510 Nmap Jobs - Page 5

Conduct Vulnerability Assessments: Identifying potential weaknesses in applications and systems using automated tools and manual techniques. Perform Penetration Tests: Simulating attacks to evaluate the effectiveness of security controls and identify exploitable vulnerabilities. Analyze Findings: Interpreting assessment and testing results to determine the severity and impact of identified vulnerabilities. Report Findings: Documenting vulnerabilities, providing detailed reports with remediation recommendations, and tracking the closure of identified issues. Collaborate with Teams: Working with developers, IT, and security teams to implement security measures and address identified vulnerabilities. Stay Updated: Keeping abreast of the latest security threats, vulnerabilities, and industry best practices. Test Various Application Types: Performing security assessments on web applications, mobile applications, APIs (REST, SOAP, XML, JSON), and potentially cloud-based services. Understand Security Standards and Frameworks: Familiarity with OWASP, NIST, ISO 27001, PCI DSS, and other relevant standards is crucial. Use Security Testing Tools: Proficiency in tools like Burp Suite, OWASP ZAP, Nmap, Nessus, AppScan, Acunetix, Veracode, CheckMarx, etc. Responsibilities: The responsibilities cover the full range of testing work, from websites, mobile apps, and infrastructure testing to social engineering. In this role, the candidate is expected to: test software and hosted platforms, to identify vulnerabilities Carry out penetration testing of web applications, mobile applications, and internal infrastructure analyze code to assess its level of security and to find specific vulnerabilities Manage the security testing process perform complex simulated attacks on networks or systems Stay updated with the latest threats/vulnerabilities produce written technical reports along with an executive summary to a professional standard Research potential vulnerabilities formally brief clients and colleagues Understanding the role of AIML in cybersecurity Qualification: Minimum 3 to 5 years hands-on experience in SAST, DAST, VAPT Certifications like CEH, CompTIA Security+, and OSCP will be considered and added advantages. Familiarity with SAST, DAST, and IAST tools Understanding of Red/Blue teaming and threat hunting

Hiring Manager: Abhishar Balodhi Recruiter: Archana SM Location: Gurugram Carrer Level: E Why BT We’ve always been an organisation with a purpose; to use the power of communication to make a better world. You can trace this back to our beginning as pioneers of the world’s firs telecommunications company. At our heart we’re a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed.Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale capable of achieving great things. From supporting emergency services, hospitals, banks and keeping economies around the world online, safe and secure, to delivering large scale technology infrastructure like the creation of BT Sport. Today in this fast-changing, always on, digital world our purpose remains true. Yet the market conditions, regulations and competition we face are tougher than ever before. So, if you have the drive, optimism and resilience to help propel us forward we’ll offer unrivalled personal development, a wealth of opportunities to learn, experience new things and pursue new careers. If that’s you and what you’re looking for, we’d love you to be part of our future. Why this job matters As an experienced Information Security Services provider we will help lead a highly motivated team laser-focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What I’ll Be Doing – Your Accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support – Protect BT ISO27001 certificate for Offensive Security team The skills you need Pentest Skills – Web application pentest (OWASP,NIST framework), Network pentest (Linux,windows),API & Mobile pentest. Networking Skills – TCP/IP packet level understanding,Routing,Switching,firewall understanding. Linux Skills – Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework(CVE/CVSS) and Security assessment tools (such as Nmap,Metasploit, Burp Suite, SQLmap, Nessus) Regulatory Understanding- PCI DSS guidelines, GDPR. Experience you would be expected to have Mandatory 2-4 Years experience in the field on pentesting. Mandatory Bachelor's Degree or higher preferred. CEH,OSCP,CREST,LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable Of Working Successfully With End Customers PREFERRED. Our leadership standards Looking in: Leading inclusively and Safely I inspire and build trust through self-awareness, honesty and integrity. Owning outcomes I take the right decisions that benefit the broader organisation. Looking out: Delivering for the customer I execute brilliantly on clear priorities that add value to our customers and the wider business. Commercially savvy I demonstrate strong commercial focus, bringing an external perspective to decision-making. Looking to the future: Growth mindset I experiment and identify opportunities for growth for both myself and the organisation. Building for the future I build diverse future-ready teams where all individuals can be at their best. About Us BT is part of BT Group, along with EE, Openreach, and Plusnet. Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding. We value diversity and celebrate difference. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’ We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help and support, learning and development. This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it. A FEW POINTS TO NOTE: Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch. We will also offer reasonable adjustments for the selection process if required, so please do not hesitate to inform us. DON'T MEET EVERY SINGLE REQUIREMENT? Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.

Description and Requirements "At BMC trust is not just a word - it's a way of life!" Description And Requirements CareerArc Code CA-DN Hybrid "At BMC trust is not just a word - it's a way of life!" We are an award-winning, equal opportunity, culturally diverse, fun place to be. Giving back to the community drives us to be better every single day. Our work environment allows you to balance your priorities, because we know you will bring your best every day. We will champion your wins and shout them from the rooftops. Your peers will inspire, drive, support you, and make you laugh out loud! We help our customers free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead - and are relentless in the pursuit of innovation! BMC Software is looking for a motivated and skilled individual to join the Product Security Group. This is a senior technical position in the team. The candidate will be responsible for engaging with various product teams on security architecture reviews, SaaS security, penetration testing. A penetration tester plays a crucial role in safeguarding an organization's digital assets and information by proactively identifying and addressing security weaknesses. This role requires a high level of technical expertise, ethical conduct, and a commitment to continuous improvement in the field of cybersecurity. Roles And Responsibilities Conduct thorough vulnerability assessments of applications and systems using various tools and techniques. Execute penetration tests to simulate real-world cyberattacks, identifying weaknesses and vulnerabilities. Provide expert guidance on application security best practices. Research and develop new penetration testing methodologies, tools, and techniques. Qualifications & Skills 2+ years of experience in product security (web, mobile, API, cloud, infrastructure, and container security) or equivalent skillset. Penetration testing experience is essential; prior participation in bug bounty programs is a plus. Proficiency with hacking tools and penetration testing frameworks (e.g., Metasploit, Burp Suite, Nmap, Wireshark). Expertise in web application security testing, including knowledge of OWASP Top Ten vulnerabilities. Experience identifying and assessing vulnerabilities such as SQL injection, XSS, CSRF, and more. Proficiency in exploiting vulnerabilities to gain unauthorized access and assess attack impact. Understanding of vulnerability scoring systems (e.g., CVSS) for prioritizing findings. Ability to think creatively and analytically to identify and exploit vulnerabilities. Strong problem-solving skills when encountering unexpected challenges during testing. Excellent verbal and written communication skills for conveying technical details to both technical and non-technical stakeholders. Meticulous attention to detail in documenting findings and creating reports. Effective time management skills to meet project deadlines and testing schedules. High level of integrity and professionalism, with the ability to work under pressure while maintaining confidentiality. Optional: Hands-on technical experience with cloud security solutions for leading cloud service providers (e.g., AWS). Experience with secure code review (SAST) tools for languages such as C/C++, Java, and Python, and relevant frameworks. Our commitment to you! BMC’s culture is built around its people. We have 6000+ brilliant minds working together across the globe. You won’t be known just by your employee number, but for your true authentic self. BMC lets you be YOU! If after reading the above, You’re unsure if you meet the qualifications of this role but are deeply excited about BMC and this team, we still encourage you to apply! We want to attract talents from diverse backgrounds and experience to ensure we face the world together with the best ideas! BMC is committed to equal opportunity employment regardless of race, age, sex, creed, color, religion, citizenship status, sexual orientation, gender, gender expression, gender identity, national origin, disability, marital status, pregnancy, disabled veteran or status as a protected veteran. If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page. BMC Software maintains a strict policy of not requesting any form of payment in exchange for employment opportunities, upholding a fair and ethical hiring process. At BMC we believe in pay transparency and have set the midpoint of the salary band for this role at 1,725,800 INR. Actual salaries depend on a wide range of factors that are considered in making compensation decisions, including but not limited to skill sets; experience and training, licensure, and certifications; and other business and organizational needs. The salary listed is just one component of BMC's employee compensation package. Other rewards may include a variable plan and country specific benefits. We are committed to ensuring that our employees are paid fairly and equitably, and that we are transparent about our compensation practices. ( Returnship@BMC ) Had a break in your career? No worries. This role is eligible for candidates who have taken a break in their career and want to re-enter the workforce. If your expertise matches the above job, visit to https://bmcrecruit.avature.net/returnship know more and how to apply.

