44 Openvas Jobs

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Senior Associate Vulnerability Assessment Specialist is a developing subject matter expert, responsible for conducting vulnerability assessments, analyzing findings, and providing expert recommendations to mitigate security risks within the organization's systems and infrastructure. This role requires collaboration with cross-functional teams, and performs vulnerability assessments, analyzes findings, and provides recommendations to mitigate security risks. Key responsibilities: Conducts vulnerability scans using automated tools and manual techniques to identify vulnerabilities in systems, networks, applications, and infrastructure components. Analyzes scan results and determine the severity, exploitability, and potential impact of identified vulnerabilities. Assesses the potential risks associated with identified vulnerabilities. Collaborates with system owners, administrators, and IT teams to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities. Conducts advanced vulnerability assessments, including application security assessments, penetration testing, and code review, to identify complex vulnerabilities and security weaknesses. Utilizes manual testing techniques and industry-standard methodologies. Utilizes and manages vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Configures and fine-tunes scan policies and parameters to enhance assessment accuracy and coverage. Prepares comprehensive vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions. Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner. Participates in security awareness programs and provide training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Foster a culture of security awareness within the organization. Participates in incident response efforts related to vulnerabilities, collaborate with cross-functional teams, and contribute to post-incident analysis. Identifies root causes, provide recommendations for improvement, and drive preventive measures. Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, collaboration, and alignment on vulnerability management goals. Builds relationships and influence stakeholders to drive remediation efforts. Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools. Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices. Performs any other related task as required. To thrive in this role, you need to have: Understanding of vulnerability assessment methodologies, tools, and industry best practices. Good understanding of networking concepts, operating systems, and common software vulnerabilities. Proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities. Strong knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases. Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions. Good written and verbal communication skills to prepare comprehensive reports and communicate technical information to diverse stakeholders. Familiarity with security frameworks, standards, and regulatory compliance requirements. Ability to collaborate and work effectively with stakeholders and cross-functional teams. Academic qualifications and certifications: Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Web Application Penetration Tester (GWAPT) are beneficial. Required experience: Moderate level of relevant experience in information security or related roles, with a focus on conducting vulnerability assessments and driving remediation efforts. Moderate level of demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review Workplace type: Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Job Title: SOC & VAPT Analyst (Entry-Level) Location: Indore Experience: 0–1 Years Certification: CEH (Certified Ethical Hacker) – Mandatory Preferred: Local candidates from Indore or nearby regions Job Summary: We are seeking a highly motivated and detail-oriented SOC & VAPT Analyst to join our cybersecurity team. This is an entry-level role ideal for individuals with a passion for cybersecurity, a foundational understanding of ethical hacking, and CEH certification. You will play a crucial role in monitoring security events, analyzing threats, and supporting vulnerability assessment and penetration testing activities. Key Responsibilities:SOC (Security Operations Center) Responsibilities: Monitor security alerts and events from SIEM tools and other monitoring systems. Analyze and triage incidents to determine their severity and impact. Perform initial investigation and threat analysis on potential security incidents. Escalate validated incidents to senior analysts or incident response teams. Document incident details, response steps, and follow-up actions. VAPT (Vulnerability Assessment & Penetration Testing): Assist in performing internal and external vulnerability scans. Support penetration testing under the guidance of senior team members. Identify, analyze, and report vulnerabilities with actionable recommendations. Stay up to date with the latest security threats, vulnerabilities, and mitigation techniques. Required Skills & Qualifications: CEH (Certified Ethical Hacker) certification is mandatory . Basic knowledge of security monitoring tools, firewalls, IDS/IPS, and SIEM solutions. Familiarity with vulnerability scanning tools like Nessus, OpenVAS, etc. Understanding of common attack vectors, exploits, and countermeasures. Strong analytical and problem-solving skills. Good communication and documentation abilities. Educational Qualification: Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related field. Additional Preferences: Localized candidates from Indore or nearby areas are highly preferred . Internships or academic projects in cybersecurity will be an added advantage. Job Type: Full-time Pay: ₹15,000.00 - ₹16,000.00 per month Benefits: Cell phone reimbursement Paid time off Provident Fund Work Location: In person

Job Overview: We are looking for a talented and experienced Application Security Engineer to join our team. The ideal candidate will have a strong understanding of application security standards, tools, and methodologies and will be responsible for conducting security assessments, penetration testing, and vulnerability analysis for web and mobile applications. This role requires hands-on experience with both automated and manual testing tools, familiarity with security mechanisms, and a commitment to improving the overall security posture of the organization. Key Responsibilities: • Conduct security assessments for both web and mobile applications. • Perform vulnerability assessments and penetration tests using tools such as Burp Suite Pro, AppScan, Veracode, Fortify, WebInspect, Acunetix, etc. • Leverage mobile application testing tools like Drozer, Xposed, MobSF, SSLTrustKiller, Frida, apktool, dex2jar, jadx, and IDA for iOS and Android applications. • Conduct thorough testing of APIs to identify security flaws. • Utilize OWASP and SANS standards to guide security practices. • Stay up to date with the latest security testing tools, techniques, and ethical hacking methodologies. • Compile and present risk-based findings to stakeholders, providing detailed reports and suggesting appropriate mitigations. • Provide expertise on penetration testing methodologies, including black box, grey box, and white box testing. • Demonstrate proficiency with common penetration testing tools such as nmap, Wireshark, Kali Linux, Metasploit, OpenVAS, OWSAP ZAP, Accunetix, Nikto, Nessus, and sqlmap. • Assist development teams with implementing penetration tests as part of the Secure Software Development Life Cycle (Secure SDLC). • Create and refine security checklists tailored to organizational needs. • Ensure continuous security improvement by making suggestions for system and process enhancements. • Experience working with SaaS, IaaS, and PaaS environments, helping integrate and optimize security technologies and processes. Skills and Qualifications: • Proficiency with OWASP Top 10 and SANS security standards. • Strong experience in using security assessment tools, including both static (SAST) and dynamic (DAST) application security testing tools. • Hands-on experience with mobile application security testing and mobile-specific vulnerabilities. • Proficient with web technologies such as J2EE, XML, JSON, SOAP, REST, and AJAX. • Basic programming knowledge in Java, JavaScript, and SQL. • Familiarity with encryption, authentication, and authorization techniques for secure software development. • Experience in automating security testing using scripting languages like Python, Bash, or Java. • Knowledge of network security and vulnerability assessment practices. • Experience in Secure Code Review and identifying vulnerabilities in the source code. • Strong understanding of various security techniques and risk assessment processes. Certifications: • Certified Ethical Hacker (CEH) or equivalent certifications related to application security. Desired Competencies: • OWASP, Burp Suite, Web Application Security, Acunetix, Vulnerability Assessment, Network Security, Mobile Application Security. • Proficient in Secure Code Review, Python, Bash, Java, and Automation scripting.

