517 Nmap Jobs - Page 13

Hybrid Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! The IZOT product line includes BMC’s Intelligent Z Optimization & Transformation products, which help the world’s largest companies to monitor and manage their mainframe systems. The modernization of mainframe is the beating heart of our product line, and we achieve this goal by developing products that improve the developer experience, the mainframe integration, the speed of application development, the quality of the code and the applications’ security, while reducing operational costs and risks. We acquired several companies along the way, and we continue to grow, innovate, and perfect our solutions on an ongoing basis. We are looking for a Penetration Tester to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Primary Roles And Responsibilities Lead security assessments of applications and solutions deployed on IBM z/OS-based environments. Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems.. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure you’re set up for success, you will bring the following skillset & experience: 6+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to senior stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes. CA-DNP BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 2,790,000 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Min salary 2,092,500 Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. Mid point salary 2,790,000 Max salary 3,487,500

This is a remote position. Job Title: Freelance OSCP Trainer (Offensive Security Certified Professional) Location: Remote Engagement Type: Freelance Duration: Projuct Base Experience: 10+Years About the Role: We are seeking an experienced and passionate freelance OSCP-certified trainer to deliver hands-on training in penetration testing and ethical hacking . The ideal candidate will have a strong background in offensive security and a knack for simplifying complex concepts for learners of varying skill levels. Key Responsibilities: Deliver structured training based on the PWK (Penetration Testing with Kali Linux) curriculum. Guide students through lab exercises , real-world scenarios , and exam preparation . Provide mentorship and support to learners during and after sessions. Customize training content to suit the audiences technical level. Evaluate learner progress and provide constructive feedback. Required Skills & Qualifications: OSCP Certification (mandatory). Strong command of Kali Linux , Metasploit , Burp Suite , Nmap , Wireshark , and other offensive security tools. Proficiency in Active Directory attacks , privilege escalation , buffer overflows , and post-exploitation techniques . Solid understanding of networking , Linux/Windows systems , and scripting (Python/Bash) . Prior experience in training or mentoring is highly desirable. Excellent communication and presentation skills. " , "Work_Experience6" , "Job_TypeTraining" , "Job_Opening_NameOSCP" , "Number_of_Positions1" , "State":null , "Country":null , "Keep_on_Career_Site":false}]);

Description and Requirements "At BMC trust is not just a word - it's a way of life!" Hybrid Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! The IZOT product line includes BMC’s Intelligent Z Optimization & Transformation products, which help the world’s largest companies to monitor and manage their mainframe systems. The modernization of mainframe is the beating heart of our product line, and we achieve this goal by developing products that improve the developer experience, the mainframe integration, the speed of application development, the quality of the code and the applications’ security, while reducing operational costs and risks. We acquired several companies along the way, and we continue to grow, innovate, and perfect our solutions on an ongoing basis. We are looking for a Penetration Tester to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Primary Roles And Responsibilities Lead security assessments of applications and solutions deployed on IBM z/OS-based environments. Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems.. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure you’re set up for success, you will bring the following skillset & experience: 6+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to senior stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes. CA-DNP BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 2,790,000 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply.

Cybersecurity Consultant - VAPT Location : Bhopal, Madhya Pradesh, India Job Type : Full-time, Permanent Experience Level : 1 - 5 Years Salary : ₹2,50,000 - ₹5,00,000 per annum (based on experience and certifications) Position Overview We are seeking a skilled and motivated Cybersecurity Consultant specializing in Vulnerability Assessment and Penetration Testing (VAPT). The ideal candidate will have a passion for ethical hacking and a strong desire to identify and remediate security weaknesses. In this hands-on role, you will be responsible for performing security assessments on our clients' web applications, mobile applications, and network infrastructure to help them strengthen their security posture. Key Responsibilities & Duties Perform comprehensive Vulnerability Assessments and Penetration Testing (VAPT) on web applications, mobile applications (iOS/Android), network infrastructure, and APIs. Utilize a combination of automated scanning tools (e.g., Nessus, Burp Suite Pro, Acunetix) and manual testing techniques to identify vulnerabilities. Apply standard testing methodologies such as OWASP Top 10, SANS Top 25, and NIST frameworks. Analyze findings, perform root cause analysis, and assess the level of risk associated with each vulnerability. Prepare detailed, high-quality VAPT reports that clearly outline findings, identified risks, and provide actionable remediation recommendations for both technical and non-technical audiences. Collaborate with client development and IT teams to explain vulnerabilities and advise on effective mitigation strategies. Perform re-testing to validate the successful closure of reported vulnerabilities. Stay updated with the latest cybersecurity threats, attack vectors, vulnerabilities, and ethical hacking techniques. Required Skills & Qualifications Education: Bachelor's degree (B.Tech/B.E.) in Computer Science, Information Technology, or a related field. Experience: 1 to 5 years of hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT). Technical Skills: o Strong understanding of network protocols (TCP/IP), system architecture, and fundamental security concepts. o Proficiency with VAPT tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, etc. o Solid knowledge of OWASP Top 10 vulnerabilities and other common security flaws. o Experience in manual penetration testing of web and mobile applications. o Excellent report writing, documentation, and communication skills. Preferred Certifications & Skills Holding one or more of the following certifications is highly desirable: o Certified Ethical Hacker (CEH) o Offensive Security Certified Professional (OSCP) o Offensive Security Certified Expert (OSCE) Experience with scripting languages (e.g., Python, Bash, PowerShell) for automation and testing. Familiarity with cloud security concepts and testing in environments like AWS, Azure, or GCP. Basic knowledge of secure code review. What We Offer A competitive salary package and benefits. The opportunity to work on challenging and diverse security projects. A culture of continuous learning with support for professional development, training, and certifications. A collaborative and supportive team environment where your contributions are valued. Job Types: Full-time, Permanent Pay: ₹250,000.00 - ₹500,000.00 per year Benefits: Cell phone reimbursement Health insurance Paid sick time Provident Fund Schedule: Day shift Fixed shift Work Location: In person