Information Protection Lead Analyst - HIH - Evernorth Job Description: Position Summary: The Information Protection Lead Analyst - Penetration Testing is responsible for conducting vulnerability assessments, threat modeling, penetration tests, and red team campaigns of Cigna’s IT infrastructure and applications. This role will work closely with the Information Protection Senior Manager to identify, evaluate, and remediate potential weaknesses in Cigna’s systems using both manual and automated methods. As a member of the Cyber Security Incident Response Team, this role will provide second and third level incident response services to the global Cigna enterprise to address Cyber Security threats to the enterprise. Daily activities will include analysis of logs, memory and disc artifacts and the use of a variety of commercial and open source security tools to respond to and triage threats in global enterprise. This role will focus on Threat Hunting and Incident Response capabilities within Cloud Service Provider environments. About Cigna: Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we don’t just care about your well –being, we care about your career health too. That’s why when you work with us, you can count on a different kind of career – you’ll make a difference, learn a ton and share in changing the way people think about healthcare. Responsibilities : Lead and execute internal and external penetration tests against corporate web applications, APIs, networks, Windows and Unix variants to discover vulnerabilities Lead and execute mobile application penetration tests for both Android and iOS based devices Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation Develop scripts, tools or methodologies to enhance Cigna’s penetration testing processes Experience in application vulnerability assessment tools (Burp OR ZAP.) Experience with network and server assessment tools (e.g. Nessus, metasploit, nmap, nikto, etc.) Understanding of web application frameworks (React, Springboot, Ruby on Rails, J2EE, PHP, ASP.NET) Strong experience in manual and automated techniques for penetration testing and executing vulnerability assessments Knowledge of Windows and *nix-based operating systems Knowledge of networking fundamentals and common attacks Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell) Understanding of Android/iOS based platforms (e.g. Java, Swift, Objective C) Exploit development and validation skills Ability to analyze vulnerabilities, appropriately characterize threats, and provide remediation recommendations Understanding of core Internet protocols (e.g. DNS, HTTP, TCP, UDP, TLS, IPsec) Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.) Demonstrated ability to coordinate people and lead teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities Qualifications: High School diploma; Bachelor's degree preferred 5-8 years or more of penetration testing experience One or more professional certifications such as PNPT, CBBH, CPTS, OSCP GPEN, GWAPT, GMOB Passionate about security and finding new ways to break into systems as well as defend them Strong analytical and problem solving skills with the ability to “think outside the box” Ability to work in a flexible environment where requirements and procedures continuously evolve Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Information Protection Senior Analyst - HIH - Evernorth Job Description Summary The Information Protection Senior Analyst - Penetration Testing , is responsible for conducting vulnerability assessments, threat modeling, penetration tests of Cigna’s IT infrastructure and applications. This role will work closely with the Information Protection Senior Manager to identify, evaluate, and remediate potential weaknesses in Cigna’s systems, using both manual and automated methods. About Cigna Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we don’t just care about your well–being, we care about your career health too. That’s why, when you work with us, you can count on a different kind of career – you’ll make a difference, learn a ton, and share in changing the way people think about healthcare. Responsibilities Execute internal and external penetration tests against corporate web applications, APIs, networks, infrastructure and operating systems in order to discover vulnerabilities. Execute mobile application penetration tests for both Android and iOS based devices. Execute penetration tests in cloud-hosted environments. Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation, and communicate risk findings with development and infrastructure teams. Develop scripts, tools, or methodologies to enhance Cigna’s penetration testing processes. Work as part of a team to identify risks, communicate to key stakeholders, and provide value to the organization. Skills required Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment. Coordinate with people and teams to forecast activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Knowledge of Windows and *nix-based operating systems. Understanding of core Internet protocols (e.g. TCP, UDP, DNS, HTTP, TLS, IPsec) and the OSI model. Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.). Understanding of Cloud environments such as SaaS, PaaS and IaaS. Basic exploit development and validation skills. Proficiency in application vulnerability assessment tools (Burp or ZAP Proxy). Proficiency in network and server assessment tools (e.g. Nessus, metasploit, nmap, nikto, etc.) Understanding of web application frameworks (React, Springboot, Ruby on Rails, J2EE, PHP, ASP.NET). Proficiency in manual and automated techniques for penetration testing and executing vulnerability assessments. Knowledge of networking fundamentals and common attacks. Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell.) Understanding of Android/iOS based platforms (e.g. Java, Swift, Objective C). Ability to analyze vulnerabilities and misconfigurations, appropriately characterize threats, and provide remediation recommendations. Qualifications High School diploma; Bachelor's degree preferred. 3-5 years or more of penetration testing experience. Pentest+, CEH, PJPT - Certified in or similar experience ( any of these) Passionate about security and finding new ways to break into systems, as well as defend them. Strong analytical and problem solving skills, with the ability to “think outside the box”. Ability to work in a flexible environment where requirements and procedures continuously evolve. Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences. About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Information Protection Analyst - HIH - Evernorth Job Description Summary The Information Protection Analyst - Penetration Testing , is responsible for conducting vulnerability assessments, threat modeling, penetration tests of Cigna’s IT infrastructure and applications. This role will work closely with the Information Protection Senior Manager to identify, evaluate, and remediate potential weaknesses in Cigna’s systems, using both manual and automated methods. About Cigna Cigna is a global health service company dedicated to helping the people we serve improve their health, well-being, and peace of mind. But we don’t just care about your well–being, we care about your career health too. That’s why, when you work with us, you can count on a different kind of career – you’ll make a difference, learn a ton, and share in changing the way people think about healthcare. Responsibilities Execute internal and external penetration tests against corporate web applications, APIs, networks, infrastructure and operating systems in order to discover vulnerabilities. Execute mobile application penetration tests for both Android and iOS based devices. Execute penetration tests in cloud-hosted environments. Create comprehensive and accurate penetration testing reports with recommendations for appropriate remediation, and communicate risk findings with development and infrastructure teams. Develop scripts, tools, or methodologies to enhance Cigna’s penetration testing processes. Work as part of a team to identify risks, communicate to key stakeholders, and provide value to the organization. Skills required Demonstrated ability to work as both an individual contributor and a team player in a fast paced environment. Coordinate with people and teams to forecast activity completion and the ability to work in a team environment, sharing workloads and responsibilities. Knowledge of Windows and *nix-based operating systems. Understanding of core Internet protocols (e.g. TCP, UDP, DNS, HTTP, TLS, IPsec) and the OSI model. Understanding of encryption fundamentals (symmetric/asymmetric, ECB/CBC operations, AES, etc.). Understanding of Cloud environments such as SaaS, PaaS and IaaS. Basic exploit development and validation skills. Proficiency in application vulnerability assessment tools (e.g. Burp, Checkmarx, AppScan, WebInspect, Cenzic, etc.). Proficiency in network and server assessment tools (e.g. Nessus, metasploit, nmap, nikto, etc.) Understanding of web application frameworks (React, Springboot, Ruby on Rails, J2EE, PHP, ASP.NET). Proficiency in manual and automated techniques for penetration testing and executing vulnerability assessments. Knowledge of networking fundamentals and common attacks. Coding/scripting experience in modern scripting languages (e.g. Python, Ruby, PowerShell.) Mobile application coding experience with Android/iOS based platforms (e.g. Java, Swift, Objective C). Ability to analyze vulnerabilities and misconfigurations, appropriately characterize threats, and provide remediation recommendations. Qualifications High School diploma; Bachelor's degree preferred. 1-3 years of penetration testing experience. Passionate about security and finding new ways to break into systems, as well as defend them. Strong analytical and problem solving skills, with the ability to “think outside the box”. Ability to work in a flexible environment where requirements and procedures continuously evolve. Strong oral and written communication skills, including a demonstrated ability to prepare documentation and presentations for technical and non-technical audiences. About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

