510 Nmap Jobs - Page 2

Job Title: IT Security Engineer – Contractual (3+ / 5+ / 7+ Years Experience) Compensation: (6-10Lakh/10-15Lakh/12-18Lakh respectively) Location: New Delhi Type: Contractual [ 2 months contract] Openings: Multiple Domain Focus: Network Infrastructure Security, ISO 27019 Compliance Email: hr@pivotsec.in Note: This is an urgent contractual opening. Immediate joiners will be prioritized. Job Summary: P.I.V.O.T Security is seeking skilled IT Security Engineers for contractual roles with a primary focus on network architecture and infrastructure security reviews, covering routers, switches, firewalls, CCTV networks, and related devices. These roles are part of critical infrastructure security compliance assessments in alignment with ISO 27019 standards. Responsibilities (based on experience level): Review the entire network architecture, including: • Core and access routers & switches • Perimeter and internal firewalls • CCTV and physical security network components • Wireless network segmentation and NAC implementations • Conduct firewall audits, rulebase validations, and segmentation testing • Evaluate security configurations for IoT and surveillance systems (e.g., CCTV NVR/DVR) • Lead or support Vulnerability Assessment and Penetration Testing (VA/PT) of infrastructure • Identify gaps in network design, access control, and compliance with ISO 27019 • Document security weaknesses, propose remediations, and engage with client infra teams • Prepare technical documentation, risk reports, and mitigation strategies Skills & Tools: Assessment Tools: Nmap, Nessus, Burp Suite, Metasploit (based on role level) Device Knowledge: Cisco, Fortinet, Palo Alto, Juniper, Hikvision, Dahua, etc. Review Focus: Routing protocols, VLANs, ACLs, VPNs, NAT policies, CCTV network isolation Scripting (Senior roles): PowerShell, Bash, Python Understanding of critical infrastructure protection and ISO/IEC 27019 Certifications (Preferred): CEH, CompTIA Security+ (3–5 YOE) OSCP, CEH, or equivalent (5–7+ YOE) Candidate Requirements: 3 to 7+ years of experience in IT/network security, architecture assessment Strong knowledge of infrastructure hardening and secure configuration practices Ability to review, assess, and advise on physical and logical security architecture Effective communication and client interaction skills Capable of independently preparing architecture review reports To apply, email your updated resume to hr@pivotsec.in Use the subject line: "IT Security – [Years] YOE" (e.g. "IT Security – 5 YOE")

Flawit InfoSec Services Flawit InfoSec Services is a cybersecurity firm delivering comprehensive, end-to-end security solutions to enterprises, startups, and government organizations. Our core expertise includes vulnerability assessment and penetration testing (VAPT), red teaming, security operations center (SOC) implementation, risk and compliance advisory, cloud and DevSecOps security, identity and access management (IAM), and more. With a client-first approach, our certified professionals apply global frameworks like OWASP, NIST, and MITRE ATT&CK to secure digital environments and build long-term resilience against evolving threats. Role – Penetration Tester (On-site, Nashik) We are looking for a skilled Penetration Tester to join our team and lead offensive security engagements across diverse environments. The role involves simulating real-world attacks, identifying security flaws, and helping clients strengthen their cybersecurity posture through hands-on testing and tailored recommendations. Key Responsibilities: Conduct detailed vulnerability assessments and penetration tests on web applications, mobile apps, APIs, networks, wireless environments, cloud infrastructure, and thick client systems Perform red teaming exercises, social engineering assessments, and adversary simulations Reverse engineer malware and binaries to identify behavior and possible countermeasures Conduct secure code reviews to detect logic flaws, insecure implementations, and potential backdoors Prepare in-depth technical and executive reports, outlining vulnerabilities, impact, and remediation strategies Communicate findings to internal teams and client stakeholders, and support remediation discussions Develop custom scripts and tools to automate or enhance testing methodologies Stay updated with emerging threats, vulnerabilities, and attack vectors through continuous research Required Skills and Qualifications: Proven experience in web and mobile application penetration testing (OWASP Top 10, API Security) Proficient in tools such as Burp Suite, Metasploit, Nmap, Nessus, Nikto, sqlmap, Wireshark, and Dirbuster Understanding of red team operations, adversary tactics, and MITRE ATT&CK framework Hands-on knowledge of reverse engineering and malware analysis Familiarity with cloud platform security (AWS, Azure, GCP) and DevSecOps pipelines Good understanding of network protocols, operating system internals, and scripting languages (Python, Bash, PowerShell) Ability to write detailed documentation and deliver concise, clear reports to technical and non-technical audiences Bachelor's degree in Cybersecurity, Computer Science, or a related field Relevant certifications are a plus (OSCP, OSEP, OSCE, CRTP, eJPT, CEH, etc.)

As a Senior Consultant in the Cyber Security department located in Gurugram, you will be responsible for various tasks and possess a range of skills and experiences. Your role will involve working on programming languages used for storing and processing raw data, having knowledge of operating systems such as Windows, macOS, Linux, UNIX, and other OSs, conducting penetration testing, understanding ethical hacking and coding practices, mastering advanced persistent threat management, ensuring firewall safety and management, utilizing encryption techniques and capabilities, conducting compliance assessments, and working with frameworks like COBIT and ITIL. You should have at least 5 years of relevant experience in cybersecurity, IT systems operation, and IT solutions development and maintenance. You must be well-versed in configuring and troubleshooting vulnerability management platforms like Tenable or Qualys, as well as patch management control platforms such as Microsoft MECM/SCCM. Experience in supporting patch management, vulnerability management, or configuration management programs is crucial, along with troubleshooting patch deployment and installation through log analysis and investigation. Your expertise should include knowledge of OWASP top 10 and other network security frameworks, hands-on experience in VAPT for application and network security, skills in configuration review, policy review, hardening of systems and networks, endpoint review, application code review, and testing tools. You should possess excellent communication and analytical skills to interact with clients directly, experience in Mobile AppSEC for Android and iOS, API testing, willingness to travel, good presentation and report-making skills, research knowledge in cyber security for consulting and customizing services, and hands-on working knowledge of tools like Burp, Nessus, Nmap, Qualys, Acunetix, Metasploit, and other relevant tools. Additionally, you should have knowledge of SIEM/SOAR, DLP, EDR/EPP, Firewall/IPS, Web Servers, and basic scripting knowledge in any language would be advantageous. Your role will also involve being willing to travel and actively participating in pre-sales activities, ensuring the highest level of security for clients and their systems.,