Cloud & Compliance Security Specialist (4–6 Years Experience) Job Title: Cloud & Compliance Security Specialist Experience Required: 4–6 Years Location: Noida Job Type: Full-Time Department: Cyber Security Reporting to: Head/CISO Cyber Security. Role Overview: We are seeking a highly experienced and detail-oriented Cloud & Compliance Security Specialist to join our cybersecurity team. The ideal candidate will have a strong background in Governance, Risk, and Compliance (GRC), security technologies, and reporting/documentation. This role demands a strategic thinker with hands-on expertise in securing cloud environments across Various Cloud platforms. Key Responsibilities: 1. Security Technology & Operations – 50% · Design and implement cloud-native security controls and architectures (e.g., IAM, encryption, firewalls, WAFs, SIEM, CSPM, CWPP). · Monitor and respond to cloud security incidents using industry-standard tools and platforms for threat detection and analysis. · Integrate DevSecOps practices into CI/CD pipelines to ensure secure code deployment. · Perform threat modeling, vulnerability assessments, and penetration testing of cloud infrastructure. · Collaborate with DevOps and IT teams to ensure secure configuration and hardening of cloud resources. 2. Governance, Risk & Compliance (GRC) – 35% · Develop, implement, and maintain overall organizational security policies, standards, and procedures including Cloud security aligned with industry frameworks (e.g., ISO 27001, NIST, CIS, CSA). · Conduct risk assessments and cloud security audits to identify gaps and recommend mitigation strategies. · Ensure compliance with regulatory requirements such as DPDP, GDPR, HIPAA, PCI-DSS, and local data protection laws. · Collaborate with internal audit and legal teams to manage third-party risk assessments and vendor security reviews. · Lead security awareness and training programs across the organization. 3. Reporting & Documentation – 15% · Prepare detailed security reports, dashboards, and metrics for executive leadership and stakeholders. · Maintain comprehensive documentation of cloud security architecture, incident response plans, and audit findings. · Track and report on remediation efforts and risk mitigation progress. · Support internal and external audits with accurate and timely documentation. Required Skills & Qualifications: Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. 4–6 years of experience in cybersecurity with at least 4 years in cloud security. Strong knowledge of AWS, Azure, and/or GCP security services. Hands-on experience with security tools: Next Gen Firewalls, SIEM, WAF, CSPM, EDR, etc. Hands-on experience with DevSecOps, container security (Kubernetes, Docker), and Infrastructure as Code (Terraform, CloudFormation). Hands-on experience with various VA/PT tools including open source like OpenVas/OWASP Zap/Veracode/Nessus/Qualys etc. Certifications (Preferred): Cloud Security: CCSP, AWS Security Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer (any one of them) General Security & Compliance: CISA/ISO 27001 Lead Implementer/Auditor (any one of them)

At Arctic Wolf, we are redefining the cybersecurity landscape with our global team of Pack members committed to setting new industry standards. Our achievements speak for themselves, from being recognized in prestigious lists like the Forbes Cloud 100, CNBC Disruptor 50, and winning awards like the CRN Products of the Year. We are proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and to have earned the Customers" Choice distinction from Gartner Peer Insights. Arctic Wolf is not just leading but also shaping the future of security operations. Our mission is straightforward: End Cyber Risk. We are currently seeking a Security Developer to join us in achieving this goal. About The Role As a Security Developer at Arctic Wolf, you will work as a software developer focusing on enhancing the platforms threat, vulnerability, and configuration risk detection capabilities. Your primary objective will be to contribute to making security better for our clients daily. This role involves collaborating with team members, Product Management, Security Services, and other specialists to enhance the coverage and effectiveness of our Manage solution continuously. Your Responsibilities - Collaborate with team members to enhance coverage, efficiency, and deliver customer-facing and internal services. - Engage in the full software development lifecycle. - Develop well-designed, testable, efficient, and secure code for vulnerability and misconfiguration detection in areas such as Classic Endpoint Vulnerability And Config Management, Cloud Config And Posture Management. - Assist operational teams in resolving unexpected results, receiving feedback, and improving detection efficacy. Skills Requirements - Proficiency in at least one backend programming language like Go, Node.js, or Python. - Strong understanding and practical application of secure development practices. - Security-focused mindset with hands-on experience in operational security or security engineering. - Full understanding and use of DevOps methods and practices. - Familiarity with test-driven development (TDD) and robust testing strategies. - Experience with AWS, Docker, Kubernetes, IaC is an asset. Bonus Considerations For - Experience with 3rd Party Vulnerability Management tools, Cloud-based configuration and Security Posture Management tools, open-source vulnerability and pen-testing platforms. - IT Deployment backgrounds leveraging deployment automation tools like Salt or Ansible. Why Arctic Wolf At Arctic Wolf, we nurture a collaborative and inclusive work environment that values diversity of thought, background, and culture. Our commitment to growth and shaping the future of security operations is complemented by our dedication to customer satisfaction, with a vast customer base and global channel partners. We celebrate unique perspectives through our Pack Unity program and believe in corporate responsibility, giving back to the community. All employees at Arctic Wolf receive competitive compensation and benefits packages, including equity, flexible leave policies, training programs, comprehensive private benefits plan, fertility support, and more. Join us in our mission to End Cyber Risk and contribute to a safer digital world.,

