517 Nmap Jobs - Page 18

Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! The IZOT product line includes BMC’s Intelligent Z Optimization & Transformation products, which help the world’s largest companies to monitor and manage their mainframe systems. The modernization of mainframe is the beating heart of our product line, and we achieve this goal by developing products that improve the developer experience, the mainframe integration, the speed of application development, the quality of the code and the applications’ security, while reducing operational costs and risks. We acquired several companies along the way, and we continue to grow, innovate, and perfect our solutions on an ongoing basis. We are looking for a Senior Penetration Tester to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Primary Roles And Responsibilities Lead security assessments of applications and solutions deployed on IBM z/OS-based environments. Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems.. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure you’re set up for success, you will bring the following skillset & experience: 8+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to senior stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes. CA-DNP Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. < Back to search results BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 3,380,000 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply. Show more Show less

About Netskope Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive. Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter @Netskope . About the position Netskope is looking for an analyst on the Threat and Vulnerability Management team. This position will focus on the identification and proactive mitigation of Netskope s attack surface, threat landscape, security gaps , and cyber threats which could impact the business. In addition, this role will be responsible for performing the vulnerability management function such as finding, reporting, and supporting business units in their vulnerability remediation efforts. Roles & Responsibilities Continuous development and execution of the enterprise Threat and Vulnerability Management strategic plan to identify and reduce vulnerable attack surfaces Perform complex analysis to understand emerging threats, and continuously demonstrates awareness of current threat posture Reviews emerging and existing threat methodologies and exploit code / proof of concept code to develop mitigations, prioritize risks and navigating sources for identification of vulnerable assets. Execute on core team functions such as scanning, reporting, custom checks, asset tagging, as well as incorporating threat intelligence into vulnerability checks Automate security tasks using scripting languages such as python. Maintain and contribute to the threat models understanding emerging/existing threats and countermeasures to them. Partners with internal teams to lead, develop, test, and continuously validate detection signatures for various attacks Provide internal teams with hardening guidance and develop tooling for auditing Support teams by being a Remediation Champion giving them guidance on various strategies to remediate a vulnerability and supporting them in their testing and validation efforts. Provides expertise in incident response activities. Teach and understand CVSS, CVE, and additional vulnerability ratings and methodologies Qualifications/Requirements Experience 2 to 5 Yrs in Security Should possess relevant university degree and/or professional qualifications/certification (e.g. CEH, OSCP) Must have knowledge with tools Tenable, Qualys, NMAP, SCAPY, and other tools. Must have the ability to understand hardening guidelines for new technologies and applications being adopted by Netskope. Understanding of containerization and containerized applications, their security weaknesses and how to secure them Must have an understanding of patch automation, security orchestration, and management tooling for on premise, private cloud, and cloud infrastructure. Knowledge of OWASP Web and Mobile Top 10 vulnerabilities and identifying them. Knowledge of TCP/IP and other application and network level protocols. Knowledge of Cloud Applications like AWS, Azure and other SAAS Applications. Excellent written and verbal communication skills. Self-motivated, curious, knowledgeable pertaining to news and current events. Ability to be effective in a remote global work environment. #LI-RS1

Job Purpose: Provides hands-on technical and security support across enterprise environments, including performing manual security testing, assisting with vulnerability identification and remediation, and supporting threat response activities. Contributes to cloud security posture monitoring, participates in responsible disclosure and bug bounty processes, and supports ongoing compliance initiatives. Aids in the investigation and response to security incidents, monitors threat intelligence sources, and helps implement security controls across systems, applications, and Office365 environments. Also assists with maintaining documentation and gathering evidence for audits related to SOC 2 Type 2, PCI-DSS, and ISO 27001 frameworks. Supports sales and client teams by contributing to responses for security audits, risk assessments, and customer security questionnaires. Job Responsibilities: Essential Functions: This position operates under limited supervision with a high degree of independence in day-to-day security tasks. The Security Engineer supports enterprise security operations, infrastructure protection, and compliance efforts. Key responsibilities include: Perform manual security testing and assist with 2nd and 3rd level investigation and resolution of security-related support tickets. Participate in vulnerability management processes, including scanning, tracking, reporting, and remediation assistance. Monitor and support cloud security posture across environments (e.g., AWS, Azure), contributing to secure configuration and alerting. Support Office365 security administration and monitoring efforts Assist in monitoring threat intelligence feeds and help correlate findings with internal environments to identify potential risks. Respond to and support the triage and resolution of security incidents in coordination with internal teams and vendors to minimize business impact. Contribute to the intake and triage process for responsible disclosure reports and bug bounty submissions. Provide security support for customer audits and sales enablement activities by helping to complete security questionnaires and assessments. Assist with maintaining and collecting evidence for compliance frameworks such as SOC 2 Type 2, PCI-DSS, and ISO 27001. Help train and support internal teams in secure configurations and processes. Work with internal infrastructure, development, and compliance teams to implement and maintain security standards and controls. Research, test, and provide input on new security tools, products, and practices. Maintain accurate records of work performed, including documentation and ticketing of changes and issues. Non-Essential Functions: May be required to participate in an on-call rotation outside of normal business hours to support security incident response or high-priority investigations. May assist with ad-hoc security-related tasks or projects outside of core responsibilities Requirements: Required Education and Experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent technical experience Minimum 3+ years of experience in information security, cybersecurity, or in a security engineering role Hands-on experience with manual security testing and vulnerability management practices Working knowledge of private and public cloud environments and cloud security posture management (e.g., AWS, Azure, or GCP) Familiarity with security compliance frameworks (SOC 2 Type 2, PCI-DSS, ISO 27001) Experience with MS Azure security and Office365 security tools (e.g., Microsoft Defender, Purview, Security & Compliance Center) Understanding of incident response processes and tools Exposure to responsible disclosure or bug bounty program workflows Ability to document technical findings and produce support materials for audit and remediation purposes Minimum 2+ years of experience with Penetration Testing tools such as Nmap, Burp Suite, OWASP ZAP, Nikito, SQLmap, Postman, MetaSploit, Mimikatz, Bloodhound, Maltego and others Preferred Education and Experience: Bachelor’s degree or equivalent experience. Related certifications Expected Competencies: Strong verbal and written communication skills Must be able to prioritize and take initiative Demonstrate excellent service skills Strong English communication skills, both written and verbal Work Schedule: Monday through Friday from 12 PM to 9 PM IST. This will provide healthy overlap between India team and US team and supporting both to ensure adequate collaboration. This role will be working in Hybrid Mode and will require at least 2 days’ work from office at Hyderabad or Gurugram Travel: This position may require up to 10% travel. Travel may be outside the local area and overnight EEO Statement Cendyn provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Cendyn complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Cendyn expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Cendyn’s employees to perform their job duties may result in discipline up to and including discharge. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Conduct Web Application and API Security Testing using both Manual and Automated Penetration Testing Methodologies Conduct Vulnerability Assessments of Network Devices, DB and servers using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices Conduct penetration test and launch exploits using Nessus, Metaspoilt, Core Impact, Backtrack penetration testing distribution tools sets Prepare a detailed VAPT findings manually Strong experience with performing VAPT as per OWASP Top 10, SANS Top 25, and NIST, and SANS Security Guidelines. Hands on knowledge on Tools: Nmap, Kali Linux, Metasploit, Maltego, Burp, Nessus, nexpose, wireshark, sqlmap, MobSF, burpsuite etc. Conduct android and IOS mobile application VAPT Ability to suggest remediation to vulnerabilities observed in Application and configuration. Minimum 2-3 years of work experience in the information security domain only Job Types: Full-time, Permanent Pay: ₹20,000.00 - ₹65,000.00 per month Benefits: Internet reimbursement Supplemental Pay: Performance bonus Application Question(s): Did you worked in the domains like API Testing, IOS, Android Testing, Web Application Testing, Network Penetration Testing, Mobile Application Testing? Experience: minimum: 1 year (Required) Language: English (Required) Location: Gurugram, Haryana (Required) Work Location: In person