You will be joining BMC, where trust is not just a word but a way of life. As an award-winning, equal opportunity, and culturally diverse organization, we are dedicated to making a positive impact on the community every day. At BMC, we prioritize work-life balance, allowing you to excel in your role while maintaining your personal priorities. Your achievements will be celebrated, and you will be supported by a team that inspires, motivates, and uplifts you. The IZOT product line at BMC focuses on Intelligent Z Optimization & Transformation products, assisting major companies in monitoring and managing their mainframe systems. We are committed to modernizing mainframe systems by enhancing developer experience, mainframe integration, application development speed, code quality, and application security. Through continuous innovation and growth, we strive to provide cutting-edge solutions to our clients. We are currently seeking a skilled Manager - Product Security to lead a team of penetration testers supporting BMC's IZOT product line. In this role, you will oversee offensive security assessments for mainframe-based solutions and modern application ecosystems. Your responsibilities will include managing security testing, red teaming, vulnerability analysis, and secure architecture reviews. You will play a crucial role in setting strategic goals, driving security initiatives, and promoting secure-by-design practices throughout product development. To excel in this position, you should possess the following qualifications and experience: - Bachelor's or master's degree in computer science, Information Security, or a related field. - 8+ years of experience in cybersecurity roles, with at least 3 years in a technical leadership or management capacity. - Proven track record in leading or conducting penetration testing on mainframe and modern platforms. - Hands-on experience in performing red team-style assessments or advanced threat emulation on mainframe and modern systems. - Proficiency in tools such as REXX, ISPF, JCL, Nmap, Burp Suite, Wireshark, and scripting languages like Python, REXX, Bash. - Ability to deliver technical and executive-level security reports and communicate effectively with cross-functional teams. - Familiarity with hybrid environments, modern enterprise integration methods, and board-level reporting. At BMC, we value our employees and foster a culture where each individual is recognized for their unique contributions. If you are passionate about joining our team and feel aligned with our values, we encourage you to apply, even if you have taken a career break. We believe in diversity and inclusion, and we welcome talented individuals from all backgrounds. Please note that the salary provided is just one aspect of BMC's comprehensive compensation package, which may include additional benefits based on your location and performance. We are committed to fair and transparent compensation practices to ensure our employees are valued and rewarded appropriately.,

The role we are offering is for a Network Engineer to contribute to the development of our NextGen connectivity platform. As a Network Engineer, you will be involved in various tasks such as designing and executing test features, documenting solutions and procedures, optimizing network performance, collaborating with different teams, and continuously improving processes. Your responsibilities will include network testing, documentation, performance optimization, collaboration, staying updated on industry trends, and identifying opportunities for process improvement. To be successful in this role, you should have a strong understanding of networking concepts and protocols, experience with network testing tools and technologies, proficiency in scripting and automation languages, familiarity with network security principles, excellent analytical and problem-solving skills, and strong communication and collaboration skills. Additionally, industry certifications such as CCIE, experience with software-defined networking and virtualization technologies, knowledge of cloud networking services, experience with DevOps practices and tools, familiarity with network automation and scripting languages, and experience with network virtualization technologies are preferred. Please note that Neuron prioritizes the security and privacy of its job applicants. We will never ask for personal banking information or request money from job applicants. If you have any concerns or doubts during the application process, please reach out to us directly at careers@getneuron.com.,

🚨 We’re Hiring | Penetration Tester 🔐 Join a leading German multinational that’s at the forefront of cybersecurity innovation! We’re on the lookout for a talented and passionate Penetration Tester to help us strengthen our global security posture. 🛡️ Role : Penetration Tester 📍 Location : Pune 🕒 Experience : 5 to 8 Years 📅 Joining : Immediate Joiners only Job Profile for Penetration Tester: Vulnerability Assessment: Identifying & Exploiting Vulnerabilities in Applications (Including Web App), Networks, & Infrastructure. Mobile App Pen Test: Identify Vulnerabilities & Weaknesses in Mobile Applications (Android & iOS Platform) to Protect against Attacks. Simulate Real-World Attacks to find Entry Points & Assess the Security of Mobile Apps, Advising on Security Measures & Remediation Strategies. Penetration Testing: Performing Simulated attacks to Test the Security of Systems & Identify Weaknesses Reporting: Documentation of Findings, including the Identified Vulnerabilities, Level of Risk, & Recommendations for Remediation. Collaboration: Working with Stakeholders to Implement Security Improvements. Staying Up-to-Date: Keeping abreast of the latest Security Threats & Vulnerabilities Validation: Confirming that Security Improvements have been Implemented Effectively Solid understanding of OWASP Top 10, MITRE ATT&CK, and other security frameworks. Proficient in tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, and others. Skills: Web App Pen Test, Network Pen Test, Mobile App Pen Test Solid Understanding of OWASP Top 10, MITRE ATT&CK, & other Security Frameworks. Tool Expertise: Burp Suit Tenable Web App Scanning Nessus Professional/Expert Metasploit, Nmap, Wireshark, & others. Certification: CEH, OSCP #PenetrationTesting #CyberSecurityJobs #EthicalHacking #InfoSec #HiringNow #OSCP #CEH #SecurityAnalyst #CyberSecurityCareers