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Vulnerability Assessment Specialist is a seasoned subject matter expert, responsible for conducting advanced vulnerability assessments, identifying vulnerabilities, and provides expert recommendations to mitigate security risks to ensure the security and integrity of the organization's systems and infrastructure. This role requires collaboration with cross-functional teams, and they lead/perform vulnerability assessments, analyze findings, and provide recommendations to mitigate security risks and contributes to the improvement of vulnerability management practices. Key responsibilities: Conducts vulnerability assessments using automated scanning tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components. Analyzes scan results and prioritizes vulnerabilities based on severity, impact, and exploitability. Assesses the potential risks associated with identified vulnerabilities. Analyzes the business impact, likelihood of exploitation, and potential attack vectors to prioritize remediation efforts based on risk severity. Provides detailed remediation recommendations to system owners, administrators, and IT teams. Collaborates to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities. Utilizes vulnerability scanning tools such as Nessus, OpenVAS, Qualys, or similar tools to conduct scans, configure scan policies, and fine-tune scan parameters for accurate and comprehensive assessments. Prepares vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions. Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner. Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, coordination, and alignment on vulnerability management efforts. Communicates technical concepts and recommendations to non-technical stakeholders. Participates in security awareness programs and provides training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Promotes a culture of security awareness within the organization. Collaborates with incident response teams to identify and address vulnerabilities associated with security incidents. Provides support during incident response efforts and contribute to post-incident analysis and remediation. Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices. Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools. Shares knowledge and provides guidance to improve vulnerability management practices. Performs any other related task as required. To thrive in this role, you need to have: Seasoned understanding of vulnerability assessment methodologies, tools, and industry best practices. Seasoned understanding of networking concepts, operating systems, and common software vulnerabilities. Solid proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Seasoned knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities. Solid knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases. Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions. Excellent written and verbal communication skills to prepare vulnerability assessment reports and effectively communicate technical information to diverse stakeholders. Excellent collaboration and teamwork skills to work effectively with cross-functional teams and stakeholders. Seasoned familiarity with security frameworks, standards, and regulatory compliance requirements. Academic qualifications and certifications: Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Vulnerability Assessor (GCVA) are beneficial. Required experience: Seasoned demonstrated experience in information security or related roles, with a focus on conducting vulnerability assessments and providing remediation recommendations. Seasoned demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review. Workplace type : Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

We are seeking a highly skilled and motivated Senior VAPT Consultant to join our growing cybersecurity team. This foundational role is ideal for someone who is passionate about offensive security and eager to contribute to a lean and agile environment. You'll play a critical part in leading and executing penetration tests, shaping internal methodologies, and mentoring junior talent. Key Responsibilities Conduct penetration testing on Web Applications, Networks, Infrastructure, and Cloud environments. Perform Vulnerability Assessments (VA) using tools like Nessus, OpenVAS, etc. Utilize industry-standard tools such as Burp Suite, Nmap, Metasploit, etc. Review and write detailed technical reports, outlining findings, risks (CVSS-based or similar), and actionable remediation guidance. Collaborate with clients to explain findings, articulate risks, and suggest mitigation strategies. Lead small-scale security projects or client engagements, ensuring quality and timely delivery. Mentor junior team members and enforce quality standards. Contribute to the development of tools, methodologies, and frameworks within the security practice Requirements 5-8+ years of professional experience in Information Security, with a strong focus on Vulnerability Assessment and Penetration Testing (VAPT). In-depth, hands-on experience with: Web App, Network, and Infra Pen Testing Cloud Security Testing (Azure/AWS) Familiarity with risk rating methodologies such as CVSS. Strong communication skills with the ability to interface with clients and present findings clearly. Proven ability to work independently in a fast-paced, startup-like environment. Preferred Certifications (Any of the following): OSCP / OSCE / CRTP / eCPPT CEH (with demonstrable hands-on experience) AZ-500 or AWS Security Specialty (for cloud VAPT experience) Growth Opportunities Foundational leadership role in a growing cybersecurity practice Clear path to grow into Practice Head or Principal Consultant Opportunity to shape tools, frameworks, and methodologies from the ground up Nice to Have Experience contributing to open-source or internal security tooling Familiarity with scripting or automation in Python, Bash, or PowerShell

We are hiring a hands-on Penetration Tester to lead and execute end-to-end security assessments across Web, Infrastructure, and Cloud environments. As the technical backbone of our lean and growing VAPT practice, you'll work closely with the Security Lead and directly engage with clients to deliver meaningful, high-impact security outcomes. Key Responsibilities: Perform manual and automated penetration testing across: Web Applications (based on OWASP Top 10) Infrastructure (external/internal IPs, firewall review, patch audits) Cloud Environments (basic Azure/AWS - IAM, Storage, Networking) Identify, exploit, and report on vulnerabilities such as SSRF, RCE, IDOR, LFI, and S3 bucket exposures Use tools such as Burp Suite, Nmap, SQLMap, Nikto, Nessus/OpenVAS Write high-quality, detailed technical reports with: Screenshots for PoCs Remediation guidance Risk severity scoring (preferably CVSSv3) Collaborate with clients to explain findings and provide actionable recommendations Contribute to toolchain improvements and lightweight automation (Python/Bash preferred) Requirements 3-6+ years of hands-on experience in at least 2 of the following areas: Web Application Penetration Testing (OWASP Top 10) Infrastructure VAPT (internal/external, firewall, patch validation) Basic Cloud VAPT (AWS or Azure: IAM, Storage, Networking) Proficiency in: Manual testing techniques, fuzzing, and exploitation Burp Suite (Community or Pro) Tools like Nmap, SQLMap, Nikto, Nessus/OpenVAS Strong understanding of common vulnerabilities and exploitation techniques Preferred Certifications CEH, eJPT, OSCP (or strong portfolio/proof of hands-on skill) AZ-500 or AWS Security Specialty (for cloud security exposure) Good to Have Familiarity with scripting for automation (Python, Bash) Exposure to CVSSv3 for vulnerability scoring Experience with Dradis, Excel-based reporting, or similar tools