As a Software Engineer / Trainer at ABC Trainings, you will play a pivotal role in training professionals and aspiring software engineers across diverse domains and cutting-edge software technologies. Your mission is to deliver hands-on training and instill industry-relevant skills that equip individuals for thriving careers in the dynamic field of software engineering. Key Responsibilities:  Training Delivery: Conduct training sessions covering a wide range of domains, including ethical hacking, hardware and networking, software development, artificial intelligence (AI), machine learning (ML), data science, coding, network security, full stack development, web development, database management, cybersecurity, mobile app development, DevOps, cloud computing, and more.  Software Proficiency: Provide expertise in industry-standard software tools and languages, including C, C++, Java, Python, JavaScript, HTML/CSS, PHP, Ruby, Swift, Kotlin, MATLAB, R, SQL, TensorFlow, PyTorch, Keras, Django, Flask, Node.js, Angular, React, Docker, Kubernetes, Git, Selenium, ethical hacking tools (e.g., Metasploit, Wireshark), networking tools (e.g., Wireshark, Cisco Packet Tracer), data science libraries (e.g., Pandas, NumPy, scikit-learn), cybersecurity tools (e.g., Nmap, Wireshark), cloud platforms (e.g., AWS, Azure, Google Cloud), integrated development environments (IDEs), and more.  Curriculum Development: Collaborate with the curriculum development team to create comprehensive and industry-relevant training modules.  Hands-On Learning: Facilitate hands-on learning experiences, coding projects, and practical exercises to enhance participants' skills and knowledge.  Assessment and Evaluation: Assess the progress of trainees, offer constructive feedback, and conduct evaluations to ensure learning objectives are met.  Industry Trends: Stay updated with the latest trends and advancements in software engineering to provide real-world insights to trainees.  Mentorship: Provide mentorship and guidance to participants in their career development, helping them become proficient software engineers. Job Types: Full-time, Fresher Pay: ₹12,000.00 - ₹25,000.00 per month Schedule: Day shift Work Location: In person

Job Summary: We are seeking a passionate and knowledgeable Ethical Hacking & Cybersecurity Trainer to deliver high-quality training to students and professionals. The ideal candidate will have hands-on experience in penetration testing, cybersecurity tools, and a strong ability to teach complex topics in an engaging and understandable manner. Key Responsibilities: Deliver training sessions on Ethical Hacking, Penetration Testing, Network Security, Web Application Security, etc. Design and update training materials, labs, assignments, and assessments. Conduct live demonstrations and hands-on lab exercises using industry-standard tools. Mentor and support students during and after sessions to clarify doubts and assist with projects. Stay updated with the latest cybersecurity trends, tools, and techniques. Prepare students for industry-recognized certifications (CEH, CompTIA Security+, OSCP, etc.). Evaluate student performance and provide constructive feedback. Coordinate with academic or corporate teams for scheduling and curriculum alignment. Key Topics to Cover: Ethical Hacking Fundamentals Footprinting and Reconnaissance Scanning Networks & Vulnerability Assessment System Hacking & Privilege Escalation Web Application Attacks (SQLi, XSS, CSRF) Wireless Network Security Malware Analysis Basics Social Engineering Techniques Security Tools: Nmap, Metasploit, Burp Suite, Wireshark, etc. Linux for Hackers Incident Response & Digital Forensics (optional) Requirements: Bachelor's degree in Computer Science, IT, Cybersecurity, or related field. 3–5 years of experience in cybersecurity, penetration testing, or a related role. Proven experience in teaching or training is highly desirable. Industry certifications (any of the following): CEH, OSCP, CompTIA Security+, CISSP, etc. Excellent communication, presentation, and mentoring skills. Strong knowledge of ethical hacking methodologies and tools. Preferred Qualifications: Experience with learning management systems (LMS). Ability to teach both beginner and advanced learners. Experience with live capture-the-flag (CTF) environments or lab simulations. Prior experience with EdTech or bootcamp-style training. Benefits: Competitive salary Access to premium cybersecurity tools and labs Opportunities to attend global cybersecurity conferences Flexible work environment (remote or hybrid options) Career growth opportunities in education and security leadership Interested Candidates Kindly Share your Mail on 8879505005 or Mail to hr@dcodetech.in Job Types: Full-time, Contractual / Temporary, Freelance Contract length: 24 months Pay: ₹25,000.00 - ₹40,000.00 per month Schedule: Morning shift Education: Bachelor's (Preferred) Experience: Cybersecurity: 3 years (Preferred) Language: English (Preferred) Work Location: In person Application Deadline: 10/06/2025 Expected Start Date: 02/06/2025

Job Purpose Provides hands-on technical and security support across enterprise environments, including performing manual security testing, assisting with vulnerability identification and remediation, and supporting threat response activities. Contributes to cloud security posture monitoring, participates in responsible disclosure and bug bounty processes, and supports ongoing compliance initiatives. Aids in the investigation and response to security incidents, monitors threat intelligence sources, and helps implement security controls across systems, applications, and Office365 environments. Also assists with maintaining documentation and gathering evidence for audits related to SOC 2 Type 2, PCI-DSS, and ISO 27001 frameworks. Supports sales and client teams by contributing to responses for security audits, risk assessments, and customer security questionnaires. Job Responsibilities Essential Functions: Responsibilities This position operates under limited supervision with a high degree of independence in day-to-day security tasks. The Security Engineer supports enterprise security operations, infrastructure protection, and compliance efforts. Key responsibilities include: Perform manual security testing and assist with 2nd and 3rd level investigation and resolution of security-related support tickets. Participate in vulnerability management processes, including scanning, tracking, reporting, and remediation assistance. Monitor and support cloud security posture across environments (e.g., AWS, Azure), contributing to secure configuration and alerting. Support Office365 security administration and monitoring efforts Assist in monitoring threat intelligence feeds and help correlate findings with internal environments to identify potential risks. Respond to and support the triage and resolution of security incidents in coordination with internal teams and vendors to minimize business impact. Contribute to the intake and triage process for responsible disclosure reports and bug bounty submissions. Provide security support for customer audits and sales enablement activities by helping to complete security questionnaires and assessments. Assist with maintaining and collecting evidence for compliance frameworks such as SOC 2 Type 2, PCI-DSS, and ISO 27001. Help train and support internal teams in secure configurations and processes. Work with internal infrastructure, development, and compliance teams to implement and maintain security standards and controls. Research, test, and provide input on new security tools, products, and practices. Maintain accurate records of work performed, including documentation and ticketing of changes and issues. Non-Essential Functions May be required to participate in an on-call rotation outside of normal business hours to support security incident response or high-priority investigations. May assist with ad-hoc security-related tasks or projects outside of core responsibilities Requirements Required Education and Experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent technical experience Minimum 3+ years of experience in information security, cybersecurity, or in a security engineering role Hands-on experience with manual security testing and vulnerability management practices Working knowledge of private and public cloud environments and cloud security posture management (e.g., AWS, Azure, or GCP) Familiarity with security compliance frameworks (SOC 2 Type 2, PCI-DSS, ISO 27001) Experience with MS Azure security and Office365 security tools (e.g., Microsoft Defender, Purview, Security & Compliance Center) Understanding of incident response processes and tools Exposure to responsible disclosure or bug bounty program workflows Ability to document technical findings and produce support materials for audit and remediation purposes Minimum 2+ years of experience with Penetration Testing tools such as Nmap, Burp Suite, OWASP ZAP, Nikito, SQLmap, Postman, MetaSploit, Mimikatz, Bloodhound, Maltego and others Preferred Education And Experience Bachelor’s degree or equivalent experience. Related certifications Expected Competencies Strong verbal and written communication skills Must be able to prioritize and take initiative Demonstrate excellent service skills Strong English communication skills, both written and verbal Work Schedule Monday through Friday from 12 PM to 9 PM IST. This will provide healthy overlap between India team and US team and supporting both to ensure adequate collaboration. This role will be working in Hybrid Mode and will require at least 2 days’ work from office at Hyderabad or Gurugram Travel This position may require up to 10% travel. Travel may be outside the local area and overnight EEO Statement Cendyn provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Cendyn complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Cendyn expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Cendyn’s employees to perform their job duties may result in discipline up to and including discharge. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. Show more Show less

