507 Nmap Jobs

This role has positions based out of Noida, Mumbai, Bangalore and Pune; candidates may be considered for either location based on the interview process. Responsibilities: Application Security Testing/Penetration Testing (Web-based, Thick client, web services, Mobile Android & IOS, Network PT) API Testing Security defect Tracking and working closely with Developers to fix the issue Strong experience with the following tools – Burp Suite, Wireshark, Nmap, Metasploit, Checkmarx/Fortify, and Nessus. Excellent English communication skills (verbal and written) Requirements: CEH/ OSCP/ OSCE and ISCP certification and 3+ years of work experience in VAPT Why You'll Enjoy Working at Kratikal: Get the fast learning and exciting environment of a startup, combined with the stable work and strong performance of a bigger company. There's lots of room to learn, grow, and share your ideas. We also provide good benefits like health insurance, a gratuity payment, and Employees' Provident Fund (a savings plan for your future). We are an equal opportunity employer, where everyone has a fair chance. About Us: Kratikal Tech Private Limited is a leading B2B cybersecurity firm offering cutting-edge cybersecurity solutions and services such as Network Security Audits, Compliance Implementation, IoT Security, and VAPT. Serving over 150+ enterprise customers and 1825+ SMEs across industries, including E-commerce, Fintech, BFSI, NBFC, Telecom, Consumer Internet, Cloud Service Platforms, Manufacturing, and Healthcare, Kratikal is dedicated to helping organizations combat cybercriminals using advanced, technology-driven cybersecurity solutions. The company also develops in-house cybersecurity products, including AutoSecT , competing with industry giants, alongside TSAT (Threatcop Security Awareness Training), TDMARC (Threatcop DMARC), TLMS (Threatcop Learning Management System), and TPIR (Threatcop Phishing Incident Response). These products have received numerous awards and recognitions for their innovation and effectiveness. Kratikal has been honored as the Top Cyber Security Startup at the 12th Top 100 CISO Awards. With a global reach, Kratikal collaborates with renowned organizations to secure their digital landscapes. For more information, visit our websites at www.kratikal.com and www.threatcop.com.

Position: Freelance White Hat Ethical Hacker (CEH Certified) Company: Akku Cybersecurity Solutions Pvt. Ltd. Location: Remote (India preferred) Engagement: Freelance / On-Demand (with potential to scale to Retainer or Full-Time) About Akku: Akku is a cybersecurity product suite offering IAM, PAM, IGA, endpoint security, and MDM capabilities, designed to address the most common enterprise security and compliance requirements in a unified platform. To help our clients strengthen their overall security posture, we are building a network of experts to conduct authorized white hat penetration testing and VAPT assessments and offer actionable remediation strategies mapped to how Akku can address identified vulnerabilities. Role Overview: We are looking for a freelance, CEH-certified white hat hacker who can work with us on an on-demand basis to conduct VAPT assessments for client environments (with prior consent and NDA). The role involves identifying vulnerabilities, preparing professional reports, and collaborating with the Akku team on recommended solutions. Key Responsibilities: Perform authorized VAPT and ethical hacking assessments for client systems (cloud, on-prem, hybrid). Identify and document vulnerabilities, misconfigurations, and weaknesses in infrastructure, applications, or identity/access setups. Produce detailed, structured vulnerability assessment reports , including risk levels and recommended remediations. Collaborate with the Akku team to map remediation steps to product features for solution-oriented delivery to clients. Maintain compliance with ethical hacking standards, NDA obligations, and responsible disclosure practices. Stay current with emerging threats, exploit techniques, and security tools. Required Qualifications: CEH (Certified Ethical Hacker) certification is mandatory. Additional certifications (e.g. OSCP, eJPT, CompTIA PenTest+) are a plus. Hands-on experience conducting VAPT assessments for web apps, cloud environments, endpoints, and identity systems. Familiarity with tools such as Burp Suite, Nmap, Metasploit, Nessus, Nikto, Wireshark, etc. Strong ability to draft client-facing reports that balance technical depth with executive-level clarity. Understanding of IAM, PAM, and access governance is highly desirable. High integrity and professionalism in handling sensitive environments and confidential data. Bug bounty experience (e.g., HackerOne, Bugcrowd, Synack) is a strong plus. Engagement Model: On-Demand Basis : You will be brought in for specific client engagements post-NDA and approval. Remote : Work from anywhere, but India time zone availability is preferred. Scale-up Opportunity : If the need grows and there’s mutual interest, we are open to moving to a retainer or full-time role .

Job Description: About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it. About the Job: As part of the AT&T Governance Enforcement, Assessment and Testing, Third Party Risk, and Emerging Technology Cyber Organization (GATE), you will lead and support the Assessment and Testing Team by designing and executing Red team engagements to simulate advanced attack scenarios, identify vulnerabilities, and assess security measures. In this role, you will lead and participate in sophisticated Red Team exercises aimed at uncovering vulnerabilities across our networks, systems, applications, and processes. As an innovative thinker, you will go beyond standard vulnerability assessments, developing and utilizing unique tools and techniques to identify and exploit security gaps. Your primary responsibilities will involve conducting comprehensive Red Team exercises to identify vulnerabilities in diverse environments such as cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks, and IoT devices and systems. You will design and develop custom tools and methodologies to enhance our security testing capabilities and employ creative tactics to uncover weaknesses, including poor user practices and weak security methods. Working collaboratively with other Red Team members and Security Analysts, you will identify and exploit security issues, characterize cyber-attack vectors, and discover related vulnerabilities, providing actionable recommendations for remediation. In addition, you will be required to stay abreast of the latest vulnerabilities and exploit techniques, continuously adapting your tools and methodologies to address emerging threats and evolving security landscapes. Your role will also involve documenting and communicating security findings in both written and verbal formats, using your insights to inform management, drive security strategies, notify affected customers, and advise network operations and other business units on security issues and recommended solutions. Experience Level: 12+ years. Location: Hyderabad Responsibilities Include: Performing formal and informal targeted “Hunts” to identify vulnerabilities. Actively building and participating in Red Team exercises. Design and execute red team engagements, simulating advanced attack scenarios to identify vulnerabilities and assess the effectiveness of security measures. Conduct penetration tests on networks, applications, and physical security controls. Employing tactics to uncover security holes in user practices and procedures. Develop and execute red team strategies and methodologies to uncover potential security gaps. Analyze and report on findings from red team exercises, including detailed recommendations for remediation. Providing feedback and verification as security issues are fixed. Stay current with the latest security threats, attack techniques, and industry trends. Communicate complex security concepts to both technical and non-technical stakeholders. Collaborate with other security teams to improve overall security practices and incident response capabilities. Be proactive and demonstrate the ability to analyze issues, generate ideas, and initiate action while achieving results. Effectively manages multiple tasks / projects with close attention to detail and meets short turnarounds and deadlines. Collaborate with leadership teams, provide subject matter expertise and insights. Support and guide team members in providing high-quality and actionable intelligence products / deliverables. Support, guide and mentor team members in technical and functional matters The expert in this role will perform analysis of complex security issues and corresponding activities to help mitigate risk. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats and attacks, and enhancing our mitigation techniques, processes, and technology solutions. Required skills: At least 12+ years of experience in penetration testing and red team operations. Expert level understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate. Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits. Expert knowledge of attack vectors, exploitation techniques, and vulnerability assessment methodologies. Experience with industry-standard penetration testing tools and frameworks. Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.) Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, PowerShell, curl, Web application development (PHP, ASP.NET, etc.) Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment. Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively in teams of individuals with a variety of skills and backgrounds. Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials. Highly self-motivated requiring little direction. Demonstrates creative/out-of-the-box thinking and good problem-solving skills. Demonstrates strong ethical behavior. Sense of urgency and attention to detail Flexible to provide coverage in US morning hours on a need-basis, and as required Desirable skills: Strong knowledge of an enterprise architecture Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols. Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. Understanding of cloud-based architectures and highly distributed big data architectures Experience with application security testing tools, such as the Metasploit framework and Burp Suite One or more of these certifications CEH: Certified Ethical Hacker CPT: Certified Penetration Tester CEPT: Certified Expert Penetration Tester GPEN: GIAC Certified Penetration Tester OSCP: Offensive Security Certified Professional BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field Prior experience with Telecom sector. Additional information (if any): Need to be flexible to provide coverage in US morning hours. Weekly Hours: 40 Time Type: Regular Location: IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.