At Honeywell, we are dedicated to creating a better future and are searching for individuals to join our global team of future shapers. When you become part of Honeywell, you enter a performance-driven culture filled with diverse leaders, innovators, and doers who are reshaping the future. Our team is committed to supporting each other and realizing our vision through various job functions. Innovation is at the core of our businesses as we strive to define the future. The opportunities for growth and recognition on a global scale are endless for those who demonstrate a passion for performance. We are currently looking for a cybersecurity engineer who possesses creativity and forward-thinking skills to develop and enhance cybersecurity solutions that address unique security challenges within critical infrastructure and industrial sectors. This role involves providing on-site cybersecurity services for Honeywell customers in industries such as Oil and Gas, Power Generation, Life Sciences, and more. Responsibilities include consulting, troubleshooting, network design, implementation, assessments, and other relevant tasks. **Key Responsibilities:** - Take the lead in assigned projects, ensuring timely delivery, staying within budget, and achieving customer satisfaction. - Stay updated on cybersecurity solutions and expand knowledge in designated network disciplines. - Maintain relevant cybersecurity certifications such as CCNA, CISSP, GICSP, or similar. - Keep abreast of industry security standards like IEC-62443, ISO 27000. - Establish strong relationships with internal and external customers by providing accurate technical support. - Diagnose issues and offer timely technical solutions in response to customer inquiries. - Handle network configuration, troubleshooting, firewall setup, and other related tasks. - Uphold industrial safety awareness by completing pertinent safety certifications. **Basic Qualifications:** - Bachelor's degree in computer-related fields or equivalent experience. - Cisco Certified Network/Design/Security Professional (at least one certification). - GICSP/CISSP Certified Information Systems Security Professional or similar certification. - 5+ years of experience in Networking, endpoint security, and IT security audits/assessments. - 3+ years of experience in Security Projects. - 2+ years of experience in Cybersecurity Vulnerability or Risk assessment. - Proficiency in Microsoft Active Directory, DNS, WSUS, and Terminal Server. - Experience in vulnerability scanning and assessments using tools like Nessus and NMAP. - Proven experience in designing or deploying projects leveraging virtualization, preferably VMware. - Network Security Experience: Firewalls, ACL, IDS, IPS, SIEM, particularly with Cisco Routers, Switches, or Firewalls. - Experience with antivirus systems, backup & restore solutions, and providing network services on customer sites. - Strong written and oral communication skills. - Willingness to travel 30-65%. **Preferred Qualifications and Experience:** - 3 years experience in Operational Technology (OT). - IEC-62443 Risk Assessment/Design/Maintenance Certification (at least one). - Knowledge of various networking protocols. - Awareness of OT cybersecurity best practices. - Proficiency in preparing design specifications. - Ability to work independently. - Excellent troubleshooting skills for resolving complex network issues. Honeywell is a trusted partner in solving complex challenges in automation, aviation, and energy transition. We offer actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments, all powered by our Honeywell Forge software, to create a smarter, safer, and more sustainable world.,

Job Information Work Experience 0-0.6 (Associate Cyber Security Analyst) Industry IT Services Job Type Full time Date Opened 07/24/2025 City Ahmedabad State/Province Gujarat Country India Zip/Postal Code 380015 About Us E2logy is a leading software solutions company dedicated to empowering businesses with innovative technology and exceptional service. We combine our expertise in various domains with cutting-edge development practices to deliver high-quality, custom software solutions that cater to your unique needs and goals. Visit our website: https://e2logy.com/ to learn more about our services and expertise. Job Description We are seeking a Fresher Associate Cyber Security Analyst – VAPT who will play a supportive role in helping protect the organization’s cloud infrastructure, web and mobile applications, and internal systems. This entry-level role is ideal for recent graduates passionate about cybersecurity and eager to begin their career in a hands-on, learning-focused environment. You will work under the guidance of senior team members to identify vulnerabilities, support penetration testing activities, and enhance our overall security posture in alignment with global security standards such as ISO/IEC 27001 . Responsibilities: Assist in conducting vulnerability assessments and penetration testing on Web applications,Mobile applications,Cloud-based environments,Internal systems and network infrastructure Support the use of tools like Burp Suite, Nmap, Wireshark, Nessus, OWASP ZAP, etc., under supervision. Document basic findings, potential risks, and help prepare technical reports for internal teams. Work closely with senior analysts, DevOps, and development teams to understand and remediate security weaknesses. Contribute to maintaining and improving the organization’s compliance with ISO/IEC 27001 security guidelines , including proper documentation, risk identification, and implementation of relevant controls. Stay updated with emerging threats, vulnerabilities, and VAPT methodologies aligned with industry standards like OWASP Top 10 , ISO 27001 etc . Help in maintaining compliance with key standards such as OWASP Top 10, ISO 27001, PCI-DSS, etc. Requirements Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Basic understanding of web application security, network protocols, and common attack vectors. Exposure to or academic use of tools such as Burp Suite, Nmap, Wireshark, or Kali Linux. Familiarity with OWASP Top 10, CVEs, and basic cybersecurity concepts. Strong curiosity, analytical mindset, and attention to detail. Good communication skills and a willingness to learn in a team-oriented environment. Preferred Skills : Basic awareness of secure coding practices or code review. Introductory knowledge of cloud security, SIEM, or IDS/IPS tools. knowledge of ISO/IEC 27001 controls , risk assessment, or compliance practices. Certifications Like CompTIA Security+,Certified Ethical Hacker (CEH),eLearnSecurity Junior Penetration Tester (eJPT),ISO/IEC 27001 Foundation or Practitioner(Not Mandatory) Benefits Competitive compensation and performance-linked incentives. Health insurance and employee wellness benefits. Career development support and learning resources. Opportunity to work with modern cybersecurity tools and frameworks. Work Environment: Collaborative and supportive office setting with Alternative Saturday Working Flexibility to extend working hours during high-priority assessments or audits. Application Process: Please submit your resume, cover letter, and optionally a portfolio of academic or personal projects to careers@e2logy.com