Join our forward-thinking team as a Linux Engineer with a strong foundation in Python, where you will play a pivotal role in automating and optimizing our Linux server infrastructure. At IMC, the Linux Engineering team is at the heart of our operations, managing the provisioning, configuration, and ongoing performance of an extensive and mission-critical Linux server fleet. In this role, you will leverage cutting-edge automation and self-service tools to ensure our servers are not only stable and reliable but also scalable to meet the demands of a rapidly evolving industry. Your innovative approach and commitment to continuous improvement will help drive us to remain leaders in the field, integrating the latest technologies and methodologies to maintain our competitive edge. Your Core Responsibilities: Use state-of-the-art tools and methods to troubleshoot and resolve complex issues on enterprise Linux systems, ensuring the stability and functionality of our key trading and development systems Enhance and support configuration management code and automated processes that operate on 7500+ critical Linux systems in a near 24/7 High-Frequency Trading (HFT), Ultra Low Latency environment Apply your Python expertise to design, develop, and support processes that manage and maintain critical Linux systems at scale in a diverse and technically complex environment Improve and support existing programs and processes that provision bare-metal servers, transforming them from a blank-slate to fully functioning Linux trading and development platforms Support and enhance our metrics and log collection infrastructure, as well as our core monitoring and alerting tools, ensuring robust system visibility Consistently communicate status updates, ideas, and strategies with peers and stakeholders through various channels including chats, face-to-face interactions, issue tracking tickets, clear commit messages, and well-documented merge requests Your Skills and Experience: Bachelor’s Degree in Computer Engineering or similar field of study 5+ years of experience in Linux engineering, debugging, administration, and OS system provisioning (PXE/DHCP/TFTP/Grub) Extensive experience with configuration management at scale, preferably with Puppet and Hiera Experience in Docker image building, modification, and publishing Hands-on experience with Kubernetes Advanced skills in Python for automation, API programming, design, unit testing, and debugging Proven experience in designing Ansible tasks and playbooks, as well as utilizing Ansible Tower Expertise in RPM design, build, publishing, and repository management Familiarity with CI/CD pipelines, version control systems (git), branching and merging best practices Proficiency in a range of system/network tools and services including EBPF, tcpdump, strace, nmcli (Network Manager), systemd, ntp/ptp, lsof, nc, nmap and NFS/S3 storage Proficiency with networking fundamentals including DNS, TCP/UDP/multicast etc. Experience with monitoring tools such as Prometheus/Grafana, Alert Manager, Alerta and OpsGenie About Us IMC is a leading trading firm, known worldwide for our advanced, low-latency technology and world-class execution capabilities. Over the past 30 years, we’ve been a stabilizing force in the financial markets – providing the essential liquidity our counterparties depend on. Across offices in the US, Europe, and Asia Pacific, our talented employees are united by our entrepreneurial spirit, exceptional culture, and commitment to giving back. It's a strong foundation that allows us to grow and add new capabilities, year after year. From entering dynamic new markets, to developing a state-of-the-art research environment and diversifying our trading strategies, we dare to imagine what could be and work together to make it happen. Show more Show less

Job Title: Cybersecurity Trainer (CEH, OSCP Certified) Location: New Delhi (On-Site) Company: IICSEH – International Institute of Cybersecurity and Ethical Hacking Job Type: Full-Time About Us: IICSEH is a premier cybersecurity company offering advanced training and professional cybersecurity services. We are committed to building the next generation of cybersecurity professionals by delivering industry-relevant, hands-on training. Job Summary: We are looking for an experienced and passionate Cybersecurity Trainer with CEH and OSCP certifications to join our training team. The ideal candidate will be responsible for delivering high-quality instruction in the areas of CEH, Linux, Web Application Penetration Testing (WAPT), Network Penetration Testing (NPT), and RHCSA . Key Responsibilities: Deliver engaging, hands-on training sessions both online and in-person (as needed). Design and update training materials, lab exercises, and course content to reflect the latest cybersecurity trends and tools. Guide and mentor students through real-world cybersecurity scenarios and practical labs. Evaluate student progress, provide feedback, and help prepare them for certification exams. Stay updated with industry developments, certifications, and emerging threats. Required Qualifications: Certifications: CEH (Certified Ethical Hacker) and OSCP (Offensive Security Certified Professional) – Preferred but not necessary. Strong command over topics such as Linux fundamentals, ethical hacking, penetration testing, and cybersecurity tools. Experience training or mentoring students/professionals in a structured environment. Excellent communication and presentation skills. Ability to simplify complex topics for a range of learning levels. Preferred Skills: RHCSA certification is a plus. Experience with tools like Burp Suite, Metasploit, Nmap, Wireshark, and Kali Linux. Familiarity with Learning Management Systems (LMS) and online teaching tools. What We Offer: Competitive compensation Flexible work environment Opportunity to shape future cybersecurity professionals Continuous learning and development support Job Type: Full-time Pay: ₹15,000.00 - ₹45,000.00 per month Benefits: Paid sick time Schedule: Day shift Supplemental Pay: Overtime pay Work Location: In person

