strategies are aligned with and support business objectives are consistent with applicable laws and regulations through adherence to policies and internal controls, and provide assignment of responsibility, metrics, reporting all in an effort to manage the risk and compliance requirements. What are we looking for? Commitment to qualityExperience in research and developmentNegotiation skillsProblem-solving skillsRisk managementThe role demands Indepth knowledge in application security area. Candidate should have hands on experience in SAST, DAST, Penetration testing. DevSecOps and Software composition analysis are other areas where the candidate should have experience in.The role also demands capability of scripting using Python and other related required knowledge of database and networking.Certifications like CISSP, CCSP, CISM, CEH, ECSA etc. will be added advantage. Roles and Responsibilities: In this role you are required to do analysis and solving of moderately complex problems Typically creates new solutions, leveraging and, where needed, adapting existing methods and procedures The person requires understanding of the strategic direction set by senior management as it relates to team goals Primary upward interaction is with direct supervisor or team leads Generally interacts with peers and/or management levels at a client and/or within Accenture The person should require minimal guidance when determining methods and procedures on new assignments Decisions often impact the team in which they reside and occasionally impact other teams Individual would manage medium-small sized teams and/or work efforts (if in an individual contributor role) at a client or within Accenture Please note that this role may require you to work in rotational shifts Qualification BE,Master of Engineering

Job Title: Cybersecurity & Ethical Hacking Specialist Experience: 3-5 Years Location: Hyderabad Employment Type: Full-time Job Summary: We are seeking a skilled Cybersecurity & Ethical Hacking Specialist with 35 years of experience in securing systems, applications, and cloud environments. The ideal candidate will have strong expertise in ethical hacking, penetration testing, and familiarity with cloud security practices across platforms like AWS, Azure, or GCP. Key Responsibilities: Perform penetration testing and ethical hacking across on-premise and cloud infrastructure Identify, analyze, and report security vulnerabilities and risks Conduct security assessments and compliance audits Collaborate with DevOps and engineering teams to remediate issues and implement secure solutions Monitor for threats, support incident response, and improve security monitoring Ensure security best practices across public cloud platforms (AWS, Azure, GCP) Maintain technical documentation and present findings to stakeholders Requirements: 3–5 years of experience in cybersecurity and ethical hacking. Hands-on experience with penetration testing tools (Burp Suite, Metasploit, Nmap, Nessus, etc.) Good understanding of cloud security principles (IAM, encryption, VPCs, security groups, etc.) Familiarity with AWS, Azure, or GCP cloud environments Knowledge of OWASP Top 10, network protocols, and secure application development Scripting skills in Python, Bash, or PowerShell Excellent problem-solving, analytical, and communication skills Bachelor’s degree in Computer Science, Cybersecurity, or related field

Position: VAPT Engineer Reporting to: Platform Lead Infrastructure Security Employment Type: Employee - Full Time Work Location: Guwahati Key Focus area: Infrastructure Penetration Tester Key Responsibilities: Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility. Identifying and maintaining Key metrics and SLA on Infrastructure Security. Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems. Thorough experience in configurations reviews against CIS benchmarks and security standards. Ensure all Hardening and Patching activities are conducted and tracked as per defined policies. Create/Update hardening documents and build audit file for automated testing. Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations. Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings. Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments. Safeguarding information, infrastructures, applications, and business processes against cyber threats. Proactively create, share, and read reports as part of the penetration testing activities. Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation. Qualification and Work Experience Qualification: BE / BTech (Similar Education Background) Work experience: 7-15 Years 7+ years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems. Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion. Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc. The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng. Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications) Preferred: Script writing skills (Python/Ruby/bash/PowerShell). Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS. Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms. Expertise in performing grey box/Black box testing. Experience devising methods to automate testing activities and streamline testing processes. Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises. Competencies / Expertise Required (Functional & Behavioral) Systematic strong analytical thinking and problem-solving skills. Excellent in analytical thinking for translating data into informative visuals and reports. Adaptable to change. Quick Learner Open learn and work on new technologies and products. If you're interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Regards, Ashwini Chakor

Position: VAPT Engineer Reporting to: Platform Lead Infrastructure Security Employment Type : Employee - Full Time Work Location: Guwahati Key Focus area : Infrastructure Penetration Tester Employment Type : Employee - Full Time Work Location: Guwahati Key Responsibilities : Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility. Identifying and maintaining Key metrics and SLA on Infrastructure Security. Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems. Thorough experience in configurations reviews against CIS benchmarks and security standards. Ensure all Hardening and Patching activities are conducted and tracked as per defined policies. Create/Update hardening documents and build audit file for automated testing. Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations. Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings. Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments. Safeguarding information, infrastructures, applications, and business processes against cyber threats. Proactively create, share, and read reports as part of the penetration testing activities. Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation. Qualification and Work Experience Qualification : BE / BTech (Similar Education Background) Work experience : 7-15 Years 7+ years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems. Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc. The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng. Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications) Preferred: Script writing skills (Python/Ruby/bash/PowerShell). Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS. Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms. Expertise in performing grey box/Black box testing. Experience devising methods to automate testing activities and streamline testing processes. Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises. Competencies /Expertise Required (Functional & Behavioral) Systematic strong analytical thinking and problem-solving skills. Excellent in analytical thinking for translating data into informative visuals and reports. Adaptable to change. Quick Learner Open learn and work on new technologies and products If you're interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Regards, Ashwini Chakor