QA & Testing Analyst About Evernorth Evernorth℠ exists to elevate health for all, because we believe health is the starting point for human potential and progress. As champions for affordable, predictable, and simple health care, we solve the problems others don’t, won’t or can’t. Our innovation hub in India will allow us to work with the right talent, expand our global footprint, improve our competitive stance, and better deliver on our promises to stakeholders. We are passionate about making healthcare better by delivering world-class solutions that make a real difference. We are always looking upward. And that starts with finding the right talent to help us get there. Position Overview As a Security Tester, you will be responsible for performing security testing on our web applications and APIs. You will communicate end-to-end with clients regarding the projects you are assigned to and promote security awareness throughout the organization through regular communication on security best practices and the latest online threats. Responsibilities Conduct security testing on web applications and APIs. Communicate effectively with clients about project details and status. Promote security awareness within the organization. Assess systems against the latest attacks, vulnerabilities, and mitigations. Deliver project status on time with minimal escalations. Identify potential attack vectors. Monitor automated scans and verify false positives. Solid understanding of encryption fundamentals and the latest OWASP Top 10 for both web applications and APIs, including associated attack vectors. Experience in security testing on at least 30 web applications and 50 APIs. Proficiency with industry-standard tools such as Burp Suite Proxy Tool, Wireshark, Nmap, Fiddler, Echo Mirage, Kali Linux, Postman, and SOAP UI. Ability to assess the security impact of bugs and API inconsistencies. Excellent spoken and written English communication skills for calls and emails. Qualifications 2+ Years of experience in application security testing Relevant certifications in security testing. Experience with security awareness training and communication. Guide the team members with Industry best practices Required Experience & Education Bachelor's degree equivalent in Computer Science, equivalent preferred. At-least 2 years of experience in performance testing. Equal Opportunity Statement Evernorth is an Equal Opportunity Employer actively encouraging and supporting organization-wide involvement of staff in diversity, equity, and inclusion efforts to educate, inform and advance both internal practices About Evernorth Health Services Evernorth Health Services, a division of The Cigna Group, creates pharmacy, care and benefit solutions to improve health and increase vitality. We relentlessly innovate to make the prediction, prevention and treatment of illness and disease more accessible to millions of people. Join us in driving growth and improving lives.

Job Title: Consultant – VAPT Location: Navi Mumbai Experience Required: 2+ years Industry: Consulting Domain: Banking and Financial Services Work Mode: Work from Office (WFO) Joining: Immediate joiners preferred Key Responsibilities: Conduct end-to-end Vulnerability Assessment and Penetration Testing (VAPT) across web, mobile, network, and cloud infrastructure. Perform security assessments as per OWASP Top 10, SANS 25, and relevant standards. Identify, exploit, and document vulnerabilities with detailed remediation recommendations. Prepare technical and executive-level reports and present findings to internal teams and clients. Coordinate with client IT/security teams for fixes and re-validation. Maintain documentation and ensure adherence to security governance frameworks. Support audit and compliance requirements (e.g., RBI, ISO 27001, etc.). Work with Banking and Financial Services clients in a consulting environment. Desired Skills & Qualifications: Bachelor’s degree in Computer Science, Information Security, or related field. Relevant certifications preferred: CEH, OSCP (or working toward it) . Strong knowledge of security tools (Burp Suite, Nessus, Nmap, Metasploit, etc.). Understanding of BFS sector security needs and regulatory landscape. Good communication skills and client handling experience. Exposure to security governance and policy frameworks is a plus.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : DevSecOps Good to have skills : NA Minimum 7.5 Year(s) Of Experience Is Required Educational Qualification : 15 years full time education Summary: To play a key role in enabling successful project delivery across multiple projects. This role expects you to specialize in a range of security domains, including penetration testing, dynamic and static application security testing, software composition analysis, security architecture review and container security. Additionally, you provide comprehensive support in vulnerability management, service monitoring, and DevSecOps practices. Roles & Responsibilities: -Should have hands-on experience and knowledge of manual and automated penetration testing on the web, mobile and cloud-based applications. -Should have hands-on experience and knowledge of DAST (Dynamic Application Security Testing) to identify runtime vulnerabilities in staging and production environments. -Should have hands-on experience and knowledge of SAST (Static Application Security Testing) for early-stage source code and binary analysis. -Should have hands-on experience and knowledge of SCA (Software Composition Analysis) to detect open-source risks and license compliance issues. -Should have hands-on experience and knowledge of executing SAR (Security Architecture Review) of complex and cloud-based application and should be able to strategize risk remediation with the stakeholders or Security Architect. -Should have hands-on experience and knowledge of integrating security tools into CI/CD pipelines (e.g., Jenkins, GitHub Actions, GitLab CI). -Should have hands-on experience and knowledge of enforcing policy-as-code, shift-left security testing, and secure code delivery practices and automate security checks for container images and Kubernetes workloads. -Should be able to scan and harden docker containers using industry-standard tools. -Should be able to monitor vulnerabilities in container registries and orchestrators (e.g., Kubernetes, ECS). -Skilled in communicating security findings to technical and non-technical stakeholders. -Contribute to secure architecture reviews, risk assessments, and compliance initiatives. -Should be able to manage clients and various stakeholders. Should be a good people manager and should have experience of people and project management. Professional & Technical Skills: Tools & Technologies:Pentest Tools: Burp Suite Pro, OWASP ZAP, Nmap, Postman, Kali Linux,DAST/SAST/SCA: Fortify, Checkmarx, Veracode, Coverity, AppScan, Black Duck, Snyk,DevSecOps: GitHub Actions, Jenkins, GitLab, Docker, Kubernetes,VM Tools: Qualys, Tenable, ThreadFix,Monitoring: ServiceNow, Jira, Confluence -Should be able to collaborate with infrastructure and DevOps teams to secure cloud-native deployments. -Should be able to identify, triage, and manage vulnerabilities using centralized platforms (e.g., ThreadFix). -Should track vulnerability lifecycle from detection through remediation and reporting. -Should support real-time service monitoring to maintain system integrity and threat detection coverage. Additional Information: - The candidate should have minimum 7.5 years of experience in DevSecOps. - This position is based at our Gurugram office. - A 15 years full time education is required.

Job Purpose Provides hands-on technical and security support across enterprise environments, including performing manual security testing, assisting with vulnerability identification and remediation, and supporting threat response activities. Contributes to cloud security posture monitoring, participates in responsible disclosure and bug bounty processes, and supports ongoing compliance initiatives. Aids in the investigation and response to security incidents, monitors threat intelligence sources, and helps implement security controls across systems, applications, and Office365 environments. Also assists with maintaining documentation and gathering evidence for audits related to SOC 2 Type 2, PCI-DSS, and ISO 27001 frameworks. Supports sales and client teams by contributing to responses for security audits, risk assessments, and customer security questionnaires. Job Responsibilities Essential Functions: Responsibilities This position operates under limited supervision with a high degree of independence in day-to-day security tasks. The Security Engineer supports enterprise security operations, infrastructure protection, and compliance efforts. Key responsibilities include: Perform manual security testing and assist with 2nd and 3rd level investigation and resolution of security-related support tickets. Participate in vulnerability management processes, including scanning, tracking, reporting, and remediation assistance. Monitor and support cloud security posture across environments (e.g., AWS, Azure), contributing to secure configuration and alerting. Support Office365 security administration and monitoring efforts Assist in monitoring threat intelligence feeds and help correlate findings with internal environments to identify potential risks. Respond to and support the triage and resolution of security incidents in coordination with internal teams and vendors to minimize business impact. Contribute to the intake and triage process for responsible disclosure reports and bug bounty submissions. Provide security support for customer audits and sales enablement activities by helping to complete security questionnaires and assessments. Assist with maintaining and collecting evidence for compliance frameworks such as SOC 2 Type 2, PCI-DSS, and ISO 27001. Help train and support internal teams in secure configurations and processes. Work with internal infrastructure, development, and compliance teams to implement and maintain security standards and controls. Research, test, and provide input on new security tools, products, and practices. Maintain accurate records of work performed, including documentation and ticketing of changes and issues. Non-Essential Functions May be required to participate in an on-call rotation outside of normal business hours to support security incident response or high-priority investigations. May assist with ad-hoc security-related tasks or projects outside of core responsibilities Requirements Required Education and Experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent technical experience Minimum 3+ years of experience in information security, cybersecurity, or in a security engineering role Hands-on experience with manual security testing and vulnerability management practices Working knowledge of private and public cloud environments and cloud security posture management (e.g., AWS, Azure, or GCP) Familiarity with security compliance frameworks (SOC 2 Type 2, PCI-DSS, ISO 27001) Experience with MS Azure security and Office365 security tools (e.g., Microsoft Defender, Purview, Security & Compliance Center) Understanding of incident response processes and tools Exposure to responsible disclosure or bug bounty program workflows Ability to document technical findings and produce support materials for audit and remediation purposes Minimum 2+ years of experience with Penetration Testing tools such as Nmap, Burp Suite, OWASP ZAP, Nikito, SQLmap, Postman, MetaSploit, Mimikatz, Bloodhound, Maltego and others Preferred Education And Experience Bachelor’s degree or equivalent experience. Related certifications Expected Competencies Strong verbal and written communication skills Must be able to prioritize and take initiative Demonstrate excellent service skills Strong English communication skills, both written and verbal Work Schedule Monday through Friday from 12 PM to 9 PM IST. This will provide healthy overlap between India team and US team and supporting both to ensure adequate collaboration. This role will be working in Hybrid Mode and will require at least 2 days’ work from office at Hyderabad or Gurugram Travel This position may require up to 10% travel. Travel may be outside the local area and overnight EEO Statement Cendyn provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Cendyn complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Cendyn expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Cendyn’s employees to perform their job duties may result in discipline up to and including discharge. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