Techvantage.ai is a next-generation technology and product engineering company at the forefront of innovation in Generative AI, Agentic AI , and autonomous intelligent systems . We build intelligent, secure, and scalable digital platforms that power the future of AI across industries. Role Overview: We are looking for a Senior Security Specialist with 8+ years of experience in cybersecurity, cloud security, and application security. You will be responsible for identifying, mitigating, and preventing threats across our technology landscape — particularly in AI-powered, data-driven environments. This role involves leading penetration testing efforts , managing vulnerability assessments , and implementing best-in-class security tools and practices to protect our platforms and clients. Key Responsibilities: Design and implement robust security architectures for cloud-native and on-prem environments. Conduct penetration testing (internal/external, network, application, API) and deliver clear remediation strategies. Perform regular vulnerability assessments using industry-standard tools and frameworks. Lead threat modeling and risk assessments across systems, services, and data pipelines. Collaborate with development and DevOps teams to integrate security in SDLC and CI/CD pipelines ( DevSecOps ). Define and enforce security policies, incident response procedures, and access controls. Monitor for security breaches and investigate security events using SIEM and forensic tools. Ensure compliance with global standards such as ISO 27001 , SOC 2 , GDPR , and HIPAA . Provide guidance on secure implementation of AI/ML components and data protection strategies. Requirements: 8+ years of experience in information security , application security , or cybersecurity engineering . Proficient in penetration testing methodologies and use of tools such as Burp Suite , Metasploit , Nmap , Wireshark , Nessus , OWASP ZAP , Qualys , etc. Deep experience in vulnerability management , patching, and security hardening practices. Strong understanding of OWASP Top 10 , CWE/SANS Top 25 , API security, and secure coding principles. Hands-on experience with cloud security (AWS, Azure, or GCP), IAM, firewalls, WAFs, encryption, and endpoint security. Familiarity with SIEM , EDR , IDS/IPS , and DLP solutions. Knowledge of DevSecOps and tools like Terraform , Kubernetes , Docker , etc. Excellent problem-solving, analytical, and incident-handling capabilities. Preferred Qualifications: Certifications such as CISSP , CISM , CEH , OSCP , or AWS Security Specialty . Experience working on security aspects of AI/ML platforms , data pipelines , or model inferencing . Familiarity with governance and compliance frameworks (e.g., PCI-DSS, HIPAA). Experience in secure agile product environments and threat modeling techniques. What We Offer: A mission-critical role securing next-gen AI systems Opportunity to work with an innovative and fast-paced tech company High visibility and leadership opportunities in a growing security function Compensation is not a constraint for the right candidate Show more Show less

About Us RoboMQ offers Hire2Retire , a Lightweight IGA (Identity, Governance and Administration) SaaS product that manages employee lifecycle from HR systems to Active Directory, Azure AD and Google Directory. Hire2Retire manages full employee lifecycle changes of new hire, change of role, terminations, and long-term leave from HR and creates and manages Identity, Access, Privilege and Resource assignments. In effect, it fully automates work typically done by a sysadmin avoiding 90% of the cost while providing superior "First Day at Work" experience and preventing security and compliance risks by ensuring role-based access controls and timely terminations. As a fast growing tech company we provide an environment of curiosity and learning to design cutting edge cloud & SaaS products coupled with fun and vibrant startup culture that has been providing accelerated growth to our people. https://www.robomq.io/about-us/ Location: Jaipur (Rajasthan) Position type: Full time Before you apply, make sure you have: 2+ years’ experience working in a DevOps, Platform Engineer or Site Reliability Engineer Role. B. Tech degree with relevant technical experience. Demonstrated ability to be on-call support to handle critical infrastructure issues. Ability to quickly learn new technologies and implement to our rapidly evolving product and business. Exceptional verbal and written communication skills. Experience working on distributed systems. Responsibilities Maintain and administer multiple multi-node Kubernetes clusters for high availability and optimum performance. Set up and manage logging, monitoring, and alerting using tools like Prometheus, Grafana, EFK, or CloudWatch. Design, implement, and manage CI/CD pipelines for seamless deployments. Work on the cloud infrastructure hosted on AWS to keep it secure and optimized. Automate infrastructure provisioning, scaling, and security compliance on AWS through Terraform. Strengthen cloud security through IAM policies, encryption, and vulnerability scans. Perform root cause analysis and system troubleshooting and implement improvements. Work with Penetration testing tools like NMAP to analyse and improve network security. Strengthening overall security including infrastructure security, webapp security and IAM security. Key Skills [Must have] Strong hands-on experience with Docker and Kubernetes. Strong understanding of Git and version control. CI /CD: Jenkins, GitHub, GitHub Actions Infrastructure as Code (experience on Terraform) Experience of deploying and managing cloud-based applications, preferably on AWS. Cloud Networking & Security fundamentals (IAM, firewalls, SSL, encryption). Excellent knowledge of shell scripting. Cyber Security: OWASP Top 10, NMAP, ZAP Additional Skills [Good to have] Helm charts: kOps SonarQube Monitoring: Prometheus, Grafana, Alert Manager. Logging: Elastic Search, FluentD, Kibana Networking: Istio, Kong Hands on experience with a programming language. Experience with message queues (Kafka, RabbitMQ, SQS) Familiarity with SRE (Site Reliability Engineering) practices Show more Show less

🛡️ Cybersecurity Analyst Intern 📍 Location: Remote (100% Virtual) 📅 Duration: 3 Months 💸 Stipend for Top Interns: ₹15,000 🎁 Perks: Certificate | Letter of Recommendation | Full-Time Offer (Performance-Based) About INLIGHN TECH INLIGHN TECH is committed to providing real-world, project-based learning for students and fresh graduates to bridge the gap between theory and practical skills. Our cybersecurity internship equips aspiring professionals with hands-on experience in identifying, analyzing, and mitigating security threats in a virtual and collaborative environment. Internship Overview As a Cybersecurity Analyst Intern , you'll gain hands-on exposure to threat detection, vulnerability assessment, and incident response . You will work with real-world scenarios, learn key tools used in the industry, and develop practical strategies to secure systems and data from malicious activity. 🔧 Key Responsibilities Monitor systems and networks for suspicious activity or security breaches Assist in conducting vulnerability assessments and penetration testing Analyze logs, reports, and alerts to identify potential threats Research and stay up to date with emerging cybersecurity trends and threats Support the creation of incident response plans, security policies, and documentation Use tools like Wireshark, Nmap, Metasploit, Burp Suite , and others Collaborate with team members to ensure system security across environments ✅ Qualifications Pursuing or recently completed a degree in Cybersecurity, Computer Science, IT , or a related field Familiarity with network protocols, firewalls, and common attack vectors Basic understanding of tools like Kali Linux, Burp Suite, or Nessus Knowledge of OWASP Top 10 vulnerabilities and mitigation techniques Ability to work with Linux and command-line interfaces Passion for ethical hacking, security research, and learning new tools 🎓 What You’ll Gain Practical experience in cyber defense and threat mitigation Exposure to real-world cybersecurity tools and scenarios Internship Certificate of Completion Letter of Recommendation for top performers Opportunity for a Full-Time Offer based on performance A strong portfolio of cybersecurity projects and reports Show more Show less