Role Description Job Description We are seeking a skilled and passionate Penetration Tester with hands-on experience in identifying vulnerabilities across mobile applications (iOS/Android) , web applications , infrastructure , and thick client environments . The ideal candidate will have a strong background in assessing the security posture of applications, systems, and networks, especially in a fast-paced fintech environment . Key Responsibilities Conduct penetration tests on web and mobile applications, networks, thick clients, and systems to identify vulnerabilities. Perform manual and automated testing to simulate cyberattacks and exploit potential security flaws. Create detailed reports of vulnerabilities including descriptions, proof of concepts, business impact, and actionable remediation steps. Perform retesting to validate fixes and confirm mitigations. Analyze security issues related to web apps, network protocols, OSs, and cloud platforms. Stay updated with the latest cybersecurity threats, vulnerabilities, and attack techniques. Coordinate with application and infrastructure teams during the assessment lifecycle and deliver clear, comprehensive reports. Requirements Proven experience as a Penetration Tester or in a cybersecurity role. Strong understanding of: OWASP Mobile Top 10 OWASP Web Top 10 MITRE ATT&CK framework Proficiency in tools such as: Burp Suite, Frida, MobSF, Nmap, Wireshark, Metasploit Hands-on experience with: SSL pinning bypass Jailbreak/root detection bypass Certificate validation flaws Mobile app reverse engineering Familiarity with operating systems like Windows, Kali Linux, and macOS Exposure to cloud platforms such as AWS, Azure, or GCP Knowledge of scripting/programming languages such as Python, Bash, or PowerShell (preferred) Relevant certifications are a strong advantage: CEH, OSCP, or similar Preferred Skills Prior experience in mobile application penetration testing Ability to work independently and manage time effectively Excellent communication skills, especially in conveying technical findings to non-technical stakeholders Skills Information Security,Data Analysis,Penetration Testing

🔐 Cybersecurity Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Performance-Based) About INLIGHN TECH INLIGHN TECH is dedicated to delivering practical, industry-relevant learning experiences through immersive virtual internships. Our Cybersecurity Internship is designed to equip aspiring professionals with real-world skills in ethical hacking, threat analysis, and system defense through hands-on projects and guided mentorship. Internship Overview As a Cybersecurity Intern , you will gain critical exposure to information security principles, ethical hacking techniques, and cyber threat analysis . You will work on identifying vulnerabilities, simulating attacks, and building defenses — preparing you for roles in one of the most in-demand fields in tech. 🔧 Key Responsibilities Assist in conducting vulnerability assessments and penetration testing Analyze and monitor network traffic for suspicious activity Perform security audits and help develop incident response protocols Use industry-standard tools like Nmap, Wireshark, Burp Suite, Metasploit , etc. Research emerging threats and recommend mitigation strategies Learn and apply OWASP Top 10 concepts and security best practices Document findings and support internal cybersecurity reporting ✅ Qualifications Pursuing or recently completed a degree in Cybersecurity, IT, Computer Science , or related field Basic understanding of networking, operating systems, and web security concepts Familiarity with tools such as Kali Linux, Burp Suite, Nessus, or similar Passion for ethical hacking, threat hunting, and system security Strong analytical skills and eagerness to learn Knowledge of Linux/command-line interfaces is a plus 🎓 What You’ll Gain Hands-on experience with real-world cybersecurity tasks and tools Deep understanding of cyber threats, vulnerabilities, and protection strategies Internship Certificate of Completion Letter of Recommendation for top performers Potential Full-Time Offer based on performance A portfolio of cybersecurity assessments and reports to showcase your skills

Cybersecurity Consultant - VAPT Location : Bhopal, Madhya Pradesh, India Job Type : Full-time, Permanent Experience Level : 1 - 5 Years Salary : ₹2,50,000 - ₹5,00,000 per annum (based on experience and certifications) Position Overview We are seeking a skilled and motivated Cybersecurity Consultant specializing in Vulnerability Assessment and Penetration Testing (VAPT). The ideal candidate will have a passion for ethical hacking and a strong desire to identify and remediate security weaknesses. In this hands-on role, you will be responsible for performing security assessments on our clients' web applications, mobile applications, and network infrastructure to help them strengthen their security posture. Key Responsibilities & Duties Perform comprehensive Vulnerability Assessments and Penetration Testing (VAPT) on web applications, mobile applications (iOS/Android), network infrastructure, and APIs. Utilize a combination of automated scanning tools (e.g., Nessus, Burp Suite Pro, Acunetix) and manual testing techniques to identify vulnerabilities. Apply standard testing methodologies such as OWASP Top 10, SANS Top 25, and NIST frameworks. Analyze findings, perform root cause analysis, and assess the level of risk associated with each vulnerability. Prepare detailed, high-quality VAPT reports that clearly outline findings, identified risks, and provide actionable remediation recommendations for both technical and non-technical audiences. Collaborate with client development and IT teams to explain vulnerabilities and advise on effective mitigation strategies. Perform re-testing to validate the successful closure of reported vulnerabilities. Stay updated with the latest cybersecurity threats, attack vectors, vulnerabilities, and ethical hacking techniques. Required Skills & Qualifications Education: Bachelor's degree (B.Tech/B.E.) in Computer Science, Information Technology, or a related field. Experience: 1 to 5 years of hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT). Technical Skills: o Strong understanding of network protocols (TCP/IP), system architecture, and fundamental security concepts. o Proficiency with VAPT tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, etc. o Solid knowledge of OWASP Top 10 vulnerabilities and other common security flaws. o Experience in manual penetration testing of web and mobile applications. o Excellent report writing, documentation, and communication skills. Preferred Certifications & Skills Holding one or more of the following certifications is highly desirable: o Certified Ethical Hacker (CEH) o Offensive Security Certified Professional (OSCP) o Offensive Security Certified Expert (OSCE) Experience with scripting languages (e.g., Python, Bash, PowerShell) for automation and testing. Familiarity with cloud security concepts and testing in environments like AWS, Azure, or GCP. Basic knowledge of secure code review. What We Offer A competitive salary package and benefits. The opportunity to work on challenging and diverse security projects. A culture of continuous learning with support for professional development, training, and certifications. A collaborative and supportive team environment where your contributions are valued. Job Types: Full-time, Permanent Pay: ₹250,000.00 - ₹500,000.00 per year Benefits: Cell phone reimbursement Health insurance Paid sick time Provident Fund Schedule: Day shift Fixed shift Work Location: In person

Job Description We are seeking a skilled and experienced Cybersecurity Specialist to join our dynamic team. The ideal candidate will have 3-7 years of experience in cybersecurity roles and a strong technical background in information security. If you're passionate about protecting data, identifying vulnerabilities, and implementing robust security Responsibilities : Develop, implement, and maintain cybersecurity policies, firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint security solutions, and data encryption. Conduct regular security assessments, risk analyses, and vulnerability assessments to identify potential weaknesses and mitigate risks. Experience in Web/Mobile/Network Penetration Testing and/or Vulnerability Assessment. Experience with web application vulnerability scanner (BurpSuite, AppScan, Acunetix, Web Inspect, etc). Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25. Deep knowledge of HTTP protocol and the ability to construct/manipulate HTTP requests. Ability to suggest/recommend remediation to fix vulnerability. Manual Penetration Testing skills and techniques are required besides automated tools and frameworks. Knowledge on Tools : Nmap, Kali Linux, Metasploit, Maltego, Burp Suite, Nessus, nexpose, Wireshark, sqlmap etc. Proficiency in Conducting API (REST, SOAP, XML, JSON) Security testing activities to identify and mitigate security 3-7 years of experience in cyber security or a related field. Bachelor's degree in Computer Science, Information Security, Cyber Operations, or a related field (or equivalent experience). Strong understanding of networking concepts, security principles, and cyber threats. Proven experience with vulnerability scanning and penetration testing tools. Knowledge of regulatory requirements and compliance frameworks (eg, PCI DSS, NIST, CIS Controls). Experience in Information security controls, and doing IT audits, ISO certifications is preferred. (ref:hirist.tech)

