Vice President - Cyber Security Operations Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a proven, high energy, results oriented Cybersecurity Operations Leader, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established SecOps Leader, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security posture. This is an opportunity for you to showcase your strong communication skills and experience in SOC operations, security governance & advisory, security risk management, security architecture, and cyber incident response programs. Job responsibilities: Service Delivery Management: Oversee the end-to-end delivery of Managed XDR, Attack Surface Reduction, and Advisory services to clients, ensuring high-quality outcomes and client satisfaction. SOC Operations Leadership: Lead and manage Security Operations Center (SOC) operations, ensuring effective monitoring, incident management, and response processes are in place. Incident & Escalation Management: Take responsibility for escalations arising from security event monitoring, incident management, and response. Ensure timely resolution and process improvements. SLA & Process Compliance: Ensure that service level agreements (SLAs) are met, while also driving process adherence, continuous improvements, and operational excellence. Governance & Metrics: Establish and refine operational foundations, defining key metrics and KPIs to drive governance, quality, and efficiency. Influence operational change to improve performance. Threat Management & Detection: Lead efforts in threat management, modeling, and hunting. Identify threat vectors and develop use cases and detection rules to enhance security monitoring capabilities. Team Training & Development: Ensure that the team’s skill development and training needs are adequately addressed to maintain cutting-edge security expertise. Cybersecurity Maturity & Resilience: Assist clients in identifying potential threats, vulnerabilities, and deficiencies, advising on measures to enhance their cybersecurity maturity and resilience. Solution Design & Communication: Evaluate client needs, create tailored security solutions, and effectively communicate the value proposition of complex security concepts to both technical and non-technical stakeholders. Security Assessments: Plan and execute IT security assessments of on-premise/cloud IT assets. Understand organizational objectives, policies, and regulations to identify risk areas and prepare comprehensive review programs. Stakeholder Communication: Possess strong communication skills to engage with senior management, board members, technical teams, and key client stakeholders to convey complex security concepts effectively. Sales & Proposal Support: Contribute to sales pursuits, proposals, and the development of security practice eminence. Drive business growth through strategic client relationships. Project Delivery: Lead and deliver complex security projects in a fast-paced, team-driven environment. Knowledge Sharing & Collaboration: Foster a collaborative environment by promoting and participating in forums that enhance the firm’s collective knowledge and assist clients with complex challenges. Enterprise Security Leadership: Provide leadership and strategic direction to the organization’s information security initiatives. Cybersecurity Strategy & Technology Update: Regularly update and refine the cybersecurity strategy to incorporate new technologies and emerging threat information. Client Relationship Management: Establish and maintain strong client relationships to further expand the service portfolio and ensure long-term client success. Job specifications: 1. Qualification: A bachelor’s degree in a related field (e.g., Computer Science, Cybersecurity, or Information Technology) and a minimum of 15 years of relevant work experience. Certifications Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA). Cloud security certifications from major Cloud Service Providers (AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect), or Certified Cloud Security Professional (CCSP) / Certificate of Cloud Security Knowledge (CCSK). 2. Desired Skills: Desired Skills & Experience : SOC Expertise: Strong understanding of SOC operations, design, and management. Experience with domain administration, network architecture, and change control procedures. Risk Management Knowledge: Familiarity with IT risk management standards and frameworks, including ISO 31000, NIST Cybersecurity Framework, ISO 27001/27002, GDPR, PCI DSS, SOC 1/SOC 2, COBIT, and HITRUST. Networking & Security Technologies: Knowledge of networking (TCP/IP, OSI model), operating systems (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS), and programming languages (C, Java, Perl, Shell). Threat Landscape Awareness: In-depth understanding of cyber-attacks, threat vectors, risk management, and incident response. Security Solutions Proficiency: Hands-on experience with MDR, EDR, XDR, SIEM, Vulnerability Management, IDS/IPS, NTA, UEBA, DLP, and other security technologies. Penetration Testing Tools: Familiarity with penetration testing and application security tools (Kali