Job Description: About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future-you’ll create it. About the Job: As part of the AT&T Governance Enforcement, Assessment and Testing, Third Party Risk, and Emerging Technology Cyber Organization (GATE), you will lead and support the Assessment and Testing Team by designing and executing Red team engagements to simulate advanced attack scenarios, identify vulnerabilities, and assess security measures. In this role, you will lead and participate in sophisticated Red Team exercises aimed at uncovering vulnerabilities across our networks, systems, applications, and processes. As an innovative thinker, you will go beyond standard vulnerability assessments, developing and utilizing unique tools and techniques to identify and exploit security gaps. Your primary responsibilities will involve conducting comprehensive Red Team exercises to identify vulnerabilities in diverse environments such as cloud-hosted and web-based applications, API interfaces, databases, big data environments, networks, computer systems, mobile applications, Software Defined Networks, and IoT devices and systems. You will design and develop custom tools and methodologies to enhance our security testing capabilities and employ creative tactics to uncover weaknesses, including poor user practices and weak security methods. Working collaboratively with other Red Team members and Security Analysts, you will identify and exploit security issues, characterize cyber-attack vectors, and discover related vulnerabilities, providing actionable recommendations for remediation. In addition, you will be required to stay abreast of the latest vulnerabilities and exploit techniques, continuously adapting your tools and methodologies to address emerging threats and evolving security landscapes. Your role will also involve documenting and communicating security findings in both written and verbal formats, using your insights to inform management, drive security strategies, notify affected customers, and advise network operations and other business units on security issues and recommended solutions. Experience Level: 12+ years. Location: Hyderabad Responsibilities Include: Performing formal and informal targeted “Hunts” to identify vulnerabilities. Actively building and participating in Red Team exercises. Design and execute red team engagements, simulating advanced attack scenarios to identify vulnerabilities and assess the effectiveness of security measures. Conduct penetration tests on networks, applications, and physical security controls. Employing tactics to uncover security holes in user practices and procedures. Develop and execute red team strategies and methodologies to uncover potential security gaps. Analyze and report on findings from red team exercises, including detailed recommendations for remediation. Providing feedback and verification as security issues are fixed. Stay current with the latest security threats, attack techniques, and industry trends. Communicate complex security concepts to both technical and non-technical stakeholders. Collaborate with other security teams to improve overall security practices and incident response capabilities. Be proactive and demonstrate the ability to analyze issues, generate ideas, and initiate action while achieving results. Effectively manages multiple tasks / projects with close attention to detail and meets short turnarounds and deadlines. Collaborate with leadership teams, provide subject matter expertise and insights. Support and guide team members in providing high-quality and actionable intelligence products / deliverables. Support, guide and mentor team members in technical and functional matters The expert in this role will perform analysis of complex security issues and corresponding activities to help mitigate risk. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats and attacks, and enhancing our mitigation techniques, processes, and technology solutions. Required skills: At least 12+ years of experience in penetration testing and red team operations. Expert level understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate. Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits. Expert knowledge of attack vectors, exploitation techniques, and vulnerability assessment methodologies. Experience with industry-standard penetration testing tools and frameworks. Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.) Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, PowerShell, curl, Web application development (PHP, ASP.NET, etc.) Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment. Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively in teams of individuals with a variety of skills and backgrounds. Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials. Highly self-motivated requiring little direction. Demonstrates creative/out-of-the-box thinking and good problem-solving skills. Demonstrates strong ethical behavior. Sense of urgency and attention to detail Flexible to provide coverage in US morning hours on a need-basis, and as required Desirable skills: Strong knowledge of an enterprise architecture Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols. Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. Understanding of cloud-based architectures and highly distributed big data architectures Experience with application security testing tools, such as the Metasploit framework and Burp Suite One or more of these certifications CEH: Certified Ethical Hacker CPT: Certified Penetration Tester CEPT: Certified Expert Penetration Tester GPEN: GIAC Certified Penetration Tester OSCP: Offensive Security Certified Professional BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field Prior experience with Telecom sector. Additional information (if any): Need to be flexible to provide coverage in US morning hours. Weekly Hours: 40 Time Type: Regular Location: IND:AP:Hyderabad / Argus Bldg 4f & 5f, Sattva, Knowledge City- Adm: Argus Building, Sattva, Knowledge City It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.

• Hands-on experience with testing frameworks in line with Web App, Mobile, Web Services/APIs, Network & blockchain. Experience in both commercial and open source tools like: Burp Professional, Nmap, Kali, Metasploit, etc. Experience with Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. Experience in preparing a security threat model and associated test plans. Experience in translating the complex security threats to simpler procedures for web application developers, systems administrators, and management to understand security testing results. In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) is preferred. Knowledge of current information security threats

As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients" systems and networks. This position offers an exciting opportunity to work on challenging projects, collaborate with talented professionals, and contribute to the advancement of cybersecurity practices. You will perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) for clients" IT infrastructure, applications, and networks. Conduct thorough security assessments using industry-standard tools and methodologies, including but not limited to, Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Identify and exploit security vulnerabilities to assess the potential impact on clients" systems and data. Prepare detailed assessment reports outlining findings, risk levels, and recommended remediation measures. Collaborate with clients" IT teams to prioritize and address identified security issues in a timely manner. Develop and implement custom scripts or tools to enhance testing capabilities and automate repetitive tasks. Stay abreast of emerging security threats, vulnerabilities, and industry best practices to continually improve testing methodologies. Provide guidance and mentorship to junior security engineers, fostering a culture of knowledge sharing and skill development within the team. Requirements: - Bachelor's degree in Computer Science, Information Technology, or related field. - 2+ years of experience in cybersecurity, with a focus on Vulnerability Assessment and Penetration Testing. - Proficiency in using tools such as Nmap, Nessus, Metasploit, Burp Suite, and OWASP. - Hands-on experience with various operating systems, including Windows, Linux, and Unix. - Strong understanding of network protocols, web application architecture, and common security vulnerabilities. - Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar certifications preferred. - Excellent analytical skills and attention to detail, with the ability to prioritize and manage multiple tasks effectively. - Effective communication skills, both verbal and written, with the ability to convey technical concepts to non-technical stakeholders. - Proven track record of delivering high-quality security assessments and actionable recommendations.,