About the Role: Grade Level (for internal use): 10 The Team Security Testing Team in the Quality Engineering space plays a crucial role in safeguarding business operations by identifying vulnerabilities and ensuring robust protection against cyber threats. Through meticulous testing practices, we enhance the security posture of applications, thereby reducing the risk of data breaches and financial loss. By integrating security measures early in the development lifecycle, the team helps streamline processes, minimize disruptions, and ultimately contribute to greater business efficiency and resilience. S&P Global Ratings is the worlds leading provider of independent credit ratings. Our ratings are essential to driving growth, providing transparency, and helping educate market participants so they can make decisions with confidence. We have more than one million credit ratings outstanding on government, corporate, financial sector and structured finance entities and securities. We offer an independent view of the market built on a unique combination of broad perspective and local insight. We provide our opinions and research about relative credit risk; market participants gain independent information to help support the growth of transparent, liquid debt markets worldwide. What is in it for you Serve as a highly technical security expert to bring security transformation to both new and legacy applications in quality engineering space. Using a wide range of cutting-edge technology to innovate while testing. An ever-challenging environment to hone your existing skills in Security Testing, Automation, Python Programming, Bash scripting etc. Being a part of an organization which values Culture of Urgency and Shift Left approaches. Gain the opportunity to apply your strategic thinking alongside technical skills to safeguard our systems defending against emerging cyber threats. A plenty of skill building, knowledge sharing, and innovation opportunities. Building a fulfilling career with a global financial technology company. Responsibilities This role will involve designing and executing security tests, identify vulnerabilities, and drive remediation strategies while collaborating with cross-functional teams in an Agile environment. Understand the applications security requirements and identify & document the scope of the test. Develop and maintain security testing automation using tools like Burp Suite, ZAP, or similar tools. Integrate security testing into CI/CD pipelines. Automate processes and workflows using Python to minimize manual work. Collaborate with development, QE, and DevOps teams to investigate security incidents, perform root cause analysis, and validate security fixes. Oversee results and logs to analyze, prioritize, and initiate remediation for findings identified by security tools during SAST, DAST, SCA, artifact scanning, container scanning, etc... Prepare detailed reports summarizing test results, logs, findings, and recommendations for strengthening overall security of an application. Create and track security metrics, KPIs, and KRIs to measure operational effectiveness. Prepare comprehensive reports for senior management on security performance and strategic initiatives. Work independently, providing recommendations, and leading the accomplishments of the tasks from inception to completion. Demonstrate outstanding flexibility and leadership with proper communication of security testing result interpretation and explanation to audience. Participate in Daily Stand-up Calls, works closely with the Agile Manager to know the deliverables and commitments of each release. Actively taking part in resolving critical security issues and coming up with solutions to mitigate the same. Basic Qualifications Bachelor's or masters degree in Electronics and Communication, Computer Science, Cybersecurity, or related fields. 6 to 9 years of IT experience with relevant professional experience of Minimum 4 years in the field of Cyber Security Testing. Should have strong hands-on experience in security testing, penetration testing, and vulnerability assessment. Strong experience in web, API, and cloud security testing. Clear understanding of security vulnerabilities, exploits, and mitigation techniques Strong grasp of the OWASP Top 10 vulnerabilities and effective mitigation strategies. Hands-on experience with security testing tools such as Burp Suite, OWASP ZAP, Wireshark, Nessus, OpenSSL and Crypto validation tools. Proficiency in SAST/DAST tools and security frameworks like OWASP Top 10, CIS Benchmarks, and CVSS. Hands-on experience with Selenium, Pytest, and RestAssured API Testing using Python. Strong hands-on experience with scripting and programming languages including Python, PowerShell, Bash for security tasks. Familiarity with RESTful APIs, webhooks, and integration of third-party security tools and services via automation. Knowledge of DevSecOps practices and integrating security in CI/CD pipelines. Self-motivated and driven to stay updated with the latest security trends, technologies, and best practices, maintain high level of accuracy in security assessments. Ability to analyze and communicate complex cybersecurity and technical challenges to technical and non-technical users, leaders, and stakeholders. Experience collaborating with cross functional global and remote teams with diverse backgrounds. Should be able to work under a competitive time frame and deliver. Should be a very fast learner and have the excellent problem-solving ability. Should have excellent written and verbal communication skills. Nice to have Skills: Security Certifications like CISSP, CEH, CISM, OSCP or CompTIA Security+ shall be having the preference. Hands-On experience in building AI-powered security tools, chatbots, and agent-driven automation pipelines. Knowledge on Agentic AI frameworks, LLMs, and orchestration libraries like LangChain, crewAI or RAG-based architectures. Grade10 LocationHyderabad Shift time11am to 8pm / 12pm to 9pm IST Hybrid Modeltwice a week work from office About S&P Global Ratings At S&P Global Ratings, our analyst-driven credit ratings, research, and sustainable finance opinions provide critical insights that are essential to translating complexity into clarity so market participants can uncover opportunities and make decisions with conviction. By bringing transparency to the market through high-quality independent opinions on creditworthiness, we enable growth across a wide variety of organizations, including businesses, governments, and institutions. S&P Global Ratings is a division of S&P Global (NYSESPGI). S&P Global is the worlds foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets. With every one of our offerings, we help many of the worlds leading organizations navigate the economic landscape so they can plan for tomorrow, today.For more information, visit www.spglobal.com/ratings Whats In It For You Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technologythe right combination can unlock possibility and change the world.Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals. Benefits: We take care of you, so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global. Health & WellnessHealth care coverage designed for the mind and body. Continuous LearningAccess a wealth of resources to grow your career and learn valuable new skills. Invest in Your FutureSecure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs. Family Friendly PerksIts not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families. Beyond the BasicsFrom retail discounts to referral incentive awardssmall perks can make a big difference. For more information on benefits by country visithttps://spgbenefits.com/benefit-summaries Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. S&P Global has a Securities Disclosure and Trading Policy (the Policy) that seeks to mitigate conflicts of interest by monitoring and placing restrictions on personal securities holding and trading. The Policy is designed to promote compliance with global regulations. In some Divisions, pursuant to the Policys requirements, candidates at S&P Global may be asked to disclose securities holdings. Some roles may include a trading prohibition and remediation of positions when there is an effective or potential conflict of interest. Employment at S&P Global is contingent upon compliance with the Policy. ---- Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person. US Candidates Only The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf ----