Cybersecurity Internship Opportunity (Remote, 1 Month – Unpaid) ✅ No thousands of registration fees, no thousands of joining fees, no course purchases — this is a 100% skill-focused internship designed to give you hands-on experience in Cybersecurity using industry-relevant tools and techniques! 📍 Location: Remote ⏳ Duration: 1 Month 💸 Compensation: Unpaid 🎓 Eligibility: Open to all 1st, 2nd, 3rd, and 4th Year Students, as well as Recent Graduates 🔍 About the Internship: Elevate Labs offers a golden opportunity to enter the critical and growing field of Cybersecurity. This remote internship helps you gain real-world exposure by practicing ethical hacking, vulnerability scanning, network security, and incident response through live projects and expert mentorship. 🎯 No fluff — just risk assessment, basic pen-testing, tools, and security practices that make you job-ready. ✨ What You’ll Gain: ✔️ MSME Registered Internship Certificate ✔️ Letter of Recommendation (LOR) for top performers ✔️ Top Performer Badge to boost your LinkedIn and resume ✔️ Opportunity for a Full-Time Role — Top 10 performers will be considered 🌟 Who Should Apply? Students from any year (1st–4th) Recent Graduates Anyone interested in Ethical Hacking, Cybersecurity, or Information Security 🧠 Skills You’ll Practice: Fundamentals of Cybersecurity and Network Security Scanning and Reconnaissance (Nmap, Whois, etc.) Web Application Security Basics (OWASP Top 10) System Hardening & Security Configuration Intro to Ethical Hacking and Vulnerability Assessment Basic Scripting (Bash/Python) for Automation Incident Detection and Response Basics 🔧 Tools & Technologies: Wireshark, Nmap, Burp Suite, OWASP ZAP, Kali Linux, Metasploit (Intro), Linux Terminal, Python/Bash Scripting 🚀 Ready to secure systems, detect threats, and explore vulnerabilities ? This internship is your chance to gain hands-on Cybersecurity skills and kickstart your journey into ethical hacking and digital defense. Show more Show less

Job Description: Experience Level: 12+ years. Location: Hyderabad Responsibilities Include: Performing formal and informal targeted “Hunts” to identify vulnerabilities. Actively building and participating in Red Team exercises. Design and execute red team engagements, simulating advanced attack scenarios to identify vulnerabilities and assess the effectiveness of security measures. Conduct penetration tests on networks, applications, and physical security controls. Employing tactics to uncover security holes in user practices and procedures. Develop and execute red team strategies and methodologies to uncover potential security gaps. Analyze and report on findings from red team exercises, including detailed recommendations for remediation. Providing feedback and verification as security issues are fixed. Stay current with the latest security threats, attack techniques, and industry trends. Communicate complex security concepts to both technical and non-technical stakeholders. Collaborate with other security teams to improve overall security practices and incident response capabilities. Be proactive and demonstrate the ability to analyze issues, generate ideas, and initiate action while achieving results. Effectively manages multiple tasks / projects with close attention to detail and meets short turnarounds and deadlines. Collaborate with leadership teams, provide subject matter expertise and insights. Support and guide team members in providing high-quality and actionable intelligence products / deliverables. Support, guide and mentor team members in technical and functional matters The expert in this role will perform analysis of complex security issues and corresponding activities to help mitigate risk. Includes forward looking research, planning and strategy to strengthen our stance against future cyber security threats and attacks, and enhancing our mitigation techniques, processes, and technology solutions. Required skills: At least 12+ years of experience in penetration testing and red team operations. Expert level understanding of Transmission Control Protocol / Internet Protocol (TCP/IP) protocols, devices, security mechanisms and how they operate. Strong understanding of network security threats including APT, botnets, Distributed Denial of Service (DDoS) attacks, worms, and network exploits. Expert knowledge of attack vectors, exploitation techniques, and vulnerability assessment methodologies. Experience with industry-standard penetration testing tools and frameworks. Experience with network probing/testing/analysis tools (Nessus, nmap, burp, wireshark, etc.) Deep technical knowledge of Windows, UNIX and Linux operating systems as both an expert user and system administrator Programming skills that will be used to construct, modify, and execute testing tools including shell (ksh, bash), [g]awk, Python, PERL, regex, .NET Programming, Java, C, C++, C#, PowerShell, curl, Web application development (PHP, ASP.NET, etc.) Comprehensive knowledge of software security testing principles, practices, and tools, experience of vulnerability assessments in a complex environment. Experience or familiarity with vulnerability analysis, computer forensics tools, cryptography principles Excellent teamwork skills for collaboration on analysis techniques, implementation, and reporting. Must be able to work both independently as well as effectively in teams of individuals with a variety of skills and backgrounds. Excellent written and verbal communication skills and have demonstrated ability to present material to senior officials. Highly self-motivated requiring little direction. Demonstrates creative/out-of-the-box thinking and good problem-solving skills. Demonstrates strong ethical behavior. Sense of urgency and attention to detail Flexible to provide coverage in US morning hours on a need-basis, and as required Desirable skills: Strong knowledge of an enterprise architecture Ability to obtain a strong and ongoing understanding of the technical details involved in current APT threats and exploits involving various operating systems, applications and networking protocols. Knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. Understanding of cloud-based architectures and highly distributed big data architectures Experience with application security testing tools, such as the Metasploit framework and Burp Suite One or more of these certifications CEH: Certified Ethical Hacker CPT: Certified Penetration Tester CEPT: Certified Expert Penetration Tester GPEN: GIAC Certified Penetration Tester OSCP: Offensive Security Certified Professional BS/MS degree in Computer Science, Cyber Security, Engineering, or related technical field Prior experience with Telecom sector. Additional information (if any): Need to be flexible to provide coverage in US morning hours. Weekly Hours: 40 Time Type: Regular Location: IND:AP:Hyderabad / Atria Building, Plot 17 - Adm: Atria Building, Plot No 17 It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made. Job ID R-60445 Date posted 05/16/2025 Benefits Your needs? Met. Your wants? Considered. Take a look at our comprehensive benefits. Paid Time Off Tuition Assistance Insurance Options Discounts Training & Development