NAB is looking for Security Assurance Consultant to join our dynamic team and embark on a rewarding career journey Undertake short-term or long-term projects to address a variety of issues and needs Meet with management or appropriate staff to understand their requirements Use interviews, surveys etc. to collect necessary data Conduct situational and data analysis to identify and understand a problem or issue Present and explain findings to appropriate executives Provide advice or suggestions for improvement according to objectives Formulate plans to implement recommendations and overcome objections Arrange for or provide training to people affected by change Evaluate the situation periodically and make adjustments when needed Replenish knowledge of industry, products and field

🔐 Cyber Security Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Based on Performance) About INLIGHN TECH INLIGHN TECH is focused on equipping students and graduates with practical, hands-on experience in emerging tech fields through structured virtual internships. Our Cyber Security Internship is designed to build a strong foundation in ethical hacking, threat detection, and system defense , making you industry-ready for a high-demand domain. 🚀 Internship Overview As a Cyber Security Intern , you will work on projects that simulate real-world cyber threats, learn to identify and mitigate vulnerabilities, and explore techniques used by security professionals to protect systems and data. 🔧 Key Responsibilities Conduct vulnerability assessments and basic penetration testing Analyze logs and traffic to identify potential threats or breaches Assist in incident response and threat mitigation activities Learn and work with tools such as Kali Linux, Burp Suite, Nmap, Metasploit, and Wireshark Study and apply the OWASP Top 10 and other security standards Support the development of security protocols and documentation Stay updated on emerging cyber threats and protection mechanisms ✅ Qualifications Currently pursuing or recently completed a degree in Cybersecurity, IT, Computer Science , or a related field Basic knowledge of networking concepts, operating systems, and system vulnerabilities Familiarity with ethical hacking techniques and cybersecurity tools Understanding of firewalls, encryption, and authentication methods Strong problem-solving skills and a desire to learn more about cyber defense Passion for cybersecurity and protecting digital environments 🎓 What You’ll Gain Hands-on experience with real-world cybersecurity tools and challenges Insight into threat analysis, penetration testing, and security compliance Internship Certificate upon successful completion Letter of Recommendation for high performers Opportunity for a Full-Time Offer based on performance A strong foundation for pursuing careers like Ethical Hacker, SOC Analyst, or Penetration Tester

🛡️ Cyber Security Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Based on Performance) About INLIGHN TECH INLIGHN TECH is an emerging edtech platform that empowers students through hands-on, real-world learning experiences. Our Cyber Security Internship is designed to equip aspiring professionals with practical skills in ethical hacking, network defense, and vulnerability assessment through project-based learning. 🚀 Internship Overview As a Cyber Security Intern , you will gain real-world exposure to security tools, frameworks, and attack simulations . You will assist in identifying potential vulnerabilities, analyzing threats, and learning how to protect digital assets in real-time environments. 🔧 Key Responsibilities Assist in network monitoring , intrusion detection, and log analysis Conduct basic vulnerability scans and help remediate identified risks Use tools such as Wireshark, Nmap, Burp Suite, Metasploit , and Kali Linux Understand and apply frameworks like OWASP Top 10 and NIST Work on ethical hacking simulations and penetration testing Prepare basic reports on threats, vulnerabilities, and risk mitigation strategies Stay up to date with the latest cybersecurity trends and attack vectors ✅ Qualifications Currently pursuing or recently completed a degree in Cyber Security, IT, Computer Science , or a related field Basic understanding of networking, Linux systems, and cybersecurity principles Familiarity with ethical hacking tools and scripting (Python/Bash) is a plus Strong analytical and problem-solving skills Eagerness to learn, explore, and grow in the field of information security 🎓 What You’ll Gain Hands-on experience with cybersecurity tools and techniques Understanding of real-world security challenges and responses A portfolio of cybersecurity tasks/projects to showcase your skills Internship Certificate upon successful completion Letter of Recommendation for top-performing interns Opportunity for a Full-Time Offer based on performance

🛡️ Cyber Security Analyst Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Performance-Based) About INLIGHN TECH INLIGHN TECH is a rapidly growing edtech startup focused on practical, real-world learning. Our Cyber Security Analyst Internship is built to provide aspiring professionals with the tools, knowledge, and experience needed to understand, detect, and respond to cyber threats. 🚀 Internship Overview As a Cyber Security Analyst Intern , you will gain hands-on experience in monitoring systems, identifying vulnerabilities, analyzing threats, and implementing basic security measures. You will work on real-time use cases and contribute to strengthening the organization’s cyber defense posture. 🔧 Key Responsibilities Monitor and analyze system logs and network traffic for suspicious activities Conduct vulnerability assessments and assist in penetration testing Use tools like Wireshark, Nmap, Nessus, Burp Suite, or Splunk Assist in implementing security policies, firewalls, and access controls Respond to simulated incident scenarios and create incident reports Stay updated with the latest cyber threats, malware trends, and attack vectors Document findings, recommendations, and best practices ✅ Qualifications Pursuing or recently completed a degree in Cybersecurity, Computer Science, IT , or related fields Familiarity with network protocols , Linux/Windows systems , and security tools Understanding of concepts like firewalls, encryption, OWASP Top 10, and vulnerability scanning Strong analytical thinking and problem-solving abilities Basic knowledge of scripting or automation tools (e.g., Bash, Python) is a plus Eagerness to learn, research, and grow in the cybersecurity domain 🎓 What You’ll Gain Real-world exposure to cyber threat analysis and defensive strategies Hands-on practice with popular security tools and platforms Internship Certificate upon successful completion Letter of Recommendation for outstanding performance Opportunity for a Full-Time Offer based on performance Experience to help prepare for certifications like CEH, CompTIA Security+, or OSCP