About Deutsche Börse Group: Headquartered in Frankfurt, Germany, we are an international exchange organization and one of the world’s leading market infrastructure providers. We empower investors, financial institutions, and companies by providing access to global capital markets. Our business covers the full spectrum of financial market services, including trading, clearing, settlement and custody, digital assets and crypto, market analytics, data, software, and SaaS. As a technology-driven company, we develop state-of-the-art IT solutions and offer IT systems all over the world. About Deutsche Börse Group in India: Our Global Capability Centre located in Hyderabad serves as a key strategic hub, bringing together India's top-tier tech talent. We focus on crafting advanced IT solutions that elevate market infrastructure and services. As capital market engineers, we are the backbone of financial markets worldwide. We harness the power of innovation with leading state-of-the-art IT solutions to build trust in the markets of today and tomorrow. Lead Security Analyst - Network & Infrastructure Division: Deutsche Börse AG, Chief Information Officer/Chief Operating Officer (CIO/COO), Chief Technology Officer (CTO), Plan & Control Field of activity The Deutsche Börse CTO develops and runs the groupwide Information Technology (IT) infrastructure, develops and operates innovative IT products and offers services to the rest of the Group upon which they can build. The CTO area plays a significant role in the achieving the Group’s strategic goals by leading transformation and supporting a stable operating environment. The Transformation Office unit supplies reliable project management capabilities and information security management to the CTO and enables the other delivery units within the area to rollout IS compliance requirements and Group IS strategy. The successful candidate will join the Information Security, Risk & Regulatory unit and support in carrying out these responsibilities. Tasks / Responsibilities: Technical Security Assessments: Perform in-depth technical reviews of network and infrastructure components (firewalls, routers, switches, servers, cloud services). Analyse configurations for compliance with security baselines (e.g., CIS Benchmarks, vendor hardening guides). Interpret scan results to identify misconfigurations and weaknesses. Security Baseline Review & Enforcement: Review technical security baselines for operating systems, network devices, and cloud services. Work with central team to develop custom scripts (e.g., Python, PowerShell) or automation tools to validate compliance with baselines and detect deviations. Infrastructure Security Architecture: Review and advise on secure design of network topologies, segmentation, and access control models. Evaluate cloud infrastructure (Azure, GCP) for secure deployment practices, Network access, IAM policies, encryption, and logging. Qualifications / required skills: Bachelor’s or Master’s degree in Information Security, Computer Science, or related field. 5-8 years of hands-on experience in infrastructure and network security. Technical proficiency in IT systems including operating systems, and network architectures. Strong technical knowledge of TCP/IP, DNS, VPNs, firewalls, IDS/IPS, Linux/Windows hardening, and cloud security controls. Experience with tools like Wireshark, Nmap, Nessus, Rapid7, Solarwinds, Terraform, Ansible, and cloud-native security services. Certifications such as CISSP, CCSP, OSCP, Google/Azure cloud Security Specialty. Excellent analytical and critical thinking skills, with strong problem solving spirit Collaborative, flexible and well organized Clear oral and written communication skills. Proficiency in written and spoken English.

Product-Security Technology Centre is responsible for ensuring that IBM products are secure by conducting timely Security reviews, penetration testing and following SPbD practices. As a penetration tester you will perform security testing of IBM product and SAAS offerings in development and production environment. You will also closely work with IBM product development teams to strengthen the security posture of their products by participating in threat model, source code security testing and share best practices / lessons learnt for secure coding/design. Key responsibilities Plan the penetration test Select, design and create appropriate tools for testing Perform the penetration test on computer systems, networks, web-based and mobile applications Document your methodologies, findings Gather the data intelligence not only from the output of the automated penetration tools but also from information gathered from interaction with product teams , previous results , threat model and source code scanning inputs. Review your findings and feedback to development teams Analyse the outcomes and make recommendations for security improvements Carry out application, network, systems and infrastructure penetration tests Review physical security and perform social engineering tests where appropriate Evaluate and select from a range of penetration testing tools Keep up to date with latest testing and ethical hacking methods Deploy the testing methodology and collect data Report on findings to a range of stakeholders Make suggestions for security improvements Enhance existing methodology material Required education Bachelor's Degree Preferred education Bachelor's Degree Required technical and professional expertise Experience – More than 5years in Cybersecurity Web Application Testing Basic understanding of HTTP Protocol HTTP Methods, Request/Response Headers, Cookies, TCP/IP connections over HTTP etc. Basic understanding of HTML/JavaScript Good Understanding of security vulnerabilities, OWASP Top 10 vulnerabilities Automated Testing Must have knowledge of at least one of IBM AppScan OR BurpSuite scanner. (Good to have knowledge of both the tools.) Should be able to configure automated scanner (such as Login sequence, manually exploring critical flaws, Policy customization, scan throttling, etc) to perform successful scan. Assessment of scanner results and intelligently identifying false positives from the scan results. Knowledge of Burp features mainly, Spider, Intruder, Scanner, Repeater and Extender. Manual Testing. Should be able to understand the above mentioned OWASP Top 10 categories to perform manual testing. Flaws like, Authentication (session management) testing, CSRF, business logic testing which are not detected by an automated scanner must be identified using manual testing. Understanding of the workflow of the application and identifying the entry points to detect possible vulnerabilities. Preferred Professional and Technical Expertise : Webservice Testing SOAP/REST APIs testing. Configuring cURL commands and POSTMAN tool to capture the request in automated scanner. Network Testing Basic understanding of networking protocols such as TCP, UDP, DNS, DHCP etc. Basic understanding of network devices like router, switches, firewall/IDS/IPS etc.. Network scanning tools such as Nessus, Nmap, Metasploit etc. Exploitation and Post Exploitation of network vulnerabilities. Threat Model and Source code security scanning Perform/Participate in threat model creation/design or review Perform source code security scanning using (SAST) tools like Sonarqube, AppScan, Mend and other popular open-source tools. Preferred technical and professional experience Security Certifications Any of the security certifications such as CEH, ECSA, EWPT, EWPTX, OSCP, GPEN, GWAPT etc