Job Description Summary This role offers an exciting opportunity to lead the development of groundbreaking Transmission and Distribution applications on the innovative, cloud-native GridOS Platform, driving technological advancement in energy management. By spearheading organizational and architectural transformations in HTC, you will play a pivotal role in enhancing global energy infrastructure, fostering sustainable practices, and addressing climate challenges. Join us in shaping the future of energy distribution and making a meaningful impact on both technological evolution and environmental stewardship. Technology Responsibilities: Develop a scalable, pioneering Transmission & Distribution application using the cloud-native GridOS Platform. Oversee all aspects of Transmission & Distribution, including managing legacy commitments, executing GridOS, and guiding architecture and organizational transformation. Establish an L5 team with defined boundaries to optimize investment, focus, and outcomes. Collaborate with external and internal partners to enhance production and infrastructure engineering capabilities. Lead organizational transformation projects. People Responsibilities: Build and lead high-performance, Agile-centric teams dedicated to mission-critical applications. Develop and manage globally balanced teams with a high degree of autonomy. Process Responsibilities: Promote lean practices and continuous improvement initiatives across Distribution. Expand the organization using Agile/SAFe methodologies and foster cross-functional collaboration. Implement security by design and quality by design principles throughout the organization. Job Description Strategic Impact Modernize EMS & ADMS build the new GridOS based EMS/ADMS application that is NOT a parity application, but an industry leading one Accelerate Transformation organizational transformation including accelerated scaling of BCR Improve Effectiveness less waste and higher productivity out of engineering organization Increase Quality scalable architecture and process designs to have a non-linear shift in product quality Problem Solving Understands the interaction of multiple functions/groups and how they operate together to achieve the business objectives. Learn new technology developments quickly and identify new and innovative methods to address technical challenges, reduce cost, improve quality & safety of our products. Scale the organization by reducing variance of application services & ease of deployment working with partners Drive economic sense for a product which is derived by net-new, migrations, and serving T2 markets Business Expertise Deep understanding of open-source technologies, platform economy, cloud, scalable data technologies, mission-critical platforms, cyber engineering and application of AI/ GenAI in the Grid industry Strong understanding of the utility industry and/or operational technology landscape in an adjacent industry to pace the transformation Experience modernizing windows applications Leadership Develops and leads global teams in a matrixed organization structure Leader of leaders with experience driving transformation, upskilling and change management

Role & responsibilities Assist in monitoring and analyzing network traffic for suspicious activity. Support in identifying, investigating, and responding to security incidents. Learn and contribute to vulnerability assessment and penetration testing activities. Support the implementation and management of firewalls, antivirus, SIEM, and other security tools. Assist in developing and updating security policies, procedures, and documentation. Stay updated with the latest cyber threats, attack techniques, and security trends. Work with IT teams to ensure secure system configurations and patch management.

Job Title: - Presales Engineer Job Description : Qualysec is seeking a Pre-Sales Engineer to join our growing team. The ideal candidate will act as a key technical advisor during the sales process, helping clients understand and choose the right cybersecurity solutions. You will work closely with the sales and technical teams to deliver customized proposals and ensure a seamless transition from pre-sales to project execution. This role is perfect for someone with a passion for cybersecurity, strong communication skills, and the ability to translate technical concepts into business value. Qualification : - Bachelor's Degree in a related Cybersecurity/IT/Computer Science field. Experience : - 2+ Years in Cybersecurity Pre-Sales Location : - Bhubaneswar Job Type : - Full Time Responsibilities · Collaborate with the sales team to understand customer requirements and create technical solutions · Conduct technical presentations. · Assist in preparing proposals, RFP/RFI responses, and project estimations · Explain VAPT methodology, tools, and report deliverables to both technical and non-technical stakeholders · Liaise with technical teams (e.g., Penetration Testers to ensure smooth knowledge transfer post-sales · Conduct gap analysis and suggest appropriate services (Web, Mobile, API, Network, Cloud VAPT etc.) · Support proof-of-concept (PoC) setups for clients as required · Stay updated with the latest cybersecurity trends and tools Skills Required Strong understanding of cybersecurity concepts, especially VAPT Familiarity with tools like Burp Suite, Nessus, Nmap, Metasploit, OWASP Top 10 Excellent communication and presentation skills Ability to simplify technical information for non-technical stakeholders Good documentation and proposal writing skills Self-driven and client-oriented attitude Excellent written and verbal communication skills, with the ability to clearly document and communicate findings and recommendations. Prior experience in a Pre-Sales / Technical Consultant role in a cybersecurity firm is highly desirable. Benefits: · Competitive salary, great perks, and a work culture that’s as fun as it is rewarding. · On-time Salary · Paid time off and holidays. · Leave encashment · Provident Fund · Plenty of room to experiment, innovate, and grow. About Us: Qualysec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services. Our tailored solutions help businesses proactively defend against evolving cyber threats. With over four years of experience, we take pride in having served more than 150 clients across 21 countries—a testament to our commitment to quality and resilience. Our dynamic work environment and employee-focused culture drive our continuous growth and success. Job Type: Full-time Benefits: Food provided Leave encashment Paid sick time Paid time off Provident Fund Work Location: In person