Linux, Metasploit, Burp Suite, Nessus, NMAP). Security Frameworks & Methodologies: Understanding of OWASP, the MITRE Attack Framework, Cyber Kill Chain, and the SDLC (Software Development Lifecycle). Cloud Security Expertise: Advanced knowledge of cloud security practices and implementations. Vendor/Partner & Client Management: Strong experience in vendor/partner management, client management, and the ability to lead client relationships effectively. Offerings Development: Ability to research and develop innovative security risk-based offerings that meet client needs. Shaping Client Expectations: Expertise in managing and shaping client expectations throughout engagement cycles. #CybersecurityLeadership #VPOfOperations #SecurityOperations #CyberOpsLeadership #OperationsLeadership #CybersecurityVP #SecurityOps #CybersecurityExec #TechOperations #InfoSecLeadership #VPJobs #LeadershipHiring #CybersecurityCareers #OperationsExcellence #SecurityLeadershipRoles #HyderabadJobs #HyderabadHiring #HyderabadCareers #HyderabadTech #HyderabadVP #HyderabadOperations Show more Show less
Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a proven, high energy, results oriented Cybersecurity Leader, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established SecOps Leader, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security posture. This is an opportunity for you to showcase your strong communication skills and experience in SOC operations, security governance & advisory, security risk management, security architecture, and cyber incident response programs. Job responsibilities: · Driving of Cybersecurity services business from a pre-sales consultancy capacity in order to support our prospects/clients from proposal to delivery · Serves as a Subject Matter Expert (SME) for SOC/SIEM/GRC/Infra-Application Security Assessment Services · Able to articulate the business benefits of Cybersecurity services to business/technical customers as appropriate, helping them to identify potential future opportunities and bringing them to the attention of people who can commit the required resources to realize those benefits. · Ability to prepare Cybersecurity documents and presentations in such a way that they are easily understood by the appropriate audience · Demonstrate personal flexibility and focused delivery to ensure the delivery of quality cybersecurity solutions and increase customer satisfaction · Shares knowledge within the ISO (SIEM/SOC) community · Documents feedback and lessons learned from customer engagements so that the colleagues can benefit from this knowledge and be alerted to potential new opportunities Job specifications: 1. Qualification: · Bachelor’s degree in Computer Science, Engineering, or related field or equivalent work experience. May hold Master's or advanced degree in related field 2. Skills: · Proven experience of a Consultative Cybersecurity Selling approach in a customer facing role · Able to conduct cybersecurity presentations, demos, POCs · 7+ years of professional experience in writing cybersecurity proposals/responding to RFPs/Presentations/SOWs on cybersecurity services · Experience in architectural design and project led implementation of Cybersecurity solutions · Demonstrate ability to coach others in the gathering of requirements, designs, plans and estimates · Expert knowledge of Splunk, IBM QRadar and LogRhythm is required (configuration, troubleshooting and design and their relative merits); comparable knowledge with products of other leading SIEM vendors helpful · Contemporary base operating systems and major database platforms architectural knowledge for enterprise environments · Demonstrates broad knowledge in other technical areas to properly manage complex integration efforts · Appreciation of the business drivers demanding Cybersecurity Services · Understanding of legislative demands and compliance requirements mitigated through Cybersecurity services · Understanding of the additional enabling features achieved from an effective Cybersecurity service/solution · Experience of the supporting policy, procedures and practices required to deliver and maintain an effective operational Cybersecurity solution - at the customer or through a service · Ability to adapt a consulting style appropriate to the situation and can identify up-sell opportunities · Ability to demonstrate a broad understanding of market dynamics, an industry area, commercial issues, and technical concerns whilst maintaining depth in Cybersecurity services focus area Show more Show less