Ethical Hacking Intern Company: INLIGHN TECH Location: Remote (100% Virtual) Duration: 3 Months Stipend for Top Interns: ₹15,000 Certificate Provided | LOR | Potential Full-Time Offer Based on Performance About the Company: INLIGHN TECH is dedicated to preparing the next generation of cybersecurity professionals by offering hands-on, project-based internships. Our Ethical Hacking Internship provides a comprehensive opportunity to explore system vulnerabilities, learn penetration testing techniques, and gain practical skills essential for the cybersecurity field. Role Overview: As an Ethical Hacking Intern, you'll work closely with our cybersecurity experts to identify and analyze security flaws in systems and applications. This role provides exposure to real-world security challenges and helps you build foundational skills in ethical hacking and penetration testing. Key Responsibilities: Perform vulnerability assessments and penetration tests on simulated environments Analyze system security using tools like Nmap, Burp Suite, Wireshark, Metasploit, etc. Document findings and recommend mitigation strategies Assist in developing scripts or tools for automation of testing processes Stay updated with the latest cybersecurity threats and trends Create reports highlighting attack vectors and potential security improvements Qualifications: Pursuing or recently completed a degree in Cybersecurity, Computer Science, Information Technology, or related field Basic knowledge of ethical hacking techniques, OWASP Top 10, and Linux commands Familiarity with tools such as Kali Linux, Nmap, Wireshark, and Metasploit Strong curiosity and passion for cybersecurity Good analytical, problem-solving, and documentation skills Internship Benefits: Hands-on training in ethical hacking tools and techniques Certificate of Internship upon successful completion Letter of Recommendation for high-performing interns Opportunity to contribute to real-world security simulations and projects Top interns eligible for stipend and full-time job offers Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (OT Security) – Technology Consulting – Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills And Attributes For Success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (OT Security) – Technology Consulting – Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills And Attributes For Success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (OT Security) – Technology Consulting – Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills And Attributes For Success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. EY- Cyber Security (OT Security) – Technology Consulting – Senior GDS Advisory's Risk group is a unique, industry-focused business unit that provides a broad range of integrated services that leverage deep industry experience with strong functional capability and product knowledge. Risk practice team provides integrated advisory services to leading Fortune 500 Companies. The team provides Risk Assurance, Risk Transformation, Internal Audit, Cybersecurity, Financial Services Risk Management and Actuarial services that take an enterprise-wide view, so that risk mitigation and risk management strategies and processes are embedded in every part of the organization. Our services mitigate risk, reduce the cost of control and help create value. The opportunity The GDS Architecture Engineering and Emerging Technology (AEET) services help our clients tackle the many security challenges they face on a daily basis and develop effective solutions using people, processes and technology, while enabling better security and risk decisions, and reducing costs related to manging security risks. The AEET team is looking for individuals who will play a direct role in delivery of Operational Technology (OT) security engagements, development of proposals in this area, and develop OT security solutions. You will play a key role in supporting our clients to secure their IT/OT environments, either through advisory and/or implementation support. Your key responsibilities To qualify, candidates must have: Understanding of security-related operational processes in the OT-ICS environments Understanding of OT SOC/ OT Identity Access Management/ OT Pen testing/ Zero Trust on OT Understanding of technologies (typical assets, communication protocols, technical architectures) utilized by OT-ICS systems and networks Knowledge of cyber / information security concepts, risk and controls concepts Understanding of aspects of functional safety (SIS) Knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts Knowledge of the technical security solutions utilized within OT-ICS systems and networks Knowledge of OS (Windows / Linux) security, Database security Knowledge of IT infrastructure Knowledge of cyber threats and vulnerabilities related to platform and infrastructure is a plus Prior experience working alongside delivery leads and architects to Identify and manage risks is a plus Skills And Attributes For Success Completed technical higher education in the field of industrial automation, computer science, electronics or other relevant fields Certificates or education related to industrial automation / engineering etc. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP Knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, NIST standards on Cyber Security, HITRUST, etc. is a plus Knowledge on tools like Nessus, BackTrack, NMAP, BurpSuite, etc. is a definite plus Knowledge on OT network monitoring solution such as Nozomi, Claroty, Armis, DarkTrace, Azure Defender. To qualify for the role, you must have 5+ years of experience in the Cyber Security and OT Security Domain Minimum B. Tech. or equivalent educational qualification ISA/IEC 62443 Fundamental* SCADA Fundamentals CompTIA Network+ CompTIA Security+ What We Look For A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills. An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide. Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today. Show more Show less

Responsibilities : Founded in 1991, Lexmark is recognized as a global leader in imaging and output technology solutions and managed print services by many of the technology industry’s leading market analyst firms. Lexmark sells its products and services in more than 170 countries and has its headquarters in Lexington, Kentucky. Lexmark India, located in Kolkata, is one of the research and development centers of Lexmark International Inc. Our diverse workforce collaborates their skills and ideas to build, deliver, and support first-class products and solutions for our customers. This job is for a strong technical person in Security Testing role. Candidate should be a B.E./B.Tech. or higher from a reputed Engineering College/University with around 3 to 5 years of hands-on application security testing experience. If you are a self-starter and have the aptitude, analytical skills and passion for technology then you will fit right into our Software Security testing team. You’re having prior experience of working in an agile/scrum environment will prove to be an added advantage. Development experience will be a plus. Your Tasks include: Conduct web application security assessments and penetration tests. Assess applications for issues surrounding Authentication, Authorization, User management, Session management, Data validation, including all common attacks such as SQL injection, Cross-site scripting, Command injection, Error handling, Auditing and logging. Assess the security aspects of Web Services design and implementation, including confidentiality, integrity, trust relationships, and authentication using security standards like XML signatures, XML encryption, SAML, and WS-Security. Thick client assessment experience Write formal security assessment reports for each application, using Foundstone reporting format. Participate in conference calls with clients to perform initial data gathering and a follow-up advisory for technical issues. Vulnerability and network penetration assessments Mobile applications security testing Publish whitepapers, tools and deliver presentations. Cloud application Security testing Required skills include: Knowledge of tools such as Fiddler, Paros, Burp, Sqlmap, Nikto, Nmap, Openssl, Mallory, Wireshark etc. Mobile application development, assessment (iOS, Android, Windows) experience Web application development experience in any of the major languages such as C#, Java, PHP, ASP.NET etc. is a plus Knowledge of scripting languages such as Python, JavaScript, Ruby, SQL etc. is a plus Experience reviewing code in C, C++, Java, PHP, C#, ASP.NET, Go etc. Familiarity with automated source code analysis tools such as Acunetix , Appscan etc. Certifications such as OSCP or CEH is a plus Working knowledge of version control software like git and Subversion. Can demonstrate Lexmark core values: Innovation, Excellence, Agility, Integrity, Community, and Respect. How to Apply ? Are you an innovator? Here is your chance to make your mark with a global technology leader. Apply now! Global Privacy Notice Lexmark is committed to appropriately protecting and managing any personal information you share with us. Click here to view Lexmark's Privacy Notice. Show more Show less

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. Bachelor or Master degree in computer science with a minimum of 8 years in cyber security domain Technical background in networking/system administration, security testing or related fields In-depth knowledge of TCP/IP Two or more years of Perl, Python, Bash, or C experience Operating System Configuration and Security experience (Windows, HP-UX, Linux, Solaris, AIX, etc.) Configuration and Security experience with firewalls, switches, routers, VPNs Experience with security and architecture testing and development frameworks, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115 Familiar with security testing techniques such as threat modeling, network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, configuration reviews, firewall rule reviews, social engineering, wireless penetration testing, fuzzing, and password cracking and can perform these techniques from a variety of adversarial perspectives (white-, grey-, black-box) Experience with discovering, utilizing, and possibly writing exploits for such vulnerabilities as buffer and stack overflows Familiar with the logistics of security testing such as acquiring authorization for testing, reporting, risk analysis of findings, data handling, and legal considerations Commercial Application Security tools experience (Nessus, Nexpose, Qualys, Appdetective, Appscan, etc.) Open source and free tools experience (Kali Linux suite, Metasploit, nmap, airsnort, Wireshark, Burp Suite, Paros, etc.) One or more of the following testing certifications: Certified Ethical Hacker (CEH); GIAC Certified Penetration Tester (GPEN); Offensive Security Certified Professional (OSCP); or equivalent development or testing certification (ECSA, CEPT, CPTE, CPTS, etc) In addition, one or more of the following governance certifications is preferred: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®) Strong leadership and communication skills, technical knowledge, and the ability to write at a "publication" quality level in order to communicate findings and recommendations to the client's senior management Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices The standard work hours for this role are from 3:30 PM to 11:00 PM IST, aligned to support client requirements and deliverables and engagements. Candidates should be comfortable with this fixed shift timing Position & Key Responsibilities Develop an understanding of the RSM US Risk Consulting service offerings, methodologies, and tools Perform analysis and testing to verify the strengths and weaknesses of client IT environments utilizing commercial and open source security testing tools Perform Internet penetration testing (blackbox/ greybox / whitebox testing) and network architecture reviews (manual/ automated) Perform other security testing tasks such as wireless penetration testing, social engineering campaigns (email, web, phone, physical, etc.), mobile application testing, embedded device testing, and similar activities meant to identify critical weaknesses within client environments Assist with the development of remediation recommendations for identified findings Identify and clearly articulate (written and verbal) findings to senior management and clients Help identify improvement opportunities for assigned clients Supervise and provide engagement management for other staff working on assigned engagements Works closely with the client and RSM team to make sure we meet or exceed client expectations on each engagement and maintain high customer satisfaction. Exercise professional skepticism, judgment and adhere to the code of ethics while on engagements Ensure that documentation is compliant with the quality standards of the firm Work collaboratively as a part of the team and communicate effectively with RSM consulting professionals, and senior management in the U.S. on a daily basis Key Skills To Accelerate Career Maintains a high degree of quality and client relationship on multiple clients at the same time Positively engages, motivates and influences team members Identifies client needs/requirements and initiates discussion to expand services through a solid understanding of the firm’s service capabilities and offerings Subscribes to and actively read industry publications and share relevant information with clients as considered applicable At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/india.html. RSM does not tolerate discrimination and/or harassment based on race; colour; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the Indian Armed Forces; Indian Armed Forces Veterans, and Indian Armed Forces Personnel status; pre-disposing genetic characteristics or any other characteristic protected under applicable provincial employment legislation. Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please send us an email at careers@rsmus.com. Show more Show less