About the role: We are seeking a hands-on Security & Compliance Lead to own and execute end-to-end security audits and compliance initiatives across applications, infrastructure, and organizational processes. This role ensures systems, applications, and business operations are secure, compliant, and aligned with both internal policies and regulatory requirements (e.g., RBI, ISO 27001, SOC 2 Type II). Responsibilities: Conduct technical assessments (e.g., VRA, security checklists) required by new BFSI clients. Analyse and complete detailed cloud infrastructure security and compliance questionnaires. Assist in mapping customer security and regulatory requirements (e.g., ISO 27001, RBI, SOC 2 type II) to internal controls. Maintain documentation and templates for commonly requested BFSI assessment artifacts. Manage and complete security questionnaires from clients, vendors, and partners. Evaluate vendor security and compliance by reviewing their responses and supporting documentation. Identify security risks within the company’s IT infrastructure, applications and services. Ensure compliance with security standards such as ISO 27001, GDPR, SOC 2, or any other relevant frameworks. Work with internal teams to maintain compliance with legal and regulatory requirements. Collaborate with the IT security, legal, and procurement teams to address concerns identified in the security assessments. Develop and maintain internal security policies and procedures related to vendor assessments and third-party risk management. Prepare detailed reports summarizing findings from security assessments and risk analysis. Provide recommendations to improve security measures and compliance. Educate internal staff and external partners about security best practices and compliance requirements Support pre-sales and onboarding teams with timely delivery of assessment documentation. Stay updated with AWS best practices, shared responsibility model, and emerging cloud security trends. Good to Have: Bachelor’s degree in computer science, Information Security, Data Science, or a related field 5+ years of experience working with Audit/compliance, application security assessments, AWS cloud security preferably BFSI domain 2+ yrs. of experience on AWS cloud security and risk assessments. Strong exposure to AWS cloud infrastructure (Guard Duty, security hub, inspector, Firewall, IAM, EC2, VPC, S3, Security Groups, etc.). Familiarity with secure coding practices, vulnerability management, and threat modelling. Experience with VRA templates, cloud security checklists, and assessment responses for enterprise or regulated clients. Familiarity with information security standards such as ISO 27001, SOC 2, RBI cybersecurity framework. Strong understanding of data protection, encryptions methodologies Ability to interpret and explain security configurations and policies in layman's terms. Experience with security controls, vulnerability scanning tools (e.g., Nessus, wire shark), or SIEM. Exposure with security tools such as network firewall, IPS/IDS is plus