Key Responsibilities Penetration Testing (Primary Focus): Perform manual and automated penetration testing on web applications, APIs, infrastructure, and cloud-hosted environments. Conduct red team/purple team exercises to simulate advanced threat actor behavior using frameworks like MITRE ATT&CK. Identify security flaws, misconfigurations, and business logic vulnerabilities across hybrid and cloud environments. Use tools such as Burp Suite, Nmap, Metasploit, Cobalt Strike, and custom scripts to simulate attacks. Provide detailed reports with risk ratings, technical impact, and remediation recommendations. Collaborate with DevOps and application teams to validate, reproduce, and remediate identified issues. Continuously research and adopt emerging offensive techniques, vulnerabilities, and toolsets. Cloud Security (Secondary but Required): Assess cloud environments (Azure, AWS, GCP) for security weaknesses, including exposed services, misconfigured IAM, and insecure storage. Assist in secure design reviews and threat modeling for cloud-native workloads. Use tools like Microsoft Defender for Cloud, Prisma Cloud, Wiz, or ScoutSuite to identify misconfigurations. Automate detection of insecure infrastructure via Infrastructure-as-Code (Terraform, Bicep, etc.). Support incident response activities related to cloud-based threats and unauthorized access. Compliance and Governance Support: Understand and apply security testing methods aligned with: HIPAA (for healthcare application testing), PCI-DSS (for applications storing/processing cardholder data), and NESA (UAE-specific cybersecurity baseline). Participate in security audits and assessments by providing technical evidence and findings. Maintain documentation for vulnerability management, security testing scope, and remediation tracking. Required Skills and Experience 2+ years of hands-on experience in penetration testing and offensive security engagements. Deep understanding of application security testing, OWASP Top 10, and real-world exploit techniques. Experience testing cloud workloads (Azure, AWS, or GCP) from an attacker's perspective. Familiarity with red/purple teaming, lateral movement, privilege escalation, and post-exploitation techniques. Strong proficiency with tools like Burp Suite Pro, Nmap, Metasploit, Cobalt Strike, etc. Scripting experience with Python, PowerShell, or Bash to develop custom tools and automate testing. Exposure to SIEM, CSPM, and EDR platforms for identifying and responding to test detections. Preferred Certifications (Offensive & Cloud Focused) Penetration Testing / Offensive Security: OSCP (Offensive Security Certified Professional) OSEP / OSCE / GPEN / GWAPT / CRTO CEH (Certified Ethical Hacker – practical) Cloud Security (Supplementary): Microsoft Certified: Azure Security Engineer Associate AWS Certified Security – Specialty Google Cloud Professional Security Engineer Compliance (Optional but Useful): CISSP, CCSP, or CISM Certified HIPAA Professional (CHP), PCI ISA Familiarity with UAE’s NESA compliance standards Show more Show less

Role: Infosec Lead Location: Noida, India www.SEW.ai Who We Are SEW, with its innovative and industry-leading cloud platforms, delivers the best Digital Customer Experiences (CX) and Workforce Experiences (WX), powered by AI, ML, and IoT Analytics to the global energy, water, and gas providers. At SEW, the vision is to Engage, Empower, and Educate billions of people to save energy and water . We partner with businesses to deliver platforms that are easy-to-use, integrate seamlessly, and help build a strong technology foundation that allows them to become future- ready. Searching for your dream job? We are a true global company that values building meaningful relationships and maintaining a passionate work environment while fostering innovation and creativity. At SEW, we firmly believe that each individual contributes to our success and in return, we provide opportunities from them to learn new skills and build a rewarding professional career. A Couple of Pointers • We are the fastest growing company with over 420+ clients and 1550+ employees. • Our clientele is based out in the USA, Europe, Canada, Australia, Asia Pacific, Middle East • Our platforms engage millions of global users, and we keep adding millions every month. • We have been awarded 150+ accolades to date. Our clients are continually awarded by industry analysts for implementing our award-winning product. • We have been featured by Forbes, Wall Street Journal, LA Times for our continuous innovation and excellence in the industry. Who we are looking A successful Application Penetration Tester working at SEW should possess a deep understanding of both information security and computer science. They should understand basic concepts such as networking, applications, operating system functionality, application manipulation, vulnerability discovery, and analysis, as well as exploit development. This job requires strong critical thinking skills and an analytical mindset; this career is technical and challenging with opportunities to work in some of the most exciting areas of security consulting on extremely technical and challenging work. A typical job could involve penetration testing of both software and network to breach the security of a target system or reverse-engineering an application and encryption method to gain access to sensitive data. If you have experience performing penetration tests against web applications, mobile applications and can present your findings while demonstrating strong analytical skills, then you’re the type of Penetration Tester we’re looking for. Requirements • Perform penetration tests of websites, services, infrastructure, networks, IoT Devices, and mobile applications to discover and exploit vulnerabilities • Recognize and safely utilize attacker tools, tactics, and procedures used to perform analysis and identify vulnerabilities • Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, etc. • Detect, identify, and exploit vulnerabilities across various operating systems, applications, and hardware • Develop comprehensive and accurate reports and presentations for both technical and executive audiences • Effectively communicate findings and strategy to stakeholders Qualifications • 5-8 years experience in: Web Application Assessments, Mobile Application Assessments • Experience with penetration testing tools such as Metasploit, Burp Suite, Nmap, Kali Linux etc. • Possess understanding of various penetration testing and hacking methodologies such as OWASP, PTES, NIST SP800- 115 • Source Code Review & Reverse Engineering • Relevant application penetration testing certifications such as Offensive Security Web Expert (OSWE) certification, GIAC Web Application Penetration Tester (GWAPT), or equivalent mobile/web certification preferred • Demonstrated experience in one or more computer programming and scripting languages such as Python, Bash, PHP, Java, C#, .NET, Swift, Kotlin, JavaScript, Perl, Ruby • Reverse engineering malware, data obfuscators, or ciphers • Experience with methodologies pertaining to both static and dynamic analysis for different application types and platforms • Strong knowledge of tools used for application testing and testing of different platforms, including those used in both static and dynamic analysis • Thorough understanding of network protocols, data on the wire, application desi Show more Show less