Role Overview As Senior Mananger/AVP – Offensive security services, you will provide strategic and technical leadership for NopalCyber’s Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, BAS, AI Security and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery. You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development. Key Responsibilities Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction. Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments. Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies. Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations. Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement. Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages. Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility. Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded. Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces. Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services. Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity. Required Qualifications Bachelor's degree in Engineering, Computer Science, or a related field; a Master’s is preferred. 12–18 years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains. Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs. Preferred Certifications Mandatory: OSCP, CEH Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP Desired Skills In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques. Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect. Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments. Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines. Capability to present complex technical findings in clear, business-relevant language to executive stakeholders. Leadership Attributes Strategic thinker with a track record of scaling cybersecurity programs or service lines. Proven ability to lead, mentor, and retain high-performing technical teams. Exceptional client engagement and communication skills. Ability to influence and collaborate across teams and functions to drive security outcomes. #PenetrationTesting #RedTeamOperations #ApplicationSecurity #OffensiveSecurity #CybersecurityLeadership #CloudSecurity #ThreatModeling #OWASP #StakeholderManagement #OSCP #MITREATTACK

At Arctic Wolf, we are redefining the cybersecurity landscape with our global team of Pack members committed to setting new industry standards. Our achievements speak for themselves, from being recognized in prestigious lists like the Forbes Cloud 100, CNBC Disruptor 50, and winning awards like the CRN Products of the Year. We are proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and to have earned the Customers" Choice distinction from Gartner Peer Insights. Arctic Wolf is not just leading but also shaping the future of security operations. Our mission is straightforward: End Cyber Risk. We are currently seeking a Security Developer to join us in achieving this goal. About The Role As a Security Developer at Arctic Wolf, you will work as a software developer focusing on enhancing the platforms threat, vulnerability, and configuration risk detection capabilities. Your primary objective will be to contribute to making security better for our clients daily. This role involves collaborating with team members, Product Management, Security Services, and other specialists to enhance the coverage and effectiveness of our Manage solution continuously. Your Responsibilities - Collaborate with team members to enhance coverage, efficiency, and deliver customer-facing and internal services. - Engage in the full software development lifecycle. - Develop well-designed, testable, efficient, and secure code for vulnerability and misconfiguration detection in areas such as Classic Endpoint Vulnerability And Config Management, Cloud Config And Posture Management. - Assist operational teams in resolving unexpected results, receiving feedback, and improving detection efficacy. Skills Requirements - Proficiency in at least one backend programming language like Go, Node.js, or Python. - Strong understanding and practical application of secure development practices. - Security-focused mindset with hands-on experience in operational security or security engineering. - Full understanding and use of DevOps methods and practices. - Familiarity with test-driven development (TDD) and robust testing strategies. - Experience with AWS, Docker, Kubernetes, IaC is an asset. Bonus Considerations For - Experience with 3rd Party Vulnerability Management tools, Cloud-based configuration and Security Posture Management tools, open-source vulnerability and pen-testing platforms. - IT Deployment backgrounds leveraging deployment automation tools like Salt or Ansible. Why Arctic Wolf At Arctic Wolf, we nurture a collaborative and inclusive work environment that values diversity of thought, background, and culture. Our commitment to growth and shaping the future of security operations is complemented by our dedication to customer satisfaction, with a vast customer base and global channel partners. We celebrate unique perspectives through our Pack Unity program and believe in corporate responsibility, giving back to the community. All employees at Arctic Wolf receive competitive compensation and benefits packages, including equity, flexible leave policies, training programs, comprehensive private benefits plan, fertility support, and more. Join us in our mission to End Cyber Risk and contribute to a safer digital world.,

Job Description About KPMG in India KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment. Strong understanding of IT security standards and frameworks (OWASP, NIST, CIS) Strong understanding of security risks in networks and application platforms Strong understanding of network security, infrastructure security and application security Strong understanding of OSI, TCP/IP model and network basics Demonstrate technical penetration testing skills on IT infrastructure, web applications, mobile platforms and Red teaming Strong technical skills: Information security, network security, Windows security, UNIX/Linux security, web and mobile application security, Cloud platforms Broad knowledge of security technologies for applications, databases, networks, servers, and desktops Solid technical skills in both information security architecture and penetration testing and ability to assess testing tools and deploy the right ones. Scripting and programming experience is beneficial Ability to perform manual penetration testing Experience in Application Security Testing (Web, Mobile & ERP [SAP]), or related functions Vulnerability Assessment, Penetration testing Perform penetration testing of various thick client software, web applications, and communications infrastructure to assist in hardening the cybersecurity posture against malicious actors Conduct security research on the latest emerging advanced persistent threats (APTs), malware, and other security developments to assist in enterprise security efforts. Apply this security research into assessments. Perform technical writing to communicate the preparation, testing, and recommendation phases for various security tests. Work with stakeholders to remediate system vulnerabilities. Train team members and colleagues on the latest cybersecurity tactics, techniques, and procedures (TTPs) to grow the skill of the firm Understanding of various security technologies including end point security, perimeter security, advanced threat protection, malware defense and security management Expertise in the phases of penetration testing. Familiarity with Kali Linux distribution and the associated penetration testing tools suite. Experience in penetration testing simulations like Hack the Box or Capture the Flag exercises considered a plus. Good Understanding of OWASP top 10 and mitigation techniques Experience in performing web application security assessments using hands on techniques for identifying SQL injections, XSS, Security Misconfiguration, CSRF, authentication/ authorization issues Database testing: MySQL, Oracle, NoSQL Understanding of cyber security management, cyber analytics, security intelligence platforms and threat intelligence frameworks Writing business proposals and response to client RFP/ RFIs Identifying business opportunities and lead delivery and program management for large cyber security programs Delivery team and client relationship management Experience on both commercial, open source tools and frameworks but not limited: Burpsuite, Metasploit, Core-Impact, Kali-Linux, AppScan, WebInspect, SSLScan, Soap UI Pro, SonarQube, Qualys, Nikto, Nessus, nmap, sqlmap, OWASP ZAP Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. Qualifications B.Tech, B.E.