About Northern Trust: Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service. Role Summary We're looking for a Lead UNIX Engineer who brings traditional platform depth along with modern engineering practices. You'll help lead the design, deployment, and lifecycle of mission-critical UNIX platforms (Solaris, AIX, RHEL, Ubuntu) and services, while contributing to DevOps tooling, Git-driven workflows, hybrid cloud strategies with an automation mindset. This is a key role in a high-trust team that powers secure, compliant infrastructure for a global financial institution. Expect deep technical challenges, high visibility, and opportunities to influence platform direction. Key Responsibilities Core UNIX Engineering & Support Design, secure, build, and maintain resilient UNIX environments across Solaris (10/11 with Zones, LDOMs), AIX 7.x (VIOS, NPIV), Ubuntu, and RHEL 5-10 (on physical, virtual, and hybrid platforms). Own OS lifecycle strategy: patching, upgrades, security baselines, and hardware refresh planning. Maintain HA solutions (Pacemaker, VCS, HACMP, RH Cluster Suite) and performance-tuned enterprise systems. DevOps, SRE & Automation Embrace an SRE mindset: treat infrastructure as code, prioritize availability and observability, and automate toil. Automate provisioning, compliance checks, and config enforcement using Ansible, AAP, AWX, CFEngine, and scripting (bash/ksh/Python). Use GitHub for source control, peer-reviewed automation pipelines, change tracking, and documentation versioning. Contribute to CI/CD workflows for infrastructure as code deployments, and integrate with enterprise tools like ServiceNow, Jenkins, or GitHub Actions. Security Ensure UNIX systems are hardened and compliant with security frameworks (e.g., CIS Benchmarks, NIST, FFIEC, ISO 27001). Manage OS-level security policies including firewall rules, kernel parameters, selinux policies and secure configurations. Integrate host systems with PAM, LDAP, and CyberArk, Conjur for identity and privileged access management. Support audit, forensic, and security event investigations in coordination with InfoSec teams. Regularly review and remediate security vulnerabilities identified by Qualys, Nessus, or other scanning tools. Contribute to incident response planning, patching SLAs, and compliance reporting. Design and maintain logging, audit trails, and syslog/SIEM integrations (Splunk, QRadar, etc.). Authentication, Authorization, and Directory Services Integrate UNIX systems with enterprise identity management platforms using LDAP, RHDS, Kerberos, PAM, and SSSD. Implement and enforce secure access controls, sudo policies, and RBAC schemes. Collaborate with IAM and InfoSec teams on audit readiness, access provisioning, and PAM integrations. Monitoring, Reliability & Incident Response Integrate systems with monitoring tools like Dynatrace, vROps, and custom health scripts. Support alerting, auto-remediation, and telemetry for performance and availability. Participate in on-call rotations, DR testing, and RCA for high-impact incidents. Hybrid Cloud & Platform Modernization Support UNIX workloads running on VMware (vSphere/vSAN/vXrail) and prepare platforms for future cloud integration. Assist with cloud-readiness assessments, infrastructure modernization efforts, and immutable infrastructure adoption. Collaborate with Cloud, DevOps, and Cybersecurity teams on secure hybrid operating models. Documentation & Governance Maintain robust documentation in Confluence: HLD, LLD, SOPs, DR plans, build guides, access policies, GitHub repositories, and architectural decisions. Ensure all platforms and automation meet compliance standards (CIS, FFIEC, SOX, ISO 27001). Lead or contribute to engineering design reviews, change boards, and audit remediation efforts. Required Skills And Experience Technical Requirements 10+ years in UNIX engineering across Solaris, AIX, RHEL and Ubuntu, with deep expertise in large enterprise environments. Strong understanding of centralized authentication/authorization using LDAP, Kerberos, PAM, SSSD, RHDS, and Active Directory integration. Proficiency in shell scripting (bash, ksh, sh); strong familiarity with Python, and Ansible. Hands-on experience with tools like: Red Hat Satellite, CFEngine, PowerVC, LVM/VxVM Pacemaker, Veritas Cluster, HACMP, or equivalent HA stacks GitHub for version control and collaboration Cohesity, NetBackup, CyberArk VMware vSphere ecosystem (vCenter, ESXi, vSAN, vXrail) Skills in config management and config drift Perl experience beneficial Experience with Dynatrace DevOps/SRE Practices Experience with infrastructure-as-code principles, Git-driven config management, and CI/CD pipelines leveraging GitHub Actions and Ansible / AWX Familiarity with automated validation, monitoring, logging, and alerting frameworks. Passion for automating operations tasks, reducing technical debt, and building sustainable systems. Soft Skills Proactive, detail-oriented, and comfortable in fast-moving, audit-heavy environments Diligent with ability to cross check / robust validation of outcomes and results Excellent communication, documentation, and cross-team collaboration and contribution skills Ability to mentor junior engineers and lead by example in engineering practices and professionalism. Preferred Qualifications Experience in financial services or other highly regulated sectors Exposure to hybrid cloud operations, containerization (e.g., Podman, Docker, Tanzu), or cloud-native UNIX alternatives. Familiarity with enterprise CI/CD tooling (Jenkins, GitHub Actions, ServiceNow integration). Certifications (preferred but not required): RHCE, IBM AIX Advanced, Solaris Certified, Ansible Automation ITIL Foundation, Security+, or relevant cloud certifications (e.g., AWS SysOps) Work Conditions & Availability Business-hours role with rotating on-call and scheduled change windows (nights/weekends). Participation in BCP/DR exercises, audit cycles, and cross-region platform support is expected. Working with Us: As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater Reasonable accommodation Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com . We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater. About Our Pune Office The Northern Trust Pune office, established in 2016, is now home to over 3,000 employees. The office handles various functions, including Operations for Asset Servicing and Wealth Management, as well as delivering critical technology solutions that support business operations across the globe. Our Pune team takes our commitment to service to heart. In 2024, they volunteered more than 10,000+ hours into the communities where they live and work. Learn more.

About the role: We are seeking a hands-on Security & Compliance Lead to own and execute end-to-end security audits and compliance initiatives across applications, infrastructure, and organizational processes. This role ensures systems, applications, and business operations are secure, compliant, and aligned with both internal policies and regulatory requirements (e.g., RBI, ISO 27001, SOC 2 Type II). Responsibilities: Conduct technical assessments (e.g., VRA, security checklists) required by new BFSI clients. Analyse and complete detailed cloud infrastructure security and compliance questionnaires. Assist in mapping customer security and regulatory requirements (e.g., ISO 27001, RBI, SOC 2 type II) to internal controls. Maintain documentation and templates for commonly requested BFSI assessment artifacts. Manage and complete security questionnaires from clients, vendors, and partners. Evaluate vendor security and compliance by reviewing their responses and supporting documentation. Identify security risks within the company’s IT infrastructure, applications and services. Ensure compliance with security standards such as ISO 27001, GDPR, SOC 2, or any other relevant frameworks. Work with internal teams to maintain compliance with legal and regulatory requirements. Collaborate with the IT security, legal, and procurement teams to address concerns identified in the security assessments. Develop and maintain internal security policies and procedures related to vendor assessments and third-party risk management. Prepare detailed reports summarizing findings from security assessments and risk analysis. Provide recommendations to improve security measures and compliance. Educate internal staff and external partners about security best practices and compliance requirements Support pre-sales and onboarding teams with timely delivery of assessment documentation. Stay updated with AWS best practices, shared responsibility model, and emerging cloud security trends. Good to Have: Bachelor’s degree in computer science, Information Security, Data Science, or a related field 5+ years of experience working with Audit/compliance, application security assessments, AWS cloud security preferably BFSI domain 2+ yrs. of experience on AWS cloud security and risk assessments. Strong exposure to AWS cloud infrastructure (Guard Duty, security hub, inspector, Firewall, IAM, EC2, VPC, S3, Security Groups, etc.). Familiarity with secure coding practices, vulnerability management, and threat modelling. Experience with VRA templates, cloud security checklists, and assessment responses for enterprise or regulated clients. Familiarity with information security standards such as ISO 27001, SOC 2, RBI cybersecurity framework. Strong understanding of data protection, encryptions methodologies Ability to interpret and explain security configurations and policies in layman's terms. Experience with security controls, vulnerability scanning tools (e.g., Nessus, wire shark), or SIEM. Exposure with security tools such as network firewall, IPS/IDS is plus