As a Staff Security Engineer at Loco, you will play a crucial role in developing the company's security strategy, enhancing threat visibility, and proactively hunting for adversaries. Your primary responsibilities will include analyzing security signals, devising innovative techniques to detect and mitigate threats, and collaborating with security researchers to validate and implement findings into real-world detection rules and playbooks. You will be tasked with building and optimizing security tools to detect and prevent malicious activities, analyzing threat feeds, IOCs, and TTPs to stay ahead of emerging threats, and integrating intelligence into security operations. Additionally, you will be expected to automate threat detection workflows using Python, Golang, or cloud-based automation tools and participate in industry working groups and standards initiatives such as the Cloud Security Alliance. To qualify for this role, you should have 10-12 years of experience in security engineering, with a focus on application and infrastructure security in AWS, Azure, or GCP environments. You should also possess 3-5 years of experience in protocol-level debugging using tools like Wireshark, tcpdump, nmap, netcat, mitmproxy, and censorship-resistant tunnels like Shadowsocks, WireGuard, and V2Ray. A deep understanding of Threat Modeling, Certificate Management, and Deep Packet Inspection techniques is essential, along with a strong grasp of TLS, DNS, Network protocols, and Proxy protocols like SOCKS5 and TLS Tunneling. Proficiency in Python 3.7 or above is a must. Candidates with relevant certifications such as GWAPT, OffSec's Advanced Web Attacks and Exploitation (WEB-300), a strong understanding of SSO protocols like OIDC, OAuth 2.0, and SAML, and active participation in security meetups, conferences, and bug bounty programs will be given bonus points. Join Loco and contribute your expertise to the dynamic field of security engineering under the guidance of Abin Chandra.,

Company Overview: Leading with our core values of Quality, Integrity, and Opportunity, MedInsight is one of the healthcare industry’s most trusted solutions for healthcare intelligence. Our company purpose is to empower easy, data-driven decision-making on important healthcare questions. Through our products, education, and services, MedInsight is making an impact on healthcare by helping to drive better outcomes for patients while reducing waste. Over 300 leading healthcare organizations have come to rely on MedInsight analytic solutions for healthcare cost and care management. MedInsight has been ranked #1 for Payer Quality Analytics by clients for the last three years in the Best in KLAS report. MedInsight is a subsidiary of Milliman; a global, employee-owned consultancy providing actuarial consulting, retirement funding and healthcare financing, enterprise risk management and regulatory compliance, data analytics and business transformation as well as a range of other consulting and technology solutions. Position Summary: As a Penetration Tester, you will play a vital role in safeguarding our information systems by proactively identifying and mitigating security vulnerabilities. Working under the guidance of senior security professionals, you will assess the effectiveness of our cybersecurity infrastructure through simulated attacks and vulnerability assessments. This role offers the opportunity to build hands-on experience while contributing to the design and implementation of secure systems and processes. Key Responsibilities: Conduct penetration tests on networks, web and mobile applications, APIs, and cloud environments to identify security vulnerabilities and risks. Support security architects in assessing potential weaknesses in system designs and contribute to defining secure architecture and infrastructure requirements. Identify and exploit vulnerabilities in applications and infrastructure to simulate real-world cyber threats. Facilitate and coordinate vulnerability assessments and scans, review assessment results, and oversee remediation activities for network and infrastructure devices. Document and communicate findings clearly, translating technical risk into business risk for non-technical stakeholders. Participate in educating users and new employees on security best practices, policies, and procedures. Research and stay current on emerging cybersecurity threats, attack methods, and industry best practices. Recommend improvements to enhance system security and align with internal standards and regulatory requirements. Ensure testing activities and remediation efforts align with compliance standards and privacy laws (e.g., OWASP, NIST, ISO 27001). Collaborate with senior team members to provide technical guidance and support for security initiatives. May assist in reviewing third-party security controls, especially for cloud services. Qualifications: Minimum 4 years of experience in Application Security and Penetration Testing across networks, web/mobile apps, APIs, and cloud environments to identify vulnerabilities and risks. Familiarity with penetration testing methodologies, tools (e.g., Burp Suite, Nmap, Metasploit), and scripting languages (e.g., Python, Bash, PowerShell). Basic understanding of networking protocols, web technologies, and operating systems. Exposure to cybersecurity frameworks such as OWASP Top 10, NIST, or CIS Controls. Strong problem-solving skills, attention to detail, and ability to work as part of a team. Willingness to learn and grow within a structured, closely supervised environment. Preferred Experience: Experience related to ethical hacking or vulnerability assessments. One (or more) relevant certifications, or ability to pass exam: GPEN, GWAPT, OSCP CTF experience (HackTheBox, VulnHub, OverTheWire, etc) Educational Requirements Bachelor’s degree in computer science, Information Security, or related field or equivalent work experience. What makes this a great opportunity? Join an innovative, high growth company with a solid industry track record Bring your expertise and ideas to directly impact and help build the next generation of MedInsight products and solutions Enjoy significant visibility in your work and be recognized for your wins Work for a company that values your wellbeing and professional growth, offering a flexible work environment, generous benefits package, and investment in the development of your career Milliman Benefits: We offer competitive benefits which include the following based on plan eligibility: Supportive work culture focused on continuous learning, growth, and team collaboration Exposure to international teams and projects for broader professional experience Flexible working hours with hybrid/remote options to support work-life balance Annual health check-ups and employee wellness programs for a healthier lifestyle Employee Assistance Program (EAP) offering confidential mental health support Paid time off including vacation, sick leave, and recognized public holidays

Only Immediate Joiner- Within 8-10 days 5+ Years Rotational Shift Hyderabad, IND (ONSITE) Job Responsibilities: • Conducting and coordinating comprehensive Attack Surface Discovery, Penetration tests and Cloud on system and network levels, employing advanced ethical hacking techniques. • Application Penetration Testing (Browser-based, API, Mobile, IoT) • Threat Modeling • Source Code Review • Perform penetration testing on web applications and APIs (internal and external) to identify, assess, and report on vulnerabilities in their applications. • Perform red team exercises to determine where weaknesses in the client’s infrastructure and how it should be remediated. • Organizing and delivering technical security operational briefings for both technical and non technical audiences. • Set scope, objectives, and timelines for penetration testing engagements and leverage data to create useful metrics. • Dynamic application security testing (DAST) scans on the identified targets without credentials. • Perform credentialed DAST scans on known client URLs. • Conduct research to identify new attack vectors. • Review and provide feedback for all Security Artifacts. • Play a critical role in building an AppSec program that has a wide scope and impact. • Researching Open source emerging technologies, developing required frameworks and capabilities to perform red team exercises on new technologies adopted by clients. • Preparing and delivering clear, accurate, and concise written and oral technical reports for management. Job specifications: 1. Qualification: • Bachelor’s degree in Engineering or closely related coursework in technology development disciplines • Certifications like OSCP, CEH, OSCE, OSWE, GPEN, GCIH, GWAPT, or GXPN are desirable 2. Experience: • Total Experience – 4+ years 3. Desired Skills: Knowledge and Experience: • Offensive Security Certified Professional (OSCP) and/or Offensive Security Certified Expert (OSCE). • A thorough understanding of the Secure Development Life Cycle • Have comprehensive knowledge of common vulnerabilities (e.g., OWASP Top 10), diverse application attack vectors, security testing processes, and both wired and wireless network security protocols. • Have familiarity with common threat tactics and tools (Nmap, Metasploit, Kali Linux, Burp Suite Pro, CobaltStrike, App detective, Web Inspect, etc.). • Cloud Service penetration testing tradecraft and methodologies across one or more service providers (e.g. AWS, GCP, etc.). • Mobile platform penetration testing tradecraft and methodologies across widely-used platforms (iOS and/or Android). • Microservices testing Ability to find and exploit bugs in: • C++, Java, JavaScript, Go, and Python • Kubernetes, AWS, GCP, or Azure • Memory management, namespaces, cgroups, etc. • Passion for writing code to solve problems combined with an interest in Offensive Security. • Ability to demonstrate a strong background in one of the following languages: o Golang, Python, Java, JavaScript, C++, C