Overview We’re looking for a skilled and experienced VAPT Engineer (Level 2/3) with 8+ years of hands-on experience in vulnerability assessment and penetration testing across enterprise environments. In this role, you’ll lead advanced security testing efforts, simulate real-world attack scenarios, and guide remediation strategies to strengthen the organization’s security posture. Total Experience 8+ years of hands-on experience Job Skills Bachelor’s or Master’s in Computer Science, Cybersecurity, or a related field Strong understanding of network protocols, OS internals (Linux/Windows), and cloud platforms (AWS, Azure, or GCP) Hands-on scripting skills in Python, Bash, or PowerShell Experience with DevSecOps practices, CI/CD integration, and container security (Docker/Kubernetes) Solid grasp of secure coding principles, reverse engineering, and exploit development Relevant certifications such as OSCP, CEH, GPEN, LPT, or CISSP are highly preferred Responsibilities Lead penetration testing across web, mobile, cloud, and infrastructure (Black-box, Grey-box, White-box) Perform manual and automated vulnerability assessments using tools like Burp Suite, Nessus, Metasploit, Nmap, and custom scripts Conduct threat modeling and risk assessments for business-critical systems Document findings with clear, actionable remediation plans and deliver comprehensive technical reports Collaborate with DevOps, IT, and Security teams to prioritize and resolve vulnerabilities Mentor junior VAPT engineers and review their assessment reports for quality and accuracy Stay current with emerging threats, zero-day vulnerabilities, and modern attack techniques Ensure testing practices align with industry standards including OWASP, NIST, ISO 27001 Participate in security audits, incident response activities, and red team engagements Apply Now

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Attack & Penetration Testing - Senior As part of our Cyber Security team, you shall perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing. You shall also perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. The opportunity We’re looking for Security Consultant / Senior Security Consultant with expertise in penetration testing. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering. Your Key Responsibilities Lead engagements from kickoff with clients through scoping engagements, penetration testing and reporting while adhering to the agreed scope and deadlines. Perform penetration testing which includes Network, web application, Mobile app (both Android & iOS), APIs Cloud Security, Thick Client application, wireless, social engineering, physical penetration testing. Execute penetration testing projects using the established methodology, tools and rules of engagements. Execute red team assessments to highlight gaps impacting organizations security postures. Identify and exploit security vulnerabilities in a wide array of systems in a variety of situations. Perform in-depth analysis of penetration testing results and create report that describes findings, exploitation procedures, risks and recommendations. Convey complex technical security concepts to technical and non-technical audiences including executives. Perform technical quality reviews and conduct technical conversations directly with clients. Keep uptodate with the latest techniques and concepts. Confident with OWASP Top 10 and SANS Top 25 vulnerabilities and ability to effectively communicate methodologies and techniques with development teams Utilize tools such as BurpSuite, Nessus, Nmap, Kali Linux, and Nessus for effective vulnerability assessment and penetration testing. Understanding and experience with Active Directory attacks. Stay up-to-date with the latest security threats, vulnerabilities, and best practices in vulnerability management. Knowledge of AI in Pentest, TCP/IP, OSI Layer, IPv4 & IPv6, Network Protocols and Wireless Communication skills preferred. Working knowledge with any scripting languages (e.g. Python, Perl, PHP, Ruby) to develop automated solutions that mitigate risks throughout the organization. Support SDLC and agile environments with application security testing and source code reviews. Serve as a mentor and guide to junior pen testers, sharing your knowledge, skills, and best practices to nurture their growth and development. Provide technical expertise and guidance to clients on remediation strategies and security best practices. Skills And Attributes For Success In-depth understanding of OWASP Top 10 vulnerabilities and their mitigation strategies. Good understanding of enterprise security controls in Active Directory / Windows environments Good to have knowledge in AI in pentest Understanding of TCP/IP network protocols. Understanding of network security and popular attacks vectors. Experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing Strong understanding of security principles, policies, and industry best practices Proven ability to lead client engagements, build strong client relationships, and deliver exceptional results. Excellent communication and presentation skills, both written and verbal. Demonstrated thought leadership in the cybersecurity field through publications, speaking engagements, or contributions to industry forums. Exceptional problem-solving skills, strategic thinking, and the ability to influence and lead. To qualify for the role, you must have BE/ B.Tech/ MCA or equivalent Minimum of 3 years of work experience in penetration testing which may include at least three of the following: Network, web application Mobile app (Android & iOS), Thick client, APIs, wireless, social engineering, physical and Red Team assessments. One of the following certifications: OSCP, OSCE, OSEP, OSWE, CREST, CRTE, eCPTX, or eWPTX Knowledge of Windows, Linux, UNIX, any other major operating systems. 3-9 years of work experience in Strategy and Operations projects Team management skills are preferred. Conduct technical discussions and perform technical Quality reviews. Familiarity with OWASP methodologies and application security vulnerabilities. Exceptional ability to educate and guide application developers in security best practices. Excellent communication, presentation, and interpersonal skills. Strong Word, Excel and PowerPoint skills. Ideally, you’ll also have Project management skills Certifications: OSCP, OSCE, CRTP, CRTO, CISSP, GPEN, GWAPT. What We Look For Who can perform penetration testing which includes internet, intranet, wireless, web application, social engineering and physical penetration testing and provide analysis for the testing results. What Working At EY Offers At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