We are hiring a hands-on Penetration Tester to lead and execute end-to-end security assessments across Web, Infrastructure, and Cloud environments. As the technical backbone of our lean and growing VAPT practice, you'll work closely with the Security Lead and directly engage with clients to deliver meaningful, high-impact security outcomes. Key Responsibilities: Perform manual and automated penetration testing across: Web Applications (based on OWASP Top 10) Infrastructure (external/internal IPs, firewall review, patch audits) Cloud Environments (basic Azure/AWS - IAM, Storage, Networking) Identify, exploit, and report on vulnerabilities such as SSRF, RCE, IDOR, LFI, and S3 bucket exposures Use tools such as Burp Suite, Nmap, SQLMap, Nikto, Nessus/OpenVAS Write high-quality, detailed technical reports with: Screenshots for PoCs Remediation guidance Risk severity scoring (preferably CVSSv3) Collaborate with clients to explain findings and provide actionable recommendations Contribute to toolchain improvements and lightweight automation (Python/Bash preferred) Requirements 3-6+ years of hands-on experience in at least 2 of the following areas: Web Application Penetration Testing (OWASP Top 10) Infrastructure VAPT (internal/external, firewall, patch validation) Basic Cloud VAPT (AWS or Azure: IAM, Storage, Networking) Proficiency in: Manual testing techniques, fuzzing, and exploitation Burp Suite (Community or Pro) Tools like Nmap, SQLMap, Nikto, Nessus/OpenVAS Strong understanding of common vulnerabilities and exploitation techniques Preferred Certifications CEH, eJPT, OSCP (or strong portfolio/proof of hands-on skill) AZ-500 or AWS Security Specialty (for cloud security exposure) Good to Have Familiarity with scripting for automation (Python, Bash) Exposure to CVSSv3 for vulnerability scoring Experience with Dradis, Excel-based reporting, or similar tools

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage and passion to drive life-changing impact to ZS. Our most valuable asset is our people . At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Offensive Security Analyst We are looking for a professional to join us as an Offensive Security Analyst in our Pune, India office. This professional will be responsible for conducting penetration tests and security assessments across cloud and on-premises environments. This role requires good technical expertise, out-of-box thinking, and effective communication skills to proactively identify, communicate and address security risks. What you’ll do: Typical daily work will consist of planning and performing penetration tests on cloud-based and on-premises infra & applications to identify security weaknesses and loopholes Support the penetration testing lifecycle—from information gathering and vulnerability scanning to manual exploitation and documentation Collaborate closely with the vulnerability management team to validate exploitable vulnerabilities and help prioritize remediation Collaborate with infra owners, developers, business teams to understand applications and infrastructure and provide practical, remediation-focused security advice Help create clear, actionable penetration testing reports including proof-of-concept, risk ratings, and remediation guidance Developing and testing custom exploits to demonstrate vulnerabilities and assess the potential impact on systems Conduct comprehensive cloud penetration tests targeting AWS, Azure, GCP to identify and exploit misconfigurations, insecure interfaces, and vulnerabilities in cloud services and applications Regularly review and enhance penetration testing methodologies and practices to adapt to evolving threats and technologies Participate in internal security knowledge-sharing sessions and team meetings to learn from senior testers and share discoveries What you’ll bring: Strong foundational understanding of information security principles Familiarity with tools such as: Nmap, Burp Suite, OWASP ZAP, Nikto (Web/App Testing) Nessus, OpenVAS, Kali Linux (Infrastructure Scanning), and Metasploit (for controlled exploit validation) Basic Knowledge of: OWASP Top 10 web application vulnerabilities Common infrastructure weaknesses (e.g., SMB, RDP, DNS, FTP, SMTP issues) Authentication and access control issues A deep interest in Cyber Security and a drive to learn about penetration testing skills through hands-on practice, research, and community engagement Comfort working in command-line environments (Linux shells, Windows CMD/PowerShell) for reconnaissance and exploitation. Strong analytical and problem-solving mindset, with the ability to break down complex problems and think creatively Eagerness to learn from real-world engagements and senior team members, with a growth mindset and a proactive approach to developing technical depth and practical experience Familiarity with secure communication protocols (e.g., HTTPS, SSH, VPNs) and how insecure configurations can be exploited Good verbal and written communication skills to clearly explain technical concepts and document findings Passion for cybersecurity, demonstrated through CTF participation, cybersecurity clubs, academic projects, personal labs, or platforms like Hack the Box, TryHackMe, or OverTheWire Good to have skills and abilities: Completion of relevant cybersecurity coursework or certifications Basic scripting in Python, Bash, or PowerShell for automating tasks or building internal tools Understanding of web application architecture (client-server model, HTTP protocol, APIs) Awareness of vulnerability disclosure platforms (e.g., CVE database) and responsible reporting practices Basic Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System used for scoring vulnerabilities Academic Qualifications: Bachelor’s degree in computer science/management of computer information/Cybersecurity 0-2 years of Penetration Testing / Red-Teaming / Offensive Security Must have Security Certifications: OSCP / CREST / GPEN / HTB-CPTS Security Certifications: CRTP/CARTP, CRTE, CRTO (I & II), OSEP, OSED, GRTP Cloud Certifications: AWS CLP, AWS Security Specialty Perks & Benefits: ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel: Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying? At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application: Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More At: www.zs.com