We are seeking an experienced and detail-oriented Penetration Tester to assess the security posture of web and mobile applications. The ideal candidate will have a strong background in ethical hacking, vulnerability assessment, and hands-on experience identifying and exploiting application-level security flaws. Key Responsibilities: Perform penetration testing of web and mobile applications to identify vulnerabilities and security weaknesses. Conduct threat modeling and risk analysis for new and existing applications. Simulate real-world cyberattacks and document exploit paths. Prepare detailed technical reports, proof of concepts, and risk assessments. Work closely with development and infrastructure teams to provide remediation guidance. Ensure compliance with industry standards such as OWASP Top 10 , CWE/SANS , and relevant data privacy regulations. Conduct security assessments using both manual techniques and automated tools. Stay up-to-date with the latest security threats, trends, and technologies. Requirements: Minimum 4 years of experience in penetration testing or ethical hacking. Solid experience testing web and mobile applications (Android/iOS). Proficiency with tools such as Burp Suite, OWASP ZAP, Metasploit, Nmap, Nikto, MobSF , etc. Deep understanding of web technologies (HTTP/HTTPS, APIs, authentication mechanisms). Familiarity with OWASP Top 10 , Mobile Top 10 , CVSS scoring, and common exploit techniques. Experience with manual testing techniques to complement automated tools. Strong knowledge of common mobile platforms and application architectures. Scripting skills (Python, Bash, or similar) to aid in custom testing scenarios. Excellent documentation, reporting, and communication skills.

As an Analyst in Cyber Security, you will be responsible for applying your hands-on expert knowledge of tools such as Burp, Nessus, Nmap, Nipper, Metasploit, and other latest tools in the field. Your expertise will be crucial in conducting Vulnerability Assessment and Penetration Testing (VAPT) across various domains including Cloud Security, Web, and Mobile Applications. You should possess a solid understanding of OWASP top 10 and other application/network security frameworks to effectively discover and analyze security vulnerabilities. Your experience in Web Application and Internal/External Network Testing will be key in identifying and mitigating security risks. Moreover, your skills in Configuration Review, policy review, system and network hardening, as well as endpoint review will play a vital role in enhancing the overall security posture. Experience in Application Code Review and Testing tools will be an added advantage in this role. Your ability to create comprehensive reports and communicate effectively, both in writing and verbally, will be essential as you directly engage with clients during projects. You will also be expected to review cyber-attack surfaces, recommend security measures, and conduct cyber investigations when necessary. A minimum of 1 year of post-qualification experience in Security Testing Projects is required for this position. Holding certifications such as CEH/CHFI, OSCP/eWPTX, or any other industry-recognized security certification will be advantageous. If you have a basic scripting knowledge in any language, it will be considered a plus. Additionally, your willingness to travel as needed will be appreciated in this role.,

As a Network Development Engineer at our company, you will have the exciting opportunity to contribute to the NextGen connectivity platform across multiple platforms. Your role will involve designing, developing, and executing test features to validate network functionality, performance, and security. You will play a crucial part in creating and maintaining comprehensive documentation of solutions, test procedures, and results. Additionally, you will document network configurations, troubleshooting steps, and solutions for reference and knowledge sharing. Collaboration will be a key aspect of your role as you work closely with cross-functional teams including network engineering, software development, and quality assurance to ensure seamless integration and deployment of network changes and updates. Your responsibilities will also include identifying opportunities for optimizing network performance and reliability through performance testing and analysis. You will stay updated on industry trends, emerging technologies, and best practices in networking and quality assurance to contribute to continuous improvement initiatives. To excel in this role, you should have a strong understanding of networking concepts and protocols, experience with network testing tools and technologies such as Wireshark, Iperf, and Nmap, as well as proficiency in scripting and automation languages like Python and Bash. Industry certifications such as CCIE, experience with software-defined networking (SDN) and virtualization technologies, knowledge of cloud networking services like AWS, Azure, and GCP, and familiarity with DevOps practices and tools will be advantageous. Your role will also involve working with network security principles and practices, demonstrating excellent analytical and problem-solving skills, and possessing strong communication and collaboration abilities to work effectively in a team environment. Experience with Linux systems, network automation, scripting languages such as Python and Perl, and network virtualization technologies like VMware and KVM will further strengthen your candidacy. Please note that Neuron prioritizes the security and privacy of job applicants and new hires. We will never request personal banking information or ask for financial transactions to be conducted on behalf of the company. If you receive any suspicious requests, please contact us directly at careers@getneuron.com for verification and clarification.,

At BMC, trust is not just a word - it's a way of life! We are an award-winning, equal opportunity, culturally diverse, and fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, as we believe that you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! BMC Software is currently seeking a motivated and skilled individual to join the Product Security Group in a senior technical position. The successful candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, and penetration testing. As a penetration tester, you will play a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. **Roles And Responsibilities:** - Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. - Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. - Provide expert guidance on application security best practices. - Research and develop new penetration testing methodologies, tools, and techniques. **Qualifications & Skills:** - 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. - Penetration testing experience is essential; prior participation in bug bounty programs is a plus. - Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). - Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. - Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. - Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. - Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. - Ability to think creatively and analytically to identify and exploit vulnerabilities. - Strong problem-solving skills when encountering unexpected challenges during testing. - Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. - Meticulous attention to detail in documenting findings and creating reports. - Effective time management skills to meet project deadlines and testing schedules. - High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. **Preferred Skills:** - Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). - Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks. BMC's culture is built around its people. With over 6000 brilliant minds working together across the globe, you won't be known just by your employee number, but for your true authentic self. If you are unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experiences to ensure we face the world together with the best ideas.,

Cyber security instructor, SOC operations, Bug bounty operations, Network Security, Python Scripting, Security Consulting, Training Delivery, Student Mentorship, Assessment and Evaluation

Min 4–7-year experience performing security testing on Industrial control system components like PLC’s, SCADA, IIOT devices etc. Proven experience in conducting penetration tests, vulnerability assessments, and security audits across diverse environments. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP etc. Strong knowledge of common security vulnerabilities, attack vectors, threat modelling and exploitation techniques. Proficiency in using penetration testing tools and frameworks such as Nessus, Burp Suite, Nmap, and other ethical hacking tools. Understanding of component/system architectures in OT environments. Understanding and evaluation of security testing methods. Knowledge of typical industrial protocols (e.g., Modbus, Profinet, OPC, DNP3.0, CAN) Excellent communication skills, with the ability to clearly articulate technical findings and recommendations to both technical and non-technical audiences Roles and Responsibilities Handle the training delivery for IEC 62443 topics and OT security Handle the OT security project delivery and AUdits