Reports To: Country Director Employment Type: Full-Time About Nopal Cyber Nopal Cyber is a next-generation cybersecurity company delivering offensive and defensive security solutions, including MXDR, ASM, Threat Intelligence, and Breach & Attack Simulation. Our mission is to help organizations proactively manage cyber risk and build resilient digital ecosystems. Role Overview We are seeking a strategic and results-driven Alliance and Partner Lead to build, manage, and scale our global partner ecosystem. This role is critical to expanding Nopal Cyber’s market reach through strategic alliances, channel partners, MSSPs, and technology integrations across geogrpahies. Key Responsibilities Develop and execute a comprehensive partner strategy aligned with Nopal Cyber’s growth objectives. Identify, onboard, and enable new partners (resellers, distributors, MSSPs, GSIs, and technology alliances). Drive joint go-to-market initiatives, co-branded campaigns, and partner-led demand generation. Manage partner relationships, performance metrics, and quarterly business reviews (QBRs). Collaborate to ensure partner success and alignment. Negotiate partnership agreements, incentives, and revenue-sharing models. Represent Nopal Cyber at partner events, conferences, and industry forums. Required Skills & Experience 10+ years of experience in alliance/channel/partner management in cybersecurity or enterprise tech. Strong network of regional and global partners (especially in India, GCC, APAC, and North America). Proven track record of building and scaling partner ecosystems. Excellent negotiation, communication, and relationship-building skills. Familiarity with cybersecurity domains such as MXDR, ASM, Threat Intelligence, and BAS. Bachelor’s degree in Business, Technology, or related field (MBA preferred). What We Offer Competitive compensation and performance-based incentives. Opportunity to shape and lead a global partner strategy. Access to cutting-edge cybersecurity solutions and a collaborative team culture. Flexibility and autonomy to drive impact. Show more Show less
About Nopal Cyber Nopal Cyber is a next-generation cybersecurity company delivering offensive and defensive security solutions, including MXDR, ASM, Threat Intelligence, and Breach & Attack Simulation. Our mission is to help organizations proactively manage cyber risk and build resilient digital ecosystems. Role Overview We are seeking a dynamic and experienced Sales Leader to drive our growth across India . The ideal candidate will have a strong background in cybersecurity sales, a deep understanding of regional market dynamics, and a proven track record of building and closing enterprise deals. Key Responsibilities Revenue Generation & Pipeline Management Work and build business from GCC accounts across India. Achieve quarterly and annual sales targets for cybersecurity solutions (e.g., MXDR, ASM, Threat Intelligence). Drive net new business and upsell/cross-sell to existing accounts. Build and maintain a healthy sales pipeline through prospecting, networking, and lead follow-up. Identify key verticals and strategic accounts for focused outreach. Work closely with presales, and delivery teams to craft winning proposals. Coordinate with channel partners and resellers where applicable. Stay updated on regional cybersecurity trends, competitor activities, and regulatory changes. Required Skills & Experience 15+ years of enterprise sales experience in cybersecurity or IT services. Strong network and understanding of the GCC companies Proven ability to meet or exceed sales targets in a competitive environment. Excellent communication, negotiation, and presentation skills. Experience with solution selling and consultative sales approaches. Familiarity with cybersecurity domains such as MXDR, ASM, Threat Intelligence, and BAS is a plus. Bachelor's degree in Business, Technology, or related field (MBA preferred). What We Offer Competitive compensation and performance-based incentives. Opportunity to lead a high-impact region with strategic importance. Access to cutting-edge cybersecurity solutions and a collaborative team culture. Flexibility and autonomy to shape your regional strategy. Show more Show less
Job Statement: NopalCyber makes cybersecurity manageable, affordable, dependable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are tailored to client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. Job responsibilities: Monitor, analyze, and interpret security/system logs for events, operational irregularities, and potential incidents, and escalate issues as appropriate Responsible for monitoring, detection of analysis through various input tools and systems (SIEM, IDS / IPS, Firewalls, EDR, etc.) Conduct basic red team exercises to test the effectiveness of preventive and monitoring controls Provides support for complex system/network exploitation and defense techniques to include deterring, identifying, and investigating system and network intrusions Support malware analysis, host and network, log analysis, and triage in support of incident response Maintaining and improving the security technologies deployed, including creating use cases, customizing or better configuring the tools based on past and current threats Monitoring threat/vulnerability landscape, security advisories, and acting on them as appropriate Continuously monitors the security alerts and escalation queue, triages security alerts Monitoring and tuning SIEM (content, parsing, maintenance) Monitoring Cloud infrastructure for security-related events Delivers scheduled and ad-hoc reports Develop and coach L1 analysts Author Standard Operating Procedures (SOPs) and training documentation Work the full ticket lifecycle; handle