We are hiring Senior Security Consultant -VAPT Specialist for our client located in Kozhikode. Position Summary As a Senior VAPT Specialist, you will be responsible for conducting comprehensive security assessments, managing client relationships, and delivering high-quality penetration testing services. You will also conduct client-side vulnerability checks for your diverse clients. These will include assessing their security postures and offering actionable recommendations to fortify their cybersecurity defenses. As a senior VAPT specialist, you will engage in tasks that include: Client Management & Communication Be the trusted security expert and advisor for your assigned clients in undertaking security assessments. Lead engaging briefings, provide status updates, and prepare effective presentations. Convert complex technical findings into insights that drive decision-making for our clients. Build relationships that not only last, but also ensure client satisfaction, trust, and value for your service-oriented projects. Document findings that guide you to derive solutions. Threat Modeling & Risk Assessment Develop comprehensive threat models for client applications and infrastructure Conduct risk assessments and prioritize security findings based on business impact Design attack scenarios and security test cases based on threat intelligence Collaborate with development teams to integrate security into SDLC processes Red Team Operations Plan and execute red team exercises to simulate real-world attack scenarios Develop custom tools and exploits for specific client environments Conduct social engineering assessments and physical security testing when required Provide post-exercise debriefings and improvement recommendations Documentation & Reporting Contribute to internal knowledge base and best practices documentation Create detailed technical reports documenting vulnerabilities, exploitation methods, and remediation steps Develop executive summaries tailored for C-level audiences Maintain accurate project documentation and testing methodologies Required Qualifications Experience & Background 3-5 years of hands-on experience in vulnerability assessment and penetration testing Proven track record of successful client engagements and project delivery Experience with enterprise-level security assessments across various industries Demonstrated ability to work independently and manage multiple projects simultaneously Technical Expertise Deep understanding of security frameworks and standards: Penetration Testing Execution Standard (PTES) OWASP Top 10 and OWASP Testing Guide SANS Top 25 Most Dangerous Software Errors NIST Cybersecurity Framework CIS Critical Security Controls MITRE ATT & CK Framework Development & Programming Experience Software Development Background: Hands-on experience in application development and an understanding of secure coding practices are highly recommended. Programming and Scripting Languages: If you’re proficient in Python and Bash, that would be an added advantage. Additional experience in PowerShell is highly appreciated. Basic knowledge in at least one compiled language (C/C++, Go, Java, or C#) Custom Tool Development: You can efficiently develop custom security tools, exploits, and automation scripts Security Tools Expertise: You’re the person who can confidently leverage security tools with expert-level proficiency, such as Burp Suite Professional, OWASP ZAP, Nmap, Nessus, OpenVAS, Metasploit, Cobalt Strike, Wireshark, tcpdump, Static analysis tools (SonarQube, Checkmarx, and Veracode), and Custom exploit development tools. Social Engineering & Phishing Expertise Social Engineering Assessments: Design social engineering tests to trigger human response to various threat scenarios. Phishing Simulations: Run phishing simulations ethically. Physical Security Testing: Perform on-site assessments through tailgating, badge cloning, and facility penetration. Awareness Training: Provide security awareness training based on assessment findings OSINT (Open Source Intelligence): Gather and analyze publicly available information for reconnaissance and social engineering preparation. Communication & Language Skills Excellent communication skills (both written and spoken) Effectively communicate complex technical concepts to non-technical stakeholders Strong presentation and public-speaking abilities Can professionally draft technical documentation and reports Professional Attributes Strong analytical and problem-solving abilities Attention to detail with a methodical approach to testing Ability to think like an attacker and anticipate security threats Commitment to ethical hacking principles and professional conduct Continuous learning mindset to stay current with emerging threats and technologies Research-Oriented Mindset: Can deep research in all efficacy to understand emerging vulnerabilities, attack vectors, and security trends. Innovation and Tool Development: Proactive approach to developing custom security tools, scripts, and methodologies for enhancing testing capabilities Creative thinking for developing novel attack scenarios and bypassing security controls Preferred Qualifications Certifications: OSCP (Added Advantage), GPEN, CRTO, and CRT Additional Experience (If any applicable) Experience with DevSecOps practices and CI/CD pipeline security Background in software development or system administration Knowledge of compliance frameworks (PCI DSS, HIPAA, GDPR, SOC2, ISO 27001) Experience with threat intelligence platforms and indicators of compromise Familiarity with containerization security (Docker, Kubernetes) Previous consulting or client-facing experience Location: Govt. Cyberpark, Calicut Experience: 3 – 5 Years Be it undertaking vulnerability assessment or performing in-depth penetration testing, your role as a senior VAPT consultant highly counts when it comes to safeguarding our clients’ critical assets by detecting threats and closing security gaps – proactively and efficiently. Where confidence, knowledge, and aptitude combine to effectively undertake high-profile security tests like ethical hacking, it is these qualities that we expect from you for the concerned role. Contact us if you believe you aptly fit in this role.

Key Responsibilities: Assist in web, network, and system penetration testing. Conduct vulnerability scans using tools like Nmap, Nessus, and OpenVAS . Assist in social engineering or phishing assessments (if applicable). Prepare clear documentation, reports, and remediation guidance for stakeholders. Maintain knowledge of latest threats, vulnerabilities, and attack techniques. Must-Have Skills: Basic knowledge of networking, OSI model, and common protocols (TCP/IP, HTTP, DNS). Familiarity with Linux and Windows systems. Exposure to tools like Burp Suite, Nmap, Wireshark, Metasploit, Nikto. Understanding of OWASP Top 10 vulnerabilities. Basic scripting knowledge (Python, Bash preferred). Experience with Kali Linux or Parrot OS. Good to Have: Certifications such as CEH, OSCP, eJPT, or Security+. Familiarity with cloud environments (AWS/Azure/GCP) security practices. Basic understanding of firewalls, IDS/IPS, and SIEM tools. Participation in CTFs or bug bounty platforms.