Job Title: Cyber Security Analyst Location: Indore, Madhya Pradesh, India Company: Cyber Mindsets Experience: 1 to 3 Years Employment Type: Full-time Company Website: www.cybermindsets.com Job Description: Cyber Mindsets is seeking a skilled and motivated Cyber Security Analyst to join our Security Operations Centre (SOC) in Indore. The ideal candidate will have 1 to 3 years of hands-on experience in security monitoring, incident response, and threat hunting. You must have strong working knowledge of offensive security tools such as Burp Suite and others. Additionally, experience in training and development—especially conducting classroom sessions on cybersecurity concepts—is a key requirement for this role . Key Responsibilities: Monitor, analyse, and respond to security events and alerts from SIEM and other security tools Investigate security incidents, conduct root cause analysis, and provide timely resolution Perform vulnerability assessments and penetration tests using tools such as Burp Suite , Nmap, Metasploit, etc. Identify security gaps and recommend improvements in systems and networks Create detailed reports and maintain security documentation and playbooks Stay current with evolving cybersecurity threats, trends, and best practices Conduct classroom-based training sessions on cybersecurity topics for junior team members and other stakeholders Mentor junior analysts and contribute to their skill development through structured learning programs Requirements: 1–3 years of experience working in a Security Operations Center (SOC) Hands-on expertise with offensive security tools (e.g., Burp Suite, OWASP ZAP, Kali Linux) Good understanding of network protocols, operating systems, and common attack vectors Experience delivering technical classroom training on cybersecurity concepts Familiarity with SIEMs, IDS/IPS, EDR, firewalls, and endpoint protection solutions Strong analytical, troubleshooting, and documentation skills Excellent communication and interpersonal abilities Relevant certifications such as CEH, OSCP, or Security+ are preferred Why Join Cyber Mindsets? Be part of a dynamic cybersecurity firm with a strong focus on real-world threat detection and red-team operations Work in a collaborative and knowledge-sharing environment Take the lead in shaping future talent through training and mentoring opportunities Continuous learning and professional development encouraged and supported Learn more about us at: www.cybermindsets.com Job Type: Full-time Pay: ₹240,000.00 - ₹360,000.00 per year Benefits: Cell phone reimbursement Internet reimbursement Paid sick time Supplemental Pay: Performance bonus Shift allowance Application Question(s): Are you available immediately? Do you have experience in training and mentorship ? Are you available in Indore Madhya Pradesh or willing to relocate? Experience: Information security: 1 year (Preferred) Work Location: In person

Key Responsibilities: · Conduct advanced network vulnerability assessments and penetration tests for client infrastructures. · Utilize Nessus for comprehensive vulnerability scanning and management. · Perform advanced penetration testing using industry-standard tools. · Conduct detailed configuration reviews of network devices, servers, and other infrastructure components. · Develop and implement remediation strategies to address identified vulnerabilities. · Collaborate with client IT teams to enhance their security posture. · Provide detailed security reports and actionable recommendations to clients. · Stay current with emerging security threats and technologies. Qualifications: · Bachelor's degree in Information Security, Computer Science, or related field. · 3+ years of experience in infrastructure security. · Proficiency in using Nessus and other vulnerability scanning tools. · Strong understanding of network security principles and advanced penetration testing techniques. · Experience with security tools such as Metasploit, Nmap, Kali Linux · Excellent analytical and problem-solving skills. · Relevant certifications such as OSCP, CEH or equivalent are a plus. Skills: · Network Vulnerability Assessment and Penetration Testing (VAPT) · Nessus · Advanced Penetration Testing · Configuration Review · Metasploit, Nmap, Wireshark, Kali Linux · Vulnerability Management Stay updated on our latest job openings and industry insights by following us on LinkedIn: eSec Forte® Technologies

Job Summary: The successful candidate will have a strong background in penetration testing, including experience with various tools and techniques used to identify vulnerabilities in web applications and APIs. The ideal candidate will be able to analyze complex systems, identify potential security risks, and provide actionable recommendations for remediation. Key Responsibilities: Conduct thorough penetration testing of web applications and REST APIs using a variety of tools and techniques Identify vulnerabilities in web applications, including but not limited to: SQL injection Cross-Site Scripting (XSS) Cross-Site Request Forgery (CSRF) Authentication and authorization weaknesses Session management issues Test REST APIs for security vulnerabilities, including but not limited to: Input validation and sanitization Error handling and logging Authentication and authorization mechanisms Data encryption and transmission Analyze results and provide detailed reports outlining findings, recommendations for remediation, and estimated timeframes for implementation Collaborate with development teams to ensure identified vulnerabilities are addressed and remediated in a timely manner Stay up-to-date with the latest security threats, tools, and techniques through ongoing training and professional development Requirements: 3+ years of experience in penetration testing, with a focus on web applications and REST APIs Strong understanding of web application security concepts, including but not limited to: OWASP Top 10 Web Application Security Risks (WASR) Secure Coding Practices Experience with various penetration testing tools, including but not limited to: Burp Suite ZAP Nmap AJP SQL injection tools (e.g. sqlmap) Strong understanding of REST API security concepts, including but not limited to: API Security Frameworks (e.g. OAuth 2.0) Data encryption and transmission protocols (e.g. HTTPS) Authentication and authorization mechanisms (e.g. JWT) Experience with scripting languages (e.g. Python, Ruby) is a plus Strong analytical and problem-solving skills Excellent communication and reporting skills Nice to Have: CISSP or equivalent security certification CEH or equivalent penetration testing certification Experience with cloud-based services (e.g. AWS, Azure) Familiarity with Agile development methodologies Experience with DevOps tools (e.g. Docker, Jenkins) What We Offer: Competitive salary and benefits package Opportunities for professional growth and development Collaborative and dynamic work environment Flexible working hours and remote work options

Position: Cyber Security Engineer Experience Range: 3 to 5 yrs Job Location: Bangalore Work Mode: Hybrid (3 days in the office, 2 days remote) Job Summary Anumana is seeking a skilled and motivated Cybersecurity Engineer to ensure the security, integrity, and compliance of our Software as a Medical Device (SaaMD) products. This position is critical in maintaining our adherence to global security standards and regulations, specifically ISO/IEC 27001, ISO/IEC 27002, and ISO 13485. You will play a key role in implementing and monitoring security controls throughout the software development lifecycle while ensuring that our systems meet the highest standards of security and quality. Additionally, you will support audits, create threat models, conduct penetration testing, and produce comprehensive reports. Key Responsibilities: Security Control Implementation Design, implement, and monitor security controls within the SaaMD development lifecycle. Ensure security controls align with ISO/IEC 27001, 27002, and ISO 13485 standards. Collaborate with software development teams to integrate security best practices throughout the development pipeline. Provide guidance on secure coding practices, vulnerability management, and secure software development principles. Maintain a risk-based approach to security, identifying potential threats and vulnerabilities early in the development lifecycle. Compliance & Audit Support Provide evidence of implemented controls and participate in internal and external audits for ISO/IEC 27001 and 27002. Collaborate with Quality and Regulatory teams to ensure ongoing compliance with ISO 13485. Develop and maintain documentation, policies, and procedures to demonstrate compliance with relevant standards. Implement and manage a robust change management and documentation process to align with audit requirements. Threat Modeling & Penetration Testing Create, maintain, and refine threat models to identify security vulnerabilities, using tools like LucidChart. Conduct penetration testing and security assessments using tools such as BurpSuite, nmap, Wireshark, and Deptrack. Regularly perform static and dynamic analysis to identify potential vulnerabilities in the software. Vulnerability Management Conduct vulnerability scans and assessments using tools like Grype, Dockle, and Trivy. Work with development teams to triage and prioritize vulnerabilities for remediation. Track and document vulnerabilities through their lifecycle from identification to resolution. Develop and maintain a comprehensive vulnerability management process, including reporting metrics and key performance indicators (KPIs). Reporting & Communication Create detailed security assessment and penetration testing reports, including actionable remediation recommendations. Communicate findings and collaborate with cross-functional teams to ensure vulnerabilities are addressed. Provide regular updates to management on security posture, vulnerability trends, and remediation efforts. Security Awareness & Training Contribute to the development and delivery of security awareness training for software development teams. Advocate for a culture of security within the organization, promoting adherence to security best practices. Preferred: Professional certifications such as CISSP, CEH, OSCP, CISM, or ISO/IEC 27001 Lead Implementer. Experience in security in highly regulated environments, especially SaaMD or healthcare applications. Knowledge of risk management frameworks (NIST, HITRUST) and cybersecurity standards. Experience with Continuous Integration/Continuous Deployment (CI/CD) pipelines and DevOps environments. Required Qualification: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 3+ years of experience in cybersecurity engineering, preferably within the medical device or healthcare sector. In-depth knowledge of ISO/IEC 27001, 27002, and ISO 13485 standards and requirements. Experience with threat modeling and penetration testing methodologies and tools (e.g., BurpSuite, nmap, Wireshark, LucidChart). Hands-on experience with vulnerability assessment tools such as Grype, Dockle, Trivy, and Deptrack. Strong understanding of secure software development practices, including secure coding and DevSecOps principles. Experience in providing evidence for security audits and ensuring regulatory compliance. Familiarity with cloud security best practices, container security, and modern development environments (e.g., Docker, Kubernetes). Benefits: Be a part of “Google of biomedicine” as recognized by the Washington Post Work with some of the brilliant minds of the world solving exciting real-world problems. Our benefits package includes the best of what leading organizations provide, such as stock options, paid time off, healthcare insurance, gym/broadband reimbursement.