The Role Description: Designated position will be a part of India Managed Security Services Organization. The individual will be required to lead AppSec and Vulnerability Management business function and will be responsible for conducting security assessment, Penetration testing of IT/Cloud and OT infrastructure, application security assessment of hosted applications and DevSecOps support for new applications throughout their lifecycle to identify potential vulnerabilities, suggest mitigation strategies, and support the customers/ partners in implementing these strategies. This included project management, service delivery and quality assurance, customer management, relationship with vendors & technology partners. Key General Responsibilities: Lead and drive the AppSec & Vulnerability management function and service delivery by new projects acquisition, project delivery through execution & operations support Strong leadership skills with the ability to lead department and manage functional teams Build and grow the competency through hiring and developing the current team Provide strong technical leadership to the delivery team, partners and customers Results-oriented and ability to think big can work backward from customers needs Project Management, Service Management, Customer handling, Quality assurance Highly effective communicator and demonstrated ability to work cross-functionally, with a track record of delivering results and demonstrating strong ownership People management and accountable for hiring, talent development, performance management, succession planning, coaching to direct reports, and engagement for the teams Excellent communication and interpersonal skills, with the ability to influence and engage stakeholders at all levels within the organization and with customers, partners/vendors Support sales strategy to meet agreed business revenue through pre-sales & appropriate solutions Identify and grow new opportunities with existing customer and ensure customer satisfaction and retention Key Technical Responsibilities: As Technical leader, drive future strategy around Threat intelligence, security architecture reviews, vulnerability management, security configuration, DevSecOps and application security Perform manual/automation internal and external vulnerability assessments in IT/Cloud and OT Perform security control assessment and vulnerability assessments in OT environment Perform Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications Conduct Vulnerability Assessment and Penetration Testing (VAPT) in Web, Android and API Perform Gray Box and/or Penetration testing on WEB, API and Mobile Device (Android) Complete project work with quality and within deadlines as required, complete the analysis and draw comprehensive conclusions, making appropriate recommendations and mitigation plan Communicate technical impact and business risk to a non-technical audience after the project Provide expert advice on the selection and implementation of appropriate Security Assessment / Testing software and tools Implement and manage DevSecOps by utilizing Software Assurance Maturity Model (SAMM) to evaluate and improve the security of software development processes Follow security standards and frameworks, and implement best practices methodologies Work closely with product development teams to ensure secure coding practices are followed Educate customers, technical team, application developers about Emerging threat and vulnerability, application security to raise awareness and build a Security Champion program General Experience Requirement for the role: Having 8+ years of experience in the leading and managing Threat & Vulnerability competency, projects and customer engagements Having 6-8 years of core hands-on experience in fields of cyber-Security, security standards, best practices, vulnerability assessments, web application testing, network and mobile application assessment, and penetration testing 1-2 years of experience in enterprise security management, security products/solution integration/security operations, with good understanding of Network and system security concepts and standards, security best practices Experience building and leading and managing security teams with experience in Cyber security practices, AppSec, threat intelligence, vulnerability management, penetration testing, infrastructure security assessment Excellent Project Management, Service Management and customer handling skills Possess excellent written, presentation and verbal communication skills necessary for team coordination, helping partners, and service discussions along with organizational skills Good analytical skills with an ability to think outside the box to solve highly technical problems Ability to work effectively with clients, management, staff members, vendors, and consultants Good interpersonal skills to interact and collaborate with senior management stakeholders such as IT, Network and Security and CIO/ CTO/ business leadership teams Ability to work calmly with patience in high pressure situations in a dynamic environment Education and Certification preferred for the role: BTech/B.E. in CSE/IT/CSA/ECE MCA/ MTech/MS in CSE/IT/CSA/Electronics Any of the security certifications such as CEH, CHFI, ECSA, OSCP, GPEN, CISSP/CISM/CISA Technical Skills that are Key to this role: Strong background in Network/Infrastructure Vulnerability Assessment and Penetration Testing Good understanding of security vulnerabilities, OWASP Top 10 vulnerabilities, Enterprise security architecture, standards, relevant best practices and frameworks Extensive expertise in Web, API, Android Mobile Apps, and AWS/Azure Cloud Security, Experience with software penetration testing, architectural risk assessment, threat modeling, static code analysis and secure code review on WEB, API and Android mobile applications Web Application Penetration Testing: Strong experience in assessing web applications for security vulnerabilities using tools such as Burp Suite, OWASP ZAP, or similar. Mobile Application Penetration Testing: Proficiency in evaluating the security of mobile applications on Android platforms, including reverse engineering and code analysis. Cloud Security: In-depth knowledge of cloud security best practices, including experience with AWS/ Azure Cloud Platform, and the ability to configure security controls and monitor for cloud-based threats, with experience in AWS/Azure cloud security assessments. API Security: Expertise in assessing the security of APIs, including authentication, authorization, and data protection. Web Application and Mobile Apps security assessment in accordance with the OWASP standards. Vulnerability Assessment includes analysis of bugs in various applications on various domains by using both manual and Automation tools. Familiarity with security in DevOps and continuous integration/continuous deployment (CI/CD) pipelines. Experience of working on Windows and Linux with Good understanding of operating system internals (Windows, Linux and Mobile OS (Android) and app development (especially mobile) Should be familiar with common compliance requirements like GDPR, PCI-DSS, ISO 27001 Experience with mobile Open Web Application Security Project (OWASP) standards and testing checklist. Should be able to configure automated scanners (such as Login sequence, manually exploring critical flaws, Policy customization, scan throttling, etc) to perform successful scans. Assessment of scanner results and intelligently identifying false positives from the scan results. Flaws like, Authentication (session management) testing, CSRF, business logic testing which are not detected by an automated scanner must be identified using manual testing. Understanding of the workflow of the application and identifying the entry points to detect possible vulnerabilities.Hands-on experience with popular security tools NMAP, Nessus, Burp Suite, Nessus, Netsparker, Metasploit, OWASP ZAP. Familiar with Agile process and development tools (Jira, Confluence, Bitbucket, Git, Maven, Jenkins, etc