Make an impact with NTT DATA Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive. Your day at NTT DATA The Senior Associate Vulnerability Assessment Specialist is a developing subject matter expert, responsible for conducting vulnerability assessments, analyzing findings, and providing expert recommendations to mitigate security risks within the organization's systems and infrastructure. This role requires collaboration with cross-functional teams, and performs vulnerability assessments, analyzes findings, and provides recommendations to mitigate security risks. Key responsibilities: Conducts vulnerability scans using automated tools and manual techniques to identify vulnerabilities in systems, networks, applications, and infrastructure components. Analyzes scan results and determine the severity, exploitability, and potential impact of identified vulnerabilities. Assesses the potential risks associated with identified vulnerabilities. Collaborates with system owners, administrators, and IT teams to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities. Conducts advanced vulnerability assessments, including application security assessments, penetration testing, and code review, to identify complex vulnerabilities and security weaknesses. Utilizes manual testing techniques and industry-standard methodologies. Utilizes and manages vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Configures and fine-tunes scan policies and parameters to enhance assessment accuracy and coverage. Prepares comprehensive vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions. Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner. Participates in security awareness programs and provide training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Foster a culture of security awareness within the organization. Participates in incident response efforts related to vulnerabilities, collaborate with cross-functional teams, and contribute to post-incident analysis. Identifies root causes, provide recommendations for improvement, and drive preventive measures. Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, collaboration, and alignment on vulnerability management goals. Builds relationships and influence stakeholders to drive remediation efforts. Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools. Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices. Performs any other related task as required. To thrive in this role, you need to have: Understanding of vulnerability assessment methodologies, tools, and industry best practices. Good understanding of networking concepts, operating systems, and common software vulnerabilities. Proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools. Knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities. Strong knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases. Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions. Good written and verbal communication skills to prepare comprehensive reports and communicate technical information to diverse stakeholders. Familiarity with security frameworks, standards, and regulatory compliance requirements. Ability to collaborate and work effectively with stakeholders and cross-functional teams. Academic qualifications and certifications: Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Web Application Penetration Tester (GWAPT) are beneficial. Required experience: Moderate level of relevant experience in information security or related roles, with a focus on conducting vulnerability assessments and driving remediation efforts. Moderate level of demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review Workplace type : Hybrid Working About NTT DATA NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo. Equal Opportunity Employer NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

About PhonePe Group: PhonePe is India’s leading digital payments company with 50 crore (500 Million) registered users and 3.7 crore (37 Million) merchants covering over 99% of the postal codes across India. On the back of its leadership in digital payments, PhonePe has expanded into financial services (Insurance, Mutual Funds, Stock Broking, and Lending) as well as adjacent tech-enabled businesses such as Pincode for hyperlocal shopping and Indus App Store which is India's first localized App Store. The PhonePe Group is a portfolio of businesses aligned with the company's vision to offer every Indian an equal opportunity to accelerate their progress by unlocking the flow of money and access to services. Culture At PhonePe, we take extra care to make sure you give your best at work, Everyday! And creating the right environment for you is just one of the things we do. We empower people and trust them to do the right thing. Here, you own your work from start to finish, right from day one. Being enthusiastic about tech is a big part of being at PhonePe. If you like building technology that impacts millions, ideating with some of the best minds in the country and executing on your dreams with purpose and speed, join us! Information Security Engineer Objectives of this Role:  Drive secure system configuration standards (E.g. CIS Benchmarks) implementation and vulnerability management efforts across the enterprise. Primarily in Linuxenvironments  Evaluate and drive implementation of new Information security processes, tools and technologies  Own the implemented solutions end-to-end, right from inception to deployment and monitoring to regular upkeep  Liaise with cross functional teams to increase adoption of Information security standards  Provide security event correlation use cases and logic to generate SIEM alerts  Follow-up and close Information Security incidents/exceptions  Measure and increase efficacy of Information Security initiatives  Bring a DevSecOps mindset to implementations Skills And Qualifications  3+ years’ experience in Information security operations in a Linux heavy environment  Experience with IDS/IPS systems like OSSEC, Wazhu, Suricata, Snort etc.  Experience with Elastic and Kibana  Experience with Vulnerability and Configuration Assessment and Management standards, tools/technologies like – CIS Benchmarks, CVE, OVAL, OpenVAS, Nessus, Qualys etc.  Experience with opensource Identity Management with products like Apache Syncope, OpenIAM, Gluu etc.  Hands-on experience with common Security tools in Linux  Experience with SaltStack (or any other Infrastructure as code tools)  Proficient in at least two of these languages: Python/Go/Java/Perl  Good in basic data structures/algorithms  Hands on experience on web scale production setup  Awareness of cloud technologies, networking fundamentals, Mesos, KVM/QEMU, NodeJS/React will be good to have  Ability to manage small teams PhonePe Full Time Employee Benefits (Not applicable for Intern or Contract Roles) Insurance Benefits - Medical Insurance, Critical Illness Insurance, Accidental Insurance, Life Insurance Wellness Program - Employee Assistance Program, Onsite Medical Center, Emergency Support System Parental Support - Maternity Benefit, Paternity Benefit Program, Adoption Assistance Program, Day-care Support Program Mobility Benefits - Relocation benefits, Transfer Support Policy, Travel Policy Retirement Benefits - Employee PF Contribution, Flexible PF Contribution, Gratuity, NPS, Leave Encashment Other Benefits - Higher Education Assistance, Car Lease, Salary Advance Policy Working at PhonePe is a rewarding experience! Great people, a work environment that thrives on creativity, the opportunity to take on roles beyond a defined job description are just some of the reasons you should work with us. Read more about PhonePe on our blog. Life at PhonePe PhonePe in the news