Masai, in partnership with top academic institutions, is launching an advanced online program in Cyber Security. This program is designed to equip learners — including students, working professionals, and career changers — with practical, job-ready skills in information security, threat analysis, penetration testing, and governance frameworks. We are seeking experienced Cyber Security professionals to join as Industry Mentors who can bring real-world insights, guide learners through hands-on applications, and bridge the gap between theory and practice. Key Responsibilities Session Facilitation & Mentorship: Lead live online mentoring sessions focused on real-world applications, tools, and industry case studies. Help learners understand the practical challenges and solutions in Cyber Security domains such as network security, ethical hacking, cloud security, and incident response. Provide career guidance and professional insights to aspiring security professionals. Capstone & Project Review Guide learners in applying security principles in capstone or portfolio projects. Offer feedback and support to enhance project quality and job-readiness. Industry Integration Share industry updates, best practices, and emerging trends in Cyber Security. Facilitate Q&A, discussions, and interactive learning experiences. Candidate Requirements Minimum 5 years of hands-on experience in Cyber Security (e.g., Threat Intelligence, SOC, Security Audits, Pen Testing, Compliance, etc.) Current or former professionals from companies working in Cyber Security, Tech Consulting, Fintech, Government, or Defense are encouraged to apply. Strong communication and mentoring skills. Familiarity with tools and platforms like SIEM, IDS/IPS, Nmap, Burp Suite, Metasploit, Wireshark, and more. Passion for education, mentorship, and upskilling future professionals. Engagement Details Time Commitment: 2–4 hours per week Location: Remote (online) Compensation: ₹25K to ₹75K per month (based on experience and involvement) Why Join Us? Mentor aspiring Cyber Security professionals from diverse backgrounds Share your expertise while contributing to a mission-driven education platform Engage with a flexible, part-time schedule Collaborate with a network of academic and industry leaders Help shape the future of India's cybersecurity workforce Skills: ids/ips,nmap,network security,security,burp suite,incident response,pen testing,compliance,wireshark,security audits,cloud security,soc,threat intelligence,cyber security,siem,metasploit,mentoring,ethical hacking

Role Summary: We are looking for a skilled and hands-on Mid-Level Penetration Tester to join our offensive security team. The ideal candidate should have strong manual testing skills and experience assessing diverse environments including web applications, APIs, mobile apps, wireless networks, infrastructure, and thick client applications. You’ll be responsible for identifying vulnerabilities, exploiting them ethically, and delivering actionable insights to help improve the organization’s security posture. Key Responsibilities: Perform manual penetration tests on: Web applications (OWASP Top 10, business logic flaws) REST/SOAP APIs Mobile applications (Android/iOS) Wireless networks (WPA2/Enterprise, rogue APs) Internal/external network infrastructure Thick client applications (custom-built software) Simulate real-world attack scenarios, leveraging custom scripts, payloads, and tools to bypass defenses. Document detailed findings with proof-of-concept, risk ratings, and tailored mitigation recommendations. Assist with threat modeling and scoping of penetration tests with relevant stakeholders. Collaborate with developers, system admins, and IT teams during remediation and retesting phases. Stay current on emerging threats, techniques, and exploits through continuous research. Contribute to the improvement of internal testing methodologies and reporting templates. Required Skills & Experience: Hands-on experience in penetration testing with a strong emphasis on manual testing techniques. In-depth understanding of web technologies (HTML, JavaScript, HTTP/S, cookies, sessions). Familiarity with OWASP Top 10, MITRE ATT&CK, and CWE/SANS 25. Experience with tools like Burp Suite Pro, OWASP ZAP, Postman, Wireshark, Nmap, and custom scripts. Knowledge of common authentication/authorization mechanisms (OAuth2, JWT, SSO). Hands-on experience in testing mobile apps using tools like MobSF, Frida, or JADX. Proficiency in scripting (Python, Bash, PowerShell) for custom exploit development or automation. Ability to manually analyze application logic and chain vulnerabilities creatively.

Description and Requirements "At BMC trust is not just a word - it's a way of life!" Hybrid Description and Requirements "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! The IZOT product line includes BMC’s Intelligent Z Optimization & Transformation products, which help the world’s largest companies to monitor and manage their mainframe systems. The modernization of mainframe is the beating heart of our product line, and we achieve this goal by developing products that improve the developer experience, the mainframe integration, the speed of application development, the quality of the code and the applications’ security, while reducing operational costs and risks. We acquired several companies along the way, and we continue to grow, innovate, and perfect our solutions on an ongoing basis. We are looking for Application Security Engineer to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Primary Roles And Responsibilities Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure you’re set up for success, you will bring the following skillset & experience: 5+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to senior stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes. CA-DNP Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 2,117,800 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply.

Job Summary: We are seeking a highly experienced “Senior VAPT & Penetration Testing Specialist” to lead and ensure the quality and effectiveness of our vulnerability assessment and penetration testing operations. This role involves findings, validating findings, reviewing technical reports, ensuring compliance with standards (OWASP, PTES, NIST, etc.), and improving methodologies and tools. Key Responsibilities: Conduct in-depth vulnerability assessments and penetration tests on web, mobile, network, API, and cloud infrastructure using manual and automation. Utilize industry-standard tools like SQLMap, Burp Suite, Nessus, Nmap, and custom scripts for advanced exploitation techniques. Simulate various cyber-attacks including DDoS, Brute Force, XSS, SQL Injection, DNS attacks, and Social Engineering to identify system vulnerabilities. Perform peer reviews of technical deliverables and verify accuracy of findings and recommendations. Ensure that all assessments are aligned with industry standards such as OWASP, PTES, MITRE ATT&CK, and NIST. Act as a technical lead and mentor for junior VAPT team and QA team members. Identify gaps in the current testing methodologies and implement process improvements. Prepare detailed documentation and the VA report and ensure clear, actionable, and risk-rated reporting. Collaborate with clients and internal teams to understand scope and provide post-assessment clarifications. Present the client meeting for the future VAPT assignments. Stay updated with emerging threats, tools, techniques, and frameworks. Required Skills & Qualifications: Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field. 3 to 5 years of hands-on experience in VAPT and penetration testing. In-depth knowledge of web, network, mobile, cloud, and API security. Strong understanding of secure coding practices and vulnerability management. Expertise in tools like Burp Suite, Nmap, Nessus, Metasploit, Qualys, Kali Linux, Wireshark, etc. Familiarity with SIEM, IDS/IPS, EDR tools is a plus. Excellent report writing and documentation skills. Strong communication and overseas client-interaction skills. Preferred Certifications: OSCP (Offensive Security Certified Professional) – Highly preferred CEH (Certified Ethical Hacker) CREST / GPEN / GWAPT / CISSP – Optional but desirable ISO 27001 Lead Auditor or Lead Implementer – Added advantage