Share this job About The Company The Hitachi Energy India Operations Center (INOPC) houses over 3,000 energy transition technologists in three locations from grid automation, transformers, high voltage products, grid integration and service businesses. Spread over 3,00,000 sq feet, with nearly 50,000 sq feet of dedicated lab space, the center brings under one roof diverse engineering capability that has been built over the years, fostering collaboration to advance the world’s energy system to be more sustainable, flexible and secure. INOPC supports Hitachi Energy units across 40+ countries to deliver projects in 80+ countries. We are technology leaders at the forefront of evolving the world’s future energy system. The rising energy consumption with changing lifestyles and rapid urbanization, is driving the need for affordable, reliable and sustainable energy. Our innovative technologies help to make the energy system more resilient, secure and safe. Electricity will be the backbone of the carbon-neutral future and together, with customers and partners, we are co-creating solutions that are helping to accelerate the energy transition. Customers count on our technologies to help them to integrate huge volumes of renewable energy into the world’s grids and manage increasing levels of complexity; and our technologies are also instrumental to the electrification of transportation, industry and smart life sectors. The center equally focuses on catering to grow complexity in domestic and international grids and is a key lever for Hitachi Energy’s growth globally. How You’ll Make An Impact Responsible for Cybersecurity requirement from Tender till Project Handover. Coordinate with CSSL/CSSO to fulfill Hitachi Energy requirement and Customer requirement Ensure the project delivered to customer is inline and complaint with the Hitachi Energy security requirement and Customer Security requirement. Make sure Hitachi Energy is protected from a legal and brand perspective. Align and comply with Customer requirement and Hitachi Energy’s internal cyber security requirements for Delivery projects. Assess, identify deviation and Risks in Customer requirement and required standard & regulatory requirement during Tender. Coordinate with Tender Responsible for Success Cybersecurity related Tender Submittal. Ensure required inputs are captured in tender to comply with mandatory Business CS standard and Customer requirement. Support in Company Risk Review and make sure HE is protected with regards to Cybersecurity Ensure Fulfillment of the Secure Project Deployment requirement for all the delivery projects. Acts a liaison with the Customer about Hitachi Energy’s automation solution’s adherence to customer requirements and required standard & regulation. Perform Cyber Security Risk assessment for the project. Review Project Cybersecurity deliverables is implemented and delivered as agreed. For platforms certified with IEC 62443-3-3, make sure that the delivery project is within the requirements of the standard to the extent possible Support to enhance and maintain the CS documentation for project deliverables Ensure the Vulnerability Management in delivery projects Support in Business in achieving IEC 62443 2-4 Certification and in IEC 62443 3-3 certification. Support in maintaining and improving the Cybersecurity solution Contribute to Cybersecurity Assurance process definition and improvement in Customer Delivery Projects. Ensure Test area Asset security Management and Security tools. Living Hitachi Energy’s core values of safety and integrity, which means taking responsibility for your own actions while caring for your colleagues and the business Your Background Should have a minimum 6+ years of IT/OT Industry Experience in Control System Automation ( 3+ years of Cybersecurity with emphasis on OT) OR Should have at least 5 + years as an OT Cyber Security Implementer or Architect Engineering degree in (Instrumentation/ Electrical or Electronics) Added Plus to have Masters in Cybersecurity or Accredited Cybersecurity Certification and experienced working in OT environment components and OT security. Advanced Knowledge OT Networking and Network security and knowledge of Cybersecurity Regulation, Standards and Framework - (IEC62443, NERC–CIP, BDEW, NIST Publication). Awareness on current Cybersecurity controls and solutions – Endpoint Security, AAA, Security logging, Hardening benchmarks and knowledge on Security tool (NESSUS, CIS CAT, Nmap) Understanding on Computer networks and network security – Firewall, IDS and Basic knowledge Operating systems security - Windows Operating system Desirable with ISA 99 / 62443 – Cybersecurity Fundamentals Specialist, GIAC, GICSP, CEH certification Work experience with Cyber Security in Critical Infrastructure is a plus and emerging OT Cybersecurity-related technologies Communicate, present and report to relevant internal and external stakeholders Risk Assessment on the Delivery System and Mentor and train Project Engineers on Cyber Security area. Monitor every Project and ensure the compliance to Cybersecurity requirement before delivery and Emphasis Secure work culture of self or peers Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. Attention to detail and a commitment to delivering high-quality digital solutions Apply now Location Chennai, Tamil Nadu, India Job type Full time Experience Experienced Job function Engineering & Science Contract Regular Publication date 2025-05-29 Reference number R0089249 Show more Show less

Offensive Security Professional Job Req ID: 47405 Posting Date: 29 May 2025 Function: Cyber Security Unit: Location: 25A DLF City Phase-III,, Gurugram, India Salary: Competitive Hiring Manager: Abhishar Balodhi Recruiter: Archana SM Location: Gurugram Carrer Level: E Why BT We’ve always been an organisation with a purpose; to use the power of communication to make a better world. You can trace this back to our beginning as pioneers of the world’s firs telecommunications company. At our heart we’re a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed.Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale capable of achieving great things. From supporting emergency services, hospitals, banks and keeping economies around the world online, safe and secure, to delivering large scale technology infrastructure like the creation of BT Sport. Today in this fast-changing, always on, digital world our purpose remains true. Yet the market conditions, regulations and competition we face are tougher than ever before. So, if you have the drive, optimism and resilience to help propel us forward we’ll offer unrivalled personal development, a wealth of opportunities to learn, experience new things and pursue new careers. If that’s you and what you’re looking for, we’d love you to be part of our future. Why this job matters As an experienced Information Security Services provider, we will help lead a highly motivated team laser-focused on analysing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What I’ll be doing – your accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support – Protect BT ISO27001 certificate for Offensive Security team The skills you need Pentest Skills – Web application pen test (OWASP, NIST framework), Network pen test (Linux, windows), API & Mobile pen test. Networking Skills – TCP/IP packet level understanding, Routing, Switching, firewall understanding. Linux Skills – Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework (CVE/CVSS) and Security assessment tools (such as Nmap, Metasploit, Burp Suite, SQL map, Nessus) Regulatory Understanding- PCI DSS guidelines, GDPR. Leadership accountabilities Accountabilities of the job: Solution focused achiever: We need this person to focus on delivering exceptional penetration testing services Customer champion: we are transforming how we communicate with our customers and need responsible person with a customer-focused attitude. Change agent: We need a tester who sees our processes and immediately thinks of better ways to do what we are doing and then leads that change. Experience you would be expected to have Mandatory 2-4 Years experience in the field on pen testing. Mandatory Bachelor’s degree or higher preferred. CEH, OSCP, CREST, LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable of working successfully with end customers PREFERRED. BT is part of BT Group, along with EE, Openreach, and Plusnet. Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding. We value diversity and celebrate difference. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’ We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help and support, learning and development. This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it.