Category: Infrastructure/Cloud Main location: India, Tamil Nadu, Chennai Position ID: J0625-1351 Employment Type: Full Time Position Description: Responsibilities Direct Responsibilities Operate the log collection platforms: Monitoring of performance and capacity Monitoring of log collection coverage of various sources Update and patching of all components of the collection environment. Working with IT Production teams in case of Incidents to ensure the continuous delivery of log data Monitoring of the pipelines sending log data to the SIEM environments Alignment with Asset Management teams to keep logging baseline up to date. Build and regular update of operational KPI’s Contributing Responsibilities Support CSIRT team in investigations in case local log data is needed Technical & Behavioral Competencies Technical Skills Proven expertise of all components of the Elastic stack – Kafka, Elastic search, Log stash Expertise in Linux server administration and load balancer Familiarity with security tools and technologies such as SIEM, IDS / IPS, firewalls and antivirus systems. Ability to interpret and analyze logs generated by various systems, applications, and devices to detect. anomalies, security incidents, and unauthorized activities. Familiarity with incident response procedures and methodologies. Proficiency in using vulnerability scanning tools such as Nessus, Qualys, or OpenVAS to identify and prioritize security vulnerabilities in systems and networks. Proficiency in deploying, configuring, and managing IDS/IPS solutions to detect and prevent intrusion. and malicious activities on networks. Specific Qualifications (if required) Skills Referential Behavioural Skills: (Please select up to 4 skills) Attention to detail / rigor Ability to collaborate / Teamwork Ability to deliver / Results driven Client focused Transversal Skills: (Please select up to 5 skills) Analytical Ability Ability to develop and adapt a process Ability to understand, explain and support change Ability to set up relevant performance indicators Ability to develop and adapt a process Education Level: Bachelor Degree or equivalent Experience Level At least 5 years Other/Specific Qualifications (if required) Certification like CEH, CompTIA Security+, CISSP could be added advantage Skills: Linux Nessus What you can expect from us: Together, as owners, let’s turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction. Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team—one of the largest IT and business consulting services firms in the world.

Dear Candidate, We are hiring a Compliance Engineer to ensure code and dependencies meet licensing and audit standards. Key Responsibilities: Track open-source usage and license compliance. Automate compliance scanning and reporting. Assist in security reviews and audits. Required Skills & Qualifications: Familiarity with tools like FOSSA, Black Duck. Knowledge of OSS licenses (MIT, GPL, Apache). Experience with code scanning and SBOMs. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

About Us: Barry-Wehmiller is a diversified global supplier of engineering consulting and manufacturing technology for the packaging, corrugating, sheeting and paper-converting industries. By blending people-centric leadership with disciplined operational strategies and purpose-driven growth, Barry-Wehmiller has become a $3 billion organization with nearly 12,000 team members united by a common belief: to use the power of business to build a better world. Job Description: Position Description: The Enterprise IT Service Desk Workstation Vulnerability Analyst’s role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Full time – Five days a week - In the office position Potential for evening and weekend hours. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 1-3 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Supervisory/Responsibility: Individual contributor w/no direct reports Work Environment: This is an office position. Position Type: This is a regular, full-time position with frequent overtime. Must be able, available, and willing to work more than 40 hours per week, including scheduled and unscheduled overtime. Travel: Travel could be up to 15% (in country) as needed for remote support. Physical Demands: The physical demands described here are representative of those performed in the job duties. The employee sits at a desk and uses a computer for prolonged periods of time. Performing the role frequently uses close vision, speech, hearing, and dexterity to operate office equipment. The employee must occasionally lift and/or move up to 15 pounds. At Barry-Wehmiller we recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying. We know that our differences often can bring about innovation, excellence and meaningful work—therefore, people from all backgrounds are encouraged to apply to our positions. Please let us know if you require reasonable accommodations during the interview process. Company: BW Corporate US

About Us: Barry-Wehmiller is a diversified global supplier of engineering consulting and manufacturing technology for the packaging, corrugating, sheeting and paper-converting industries. By blending people-centric leadership with disciplined operational strategies and purpose-driven growth, Barry-Wehmiller has become a $3 billion organization with nearly 12,000 team members united by a common belief: to use the power of business to build a better world. Job Description: Position Description: The Enterprise IT Service Desk Workstation Vulnerability Analyst’s role is to help secure the company’s workstations against vulnerabilities. This will be done through analyzing scan data, researching vulnerabilities, and providing mitigation for said vulnerabilities within SLA timelines. Additionally, deployment of mitigations may be required. The Workstation Vulnerability Analyst will also need to present findings to IT leadership. Principal Duties and Responsibilities (Essential Functions): Analyze the results of vulnerability scans Understand business criticality of various systems Prioritize work based on risk Complete work within deadlines Assist in identifying and assessing vulnerabilities in the organization's systems, networks, and applications. Support the development and implementation of remediation plans to address identified vulnerabilities. Participate in regular vulnerability assessments and penetration tests to identify new security risks. Monitor security alerts and incidents and assist in determining the impact and necessary response. Assist with rollback if necessary Document and report on remediation activities, including progress and outcomes. Investigate and remediate malfunctioning security agents Function and communicate in a global support team. Analyze root cause and implement corrective solutions. Collaborate with IT, security, and development teams to ensure timely and effective remediation. When necessary, contact third-party software and PC equipment vendors. Maintain knowledge of current IT trends and advancements. Stay informed about the latest security threats, vulnerabilities, and mitigation techniques. Provide support to other teams on vulnerability management best practices. Full time – Five days a week - In the office position Potential for evening and weekend hours. Job Specifications: Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a fast-paced environment. Ability to shift between tasks as priorities change Strong written and oral communication skills. Strong troubleshooting skills and knowledge of IT hardware and software. Ability to conduct research into software issues and products as required. Strong organizational skills with keen attention to detail. Basic understanding of security principles, protocols, and technologies. Familiarity with vulnerability assessment tools (e.g., Nessus/Tenable, Qualys, OpenVAS) is a plus. Required Education and Experience: An associate degree in the field of computer science or management information systems, and/or 3-5 years of related work experience is preferred. 1-3 years of vulnerability remediation preferred; experience with patch management and scripting is a plus. Experience working in a team-oriented, collaborative environment. Relevant certifications (e.g., CompTIA Security+, CEH) are a plus but not required. Supervisory/Responsibility: Individual contributor w/no direct reports Work Environment: This is an office position. Position Type: This is a regular, full-time position with frequent overtime. Must be able, available, and willing to work more than 40 hours per week, including scheduled and unscheduled overtime. Travel: Travel could be up to 15% (in country) as needed for remote support. Physical Demands: The physical demands described here are representative of those performed in the job duties. The employee sits at a desk and uses a computer for prolonged periods of time. Performing the role frequently uses close vision, speech, hearing, and dexterity to operate office equipment. The employee must occasionally lift and/or move up to 15 pounds. At Barry-Wehmiller we recognize that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying. We know that our differences often can bring about innovation, excellence and meaningful work—therefore, people from all backgrounds are encouraged to apply to our positions. Please let us know if you require reasonable accommodations during the interview process. Company: BW Corporate US