We are seeking a skilled and proactive Medical Device Cybersecurity Engineer to join our team. This position plays a critical role in ensuring the cybersecurity and regulatory compliance of our connected medical devices throughout the product lifecycle. The ideal candidate has hands-on experience in threat modeling, managing third-party software components, performing vulnerability scans and penetration testing, and collaborating across cross-functional teams to integrate robust cybersecurity controls in accordance with FDA and global regulatory requirements. Key Responsibilities: Perform and maintain comprehensive threat modeling (e.g., STRIDE) for embedded and connected medical devices. Perform regular vulnerability scans, penetration testing , and static/dynamic analysis using tools such as Kali Linux, Metasploit, Wireshark, NMAP, Fortify, Nessus, or similar. Develop and update cybersecurity risk assessments as part of the overall risk management process (including CVSS scoring). Define, implement, and document security controls based on threat model outcomes. Manage and maintain Software Bill of Materials (SBOM) in compliance with FDA premarket and post-market guidance and global standards (e.g., NTIA, NIST). Support secure software development lifecycle (SDLC) practices including secure coding reviews. Conduct cybersecurity surveillance for new threats, advisories, CVEs, and zero-day vulnerabilities that may impact devices post-market. Triage and assess reported vulnerabilities, coordinate remediation and update documentation accordingly. Support preparation of cybersecurity documentation for FDA submissions (e.g., premarket submissions, 510(k), PMA) including security risk management reports and architecture diagrams. Ensure compliance with FDA applicable standards (e.g., ISO 14971, IEC 62304, ANSI/AAMI SW96:2023) Collaborate with Quality, Regulatory, and Engineering to ensure cybersecurity is integrated across the product lifecycle. Collaborate with software, hardware, and systems teams to guide cybersecurity design and testing. Qualifications Required: Bachelors or Masters degree in Computer Engineering, Cybersecurity, Electrical Engineering, or related field. 57 years of experience in embedded systems or medical device cybersecurity. Strong working knowledge of SBOM, SOUP, vulnerability scanning tools, penetration testing, and threat modeling methodologies. Familiarity with relevant regulations and standards (e.g., FDA Cybersecurity Guidance, NIST SP 800-53/30/218, ANSI/AAMI SW96:2023). Experience with secure development tools and CI/CD environments. Preferred: Certified Ethical Hacker (CEH), CISSP, CSSLP, or similar certification. Experience with connected devices (IoMT), wireless protocols (BLE, Wi-Fi), and cloud security principles. Familiarity with DevSecOps practices and security tools integration. Show more Show less

About The Role Job Title: Penetration Tester (Web Applications and REST APIs) Location: Bengaluru Job Type: Full-time About Us: Kotak Mahindra Bank is seeking an experienced Penetration Tester to join our Platform Engineering team. As a Penetration Tester, you will be responsible for identifying vulnerabilities in web applications and REST APIs, providing recommendations for remediation, and ensuring the security posture of our clients' systems. Job Summary: The successful candidate will have a strong background in penetration testing, including experience with various tools and techniques used to identify vulnerabilities in web applications and APIs. The ideal candidate will be able to analyze complex systems, identify potential security risks, and provide actionable recommendations for remediation. Key Responsibilities: Conduct thorough penetration testing of web applications and REST APIs using a variety of tools and techniques Identify vulnerabilities in web applications, including but not limited to: SQL injection Cross-Site Scripting (XSS) Cross-Site Request Forgery (CSRF) Authentication and authorization weaknesses Session management issues Test REST APIs for security vulnerabilities, including but not limited to: Input validation and sanitization Error handling and logging Authentication and authorization mechanisms Data encryption and transmission Analyze results and provide detailed reports outlining findings, recommendations for remediation, and estimated timeframes for implementation Collaborate with development teams to ensure identified vulnerabilities are addressed and remediated in a timely manner Stay up-to-date with the latest security threats, tools, and techniques through ongoing training and professional development Requirements: 3+ years of experience in penetration testing, with a focus on web applications and REST APIs Strong understanding of web application security concepts, including but not limited to: OWASP Top 10 Web Application Security Risks (WASR) Secure Coding Practices Experience with various penetration testing tools, including but not limited to: Burp Suite ZAP Nmap AJP SQL injection tools (e.g. sqlmap) Strong understanding of REST API security concepts, including but not limited to: API Security Frameworks (e.g. OAuth 2.0) Data encryption and transmission protocols (e.g. HTTPS) Authentication and authorization mechanisms (e.g. JWT) Experience with scripting languages (e.g. Python, Ruby) is a plus Strong analytical and problem-solving skills Excellent communication and reporting skills Nice to Have: CISSP or equivalent security certification CEH or equivalent penetration testing certification Experience with cloud-based services (e.g. AWS, Azure) Familiarity with Agile development methodologies Experience with DevOps tools (e.g. Docker, Jenkins) What We Offer: Competitive salary and benefits package Opportunities for professional growth and development Collaborative and dynamic work environment Flexible working hours and remote work options

Who we think will be a great fit. A passion for information security with a hacker mindset! Self-motivation and Proactiveness Communication skills What we need... We want people with preferably two or more, of the following: 1. Web Application Security Testing. Knowledge about BURP Suite, manual and automated SQLi Bypass filters that detect SQLi, XSS, etc. People who don't think Injection means only SQLi but SSTI, SSJI, ORMi [HQLi], LDAPi, Eli, XMLi etc. 2. Network Infrastructure Testing. Ability to write custom scripts and wrappers. Knowledge of tools like Responder, Ettercap, tcpdump, Empire, etc.not just Nmap and Nessus Have good knowledge about PowerShell scripting and AD/DC infrastructure. 3. Mobile App Testing. Root/jailbreak and Certificate pinning bypass without any automated tool Dynamic instrumentation using Frida De-obfuscation of APK/IPA file 4. IoT Testing. MQTT attacks Fuzzing of IoT devices Firmware extraction 5. Cloud Testing. A good understanding of the cloud infrastructure that includes AWS, Azure and Google cloud. Have a good understanding of microservices architecture. 6. Secure Code Review. Ability to visualize and compile applications without any compiler (in your mind). Has the ability to learn a new programming language on-the-go. Preferred candidate profile : Candidates with relevant professional experience will be given preference.