Conduct comprehensive penetration testing of networks, web applications, mobile applications, and other systems to identify security vulnerabilities. Perform vulnerability assessments and provide detailed recommendations for remediation. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP, MITRE ATT&CK etc. Strong knowledge of common security vulnerabilities, attack vectors, threat modelling and exploitation techniques. Proficiency in using penetration testing tools and frameworks such as Nessus, Burp Suite, Nmap, and other ethical hacking tools. Strong understanding of network protocols, network and application security architectures, and common vulnerabilities (e.g., OWASP Top Ten). Prepare detailed reports of findings, including risk analysis and recommended mitigations, and present these findings to stakeholders. Stay current with emerging security threats, vulnerabilities, and technology trends, and apply this knowledge to improve our security posture. Understanding of component/system architectures in IT and OT environments. Understanding and evaluation of security testing methods. Knowledge of typical industrial protocols (e.g., Modbus, Profinet, OPC, DNP3.0, CAN) Excellent communication skills, with the ability to clearly articulate technical findings and recommendations to both technical and non-technical audiences Source code review for control flow and security flaws IEC 62443 Standard plus at least one of: ISO/IEC 27001 IEC 61508 NIST CSF IEC 61162-460:2024 Proficient in developing VAPT documentation and methodologies specifically aligned with IEC 61162-460:2024 for maritime navigation and radiocommunication equipment cybersecurity. Automotive Vehicle Testing Support Skilled in providing cybersecurity testing support for automotive vehicles , including VAPT of ECUs and in-vehicle networks , threat modeling , and ensuring compliance with industry standards like ISO/SAE 21434. Roles and Responsibilities Min. one professional certification such as Certified Ethical Hacker (CEH), ISA/IEC 62443, OSCP or certified Penetration Tester preferred. Min 2–5 years of experience performing security testing on Industrial control system components like IOT devices, PLCs, SCADA, IIOT devices etc. Familiarity with operating systems (Windows, Linux) and their security features. Excellent problem-solving skills and the ability to think critically to identify and address security issues. Strong verbal and written communication skills, with the ability to document and present technical information to both technical and non-technical audiences. Perform and report on penetration testing of systems, including cloud, NIST 800-53 CA-8 security control and using methodologies that may include, NIST SP 800-115, IEC 62243, PTES, and Information Systems Security Assessment Framework (ISSAF). Develop and maintain up-to-date knowledge of security testing tools and techniques. Contribute to the development and maintenance of security testing methodologies and procedures. Team Collaboration and Training Collaborate with other members of the security team to develop and maintain security policies, procedures, and standards

JOB LOCATION: Pune, Maharashtra ​ MINIMUM QUALIFICATION: Minimum 2 years of professional experience in cybersecurity or a related domain Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field Hands-on coding experience in at least one of the following: Python, Go, or JavaScript Strong proficiency with common vulnerability assessment and penetration testing tools such as Nessus, Metasploit, Nmap, Burp Suite , etc. Experience working with operating systems such as Kali Linux, Linux, and Windows Solid understanding of networking concepts and security engineering principles Relevant certifications such as CRTP (Certified Red Team Professional) or equivalent DESIRED QUALIFICATION: Master’s degree in Cybersecurity or a related field Industry-recognized certifications such as OSCP (Offensive Security Certified Professional) or GPEN (GIAC Penetration Tester) Strong technical writing and reporting skills Familiarity with secure development practices and security automation is a plus ​ RESPONSIBILITIES AND JOB DESCRIPTION: Lead and perform in-depth vulnerability assessments to identify security weaknesses in client systems and infrastructure Conduct and oversee penetration tests to simulate real-world cyber threats and uncover exploitable vulnerabilities Deliver expert recommendations and help implement effective mitigation strategies for identified risks Innovate and contribute to the development of new security testing tools, scripts, and methodologies Participate in corporate security triage and incident response processes — including vulnerability analysis, remediation planning, and stakeholder communication Actively mentor junior analysts , sharing knowledge on testing techniques, tools, and industry best practices Stay up-to-date with emerging threats, vulnerabilities, and attack techniques Prepare detailed and well-structured reports outlining findings, impact assessments, and actionable remediation steps

Job Description At Honeywell, we make a lot of incredible things. But most importantly, we make the future and are looking for people to join our global team of future shapers. When you join Honeywell, you become a member of our performance culture comprised of diverse leaders, thinkers, innovators, dreamers and doers who are changing the future. Our people are committed to each other and to the realization of our vision through their unique job functions. Our businesses embrace the challenges of innovation so that we define the future. And our global opportunities are endless for you to grow and get recognized for your passion to perform. We are seeking a creative and forward-thinking cybersecurity engineer to develop and enhance cyber security solutions to address unique security challenges in critical infrastructure and industrial businesses. This position is responsible for providing on-site cyber security services associated with industrial Process Control Networks for Honeywell customers in the Oil and Gas; Hydrocarbon Processing; Power Generation; Pulp, Paper & Printing; Continuous Web Solutions; Petrochemicals; Life Sciences; and Metals, Minerals and Mining markets. Services provided include on-site consulting, troubleshooting, network designs, implementation, assessments, and other related tasks as identified. Responsibilities Key Responsibilities: Assume the lead role in assigned projects, ensuring delivery on time, within budget, and to customer satisfaction. Stay technically current with cybersecurity solutions and expand knowledge in designated network disciplines. Maintain relevant cybersecurity certifications such as CCNA, CISSP, GICSP, or similar. Keep abreast of current industry security standards (e.g., IEC-62443, ISO 27000). Build strong relationships with internal and external customers by providing accurate and efficient technical/engineering support. Diagnose problems and provide timely, accurate technical solutions in response to customer inquiries, questions, and issues. Network (VLANs, STP, HSRP, Static routing) config and Troubleshooting, Firewall configuration i.e policies, communication troubleshooting, AD, NMS, SIEM, AV, WSUS, etc Installation, configuration and troubleshooting. Uphold industrial safety awareness through the completion of pertinent safety certifications. Qualifications Basic Qualifications: Bachelor's degree in computer-related fields (e.g., Computer Science, Computer Information Systems, Electronics) or equivalent experience. Cisco Certified Network/Design/Security Professional (at least one certification). GICSP/CISSP Certified Information Systems Security Professional or similar security certification. 5+ years of experience in Networking, endpoint security, and conducting audits/assessments in IT security. 3+ years of experience in Security Projects. 2+ years of experience in Cybersecurity Vulnerability or Risk assessment. 2+ years of experience with Microsoft Active Directory, DNS, WSUS, and Terminal Server. 2+ year of experience in vulnerability scanning and assessments using tools like Nessus and NMAP. Proven experience designing or deploying a minimum of 10 projects leveraging virtualization, preferably VMware. 3+ years of Network Security Experience: Firewalls, ACL, IDS, IPS, SIEM, particularly with Cisco Routers, Switches, or Firewalls. 3+ years of experience with antivirus systems and backup & restore solutions. 3+ years of experience providing network services on customer sites. Excellent written and oral communication skills. Willingness to travel 30-65%. Preferred Qualifications and Experience 3 years’ experience in Operational Technology (OT). IEC-62443 Risk Assessment/Design/Maintenance Certification (at least one). Knowledge of networking protocols including HSRP, STP, RSTP, MSTP, VLAN, 802.1q, IPv4, IPv6, RIPv2, OSPF, EIGRP, DNS, NTP, EtherChannel, FTP, TFTP, and SSH. Awareness of OT cybersecurity best practices and recommendations. Proficiency in preparing functional and detailed design specifications. Ability to work independently. Excellent troubleshooting skills to resolve complex network, application, or system integration issues. About Us Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments – powered by our Honeywell Forge software – that help make the world smarter, safer and more sustainable.