Job Information Work Experience 0-0.6 (Associate Cyber Security Analyst) Industry IT Services Job Type Full time Date Opened 07/24/2025 City Ahmedabad State/Province Gujarat Country India Zip/Postal Code 380015 About Us E2logy is a leading software solutions company dedicated to empowering businesses with innovative technology and exceptional service. We combine our expertise in various domains with cutting-edge development practices to deliver high-quality, custom software solutions that cater to your unique needs and goals. Visit our website: https://e2logy.com/ to learn more about our services and expertise. Job Description We are seeking a Fresher Associate Cyber Security Analyst – VAPT who will play a supportive role in helping protect the organization’s cloud infrastructure, web and mobile applications, and internal systems. This entry-level role is ideal for recent graduates passionate about cybersecurity and eager to begin their career in a hands-on, learning-focused environment. You will work under the guidance of senior team members to identify vulnerabilities, support penetration testing activities, and enhance our overall security posture in alignment with global security standards such as ISO/IEC 27001 . Responsibilities: Assist in conducting vulnerability assessments and penetration testing on Web applications,Mobile applications,Cloud-based environments,Internal systems and network infrastructure Support the use of tools like Burp Suite, Nmap, Wireshark, Nessus, OWASP ZAP, etc., under supervision. Document basic findings, potential risks, and help prepare technical reports for internal teams. Work closely with senior analysts, DevOps, and development teams to understand and remediate security weaknesses. Contribute to maintaining and improving the organization’s compliance with ISO/IEC 27001 security guidelines , including proper documentation, risk identification, and implementation of relevant controls. Stay updated with emerging threats, vulnerabilities, and VAPT methodologies aligned with industry standards like OWASP Top 10 , ISO 27001 etc . Help in maintaining compliance with key standards such as OWASP Top 10, ISO 27001, PCI-DSS, etc. Requirements Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Basic understanding of web application security, network protocols, and common attack vectors. Exposure to or academic use of tools such as Burp Suite, Nmap, Wireshark, or Kali Linux. Familiarity with OWASP Top 10, CVEs, and basic cybersecurity concepts. Strong curiosity, analytical mindset, and attention to detail. Good communication skills and a willingness to learn in a team-oriented environment. Preferred Skills : Basic awareness of secure coding practices or code review. Introductory knowledge of cloud security, SIEM, or IDS/IPS tools. knowledge of ISO/IEC 27001 controls , risk assessment, or compliance practices. Certifications Like CompTIA Security+,Certified Ethical Hacker (CEH),eLearnSecurity Junior Penetration Tester (eJPT),ISO/IEC 27001 Foundation or Practitioner(Not Mandatory) Benefits Competitive compensation and performance-linked incentives. Health insurance and employee wellness benefits. Career development support and learning resources. Opportunity to work with modern cybersecurity tools and frameworks. Work Environment: Collaborative and supportive office setting with Alternative Saturday Working Flexibility to extend working hours during high-priority assessments or audits. Application Process: Please submit your resume, cover letter, and optionally a portfolio of academic or personal projects to careers@e2logy.com

You are being hired for a Cybersecurity Penetration Testing Senior position by a leading US Accounting and Tax Advisory firm based in Bangalore. Your primary responsibilities will include conducting network penetration testing using tools like Nessus, Nmap, and Metasploit, as well as performing web application testing with advanced utilization of Burp Suite Pro. You should possess a strong understanding of TCP/IP networking and the capability to troubleshoot connectivity issues. Additionally, you will be responsible for assessing the security vulnerabilities of client's web and/or mobile applications and APIs, ensuring test quality, and resolving any issues that may hinder the testing process, especially for large or complex projects. To qualify for this role, you should hold a Bachelor's degree in business administration, cybersecurity, information technology, computer science, or a related field, or have equivalent experience. It is essential to have a minimum of 3 years of experience in TCP/IP networking, attacking endpoints at a network level, and penetration testing. Moreover, you should have at least 3 years of experience in an internal or external cybersecurity position, or similar roles such as threat/penetration testing, ethical hacking, OWASP top 10, or AppScan. Your ability to collaborate effectively and communicate efficiently within a team environment is crucial for this role. Preferred certifications for this position include Offensive Security Certified Professional (OSCP), GPEN: GIAC Certified Penetration Tester, OffSec Web Assessor (OSWA), OffSec Web Expert (OSWE), API Security Certified Professional (ASCP), and Certified API Security Analyst (CASA). A working knowledge of tools like Burp Suite, Nessus, and the Kali Linux environment is highly desirable for this role.,