every step of the alert, from detection to remediation Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty Perform threat-intel research, learn new attack patterns, actively participate in security forums. Job specifications: Qualification: Bachelor’s degree in Engineering or closely related coursework in technology development disciplines Certifications like CISSP, CEH, CISM, GCIH, GCIA are desirable Experience with the following or related tools: SIEM Tools such as Splunk, IBM QRadar, SecureOnix; Case Management Tools such as Swimlane, Phantom, etc.; EDR tools such as Crowdstrike, Sentinel, VMware, McAfee, Microsoft Defender ATP, etc; Network Analysis Tools such as Darktrace, FireEye, NetWitness, Panorama, etc. Experience: 6+ years of SOC related work experience Desired Skills: Full understanding of SOC L1 responsibilities/duties and how the duties feed into L2/L3. The ability to take lead on incident research when appropriate and be able to mentor junior analysts. Advanced knowledge of TCP/IP protocols and event log analysis Strong understanding of Windows, Linux and networking concepts Experience analyzing both log and packet data to include the use of WireShark, tcpdump and other capture/analysis tools Good understanding of security solutions including SIEMs, Web Proxies, EDR, Firewalls, VPN, authentication, encryption, IPS/IDS etc. Functional understanding of Cloud environments Ability to conduct research into IT security issues and products as required Working in a TAT based IT security incident resolution practice and knowledge of ITIL Knowledge and experience with scripting and programming (Python, PERL, etc.) are also highly preferred Malware analysis and reverse engineering is a plus Personal Attributes Self-starter and quick learner requiring minimal ramp-up Excellent written, oral, and interpersonal communication skills Highly self-motivated, self-directed, and attentive to detail Ability to effectively prioritize and execute tasks in a high-pressure environment
Role Overview As AVP/VP – Cybersecurity Operations, you will provide strategic and technical leadership for NopalCyber’s Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery. You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development. Key Responsibilities Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction. Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments. Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies. Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations. Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement. Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages. Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility. Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded. Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces. Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services. Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity. Required Qualifications Bachelor's degree in Engineering, Computer Science, or a related field; a Master’s is preferred. 12–18 years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains. Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs. Preferred Certifications Mandatory: OSCP, CEH Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP Desired Skills In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques. Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect. Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments. Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines. Capability to present complex technical findings in clear, business-relevant language to executive stakeholders. Leadership Attributes Strategic thinker with a track record of scaling cybersecurity programs or service lines. Proven ability to lead, mentor, and retain high-performing technical teams. Exceptional client engagement and communication skills. Ability to influence and collaborate across teams and functions to drive security outcomes. #PenetrationTesting #RedTeamOperations #ApplicationSecurity #OffensiveSecurity #CybersecurityLeadership #CloudSecurity #ThreatModeling #OWASP #StakeholderManagement #OSCP #MITREATTACK
Location: Hyderabad-WFO Number of roles: 2 Experience: 2–4 years or 5-8 years Notice Period: Immediate preferred; 30 days We're looking for a privacy-savvy professional to drive compliance with global and regional data protection regulations including GDPR , DPDPA (India) , and HITRUST . You'll work with cross-functional teams to ensure robust privacy practices across systems, policies, and vendor relationships. What You’ll Do: Manage privacy programs under GDPR, DPDPA, and HITRUST frameworks Conduct DPIAs and respond to data subject requests Build privacy and security policies aligned to ISO 27001 and HIPAA Guide business teams on privacy risks and best practices What We’re Looking For: 2–8 years in privacy, IT compliance, or security consulting Working knowledge of GDPR and HITRUST; DPDPA experience is a strong plus Familiarity with ISO 27001, HIPAA, and data security regulations Certifications like CIPP/E, CIPM, CCSFP are advantageous Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.