Job Title: Cyber Security Analyst Location: Indore, Madhya Pradesh, India Company: Cyber Mindsets Experience: 1 to 3 Years Employment Type: Full-time Company Website: www.cybermindsets.com Job Description: Cyber Mindsets is seeking a skilled and motivated Cyber Security Analyst to join our Security Operations Centre (SOC) in Indore. The ideal candidate will have 1 to 3 years of hands-on experience in security monitoring, incident response, and threat hunting. You must have strong working knowledge of offensive security tools such as Burp Suite and others. Additionally, experience in training and development—especially conducting classroom sessions on cybersecurity concepts—is a key requirement for this role . Key Responsibilities: Monitor, analyse, and respond to security events and alerts from SIEM and other security tools Investigate security incidents, conduct root cause analysis, and provide timely resolution Perform vulnerability assessments and penetration tests using tools such as Burp Suite , Nmap, Metasploit, etc. Identify security gaps and recommend improvements in systems and networks Create detailed reports and maintain security documentation and playbooks Stay current with evolving cybersecurity threats, trends, and best practices Conduct classroom-based training sessions on cybersecurity topics for junior team members and other stakeholders Mentor junior analysts and contribute to their skill development through structured learning programs Requirements: 1–3 years of experience working in a Security Operations Center (SOC) Hands-on expertise with offensive security tools (e.g., Burp Suite, OWASP ZAP, Kali Linux) Good understanding of network protocols, operating systems, and common attack vectors Experience delivering technical classroom training on cybersecurity concepts Familiarity with SIEMs, IDS/IPS, EDR, firewalls, and endpoint protection solutions Strong analytical, troubleshooting, and documentation skills Excellent communication and interpersonal abilities Relevant certifications such as CEH, OSCP, or Security+ are preferred Why Join Cyber Mindsets? Be part of a dynamic cybersecurity firm with a strong focus on real-world threat detection and red-team operations Work in a collaborative and knowledge-sharing environment Take the lead in shaping future talent through training and mentoring opportunities Continuous learning and professional development encouraged and supported Learn more about us at: www.cybermindsets.com Job Type: Full-time Pay: ₹240,000.00 - ₹360,000.00 per year Benefits: Cell phone reimbursement Internet reimbursement Paid sick time Supplemental Pay: Performance bonus Shift allowance Application Question(s): Are you available immediately? Do you have experience in training and mentorship ? Are you available in Indore Madhya Pradesh or willing to relocate? Experience: Information security: 1 year (Preferred) Work Location: In person

Senior Security Consultant (VAPT Specialist) Company Overview We are seeking a highly skilled and experienced Senior VAPT Specialist to join our cybersecurity team. This role is ideal for a security professional who excels in a client-facing environment and possesses in-depth expertise in both offensive and defensive security practices. Position Summary As a Senior VAPT Specialist, you will be responsible for conducting comprehensive security assessments, managing client relationships, and delivering high-quality penetration testing services. You will work with diverse clients to identify vulnerabilities, assess security postures, and provide actionable recommendations to enhance their cybersecurity defenses but not limited to. Key ResponsibilitiesClient Management & Communication Serve as the primary technical point of contact for assigned clients during security assessments Conduct client briefings, status updates, and final presentation meetings Translate complex technical findings into business-relevant insights for stakeholders Maintain professional relationships and ensure client satisfaction throughout project lifecycles Prepare and deliver comprehensive reports with clear remediation guidance Security Testing & Assessment Perform comprehensive vulnerability assessments and penetration testing across multiple domains: Web Application Security Testing : Identify and exploit vulnerabilities in web applications, including but not limited to OWASP Top 10 vulnerabilities Mobile Application Security Testing : Assess the security of iOS and Android applications, including static and dynamic analysis API Security Testing : Evaluate REST, SOAP, and GraphQL APIs for security weaknesses Network Penetration Testing : Conduct internal and external network assessments, including wireless security testing Source Code Review : Perform manual and automated static code analysis to identify security flaws Cloud Security Configuration Review : Assess cloud infrastructure configurations across AWS, Azure, and GCP platforms Threat Modeling & Risk Assessment Develop comprehensive threat models for client applications and infrastructure Conduct risk assessments and prioritize security findings based on business impact Design attack scenarios and security test cases based on threat intelligence Collaborate with development teams to integrate security into SDLC processes Red Team Operations Plan and execute red team exercises to simulate real-world attack scenarios Develop custom tools and exploits for specific client environments Conduct social engineering assessments and physical security testing when required Provide post-exercise debriefings and improvement recommendations Documentation & Reporting Create detailed technical reports documenting vulnerabilities, exploitation methods, and remediation steps Develop executive summaries tailored for C-level audiences Maintain accurate project documentation and testing methodologies Contribute to internal knowledge base and best practices documentation Required QualificationsExperience & Background 3-5 years of hands-on experience in vulnerability assessment and penetration testing Proven track record of successful client engagements and project delivery Experience with enterprise-level security assessments across various industries Demonstrated ability to work independently and manage multiple projects simultaneously Technical Expertise Deep understanding of security frameworks and standards : Penetration Testing Execution Standard (PTES) OWASP Top 10 and OWASP Testing Guide SANS Top 25 Most Dangerous Software Errors NIST Cybersecurity Framework CIS Critical Security Controls MITRE ATT&CK Framework Development & Programming Experience Software Development Background : Hands-on experience in application development and an understanding of secure coding practices are highly recommended. Programming and Scripting Languages : Strong proficiency in Python and Bash as minimum requirements, with additional experience in PowerShell, and at least one compiled language (C/C++, Go, Java, or C#) Custom Tool Development : Ability to develop custom security tools, exploits, and automation scripts Security Tools Expertise : Expert-level proficiency with: Burp Suite Professional, OWASP ZAP Nmap, Nessus, OpenVAS Metasploit, Cobalt Strike Wireshark, tcpdump Static analysis tools (SonarQube, Checkmarx, Veracode) Custom exploit development tools Social Engineering & Phishing Expertise Social Engineering Assessments : Design and execute social engineering campaigns to test human-factor security Phishing Simulations : Develop and conduct sophisticated phishing campaigns, including email, SMS, and voice-based attacks Physical Security Testing : Conduct on-site assessments including tailgating, badge cloning, and facility penetration Awareness Training : Provide security awareness training based on assessment findings OSINT (Open Source Intelligence) : Gather and analyze publicly available information for reconnaissance and social engineering preparation Communication & Language Skills Excellent English communication skills (both written and spoken) Ability to communicate complex technical concepts to non-technical stakeholders Strong presentation and public speaking abilities Professional writing skills for technical documentation and reports Professional Attributes Strong analytical and problem-solving abilities Attention to detail and a methodical approach to testing Ability to think like an attacker and anticipate security threats Commitment to ethical hacking principles and professional conduct Continuous learning mindset to stay current with emerging threats and technologies Research-Oriented Mindset : Conduct deep research activities to understand emerging vulnerabilities, attack vectors, and security trends Innovation and Tool Development : Proactive approach to developing custom security tools, scripts, and methodologies to enhance testing capabilities Creative thinking for developing novel attack scenarios and bypassing security controls Preferred QualificationsCertifications (Added Advantage) OSCP - Highly Preferred GPEN CRTO CRT Additional Experience (Added Advantage) Experience with DevSecOps practices and CI/CD pipeline security Background in software development or system administration Knowledge of compliance frameworks (PCI DSS, HIPAA, GDPR, SOC2, ISO 27001) Experience with threat intelligence platforms and indicators of compromise Familiarity with containerization security (Docker, Kubernetes) Previous consulting or client-facing experience What We OfferProfessional Development Continuous learning opportunities and professional development Support for professional certifications and training Mentorship opportunities and knowledge-sharing sessions Work Environment Collaborative and innovative team environment Flexible work arrangements and remote work options Opportunity to work with diverse clients across various industries Exposure to the latest cybersecurity trends and emerging technologies Compensation & Benefits Competitive salary commensurate with experience Performance-based bonuses and incentives Professional development and certification reimbursement Application Process Qualified candidates should submit: Current resume highlighting relevant experience and certifications Cover letter demonstrating communication skills and explaining interest in the role Professional references from previous clients or employers We are an equal-opportunity employer committed to diversity and inclusion in our workforce. Job Type: Full-time Benefits: Flexible schedule Health insurance Paid time off Provident Fund Schedule: Monday to Friday Work Location: In person