Apply on company website- https://zrec.in/hIRJh?source=CareerSite

Secure Network Solutions India Pvt Ltd | Full time Security Testing Engineer Chennai, India | Posted on 06/23/2025 check(event) ; career-website-detail => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered=""> check(event)" mousedown="lyte-button => check(event)" final-style="background-color: #fff; color:#FFFFFF;border-color:#FFFFFF;" final-class="lyte-button lyteColorBtn" lyte-rendered=""> {​{getI18n("zr.cw.sh.job")} }Share this job with your networ k openurl(event)"> openurl(event)"> openurl(event)"> openurl(event)"> openurl(event)"> copyLink(event)"> load_list_page(event)"> Job listin gJob detail sJob Informatio nDate Opened 06/23/2025 Salary 2.61 LPA to 3.5 LPA Job Type Full time Industry IT Services City Chennai State/Province Tamil Nadu Country India Zip/Postal Code 600034 About U sAbout the Company – SNS Indi a ,Secure Network Solutions India Private Limited (SNS) is a leading cybersecurity company. With over 24+ years of experience, SNS focuses solely on providing information and network security solutions .As an ISO 27001 Certified Company and winner of several awards, our mission is to be one of India's best security solution and support services partners .To know more about us, visit us at www.snsin.com .Job Descriptio nWe are looking for an enthusiastic candidate for the role of Vulnerability Assessment and Penetration Testing Analyst. The candidate will support the cybersecurity team in identifying and reporting system vulnerabilities .Assist in conducting vulnerability assessments and penetration testing .Understand new Exploits and Verify its effectivenes sLearn, Verify & Document about new VA&PT Tool sProficiency in scripting and automation (e.g., Python, PowerShell) is a plus .Use basic security tools to scan systems, networks, and applications .Help document findings and prepare reports .Stay updated with common threats and industry best practices .Work with senior team members to support security assessments .Requirement sRequirements and Certifications :Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field .Basic understanding of networking, operating systems, and security concepts .Knowledge of tools like Nmap, Burp Suite, or Wire shark is a plus .Passion for cybersecurity and eagerness to learn .Good analytical and problem-solving skills .Strong communication and teamwork abilities .CEH certification is mandatory .Specialization in Computer Networks. Certification like CCNA, MCSE, RHCE and Cyber Security certification, ethical hacking .Intern experience in SOC team or less than 1 year of experience .Benefit sFlexible Work Environment (leave benefits, remote options )Health & Accident Insurance Coverag eRemuneration above par with industry standards for performer sAttractive performance based incentive sPF / ESI / Gratuity Benefit sCompany-paid CUG SIM car dSkill Development & Growth Opportunitie sPOSH Certified Organizatio ncheck(event) ; career-website-detail-template-2 => apply(record.id,meta)" mousedown="lyte-button => check(event)" final-style="background-color:#6875E2;border-color:#6875E2;color:white;" final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">

Experience : 2.00 + years Salary : INR 74074 / month (based on experience) Expected Notice Period : 7 Days Shift : (GMT+05:30) Asia/Kolkata (IST) Opportunity Type : Remote Placement Type : Full Time Contract for 12 Months(40 hrs a week/160 hrs a month) (*Note: This is a requirement for one of Uplers' client - BrowserStack) What do you need for this opportunity? Must have skills required: Python, Bash, Api Security, OWASP Top 10, Penetration Testing BrowserStack is Looking for: As a Security Analyst, you will be responsible for identifying and mitigating security risks by conducting penetration tests and automating security processes. You will work closely with engineering teams to ensure vulnerabilities are effectively remediated and security is integrated into development workflows. Requirements: Understanding of vulnerability assessment, secure code review, pentesting methodologies, OWASP Top 10, and API security. Experience with tools like Burp Suite, Nmap, Metasploit, TCPDump, etc. Proficiency in at least one scripting language (e.g., Python, Bash) for automating security tasks. Basic knowledge of Linux commands, file system navigation, and networking concepts. Strong interpersonal and communication skills (written and verbal). Ability to take initiative and deliver committed results. Exposure to cloud security principles in AWS, GCP, or Azure (good to have). Responsibilities: Conduct penetration tests on web applications, APIs, and infrastructure. Automate security testing and vulnerability detection. Work with developers to remediate vulnerabilities and implement security best practices. Vulnerability management - triage and manage vulnerabilities identified through scanning and manual efforts How to apply for this opportunity? Step 1: Click On Apply! And Register or Login on our portal. Step 2: Complete the Screening Form & Upload updated Resume Step 3: Increase your chances to get shortlisted & meet the client for the Interview! About Uplers: Our goal is to make hiring reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant contractual onsite opportunities and progress in their career. We will support any grievances or challenges you may face during the engagement. (Note: There are many more opportunities apart from this on the portal. Depending on the assessments you clear, you can apply for them as well). So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!

Experience : 2.00 + years Salary : INR 74074 / month (based on experience) Expected Notice Period : 7 Days Shift : (GMT+05:30) Asia/Kolkata (IST) Opportunity Type : Remote Placement Type : Full Time Contract for 12 Months(40 hrs a week/160 hrs a month) (*Note: This is a requirement for one of Uplers' client - BrowserStack) What do you need for this opportunity? Must have skills required: Python, Bash, Api Security, OWASP Top 10, Penetration Testing BrowserStack is Looking for: As a Security Analyst, you will be responsible for identifying and mitigating security risks by conducting penetration tests and automating security processes. You will work closely with engineering teams to ensure vulnerabilities are effectively remediated and security is integrated into development workflows. Requirements: Understanding of vulnerability assessment, secure code review, pentesting methodologies, OWASP Top 10, and API security. Experience with tools like Burp Suite, Nmap, Metasploit, TCPDump, etc. Proficiency in at least one scripting language (e.g., Python, Bash) for automating security tasks. Basic knowledge of Linux commands, file system navigation, and networking concepts. Strong interpersonal and communication skills (written and verbal). Ability to take initiative and deliver committed results. Exposure to cloud security principles in AWS, GCP, or Azure (good to have). Responsibilities: Conduct penetration tests on web applications, APIs, and infrastructure. Automate security testing and vulnerability detection. Work with developers to remediate vulnerabilities and implement security best practices. Vulnerability management - triage and manage vulnerabilities identified through scanning and manual efforts How to apply for this opportunity? Step 1: Click On Apply! And Register or Login on our portal. Step 2: Complete the Screening Form & Upload updated Resume Step 3: Increase your chances to get shortlisted & meet the client for the Interview! About Uplers: Our goal is to make hiring reliable, simple, and fast. Our role will be to help all our talents find and apply for relevant contractual onsite opportunities and progress in their career. We will support any grievances or challenges you may face during the engagement. (Note: There are many more opportunities apart from this on the portal. Depending on the assessments you clear, you can apply for them as well). So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!