Role Overview As Senior Mananger/AVP – Offensive security services, you will provide strategic and technical leadership for NopalCyber’s Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, BAS, AI Security and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery. You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development. Key Responsibilities Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction. Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments. Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies. Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations. Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement. Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages. Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility. Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded. Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces. Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services. Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity. Required Qualifications Bachelor's degree in Engineering, Computer Science, or a related field; a Master’s is preferred. 12–18 years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains. Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs. Preferred Certifications Mandatory: OSCP, CEH Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP Desired Skills In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques. Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect. Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments. Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines. Capability to present complex technical findings in clear, business-relevant language to executive stakeholders. Leadership Attributes Strategic thinker with a track record of scaling cybersecurity programs or service lines. Proven ability to lead, mentor, and retain high-performing technical teams. Exceptional client engagement and communication skills. Ability to influence and collaborate across teams and functions to drive security outcomes. #PenetrationTesting #RedTeamOperations #ApplicationSecurity #OffensiveSecurity #CybersecurityLeadership #CloudSecurity #ThreatModeling #OWASP #StakeholderManagement #OSCP #MITREATTACK
Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence at no cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. Nopal Cyber lowers the barrier to entry while raising the bar for security and service. As the Senior Manager – Platform Engineering , you will be part of high-performing team in the design, deployment, and continuous improvement of advanced threat detection capabilities across global enterprise environments. This role demands both strategic vision and hands-on technical expertise to defend complex hybrid infrastructures against evolving cyber threats. You will be responsible for shaping detection strategy, ensuring operational excellence, and driving innovation in how threats are identified and neutralized. Key Responsibilities Strategic Leadership & Vision Define and own the enterprise-wide threat detection strategy aligned with organizational security objectives and evolving threat landscapes. Partner with executive leadership to set detection performance KPIs and ensure measurable impact on organizational resilience. Serve as the senior technical authority for detection architecture, threat coverage, and operational readiness . Advanced Threat Detection & Engineering Lead the design, development, and deployment of high-fidelity, scalable threat detection mechanisms across on-premises, cloud (AWS, Azure, GCP), and SaaS environments. Architect and optimize SIEM/SOAR ecosystems , integrating diverse data sources to maximize visibility and response speed. Translate threat intelligence and TTPs (MITRE ATT&CK, Cyber Kill Chain) into actionable detection rules and playbooks. Drive automation initiatives to reduce MTTD (Mean Time to Detect) and enhance analyst efficiency. Operational Excellence Lead cross-functional collaboration with Threat Hunting, Incident Response, and Security Operations to ensure a unified defense posture. Oversee detection content lifecycle — creation, validation, tuning — to minimize false positives while maintaining high sensitivity. Guide large-scale client onboarding to detection platforms, ensuring seamless data integration and operational alignment. Establish and maintain detection health monitoring and reporting frameworks for continuous improvement. Team & Stakeholder Management Mentor and develop senior engineers and analysts, building a pipeline of next-generation detection experts . Act as the senior liaison with clients, internal executives, and technology partners on detection and response capabilities. Drive security awareness and detection-readiness initiatives across technical and non-technical teams. Qualifications & Experience Bachelor’s degree in Computer Science, Information Security, or related discipline (Master’s preferred). 15+ years in cybersecurity, with at least 5 years leading threat detection/engineering teams in complex enterprise environments. Proven expertise in SIEM platforms (Splunk, ELK/Security Onion, IBM QRadar, Securonix, Wazuh, Azure Sentinel) including advanced query design, dashboarding, and data onboarding. In-depth knowledge of network infrastructure and security controls (Firewalls, EDR/XDR, Email Security, Proxy, DLP, IDS/IPS, CSPM, SOAR, WAF). Strong grasp of adversary TTPs, MITRE ATT&CK , Cyber Kill Chain, and emerging attack vectors. Demonstrated success in cloud-native security monitoring and detection . Industry-recognized certifications highly preferred: OSCP, GIAC (GCIH, GCIA), CISSP, GCTI, GCDA or equivalent. Exceptional communication, leadership, and client engagement skills.