Company Description At Next Mantra Solution Private Limited, we are dedicated to empowering businesses through innovative IT services and strategic consulting. With a passion for technology and a commitment to excellence, we provide tailored solutions that drive growth, efficiency, and digital transformation. Our team of experts is committed to delivering cutting-edge technology solutions to help our clients achieve their business goals. Role Description This is a full-time on-site role for a Cyber Security VAPT Tester, located in Gurugram. The Cyber Security VAPT Tester will be responsible for conducting vulnerability assessments and penetration testing (VAPT), identifying security weaknesses, and recommending security improvements. The role includes preparing detailed reports, collaborating with development and IT teams to fix vulnerabilities, and staying up-to-date with the latest security threats and trends. Relevant Experience into Application Security Testing and Web Application Testing. Experience - 1-4 Years Qualifications Strong understanding of vulnerability assessment and penetration testing methodologies and tools such as Nessus, Metasploit, and Burp Suite Strong understanding on Application Security Testing and Web Application Testing Experience with various operating systems, particularly Windows and Linux Familiarity with network protocols and security technologies such as firewalls, intrusion detection/prevention systems, and VPNs Proficiency in scripting languages such as Python, Bash, or PowerShell Strong analytical and problem-solving skills Excellent written and verbal communication skills Bachelor's degree in Computer Science, Information Security, or a related field Consulting Background is good to have. Immediate Joiners Preferred.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning penetration testing activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities: Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses. Conduct penetration testing, vulnerability assessments, and security audits. Develop and execute test plans, scripts, and scenarios to simulate real-world attacks. Perform infrastructure penetration testing, including SSH and network devices. Collaborate with development and operations teams to remediate identified vulnerabilities. Provide detailed reports on findings, including risk assessments and recommendations for mitigation. Stay up to date with the latest security trends, tools, and techniques. Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: Qualifications: Bachelor&aposs degree in Computer Science, Information Security, or a related field. Proven experience in security testing, penetration testing, and vulnerability assessments. Strong knowledge of web application security, API security, and infrastructure security. Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc). Excellent problem-solving skills and attention to detail. Strong communication skills, both written and verbal. Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus. Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools. Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP). Experience with On-Premises Cloud Infrastructure Pentesting. Knowledge of secure coding practices and code review. Understanding of network security and protocols. Ability to work independently and as part of a team. Additional Information: - The candidate should have minimum 3 years of experience in Security Penetration Testing. - This position is based at our Bengaluru office. - A 15 years full time education is required. Show more Show less

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning penetration testing activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities: Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses. Conduct penetration testing, vulnerability assessments, and security audits. Develop and execute test plans, scripts, and scenarios to simulate real-world attacks. Perform infrastructure penetration testing, including SSH and network devices. Collaborate with development and operations teams to remediate identified vulnerabilities. Provide detailed reports on findings, including risk assessments and recommendations for mitigation. Stay up to date with the latest security trends, tools, and techniques. Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: Qualifications: Bachelor&aposs degree in Computer Science, Information Security, or a related field. Proven experience in security testing, penetration testing, and vulnerability assessments. Strong knowledge of web application security, API security, and infrastructure security. Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc). Excellent problem-solving skills and attention to detail. Strong communication skills, both written and verbal. Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus. Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools. Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP). Experience with On-Premises Cloud Infrastructure Pentesting. Knowledge of secure coding practices and code review. Understanding of network security and protocols. Ability to work independently and as part of a team. Additional Information: - The candidate should have minimum 5 years of experience in Security Penetration Testing. - This position is based at our Bengaluru office. - A 15 years full time education is required. Show more Show less

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning penetration testing activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities: Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses. Conduct penetration testing, vulnerability assessments, and security audits. Develop and execute test plans, scripts, and scenarios to simulate real-world attacks. Perform infrastructure penetration testing, including SSH and network devices. Collaborate with development and operations teams to remediate identified vulnerabilities. Provide detailed reports on findings, including risk assessments and recommendations for mitigation. Stay up to date with the latest security trends, tools, and techniques. Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: Qualifications: Bachelor&aposs degree in Computer Science, Information Security, or a related field. Proven experience in security testing, penetration testing, and vulnerability assessments. Strong knowledge of web application security, API security, and infrastructure security. Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc). Excellent problem-solving skills and attention to detail. Strong communication skills, both written and verbal. Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus. Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools. Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP). Experience with On-Premises Cloud Infrastructure Pentesting. Knowledge of secure coding practices and code review. Understanding of network security and protocols. Ability to work independently and as part of a team. Additional Information: - The candidate should have minimum 5 years of experience in Security Penetration Testing. - This position is based at our Bengaluru office. - A 15 years full time education is required. Show more Show less