About the Company Softcell Global Technologies Pvt. Ltd. is a leading IT services provider with over 30 years of experience in infrastructure solutions, cybersecurity, cloud, and engineering. Trusted by top banks, enterprises, and government institutions, Softcell is a CERT-In empaneled organization at the forefront of cybersecurity service delivery. About the Role Softcell Global Technologies Pvt. Ltd. is seeking a highly skilled Senior Security Analyst with strong offensive security capabilities across the Web, Network, Mobile, Active Directory, OT environments and at least 4-5 years of experience in vulnerability assessment, penetration testing and code review. The ideal candidate must demonstrate proven hands-on experience, leadership ability, and excellent communication skills to manage project delivery, lead a technical team, and coordinate directly with enterprise clients. Practical skills are mandatory, and all shortlisted candidates will undergo a practical assessment. Responsibilities Conduct in-depth penetration tests on web apps, APIs, networks, cloud, and OT environments. Execute internal infrastructure and Active Directory exploitation using BloodHound, CrackMapExec, Impacket, etc. Perform OT/ICS/SCADA security testing, including assessments of protocols and firmware. Conduct comprehensive manual reviews to identify security flaws, insecure patterns, and logical vulnerabilities – SAST and DAST. Chain vulnerabilities to simulate end-to-end real-world attack scenarios and provide POCs. Team Leadership & Client Coordination Lead and mentor junior security analysts during engagements. Act as the technical lead for VAPT projects, ensuring timely delivery and quality assurance. Interface directly with clients to understand requirements, present findings, and suggest remediation strategies. Manage testing schedules, reporting timelines, and escalation workflows. Draft detailed vulnerability reports with actionable remediation. Qualifications Bachelor’s degree in Computer Science, Cybersecurity, or related field. Required Skills 4–5 years of hands-on experience in penetration testing and red teaming. Strong grasp of OWASP Top 10, MITRE ATT&CK, and real-world threat simulation. Expertise in AD security, internal lateral movement, and domain privilege escalation. Familiarity with OT security controls, risk frameworks (NIST, IEC 62443), and protocol fuzzing. Scripting proficiency in Python, PowerShell, or Bash. Exposure to tools like Nmap, Wireshark, Burp Suite, Metasploit, BloodHound, SonarQube, Checkmarx, etc. Leadership experience in managing client-facing pentest projects. Excellent communication, documentation, and collaboration skills. Preferred Skills Preferred Certifications: OSCP – Offensive Security Certified Professional OSWE – Offensive Security Web Expert CRTP – Certified Red Team Professional CRTE – Certified Red Team Expert CPENT – Certified Penetration Testing Professional CEH – Certified Ethical Hacker eJPT, eCPTX, CBBH, PNPT – or equivalent certifications in advanced adversarial simulation. Immediate Joiners Preferred Practical Skills are a Must Location: Delhi and Bangalore (Onsite Only) Equal Opportunity Statement Be part of a CERT-In empaneled cybersecurity team delivering critical security services. Get exposure to real-world attack simulations, internal security assessments, and VAPT projects. Learn and grow under certified red teamers and penetration testers. Access lab environments, tools, and mentoring to grow your skills. Regards HR Team

About the Company Softcell Global Technologies Pvt. Ltd. is a leading IT services provider with over 30 years of experience in infrastructure solutions, cybersecurity, cloud, and engineering. Trusted by top banks, enterprises, and government institutions, Softcell is a CERT-In empaneled organization at the forefront of cybersecurity service delivery. About the Role Softcell Global Technologies Pvt. Ltd. is looking for a passionate and skilled Security Analyst with at least 2-3 years of experience in vulnerability assessment, penetration testing and code review. The ideal candidate should have a foundational understanding of cybersecurity, good hands-on skills with security tools, and hold certifications such as OSCP, CRTP, eJPT, CPENT, CEH or equivalents. The role involves supporting offensive security operations, assisting in analysis and reporting, and collaborating with senior analysts during engagements. Responsibilities Conduct in-depth penetration tests on web apps, APIs, networks, cloud, AD and OT environments. Conduct comprehensive manual reviews to identify security flaws, insecure patterns, and logical vulnerabilities – SAST and DAST. Chain vulnerabilities to simulate end-to-end real-world attack scenarios and provide POCs. Act as a collaborator for VAPT projects, ensuring timely delivery and quality assurance. Interface directly with clients to present findings and suggest remediation strategies. Collaborate to manage testing schedules, reporting timelines, and workflows to ensure on-time delivery. Draft detailed vulnerability reports with actionable remediation. Qualifications Bachelor’s degree in Computer Science, Cybersecurity, or related field. Required Skills Minimum 2-3 years of experience in vulnerability assessment and penetration testing support. Strong grasp of OWASP Top 10, MITRE ATT&CK, and real-world threat simulation. Scripting proficiency in Python, PowerShell, or Bash. Exposure to tools like Nmap, Wireshark, Burp Suite, Metasploit, BloodHound, SonarQube, Checkmarx, etc. Excellent communication, documentation, and collaboration skills. Preferred Skills Preferred Certifications: OSCP – Offensive Security Certified Professional OSWE – Offensive Security Web Expert CRTP – Certified Red Team Professional CRTE – Certified Red Team Expert CPENT – Certified Penetration Testing Professional CEH – Certified Ethical Hacker eJPT, eCPTX, CBBH, PNPT – or equivalent certifications in advanced adversarial simulation. Immediate Joiners Preferred. Practical Skills are a Must. Location: Delhi and Bangalore (Onsite Only). Equal Opportunity Statement We must fill this position urgently. Can you start immediately? Ideal answer: Yes. Why Join Softcell? Be part of a CERT-In empaneled cybersecurity team delivering critical security services. Get exposure to real-world attack simulations, internal security assessments, and VAPT projects. Learn and grow under certified red teamers and penetration testers. Access lab environments, tools, and mentoring to grow your skills. Regards HR Team

Job Overview: We are looking for a talented and experienced Application Security Engineer to join our team. The ideal candidate will have a strong understanding of application security standards, tools, and methodologies and will be responsible for conducting security assessments, penetration testing, and vulnerability analysis for web and mobile applications. This role requires hands-on experience with both automated and manual testing tools, familiarity with security mechanisms, and a commitment to improving the overall security posture of the organization. Key Responsibilities: • Conduct security assessments for both web and mobile applications. • Perform vulnerability assessments and penetration tests using tools such as Burp Suite Pro, AppScan, Veracode, Fortify, WebInspect, Acunetix, etc. • Leverage mobile application testing tools like Drozer, Xposed, MobSF, SSLTrustKiller, Frida, apktool, dex2jar, jadx, and IDA for iOS and Android applications. • Conduct thorough testing of APIs to identify security flaws. • Utilize OWASP and SANS standards to guide security practices. • Stay up to date with the latest security testing tools, techniques, and ethical hacking methodologies. • Compile and present risk-based findings to stakeholders, providing detailed reports and suggesting appropriate mitigations. • Provide expertise on penetration testing methodologies, including black box, grey box, and white box testing. • Demonstrate proficiency with common penetration testing tools such as nmap, Wireshark, Kali Linux, Metasploit, OpenVAS, OWSAP ZAP, Accunetix, Nikto, Nessus, and sqlmap. • Assist development teams with implementing penetration tests as part of the Secure Software Development Life Cycle (Secure SDLC). • Create and refine security checklists tailored to organizational needs. • Ensure continuous security improvement by making suggestions for system and process enhancements. • Experience working with SaaS, IaaS, and PaaS environments, helping integrate and optimize security technologies and processes. Skills and Qualifications: • Proficiency with OWASP Top 10 and SANS security standards. • Strong experience in using security assessment tools, including both static (SAST) and dynamic (DAST) application security testing tools. • Hands-on experience with mobile application security testing and mobile-specific vulnerabilities. • Proficient with web technologies such as J2EE, XML, JSON, SOAP, REST, and AJAX. • Basic programming knowledge in Java, JavaScript, and SQL. • Familiarity with encryption, authentication, and authorization techniques for secure software development. • Experience in automating security testing using scripting languages like Python, Bash, or Java. • Knowledge of network security and vulnerability assessment practices. • Experience in Secure Code Review and identifying vulnerabilities in the source code. • Strong understanding of various security techniques and risk assessment processes. Certifications: • Certified Ethical Hacker (CEH) or equivalent certifications related to application security. Desired Competencies: • OWASP, Burp Suite, Web Application Security, Acunetix, Vulnerability Assessment, Network Security, Mobile Application Security. • Proficient in Secure Code Review, Python, Bash, Java, and Automation scripting.