Job Title: VAPT From Consult to Associate Director Location: Gurgaon, Mohali Experience: 1 to 10+ years Work Mode: Onsite Role Overview: We are seeking a highly skilled Vulnerability Assessment and Penetration Testing (VAPT) Manager / Senior Manager to lead and manage end-to-end security assessment projects across applications, infrastructure, networks, and cloud environments. This role involves both hands-on technical execution and oversight of team deliverables, with a focus on client delivery, quality assurance, and stakeholder communication. Key Responsibilities: Lead and execute VAPT engagements across web apps, mobile apps, infrastructure, networks, cloud platforms , and source code reviews . Conduct detailed manual and automated vulnerability assessments and penetration testing. Review and validate test reports, ensuring clear and actionable remediation guidance. Mentor and guide junior team members, supporting their technical and professional development. Coordinate with clients, internal teams, and management to deliver secure, compliant, and high-quality solutions. Stay updated with emerging threats, tools, and techniques in the cybersecurity domain. Ensure adherence to industry standards such as OWASP, NIST, ISO 27001, PCI-DSS, and RBI guidelines . Desired Skills & Experience: 1 to 10+ years of experience in VAPT with strong expertise in manual testing beyond automated scanners. Hands-on experience with tools such as Burp Suite, Metasploit, Nessus, Nmap, Wireshark, Fortify, AppScan , etc. Proficiency in secure coding practices and at least one programming language (e.g., Python, Java, JavaScript). Strong report writing, presentation, and communication skills. Familiarity with cloud security (AWS, Azure, GCP) is a plus. OSCP certification is an added advantage, but not mandatory . Experience managing security projects and small teams preferred. Why Join Us? Work on high-impact cybersecurity projects. Opportunity to lead and grow a team of security professionals. Collaborative work environment with cutting-edge tools and training. Competitive salary and benefits. Priority consideration for immediate joiners . Show more Show less

Description As an IT/OT Vulnerability Assessment and Penetration Testing (VAPT) Engineer, you will be engaged in identifying and mitigating security vulnerabilities across IT systems, Industrial Control Systems (ICS), and Industrial Internet of Things (IIoT) environments. Your work will involve rigorous security assessments of critical infrastructure, SCADA systems, PLCs, field devices, gateways, and cloud-connected IIoT platforms. You will simulate advanced adversary tactics to expose vulnerabilities and provide strategic remediation guidance. The role is suited for professionals with a deep understanding of both enterprise IT security and industrial/embedded system ecosystems. Responsibilities 1-Vulnerability Assessment & Penetration Testing (IT + ICS/IIoT): Perform black-box, grey-box, and white-box VAPT on: Enterprise IT assets (servers, databases, web/mobile apps, Active Directory, cloud) OT/ICS assets (PLCs, RTUs, HMIs, engineering workstations, protocol gateways) IIoT platforms (MQTT/CoAP-based telemetry, edge gateways, cloud dashboards) Emulate APT-level attacks across air-gapped, segmented, or hybrid IT-OT architectures. Execute Red Team scenarios to simulate insider threats or supply chain compromise. 2- ICS Protocol & Field Device Security Testing: Analyze and exploit vulnerabilities in ICS protocols: Modbus TCP, DNP3, IEC 104, OPC-UA, S7comm, Profinet, BACnet, CIP (EtherNet/IP), MQTT, CoAP Perform live traffic analysis, packet manipulation, and protocol fuzzing to test resilience. Evaluate control logic vulnerabilities in ladder logic, structured text, and function blocks. 3- Firmware & Hardware Exploitation (IIoT/ICS Devices): Extract and analyze firmware from industrial devices using JTAG, UART, SPI interfaces. Perform static and dynamic analysis using Ghidra, Binwalk, Radare2, or IDA Pro. Reverse engineer file systems (e.g., squashfs, cramfs) and analyze web interfaces or CLI backdoors. Exploit misconfigured bootloaders, insecure firmware upgrade mechanisms, or exposed debug ports. 4- Network Architecture & Segmentation Testing: Review and test IT-OT segmentation via firewall ACLs, VLANs, DMZ configurations. Assess trust relationships, weak credential policies, and insecure remote access (e.g., exposed VNC, Telnet, RDP). Identify unauthorized bridging of air-gapped networks or misconfigured routing/switching. 5- Cloud & IIoT Platform Security: Evaluate MQTT brokers, edge-to-cloud telemetry, and analytics pipelines. Test REST APIs, insecure mobile app integrations, and cloud misconfigurations (S3, IAM, IoT Core). Identify insecure certificate handling, default API tokens, and lack of encryption at rest/in transit. Reporting & Mitigation Develop technical and executive-level reports with CVSS scoring, attack paths, and exploitation evidence. Recommend hardening measures for both IT (patches, SIEM, EDR) and OT (control policy tuning, physical zoning, least privilege for operators). Coordinate with ICS engineers, IT admins, and SOC teams for patch validation and monitoring upgrades. Compliance & Framework Alignment Ensure assessments comply with industry and regulatory frameworks: NIST SP 800-82, ISA/IEC 62443, ISO 27001, NERC CIP, SANS ICS Top 20 Map findings to MITRE ATT&CK for ICS and monitor emerging CVEs relevant to industrial products. Eligibility Educational Background: Bachelor’s or Master’s in Cybersecurity, Computer Science, Industrial Automation, Electronics, or a related field. Technical Skills: Deep knowledge of ICS/SCADA systems, embedded architectures, and real-time OS (VxWorks, QNX, FreeRTOS). Hands-on experience with tools: VAPT Tools: Nessus, Burp Suite, Metasploit, Nmap, Nikto, SQLMap ICS Tools: Wireshark, Scapy, PLCScan, ICSFuzz, S7comm Tools, Conpot, ModScan Firmware Tools: Binwalk, Ghidra, Radare2, OpenOCD, Logic Analyzers IIoT Security: Shodan, Censys, MQTTX, Postman, OWASP ZAP Certifications (Preferred): OSCP, GRID, GICSP, CRT, CRTP, CEH, CISSP, or equivalent. Participation in ICS/IoT-focused CTFs or open-source contributions is a plus. Travel As and when required, across the country for project execution and monitoring as well as for coordination with geographically distributed teams. Communication Submit a cover letter summarising your experience in relevant technologies and software along with a resume and the Latest passport-size photograph. Show more Show less