Job Title: Senior VAPT (Vulnerability Assessment & Penetration Testing) Engineer Location: Indore Experience Required: 5+ Years Job Type: Full-Time Job Summary: We are looking for an experienced and highly skilled VAPT Engineer with a strong background in cybersecurity and hands-on expertise in conducting vulnerability assessments and penetration testing of IT infrastructure, applications, and networks. The candidate must have in-depth knowledge of CERT-In guidelines, security best practices, and regulatory compliance requirements. Key Responsibilities: · - Perform Vulnerability Assessment & Penetration Testing (VAPT) on web applications, mobile applications, APIs, networks, cloud infrastructure, servers, and endpoints. · - Prepare and deliver detailed technical reports with findings, risk ratings, and actionable remediation recommendations. · - Simulate real-world cyberattacks to identify potential security flaws and vulnerabilities. · - Collaborate with development and IT teams to validate and fix vulnerabilities. · - Implement and monitor secure coding practices and DevSecOps principles during SDLC. · - Ensure all testing activities are in line with CERT-In guidelines and other applicable standards (ISO 27001, OWASP, NIST, etc.). · - Stay up-to-date with the latest threats, vulnerabilities, and attack vectors. · - Prepare reports and evidence required for CERT-In audits and compliance. · - Assist in developing internal security policies and SOPs for secure infrastructure. · - Guide and mentor junior security analysts, if required. Required Skills & Qualifications: · - Bachelor's degree in Computer Science, Information Security, or a related field. · - Minimum 5 years of hands-on experience in VAPT and cybersecurity. · - Expertise in tools such as Burp Suite, Nessus, Nmap, Metasploit, Acunetix, Wireshark, Nikto, OWASP ZAP, etc. · - Strong knowledge of OWASP Top 10, SANS 25, and other industry security standards. · - Solid understanding of network protocols, web application architecture, firewalls, IDS/IPS, and endpoint security. · - Familiarity with scripting and automation (Python, Bash, PowerShell). · - Experience in writing and reviewing security assessment reports for technical and non-technical stakeholders. · - In-depth knowledge of CERT-In audit requirements, documentation, and compliance process. Certifications (Preferred): · - CEH / OSCP / LPT / CRTP / CompTIA Pentest+ · - Any CERT-In empanelment project experience will be a strong advantage. Additional Information: · - Strong communication, documentation, and interpersonal skills. · - Ability to manage multiple engagements and deliver under tight timelines. · - Should be able to work independently or in a team. Job Type: Full-time Pay: ₹30,000.00 - ₹45,000.00 per month Benefits: Provident Fund Schedule: Day shift Work Location: In person

Job description As a Security Engineer - VAPT, you will be responsible for conducting comprehensive security assessments, identifying vulnerabilities, and implementing effective remediation strategies. Leveraging your expertise in penetration testing and ethical hacking, you will play a key role in enhancing the security posture of our clients' systems and networks. This position offers an exciting opportunity to work on challenging projects, collaborate with talented professionals, and contribute to the advancement of cybersecurity practices. Key Responsibilities : Perform end-to-end Vulnerability Assessment and Penetration Testing (VAPT) for clients' IT infrastructure, applications, and networks. Conduct thorough security assessments using industry-standard tools and methodologies, including but not limited to, Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Identify and exploit security vulnerabilities to assess the potential impact on clients' systems and data. Prepare detailed assessment reports outlining findings, risk levels, and recommended remediation measures. Collaborate with clients' IT teams to prioritize and address identified security issues in a timely manner. Develop and implement custom scripts or tools to enhance testing capabilities and automate repetitive tasks. Stay abreast of emerging security threats, vulnerabilities, and industry best practices to continually improve testing methodologies. Provide guidance and mentorship to junior security engineers, fostering a culture of knowledge sharing and skill development within the team. Requirements: Bachelor's degree in Computer Science, Information Technology, or related field. 2+ years of experience in cybersecurity, with a focus on Vulnerability Assessment and Penetration Testing. Proficiency in using tools such as Nmap, Nessus, Metasploit, Burp Suite, and OWASP. Hands-on experience with various operating systems, including Windows, Linux, and Unix. Strong understanding of network protocols, web application architecture, and common security vulnerabilities. Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar certifications preferred. Excellent analytical skills and attention to detail, with the ability to prioritize and manage multiple tasks effectively. Effective communication skills, both verbal and written, with the ability to convey technical concepts to non-technical stakeholders. Proven track record of delivering high-quality security assessments and actionable recommendations. Show more Show less

Job Information Date Opened 06/18/2025 Job Type Full time Industry IT Services Work Experience 4-5 years City Bangalore State/Province Karnataka Country India Zip/Postal Code 560024 Job Description About Globals: Globals has drastically grown from a small home office to a globally recognized enterprise offering world-class quality solutions on Cybersecurity, Cyberwarfare, ERP Systems, AI, and Enterprise Application Development for various industries including Defence, Education, Government, Financial Services and Transport Industries. Globals has enabled its customers to be game-changers in their industry through its disruptive and innovative solutions. Globals is certified as a "Great Place to Work" organization for its laudable work culture that helps its team members manage work-life, have dedicated hours to upskill and reskill themselves, and most important to ensure that the projects that they are working on are always unique, challenging their status quo every time. Our unique work culture has made us one of the world’s fastest-growing technology companies as recognized and featured by The Economist. Our excellence in technical stewardship and service-offering expertise has facilitated our clients ranging from individual entrepreneurs to Fortune Global 500 – to explore new business opportunities, reduce their operational costs significantly and boost their revenues. Today, Globals enjoys a strong position in the industry as a high-performing leader through its technology innovation and remarkable domain expertise. Globals is a CMMI Level 3 certified company. About the Job Role: We are seeking a skilled Offensive Security Researcher with hands-on experience in penetration testing, vulnerability research, and exploit development with a focus on Windows systems. The ideal candidate will be responsible for identifying and exploiting security weaknesses across Windows systems, applications, and networks to simulate real-world cyberattacks. This role is critical in strengthening our organization's security posture by providing actionable insights, supporting incident response, and contributing to continuous security improvements. You will work closely with security engineers, blue teams, and development teams to bridge gaps between offense and defense. Responsibilities: Identify and analyze vulnerabilities in Windows OS (e.g., Windows 10/11, Windows Server), kernel components, drivers, and user- mode applications. Research zero-day vulnerabilities and develop PoC exploits to demonstrate impact. Analyze patch diffs and reverse-engineer Windows updates to uncover exploitable conditions. Analyze obfuscated malware samples to understand attack vectors and vulnerabilities. Document vulnerabilities, exploitation techniques, and PoC code in clear, reproducible formats. Contribute to vulnerability databases, advisories, or whitepapers with the vendor and to CERT. Conduct comprehensive penetration tests (VAPT) on web applications, APIs, networks, mobile apps, and cloud environments. Collaborate with blue teams to improve defensive controls based on offensive insights. Continuously research emerging threats, attack techniques (TTPs), and security trends to keep tools and techniques up-to-date. Support incident response teams during active breaches with offensive techniques such as attacker simulation and pivoting. Participate in threat modeling and security architecture reviews from an attacker’s perspective. Requirements Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience. Deep understanding of Windows kernel, memory management, process/thread handling, security and Windows APIs (kernel32.dll, ntdll.dll) Expertise in writing exploits for Windows vulnerabilities, bypassing mitigations like ASLR, DEP, and CFG. Strong skills in C/C++, Python, and Assembly (x86/x64); familiarity with PowerShell. Knowledge of network protocols and raw packet manipulation for exploit delivery (e.g., using raw sockets or PCAP). Familiarity with offensive security tools like Metasploit, Cobalt Strike, or custom exploit frameworks. Proficiency with tools like IDA Pro, Ghidra, WinDbg, OllyDbg, or Radare2 for analyzing Windows binaries/drivers and dynamic analysis tools (Process Monitor, Process Explorer). Strong proficiency with penetration testing tools such as Burp Suite, Metasploit, Cobalt Strike, Nmap, Wireshark, Nessus, and others. Practical experience in exploit development, reverse engineering, or binary analysis is a strong plus. Familiarity with social engineering techniques and phishing campaigns is a plus. Relevant certifications are highly desirable (e.g., OSCP, CEH etc.,). Apply Now