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning penetration testing activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities: Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses. Conduct penetration testing, vulnerability assessments, and security audits. Develop and execute test plans, scripts, and scenarios to simulate real-world attacks. Perform infrastructure penetration testing, including SSH and network devices. Collaborate with development and operations teams to remediate identified vulnerabilities. Provide detailed reports on findings, including risk assessments and recommendations for mitigation. Stay up to date with the latest security trends, tools, and techniques. Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: Qualifications: Bachelor&aposs degree in Computer Science, Information Security, or a related field. Proven experience in security testing, penetration testing, and vulnerability assessments. Strong knowledge of web application security, API security, and infrastructure security. Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc). Excellent problem-solving skills and attention to detail. Strong communication skills, both written and verbal. Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus. Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools. Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP). Experience with On-Premises Cloud Infrastructure Pentesting. Knowledge of secure coding practices and code review. Understanding of network security and protocols. Ability to work independently and as part of a team. Additional Information: - The candidate should have minimum 5 years of experience in Security Penetration Testing. - This position is based at our Bengaluru office. - A 15 years full time education is required. Show more Show less

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning penetration testing activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities: Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses. Conduct penetration testing, vulnerability assessments, and security audits. Develop and execute test plans, scripts, and scenarios to simulate real-world attacks. Perform infrastructure penetration testing, including SSH and network devices. Collaborate with development and operations teams to remediate identified vulnerabilities. Provide detailed reports on findings, including risk assessments and recommendations for mitigation. Stay up to date with the latest security trends, tools, and techniques. Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: Qualifications: Bachelor&aposs degree in Computer Science, Information Security, or a related field. Proven experience in security testing, penetration testing, and vulnerability assessments. Strong knowledge of web application security, API security, and infrastructure security. Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc). Excellent problem-solving skills and attention to detail. Strong communication skills, both written and verbal. Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus. Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools. Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP). Experience with On-Premises Cloud Infrastructure Pentesting. Knowledge of secure coding practices and code review. Understanding of network security and protocols. Ability to work independently and as part of a team. Additional Information: - The candidate should have minimum 5 years of experience in Security Penetration Testing. - This position is based at our Bengaluru office. - A 15 years full time education is required. Show more Show less

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning penetration testing activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities: Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses. Conduct penetration testing, vulnerability assessments, and security audits. Develop and execute test plans, scripts, and scenarios to simulate real-world attacks. Perform infrastructure penetration testing, including SSH and network devices. Collaborate with development and operations teams to remediate identified vulnerabilities. Provide detailed reports on findings, including risk assessments and recommendations for mitigation. Stay up to date with the latest security trends, tools, and techniques. Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: Qualifications: Bachelor&aposs degree in Computer Science, Information Security, or a related field. Proven experience in security testing, penetration testing, and vulnerability assessments. Strong knowledge of web application security, API security, and infrastructure security. Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc). Excellent problem-solving skills and attention to detail. Strong communication skills, both written and verbal. Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus. Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools. Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP). Experience with On-Premises Cloud Infrastructure Pentesting. Knowledge of secure coding practices and code review. Understanding of network security and protocols. Ability to work independently and as part of a team. Additional Information: - The candidate should have minimum 3 years of experience in Security Penetration Testing. - This position is based at our Bengaluru office. - A 15 years full time education is required. Show more Show less

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 3 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: As a Security Architect, you will design and implement comprehensive testing strategies to assess the security posture of web applications, APIs, and infrastructure. Your day-to-day responsibilities will involve working closely with cross-functional teams to identify potential vulnerabilities, document findings, and ensure that robust security controls are in place. You will play a critical role in aligning penetration testing activities with organizational goals, making certain that all identified risks are addressed effectively and that best practices in security testing are consistently applied. Roles & Responsibilities: Perform security testing on web applications, APIs, and infrastructure to identify vulnerabilities and weaknesses. Conduct penetration testing, vulnerability assessments, and security audits. Develop and execute test plans, scripts, and scenarios to simulate real-world attacks. Perform infrastructure penetration testing, including SSH and network devices. Collaborate with development and operations teams to remediate identified vulnerabilities. Provide detailed reports on findings, including risk assessments and recommendations for mitigation. Stay up to date with the latest security trends, tools, and techniques. Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: Qualifications: Bachelor&aposs degree in Computer Science, Information Security, or a related field. Proven experience in security testing, penetration testing, and vulnerability assessments. Strong knowledge of web application security, API security, and infrastructure security. Familiarity with common security tools and frameworks (e.g., OWASP, Burp Suite, Metasploit, Nessus, Kali Linux, Qualys, Wireshark, Nmap, etc). Excellent problem-solving skills and attention to detail. Strong communication skills, both written and verbal. Relevant offensive security certifications (e.g., OSCP, OSCE, eJPT, CRTP) are a plus. Knowledge about scripting languages such as Python, Bash, or PowerShell for automating tasks and developing custom security tools. Preferred Skills: Experience with cloud pentesting (e.g., On-Premises, AWS, Azure, GCP). Experience with On-Premises Cloud Infrastructure Pentesting. Knowledge of secure coding practices and code review. Understanding of network security and protocols. Ability to work independently and as part of a team. Additional Information: - The candidate should have minimum 3 years of experience in Security Penetration Testing. - This position is based at our Bengaluru office. - A 15 years full time education is required. Show more Show less