We are seeking a skilled and motivated Cyber Security Engineer to lead efforts in securing our Software as a Medical Device (SaaMD) offerings. This pivotal role ensures global compliance and best-in-class security practices throughout the software development lifecycle, anchored in standards like ISO/IEC 27001, ISO/IEC 27002, and ISO 13485. Key Responsibilities Security Control Implementation : Design, implement, and monitor robust security controls across the SaaMD SDLC. Align with ISO/IEC 27001, 27002, and ISO 13485 frameworks. Guide secure coding, DevSecOps practices, and vulnerability management. Apply a risk-based approach to identify and mitigate threats proactively. Compliance & Audit Readiness Support internal and external audits with detailed documentation. Collaborate with Quality & Regulatory teams for ISO 13485 compliance. Maintain audit-ready procedures and manage change documentation. Threat Modeling & Penetration Testing Develop threat models using tools like LucidChart. Conduct pen-testing via BurpSuite, nmap, Wireshark, and Deptrack. Run static and dynamic code analysis for vulnerability detection. Vulnerability Management Assess vulnerabilities using Grype, Dockle, Trivy, and Deptrack. Partner with development teams for triage and resolution. Drive remediation workflows and monitor KPIs. Reporting & Stakeholder Communication Produce detailed security assessments with actionable steps. Deliver periodic updates on security posture to leadership. Translate complex risks into business-friendly language. Security Awareness & Training Build training modules to cultivate a security-first mindset. Advocate for secure engineering culture across teams. Qualifications Required : Bachelors in Computer Science, Information Security, or relevant experience. 3+ years in cybersecurity engineering, ideally in healthcare or medical devices. Proven knowledge of ISO/IEC 27001, 27002 & ISO 13485. Hands-on expertise with LucidChart, BurpSuite, nmap, Wireshark, Deptrack. Experience with Grype, Dockle, Trivy; DevSecOps & secure coding practices. Track record in audit support and regulatory compliance. Preferred Certifications like CISSP, CEH, OSCP, CISM, or ISO/IEC 27001 Lead Implementer. Background in SaaMD or regulated industries (healthcare/pharma). Familiarity with frameworks like NIST, HITRUST, and CI/CD workflows. Skills & Traits Strong analytical, communication, and problem-solving skills. Detail-oriented with a proactive risk management approach. Team collaborator able to influence across engineering and compliance functions. (ref:hirist.tech)

Job Description Hands-on experience with testing frameworks in line with Web App, Mobile, Web Services/APIs, Network & blockchain. Experience in both commercial and open source tools like: Burp Professional, Nmap, Kali, Metasploit, etc. Experience with Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. Experience in preparing a security threat model and associated test plans. Experience in translating the complex security threats to simpler procedures for web application developers, systems administrators, and management to understand security testing results. In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) is preferred. Knowledge of current information security threats Primary Skills Web App, Mobile, Web Services/APIs, Network & blockchain. Burp Professional, Nmap, Kali, Metasploit, etc. Open Source Security Testing Methodology Manual (OSSTMM) methodologies and tools. Security threat model and associated test plans. Java, Scala, C#, Ruby, Perl, Python, PowerShell.

You will be responsible for providing onsite and offsite training programs to clients in the role of Cyber Security Trainer and consultant. Your duties will include pre-requisites in Metasploit, OWASP top ten attacks, Burpsuite, Kali Linux, Acunetix, Nessus, Nmap tools, among others. You will be involved in Vulnerability Assessment, Network Penetration Testing, Internal & External as well as Web App scanning, and Penetration testing using both manual techniques and Automated tools. A good understanding of Threat Intelligence and familiarity with domain tools is essential. Effective communication skills in English will be required for this role. This is a Full-time position suitable for both Freshers and experienced candidates. The work schedule is in the Morning shift. The location is near VR mall, Mohali - 160055, Punjab. Candidates must be able to reliably commute or plan to relocate before starting work. Preferred candidates will have a total work experience of 1 year.,

Netradyne harnesses the power of Computer Vision and Edge Computing to revolutionize the modern-day transportation ecosystem. We are a leader in fleet safety solutions. With growth exceeding 4x year over year, our solution is quickly being recognized as a significant disruptive technology. Our team is growing, and we need forward-thinking, uncompromising, competitive team members to continue to facilitate our growth. Job Title: Senior Cybersecurity Offensive Engineer Location: Netradyne, Bangalore About Netradyne Netradyne is a leader in AI-powered safety and fleet management technology. Our mission is to enhance driver safety, operational efficiency, and overall user experience through innovative and advanced solutions. We are dedicated to building a secure and connected future for the transportation industry by leveraging cutting-edge technology. We are seeking a Senior Cybersecurity Offensive Engineer with 7 to 10 years of hands-on experience in offensive security, penetration testing, and vulnerability assessments. The ideal candidate will play a critical role in strengthening our systems, identifying vulnerabilities, and enhancing our security posture. Roles & Responsibilities Offensive Security Operations Conduct vulnerability assessments and penetration testing on applications, networks, and cloud systems. Execute red team engagements to simulate real-world attacks and identify vulnerabilities and exploitation paths. Threat Analysis & Research Stay updated on the latest cybersecurity threats, vulnerabilities, and attack vectors. Proactively identify and mitigate risks relevant to the transportation and technology sectors. Security Audits & Incident Response Perform regular security audits, including code reviews and architecture assessments. Investigate potential security breaches, recommend corrective actions, and support incident response activities. Collaboration & Training Collaborate with product development, DevOps, and engineering teams to integrate secure practices. Lead internal training programs to promote a security-first culture across the organization. Requirements Experience 7 to 10 years of experience in offensive security, ethical hacking, penetration testing, or related roles. Proven expertise as a Cybersecurity Offensive Engineer or a similar position. Technical Skills Proficiency with security tools such as Burp Suite, Metasploit, Nessus, Nmap, Kali Linux, Qualys, SonarQube, and BlackDuck. Strong understanding of web, network, mobile, and IoT security. In-depth knowledge of OWASP Top 10 and common attack vectors (SQL injection, XSS, CSRF, buffer overflow, etc.). Familiarity with vulnerability management tools (e.g., Qualys, Tenable) and secure coding practices. Hands-on experience with reverse engineering, exploit development, and malware analysis (preferred). Familiarity with DevSecOps tools and processes (static/dynamic code analysis). Knowledge of security frameworks and compliance standards (e.g., OWASP, NIST, SOC, CIS, GDPR, HIPAA, PIPEDA). Programming & Problem-Solving Skills Proficiency in scripting languages like Python, Bash, Ruby, or PowerShell. Familiarity with programming languages such as C, C++, Java, or Go. Strong problem-solving and creative thinking abilities to simulate real-world attacks and devise effective mitigation strategies. Soft Skills Exceptional verbal and written communication skills for documentation and collaboration. Excellent organizational skills and attention to detail. Education & Certification Bachelor’s/Master’s degree in Computer Science, Information Security, or a related field (preferred). Relevant certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Cloud Security Certified Professional (CSCP). This role offers an exciting opportunity to work in a dynamic and fast-paced environment where you can make a significant impact on the security of next-generation technologies. We are committed to an inclusive and diverse team. Netradyne is an equal-opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status, or any legally protected status. If there is a match between your experiences/skills and the Company's needs, we will contact you directly. Netradyne is an equal-opportunity employer. Applicants only - Recruiting agencies do not contact. Recruitment Fraud Alert! There has been an increase in fraud that targets job seekers. Scammers may present themselves to job seekers as Netradyne employees or recruiters. Please be aware that Netradyne does not request sensitive personal data from applicants via text/instant message or any unsecured method; does not promise any advance payment for work equipment set-up and does not use recruitment or job-sourcing agencies that charge candidates an advance fee of any kind. Official communication about your application will only come from emails ending in ‘@netradyne.com’ or ‘@us-greenhouse-mail.io’. Please review and apply to our available job openings at Netradyne.com/company/careers. For more information on avoiding and reporting scams, please visit the Federal Trade Commission's job scams website.