Location: Hyderabad & Gurugram No. of positions: 3 We are seeking a dynamic and results-driven Business Development Executive with a strong understanding of Cyber security and excellent communication skills. The ideal candidate will be responsible for identifying business opportunities, building client relationships, generating qualified leads, and representing the company at events. Key Responsibilities: Identify and pursue new business opportunities through market research and networking. Generate and qualify leads through targeted outreach. Understand and articulate technology solutions to potential clients. Build and maintain strong client relationships. Plan, coordinate, and participate in industry events, exhibitions, and webinars. Work closely with internal teams to align business development activities with company goals. Required Skills & Qualifications: 3–5 years of proven experience in business development, preferably in the cyber security domain. Strong communication, presentation, and negotiation skills. Ability to quickly grasp and explain technical concepts in simple terms. Experience in lead generation and client relationship management. Education: Bachelor’s degree in Business, Marketing, Technology, or related field.
Role Overview As Senior Mananger/AVP – Offensive security services, you will provide strategic and technical leadership for NopalCyber’s Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, BAS, AI Security and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery. You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development. Key Responsibilities Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction. Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments. Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies. Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations. Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement. Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages. Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility. Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded. Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces. Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services. Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity. Required Qualifications Bachelor's degree in Engineering, Computer Science, or a related field; a Master’s is preferred. 12–18 years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains. Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs. Preferred Certifications Mandatory: OSCP, CEH Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP Desired Skills In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques. Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect. Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments. Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines. Capability to present complex technical findings in clear, business-relevant language to executive stakeholders. Leadership Attributes Strategic thinker with a track record of scaling cybersecurity programs or service lines. Proven ability to lead, mentor, and retain high-performing technical teams. Exceptional client engagement and communication skills. Ability to influence and collaborate across teams and functions to drive security outcomes. #PenetrationTesting #RedTeamOperations #ApplicationSecurity #OffensiveSecurity #CybersecurityLeadership #CloudSecurity #ThreatModeling #OWASP #StakeholderManagement #OSCP #MITREATTACK
Role Overview As Senior Mananger/AVP Offensive security services, you will provide strategic and technical leadership for NopalCybers Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, BAS, AI Security and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery. You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development. Key Responsibilities Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction. Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments. Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies. Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations. Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement. Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages. Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility. Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.g., MTTR, false positive rate, TTP coverage) are consistently met or exceeded. Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces. Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services. Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity. Required Qualifications Bachelor&aposs degree in Engineering, Computer Science, or a related field; a Masters is preferred. 1218 years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains. Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs. Preferred Certifications Mandatory: OSCP, CEH Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP Desired Skills In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques. Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect. Proficiency in cloud security testing across AWS, Azure, or GCP; experience with containerized and microservices-based environments. Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines. Capability to present complex technical findings in clear, business-relevant language to executive stakeholders. Leadership Attributes Strategic thinker with a track record of scaling cybersecurity programs or service lines. Proven ability to lead, mentor, and retain high-performing technical teams. Exceptional client engagement and communication skills. Ability to influence and collaborate across teams and functions to drive security outcomes. #PenetrationTesting #RedTeamOperations #ApplicationSecurity #OffensiveSecurity #CybersecurityLeadership #CloudSecurity #ThreatModeling #OWASP #StakeholderManagement #OSCP #MITREATTACK Show more Show less
Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a detail-oriented and proactive GRC professional with hands-on experience in cybersecurity, compliance, and a strong emerging interest or practical experience in AI security frameworks, adhering to evolving standards like ISO 42001, ISO 27001, and NIST CSF. Job Responsibilities: Implement and manage security controls specifically designed for AI systems throughout their lifecycle (data collection, model training, deployment, monitoring). Address AI-specific security risks such as data poisoning, model inversion attacks, adversarial attacks, and prompt injection vulnerabilities. Lead or support the implementation and maintenance of our ISO 42001 (Artificial Intelligence Management System), ensuring compliance with its requirements for trustworthiness, robustness, and ethical considerations in AI systems. Conduct AI-specific risk assessments, identifying and mitigating risks related to AI bias, privacy, security, and societal impact. Develop, review, and refine comprehensive AI security, data governance, and information security policies, standards, and procedures, ensuring alignment with ISO 42001. Prepare for and support internal and external audits for ISO 42001 certification. Contribute to the design, implementation, and continuous improvement of our ISO 27001 (Information Security Management System), ensuring its relevance and effectiveness Support in audits, risk assessments, and gap analysis, ensuring adherence to compliance requirements. Assess organizational cybersecurity posture using the NIST Cybersecurity Framework (CSF). Identify and document gaps and provide recommendations of security measures aligned with NIST CSF. Prepare compliance status and risk reduction strategies. Assist in drafting and updating organizational policies and procedures for governance and compliance. Deliver complex projects in a fast-paced, team environment Job Specifications: 1. Qualification: Bachelor’s degree in Engineering or closely related coursework in technology development disciplines Certifications – Security+, CEH, ISO 27001 Lead Implementer/Lead Auditor, ISO 42001 Lead Implementer, CISA, relevant certification in AI Security (good to have, but not mandatory) 2. Experience: Total Experience -2 to 8 years Knowledge and Experience: Demonstrable practical experience with ISO 27001 implementation, maintenance, or audit support. Strong understanding and practical application experience with the NIST Cybersecurity Framework (CSF). Familiarity with or emerging experience in AI security concepts (e.g., model security, data integrity for AI, bias mitigation). Awareness of or exposure to ISO 42001 principles and requirements for AI management systems is highly desirable. Good understanding of information security principles and related compliance controls. Ability to articulate the relevance of the security controls Experience in delivery of Information Security risk and compliance advisory services Experience in management consulting and information security audits Experience around technology risk assessments Ability to research and develop new risk-based security offerings Comfortable working in a project based / client serving model Personal Attributes Self-starter and quick learner requiring minimal ramp-up Excellent written, oral, and interpersonal communication skills Highly self-motivated, self-directed, and attentive to detail Ability to effectively prioritize and execute tasks in a high-pressure environment
As the Alliance and Partner Lead at Nopal Cyber, you will play a pivotal role in building, managing, and expanding our global partner ecosystem to enhance our market reach and achieve strategic growth objectives. Your responsibilities will include developing and implementing a comprehensive partner strategy, identifying and onboarding new partners, driving joint go-to-market initiatives, managing partner relationships, and negotiating partnership agreements. With over 10 years of experience in alliance, channel, or partner management within the cybersecurity or enterprise technology industry, you will leverage your strong network of regional and global partners to establish successful collaborations, especially in key regions like India, GCC, APAC, and North America. Your proven track record in building and scaling partner ecosystems, coupled with your negotiation, communication, and relationship-building skills, will be instrumental in driving the success of our partnerships. In addition to fostering partner success and alignment, you will be responsible for overseeing performance metrics, conducting quarterly business reviews, and representing Nopal Cyber at partner events, conferences, and industry forums. Your familiarity with cybersecurity domains such as MXDR, ASM, Threat Intelligence, and BAS will enable you to effectively engage with partners and drive impactful initiatives. As part of our team, you will have the opportunity to shape and lead a global partner strategy, access cutting-edge cybersecurity solutions, and contribute to a collaborative team culture. We offer competitive compensation, performance-based incentives, and the flexibility and autonomy to make a significant impact on our organization's growth and success. If you are a results-driven professional with a passion for alliance and partner management, we invite you to join Nopal Cyber and help us proactively manage cyber risk and build resilient digital ecosystems through strategic partnerships and collaborations.,