About the Role Join us in building an autonomous penetration testing platform that simulates real-world adversaries. You'll develop exploit chains, 0-day discovery systems, and evasive payloads that help organizations understand their security posture for cyber insurance and compliance. What You'll Build Exploit Automation : Multi-stage attack chains from initial access to data exfiltration 0-Day Discovery : Intelligent fuzzing infrastructure and vulnerability research systems Evasion Techniques : Polymorphic payloads that bypass modern EDR/AV solutions Cloud Attacks : AWS/Azure/GCP exploitation modules and container escapes Custom C2 : Covert communication channels and post-exploitation frameworks Reporting Engine : Auto-generate compliance-ready pentest reports Technical Skills Required Languages : Python (expert), C/C++, Go/Rust, Assembly basics Web Exploitation : OWASP Top 10 (SQLi, XSS, SSRF, Deserialization, SSTI) Binary Exploitation : Buffer overflows, ROP chains, heap exploitation Tools : Metasploit, Burp Suite, Cobalt Strike, IDA/Ghidra Cloud Security : AWS/Azure misconfigs, Docker/K8s attacks Evasion : AV bypass, sandbox detection, AMSI/ETW patching Must-Have Credentials HackTheBox : Minimum Pro Hacker rank (50+ owns) - include profile link CTF Experience : Active participation (picoCTF, DEF CON quals, GoogleCTF) GitHub Portfolio : Security tools, exploit development, CTF writeups Proven Skills : CVEs, bug bounties, or published exploits are a huge plus Preferred Qualifications TryHackMe Top 5% or PortSwigger Academy completion OSCP/OSWE in progress or completed pwnable.kr, ROP Emporium, or Nightmare challenges Personal security research blog or YouTube channel Contributed to open-source security tools Interview Process Portfolio Review : GitHub + HackTheBox profile assessment Take-Home Challenge : Design an attack chain for given scenario assignment Red Flags We Avoid Only used automated scanners Can't code beyond basic scripts No hands-on exploitation experience Ethical flexibility Green Flags We Love Built your own tools Linux nut Discovered real vulnerabilities Active security community contributor Why This Role? This isn't a typical security internship running Nessus scans. You'll build the platform that makes traditional pentesting obsolete. Your code will simulate real attackers, helping protect thousands of organizations. We need someone who sees a login page and thinks "SQLi, NoSQLi, LDAP injection, or mass assignment?" Someone who gets excited about bypassing protections, not just finding vulns.

About the role: We are seeking a hands-on Security & Compliance Lead to own and execute end-to-end security audits and compliance initiatives across applications, infrastructure, and organizational processes. This role ensures systems, applications, and business operations are secure, compliant, and aligned with both internal policies and regulatory requirements (e.g., RBI, ISO 27001, SOC 2 Type II). Responsibilities: Conduct technical assessments (e.g., VRA, security checklists) required by new BFSI clients. Analyse and complete detailed cloud infrastructure security and compliance questionnaires. Assist in mapping customer security and regulatory requirements (e.g., ISO 27001, RBI, SOC 2 type II) to internal controls. Maintain documentation and templates for commonly requested BFSI assessment artifacts. Manage and complete security questionnaires from clients, vendors, and partners. Evaluate vendor security and compliance by reviewing their responses and supporting documentation. Identify security risks within the company’s IT infrastructure, applications and services. Ensure compliance with security standards such as ISO 27001, GDPR, SOC 2, or any other relevant frameworks. Work with internal teams to maintain compliance with legal and regulatory requirements. Collaborate with the IT security, legal, and procurement teams to address concerns identified in the security assessments. Develop and maintain internal security policies and procedures related to vendor assessments and third-party risk management. Prepare detailed reports summarizing findings from security assessments and risk analysis. Provide recommendations to improve security measures and compliance. Educate internal staff and external partners about security best practices and compliance requirements Support pre-sales and onboarding teams with timely delivery of assessment documentation. Stay updated with AWS best practices, shared responsibility model, and emerging cloud security trends. Good to Have: Bachelor’s degree in computer science, Information Security, Data Science, or a related field 5+ years of experience working with Audit/compliance, application security assessments, AWS cloud security preferably BFSI domain 2+ yrs. of experience on AWS cloud security and risk assessments. Strong exposure to AWS cloud infrastructure (Guard Duty, security hub, inspector, Firewall, IAM, EC2, VPC, S3, Security Groups, etc.). Familiarity with secure coding practices, vulnerability management, and threat modelling. Experience with VRA templates, cloud security checklists, and assessment responses for enterprise or regulated clients. Familiarity with information security standards such as ISO 27001, SOC 2, RBI cybersecurity framework. Strong understanding of data protection, encryptions methodologies Ability to interpret and explain security configurations and policies in layman's terms. Experience with security controls, vulnerability scanning tools (e.g., Nessus, wire shark), or SIEM. Exposure with security tools such as network firewall, IPS/IDS is plus