Cybersecurity Internship Opportunity (Remote, 45Days – Unpaid) No THOUSANDS OF registration fees, no THOUSANDS OF joining fees, no course purchases — this is a 100% skill-focused internship designed to give you hands-on experience in Cybersecurity using industry-relevant tools and techniques! Location: Remote Duration: 45 Days Compensation: Unpaid Eligibility: Open to all 1st, 2nd, 3rd, and 4th Year Students, as well as Recent Graduates About the Internship: Elevate Labs offers a golden opportunity to enter the critical and growing field of Cybersecurity. This remote internship helps you gain real-world exposure by practicing ethical hacking, vulnerability scanning, network security, and incident response through live projects and expert mentorship. No fluff — just risk assessment, basic pen-testing, tools, and security practices that make you job-ready. What You’ll Gain: MSME Registered and skill India recognized Internship Certificate Letter of Recommendation (LOR) for top performers Top Performer Badge to boost your LinkedIn and resume Opportunity for a Full-Time Role — Top 10 performers will be considered Who Should Apply? Students from any year (1st–4th) Recent Graduates Anyone interested in Ethical Hacking, Cybersecurity, or Information Security Skills You’ll Practice: Fundamentals of Cybersecurity and Network Security Scanning and Reconnaissance (Nmap, Whois, etc.) Web Application Security Basics (OWASP Top 10) System Hardening & Security Configuration Intro to Ethical Hacking and Vulnerability Assessment Basic Scripting (Bash/Python) for Automation Incident Detection and Response Basics Tools & Technologies: Wireshark, Nmap, Burp Suite, OWASP ZAP, Kali Linux, Metasploit (Intro), Linux Terminal, Python/Bash Scripting Ready to secure systems, detect threats, and explore vulnerabilities ? This internship is your chance to gain hands-on Cybersecurity skills and kickstart your journey into ethical hacking and digital defense.

We help the world run better At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. What You'll Do At SAP, we enable you to bring out your best. Our company culture is centered around collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and aligns with our purpose-driven and future-focused mission. We offer a highly collaborative and caring team environment, with a strong emphasis on learning and development, recognition for your individual contributions, and a variety of benefit options to choose from. What You Bring DevOps / SRE / Cloud Platform & Observability Core Technical Expertise (Must-Have): Automation, Virtualization, Containers: Expert in Linux, Ansible, Terraform, Python, and Bash. Strong proficiency with Docker, Kubernetes (including Helm), and VMware vCenter. Cloud Platforms: Proficient in AWS, GCP, Azure, and OpenStack. Monitoring & Observability: Expert in Prometheus and Grafana (across all layers: hardware, hypervisor, OS, containers, applications). Hands-on experience with Promtail, Loki, OpenTelemetry, ELK stack, and Jaeger. DevOps Tooling: Experienced with ArgoCD and Workflows, GitHub Actions, Jenkins, YAML and JSON, REST APIs, forward & reverse proxies, load balancers, Kubernetes Ingress, and MongoDB. ITSM & Alerting Integration: Integration experience with ServiceNow, JIRA, Microsoft Teams, and PagerDuty. Network Troubleshooting: Skilled across infrastructure and cloud layers using tools such as OpenSSL, nmap, Wireshark, curl, SSH, SNMP, TLS/SSL, HTTPS, and common Linux & Windows networking commands. Certifications (Must-Have): AWS Certified (Cloud) Red Hat Ansible Certified (Automation) CNCF Certified Kubernetes Administrator (CKA) Meet Your Team SAP Enterprise Cloud Services (ECS) Delivery is a private cloud managed services provider offering SAP applications through the HANA Enterprise Cloud. Our team, ECS Delivery XDU , is responsible for the 24x7 operation of these business-critical SAP systems in the cloud. We are looking for a Senior Linux & Cloud Administrator to support our cloud platform operations (across Azure, AWS, Google Cloud, and SAP data centers) and help drive automation and continuous improvement. You will be primarily responsible for ensuring seamless 24/7 operations across technologies such as Prometheus, Grafana, Kubernetes, Ansible, ArgoCD, AWS, GitHub Actions , and more. Your responsibilities will include network troubleshooting, architecture design, cluster setup and configuration, and development of related automation to deliver world-class cloud services for SAP applications to enterprise customers across the globe. Bring out your best SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best. We win with inclusion SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world. SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training. EOE AA M/F/Vet/Disability: Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability. Successful candidates might be required to undergo a background verification with an external vendor. Requisition ID: 429041 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: #LI-Hybrid.

Technical Specialist Madurai 2.5-5 Years INDIA Job Description (Posting). Should have minimum of 5-10 years of experience in RHEL Linux environment. In-depth knowledge in Boot process Management and troubleshooting techniques. Should be proficient in task scheduling and scripting. Experience in User/Group Management, AD/LDAP, Policies, Permissions, ACL, etc. Strong knowledge on LVM, VxVM, File systems and RAID. fdisk, parted, tune2fs, e2fsck, File system creation/modification/migration, etc. System/package/patch up-gradation using RPM, YUM, RHN, Satellite, etc. Server patching via Redhat Satellite Servers, Maintaining the Satellite Servers. System Resource monitoring, management and log file interpretation. Must be Strong in Backup and Recover Procedures. Veritas Cluster Implementations, up-gradation/migration/trouble shooting in Linux. Hands on experience in handling Linux OS Clusters. Network configurations, ROUTE, NIC bonding, Bridging, etc. Experience on configuring Storage on Linux & Good understanding HBA configuration and Multi-path software's, NAS, SAN, iSCSI, etc. Should have worked on OEM Servers and coordination with OEM for hardware and Operating system related issues. Work Experience on Linux Security - TCPwrapper, IPtables and SELinux. Experience on Opensource Virtualization, LDAP services will be a value add. Knowledge about Webmin, ILO, DRAC, cPanel, etc. Should have expertise to write scripts for critical activities in shell scripting. Ansible, Perl and Python are advantages. Cluster fail-over Drill, DR drill, Restoration drill, etc. Experience in NTP, NFS, NIS, Sendmail, SMTP, DHCP, Samba, CIFS, Postfix, FTP, VSFTP, DNS, Apache/Tomcat, etc. Problem Determination and Resolution. System Hardening, Security audit, Security baseline, VAPT and Performance fine tuning. VMWare, ESXi, RHEVM, KVM, OVM/OVS, etc. will be an additional advantage. Should be familiar with Networking stuff and tools like IPCS, TOP, tcpdump, nmap, Wireshark, SSH, Telnet, SMTP, netstat, etc. Experience in ITIL Process flow. Handing Major Incidents, Customer Escalations, Identifying root cause & Preparing RCA, etc. Excellent communication and interpersonal skills. Engineering of systems administration-related solutions for various projects and operational needs. Collaborate with other teams and team members to develop automation strategies and deployment processes. Strong work experience in Veritas Clusters. Experience in Ansible playbook creation, roles and managing the AAP. Experience in Redhat Satellite environment. (1.) To provide support for on call escalations and doing root cause analysis of given issue (2.) To independently resolve tickets within agreed SLA of ticket volume and time (3.) To adhere to quality standards, regulatory requirements and company policies (4.) Work on value adding activities such Knowledge base update & management, Training freshers, coaching analysts (5.) To ensure positive customer experience and CSAT through First Call Resolution and minimum rejected resolutions / Reopen Cases Qualification B-Tech No. of Positions 1 Skill (Primary) Data Center-Unix-IBM AIX Auto req ID 1543478BR