About Globals: Globals has drastically grown from a small home office to a globally recognized enterprise offering world-class quality solutions on Cybersecurity, Cyberwarfare, ERP Systems, AI, and Enterprise Application Development for various industries including Defence, Education, Government, Financial Services and Transport Industries. Globals has enabled its customers to be game-changers in their industry through its disruptive and innovative solutions. Globals is certified as a "Great Place to Work" organization for its laudable work culture that helps its team members manage work-life, have dedicated hours to upskill and reskill themselves, and most important to ensure that the projects that they are working on are always unique, challenging their status quo every time. Our unique work culture has made us one of the world’s fastest-growing technology companies as recognized and featured by The Economist. Our excellence in technical stewardship and service-offering expertise has facilitated our clients ranging from individual entrepreneurs to Fortune Global 500 – to explore new business opportunities, reduce their operational costs significantly and boost their revenues. Today, Globals enjoys a strong position in the industry as a high-performing leader through its technology innovation and remarkable domain expertise. Globals is a CMMI Level 3 certified company. About the Job Role: We are seeking a skilled Offensive Security Researcher with hands-on experience in penetration testing, vulnerability research, and exploit development with a focus on Windows systems. The ideal candidate will be responsible for identifying and exploiting security weaknesses across Windows systems, applications, and networks to simulate real-world cyberattacks. This role is critical in strengthening our organization's security posture by providing actionable insights, supporting incident response, and contributing to continuous security improvements. You will work closely with security engineers, blue teams, and development teams to bridge gaps between offense and defense. Responsibilities: Identify and analyze vulnerabilities in Windows OS (e.g., Windows 10/11, Windows Server), kernel components, drivers, and user- mode applications. Research zero-day vulnerabilities and develop PoC exploits to demonstrate impact. Analyze patch diffs and reverse-engineer Windows updates to uncover exploitable conditions. Analyze obfuscated malware samples to understand attack vectors and vulnerabilities. Document vulnerabilities, exploitation techniques, and PoC code in clear, reproducible formats. Contribute to vulnerability databases, advisories, or whitepapers with the vendor and to CERT. Conduct comprehensive penetration tests (VAPT) on web applications, APIs, networks, mobile apps, and cloud environments. Collaborate with blue teams to improve defensive controls based on offensive insights. Continuously research emerging threats, attack techniques (TTPs), and security trends to keep tools and techniques up-to-date. Support incident response teams during active breaches with offensive techniques such as attacker simulation and pivoting. Participate in threat modeling and security architecture reviews from an attacker’s perspective. Requirements Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience. Deep understanding of Windows kernel, memory management, process/thread handling, security and Windows APIs (kernel32.dll, ntdll.dll) Expertise in writing exploits for Windows vulnerabilities, bypassing mitigations like ASLR, DEP, and CFG. Strong skills in C/C++, Python, and Assembly (x86/x64); familiarity with PowerShell. Knowledge of network protocols and raw packet manipulation for exploit delivery (e.g., using raw sockets or PCAP). Familiarity with offensive security tools like Metasploit, Cobalt Strike, or custom exploit frameworks. Proficiency with tools like IDA Pro, Ghidra, WinDbg, OllyDbg, or Radare2 for analyzing Windows binaries/drivers and dynamic analysis tools (Process Monitor, Process Explorer). Strong proficiency with penetration testing tools such as Burp Suite, Metasploit, Cobalt Strike, Nmap, Wireshark, Nessus, and others. Practical experience in exploit development, reverse engineering, or binary analysis is a strong plus. Familiarity with social engineering techniques and phishing campaigns is a plus. Relevant certifications are highly desirable (e.g., OSCP, CEH etc.,). Show more Show less

Key Responsibilities: Plan, execute, and lead red team operations, including adversary emulation, threat simulations, and advanced penetration testing. Conduct full-scope assessments across network, application, endpoint, cloud, and physical security layers. Use tools, tactics, and procedures (TTPs) that mimic real-world adversaries (APT-style attacks). Identify security weaknesses, misconfigurations, and exploitable vulnerabilities across the enterprise. Collaborate with the blue team to provide insights and help mature detection and response capabilities. Prepare detailed reports, attack paths, and executive-level summaries of red team findings and recommendations. Develop custom scripts, tools, or exploits as needed during engagements. Stay current on the latest threats, exploits, and TTPs used by threat actors. Required Skills & Qualifications: 5-8 years of relevant experience in red teaming, penetration testing, or offensive security. Strong knowledge of MITRE ATT&CK framework and adversary simulation methodologies. Proficient in tools such as Cobalt Strike, Metasploit, Empire, BloodHound, Mimikatz, Nmap, Burp Suite, etc. Solid understanding of network protocols, operating systems (Windows/Linux), and cloud environments (AWS, Azure, GCP). Strong scripting skills in Python, PowerShell, or Bash. Experience with EDR evasion, privilege escalation, lateral movement, and persistence techniques. Excellent analytical, documentation, and communication skills. Preferred Certifications (any of the following): OSCP / OSCE / OSEP CRTO / CRTP / CRTE CISSP / CEH (Advanced) GIAC GPEN / GXPN / GCP