Job Title: IT Security Engineer – Contractual (3+ / 5+ / 7+ Years Experience) Compensation: (6-10Lakh/10-15Lakh/12-18Lakh respectively) Location: New Delhi Type: Contractual [ 2 months contract] Openings: Multiple Domain Focus: Network Infrastructure Security, ISO 27019 Compliance Email: hr@pivotsec.in Note: This is an urgent contractual opening. Immediate joiners will be prioritized. Job Summary: P.I.V.O.T Security is seeking skilled IT Security Engineers for contractual roles with a primary focus on network architecture and infrastructure security reviews, covering routers, switches, firewalls, CCTV networks, and related devices. These roles are part of critical infrastructure security compliance assessments in alignment with ISO 27019 standards. Responsibilities (based on experience level): Review the entire network architecture, including: • Core and access routers & switches • Perimeter and internal firewalls • CCTV and physical security network components • Wireless network segmentation and NAC implementations • Conduct firewall audits, rulebase validations, and segmentation testing • Evaluate security configurations for IoT and surveillance systems (e.g., CCTV NVR/DVR) • Lead or support Vulnerability Assessment and Penetration Testing (VA/PT) of infrastructure • Identify gaps in network design, access control, and compliance with ISO 27019 • Document security weaknesses, propose remediations, and engage with client infra teams • Prepare technical documentation, risk reports, and mitigation strategies Skills & Tools: Assessment Tools: Nmap, Nessus, Burp Suite, Metasploit (based on role level) Device Knowledge: Cisco, Fortinet, Palo Alto, Juniper, Hikvision, Dahua, etc. Review Focus: Routing protocols, VLANs, ACLs, VPNs, NAT policies, CCTV network isolation Scripting (Senior roles): PowerShell, Bash, Python Understanding of critical infrastructure protection and ISO/IEC 27019 Certifications (Preferred): CEH, CompTIA Security+ (3–5 YOE) OSCP, CEH, or equivalent (5–7+ YOE) Candidate Requirements: 3 to 7+ years of experience in IT/network security, architecture assessment Strong knowledge of infrastructure hardening and secure configuration practices Ability to review, assess, and advise on physical and logical security architecture Effective communication and client interaction skills Capable of independently preparing architecture review reports To apply, email your updated resume to hr@pivotsec.in Use the subject line: "IT Security – [Years] YOE" (e.g. "IT Security – 5 YOE")

Flawit InfoSec Services Flawit InfoSec Services is a cybersecurity firm delivering comprehensive, end-to-end security solutions to enterprises, startups, and government organizations. Our core expertise includes vulnerability assessment and penetration testing (VAPT), red teaming, security operations center (SOC) implementation, risk and compliance advisory, cloud and DevSecOps security, identity and access management (IAM), and more. With a client-first approach, our certified professionals apply global frameworks like OWASP, NIST, and MITRE ATT&CK to secure digital environments and build long-term resilience against evolving threats. Role – Penetration Tester (On-site, Nashik) We are looking for a skilled Penetration Tester to join our team and lead offensive security engagements across diverse environments. The role involves simulating real-world attacks, identifying security flaws, and helping clients strengthen their cybersecurity posture through hands-on testing and tailored recommendations. Key Responsibilities: Conduct detailed vulnerability assessments and penetration tests on web applications, mobile apps, APIs, networks, wireless environments, cloud infrastructure, and thick client systems Perform red teaming exercises, social engineering assessments, and adversary simulations Reverse engineer malware and binaries to identify behavior and possible countermeasures Conduct secure code reviews to detect logic flaws, insecure implementations, and potential backdoors Prepare in-depth technical and executive reports, outlining vulnerabilities, impact, and remediation strategies Communicate findings to internal teams and client stakeholders, and support remediation discussions Develop custom scripts and tools to automate or enhance testing methodologies Stay updated with emerging threats, vulnerabilities, and attack vectors through continuous research Required Skills and Qualifications: Proven experience in web and mobile application penetration testing (OWASP Top 10, API Security) Proficient in tools such as Burp Suite, Metasploit, Nmap, Nessus, Nikto, sqlmap, Wireshark, and Dirbuster Understanding of red team operations, adversary tactics, and MITRE ATT&CK framework Hands-on knowledge of reverse engineering and malware analysis Familiarity with cloud platform security (AWS, Azure, GCP) and DevSecOps pipelines Good understanding of network protocols, operating system internals, and scripting languages (Python, Bash, PowerShell) Ability to write detailed documentation and deliver concise, clear reports to technical and non-technical audiences Bachelor's degree in Cybersecurity, Computer Science, or a related field Relevant certifications are a plus (OSCP, OSEP, OSCE, CRTP, eJPT, CEH, etc.)

As a Senior Consultant in the Cyber Security department located in Gurugram, you will be responsible for various tasks and possess a range of skills and experiences. Your role will involve working on programming languages used for storing and processing raw data, having knowledge of operating systems such as Windows, macOS, Linux, UNIX, and other OSs, conducting penetration testing, understanding ethical hacking and coding practices, mastering advanced persistent threat management, ensuring firewall safety and management, utilizing encryption techniques and capabilities, conducting compliance assessments, and working with frameworks like COBIT and ITIL. You should have at least 5 years of relevant experience in cybersecurity, IT systems operation, and IT solutions development and maintenance. You must be well-versed in configuring and troubleshooting vulnerability management platforms like Tenable or Qualys, as well as patch management control platforms such as Microsoft MECM/SCCM. Experience in supporting patch management, vulnerability management, or configuration management programs is crucial, along with troubleshooting patch deployment and installation through log analysis and investigation. Your expertise should include knowledge of OWASP top 10 and other network security frameworks, hands-on experience in VAPT for application and network security, skills in configuration review, policy review, hardening of systems and networks, endpoint review, application code review, and testing tools. You should possess excellent communication and analytical skills to interact with clients directly, experience in Mobile AppSEC for Android and iOS, API testing, willingness to travel, good presentation and report-making skills, research knowledge in cyber security for consulting and customizing services, and hands-on working knowledge of tools like Burp, Nessus, Nmap, Qualys, Acunetix, Metasploit, and other relevant tools. Additionally, you should have knowledge of SIEM/SOAR, DLP, EDR/EPP, Firewall/IPS, Web Servers, and basic scripting knowledge in any language would be advantageous. Your role will also involve being willing to travel and actively participating in pre-sales activities, ensuring the highest level of security for clients and their systems.,