Noida,Uttar Pradesh,India Job ID 764288 Join our Team About this opportunity: Join Ericsson as an Oracle Database Administrator and play a key role in managing and optimizing our critical database infrastructure. As an Oracle DBA, you will be responsible for installing, configuring, Upgrading and maintaining Oracle databases, ensuring high availability, performance, and security. You’ll work closely with cross-functional teams to support business-critical applications, troubleshoot issues, and implement database upgrades and patches. This role offers a dynamic and collaborative environment where you can leverage your expertise to drive automation, improve efficiency, and contribute to innovative database solutions. What you will do: Oracle, PostgreSQL, MySQL, and/or MariaDB database administration in production environments. Experience with Container Databases (CDBs) and Pluggable Databases (PDBs) for better resource utilization and simplified management. High availability configuration using Oracle Dataguard, PostgreSQL, MySQL replication, and/or MariaDB Galera clusters. Oracle Enterprise Manager administration which includes alarm integration. Familiarity with Linux tooling such as iotop, vmstat, nmap, OpenSSL, grep, ping, find, df, ssh, and dnf. Familiarity with Oracle SQL Developer, Oracle Data Modeler, pgadmin, toad, PHP, MyAdmin, and MySQL Workbench is a plus. Familiarity with NoSQL, such as MongoDB is a plus. Knowledge of Middle ware like Golden-gate both oracle to oracle and oracle to BigData. Oracle, PostgreSQL, MySQL, and/or MariaDB database administration in production environments. Conduct detailed performance analysis and fine-tuning of SQL queries and stored procedures. Analyze AWR, ADDMreports to identify and resolve performance bottlenecks. Implement and manage backup strategies using RMAN and other industry-standard tools. Performing pre-patch validation using opatch and datapatch. Testing patches in a non-production environment to identify potential issues before applying to production. Apply Oracle quarterly patches and security updates. Implement and manage backup strategies using RMAN and other industry-standard tools. The skills you bring: Bachelor of Engineering or equivalent experience with at least 2 to 3 years in the field of IT. Must have experience in handling operations in any customer service delivery organization. Thorough understanding of basic framework of Telecom / IT processes. Willingness to work in a 24x7 operational environment with rotating shifts, including weekends and holidays, to support critical infra and ensure minimal downtime. Strong understanding of Linux systems and networking fundamentals. Knowledge of cloud platforms (AWS, Azure, GCP) and containerization (Docker, Kubernetes) is a plus. Oracle Certified Professional (OCP) is preferred Why join Ericsson? At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?

Job Summary: We are seeking an experienced Penetration Tester (Pentester) Engineer with 4+ years of hands-on experience in identifying, assessing, and mitigating vulnerabilities across web applications, networks, APIs, and infrastructure. The ideal candidate should have deep knowledge of security testing tools, methodologies, and frameworks, and be able to think like a hacker to protect our digital assets. Key Responsibilities: Conduct manual and automated penetration testing on web applications, APIs, mobile applications, and network infrastructure. Identify and exploit security flaws in systems and provide clear, actionable remediation steps. Create and deliver comprehensive vulnerability assessment and penetration test reports . Collaborate with developers, DevOps, and IT teams to assist in fixing identified security issues. Stay current on emerging threats, tools, and security trends to keep systems secure. Assist in the design and implementation of secure SDLC and DevSecOps processes . Simulate real-world attack scenarios to evaluate system resilience. Perform security audits, risk assessments , and red team/blue team exercises as needed. Review and analyze code for security vulnerabilities (code review/secure coding practices). Required Skills & Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field. 4+ years of hands-on penetration testing or ethical hacking experience. Proficient in tools such as Burp Suite, OWASP ZAP, Metasploit, Nmap, Wireshark, Nessus , etc. Deep understanding of OWASP Top 10 , SANS Top 25, and common web/mobile/API vulnerabilities. Experience with scripting and automation using Python, Bash, or PowerShell . Strong knowledge of network security, system hardening, and secure coding principles . Familiarity with compliance standards (e.g., ISO 27001, PCI-DSS, HIPAA) is a plus. Ability to write detailed and technically accurate reports for both technical and non-technical stakeholders. Relevant certifications preferred: OSCP, CEH, GPEN, or similar . Nice to Have: Experience in cloud security (AWS, Azure, GCP) and containerized environments (Docker, Kubernetes). Exposure to threat modeling, red teaming, and bug bounty programs . Contribution to open-source security tools or active participation in CTFs or security forums. Understanding of CI/CD pipelines and integration of security into DevOps.

We are seeking a highly skilled IT & Network Manager with 8–12 years of experience to join IIT Madras Research Park and lead the design, implementation and maintenance & support our expanding network infrastructure. The ideal candidate will ensure the integrity of a high-availability network infrastructure to optimize performance for users and systems. About IITM Research Park Innovation thrives when faculty, students and industry professionals interact in a formal or informal environment. The IIT Madras Research Park, promoted by IIT Madras, is India’s first University based Research Park epitomising what can be achieved by this confluence - bringing unlike minds together. The Research Park provides over 1.2 million square feet of collaborative workspace for R&D companies and deep-tech start-ups to nurture, promote and sustain innovation and entrepreneurship through Industry - Academia interaction. The innovation ecosystem enables quick and easy formal and informal exchange of ideas leading to collaboration and commercialization of R&D, delivering strategic value by reducing the cycle time for innovation. IIT Madras Research Park is a bustling campus with about 5,000 professionals across 250 plus Corporate R&D Units, Multinational Research Centres, Public Sector, Government Research bodies, IIT Madras Centres of Excellence, Laboratories and Start-ups. Key Responsibilities: Design and deploy functional networks (LAN, WLAN, WAN). Configure and install software, servers, routers, and other network devices. Monitor network performance and ensure system availability and reliability. Perform network maintenance and system upgrades, including service packs, patches, hotfixes, and security configurations. Troubleshoot network issues and outages, scheduling upgrades, and collaborating with network architects on network optimization. Report network status to key stakeholders and management. Support firewall administration, VPN, proxy services, and other security-related configurations. Assist with disaster recovery and backup procedures. Effectively handle client interactions, providing technical support and clear communication to ensure satisfaction and build strong professional relationships. Monitor and maintain the building management system and expertise in the Modbus protocol. Troubleshooting and installing the CCTV cameras and NVRs. Manage Amazon Web Services (EC2, VPC, EKS, Cloud front, Cloud watch, Routing, ELB). Manage and support OS – Windows, Linux (Ubuntu and Centos) and Mac. Required Skills and Qualifications: Bachelor’s degree in computer science, Information Technology, or a related field. 8-12 years of proven experience in network administration and network engineering, including expertise in network infrastructure design and management. Experience with routing and switching technologies (Cisco, Juniper, D-Link etc.). Proficiency with network diagnostic, monitoring, and analysis tools (Wireshark, SolarWinds, nmap etc.). Good knowledge of TCP/IP, subnetting, DNS, DHCP, NAT, VPN, VLAN, and firewall configurations. Hands-on experience with operating systems (Windows Server, Linux). Knowledge of IT security best practices. Excellent problem-solving and communication skills. Cisco CCNA certification or CCNP (preferred). Additional Key Skills: Familiarity with SD-WAN technologies. Knowledge of network automation tools and scripting (Python, Ansible, VBA etc.). Understanding of EPABX systems and QoS configuration. Experience with load balancers and high availability solutions. Knowledge of ITIL frameworks and documentation practices, Experience of IT asset management and procurement. Designing the system based on the user requirements. Expertise in installing, testing, troubleshooting, and managing fiber optic cables including termination, splicing, and patch panel management for high-speed network connectivity Show more Show less