Employment Type: Contract to hire City: Noida State: Description: Summary: A highly skilled and experienced Technical Security Auditor with deep expertise in vulnerability scanning, and network security assessment. Possesses a strong understanding security auditing methodology. Committed to providing comprehensive and actionable security assessments to help organizations strengthen their defenses. Key Skills: ● Security Auditing: Expertise in conducting technical security audits across various systems, networks, and applications. ● Log Management: Responsible for implementing, and optimizing logging infrastructure to ensure efficient, relevant, and high-quality data ingestion into our Security Information and Event Management (SIEM). ● Vulnerability Scanning: Advanced proficiency in using vulnerability scanning tools (e.g., Nessus, Qualys, OpenVAS) to identify security weaknesses. ● Network Scanning: Deep understanding of network scanning techniques and tools (e.g., Nmap, etc) for network discovery and vulnerability identification. ● Exploit Development: Knowledge of exploit development methodologies and techniques for identifying and exploiting vulnerabilities. ● Risk Assessment: Ability to assess and evaluate security risks and prioritize remediation efforts. ● Network Security: Knowledge of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs. ● Operating Systems and Applications: Familiarity with various operating systems (Windows, Linux, macOS) and applications. ● Cloud Security: Experience with penetration testing and vulnerability scanning in cloud environments (e.g., AWS, Azure, GCP). ● Scripting and Automation: Proficiency in scripting languages (e.g., Python, PowerShell) for automating security testing tasks. ● Documentation and Reporting: Excellent documentation and reporting skills, with the ability to clearly communicate audit findings and recommendations. ● Communication and Collaboration: Strong communication, interpersonal, and collaboration skills. Ability to work effectively with technical and non-technical stakeholders. Experience: ● Assisted in the development and implementation of security policies and procedures. ● Conducted numerous penetration tests and vulnerability assessments for various organizations, identifying critical vulnerabilities and security gaps. ● Worked with IT and security teams to remediate audit findings. ● Utilized a wide range of penetration testing tools and techniques to exploit vulnerabilities and assess security posture. ● Performed network scanning and analysis to identify network devices, and services. ● Developed and executed comprehensive penetration testing plans and reports. ● Provided expert guidance and training to clients on security best practices and remediation strategies. Education: ● Bachelor’s degree in computer science, Cybersecurity, or a related field. ● Relevant industry certifications (e.g., OSCP, GPEN, GXPN, CISSP, CEH).

Job Title: Senior SOC Analyst (L2/L3) – Threat Detection | SIEM Experience: 8+ Years Key Skills / Keywords: SOC Analyst | Threat Detection | SIEM (ArcSight, Splunk) | Incident Response | EDR (CrowdStrike, SentinelOne) SOAR Automation | Malware Analysis | RCA | CHFI | MITRE ATTCCK | VAPT | Cybersecurity Operations | Red/Blue Team | L3/L4 Security Support | GovTech Cybersecurity | ISO 27001 | NIST CSF Roles and Responsibilities Security Monitoring & Threat Detection: Operate SIEM platforms (ArcSight, Splunk, ELK) for real-time threat visibility Build and tune custom correlation rules, use cases, and threat detection dashboards Perform IOC analysis, log correlation, and malware behavior inspection Incident Response & RCA Ownership: Lead incident triage, containment, and recovery processes Conduct deep forensic investigations using CHFI methodologies (host, network, memory) Document RCA reports, incident timelines, and post-mortem summaries Act as L2/L3 escalation point within the SOC Threat Hunting & Vulnerability Management: Execute threat hunts using MITRE ATTCCK, anomaly baselines, and behavioral analytics Collaborate with VAPT teams on identifying and closing security gaps Analyze exploits and simulated attacks using Metasploit, Burp Suite, OpenVAS, Nessus Automation & Knowledge Sharing: Use or contribute to SOAR platforms and response playbook development Mentor junior analysts and lead security awareness initiatives (KnowBe4) Contribute to internal cyber threat intelligence practices and secure configurations Candidate Profile Experience: 8–12 years in SOC, Threat Detection, and Cybersecurity Operations Role Type: Individual Contributor, L2 Hands-On Specialist Strong communication skills: Able to document, articulate, and coordinate effectively with technical and non-technical stakeholders. Location: Onsite – Manesar, Haryana (Government Sector Deployment) Availability: Immediate or within 1 month Engagement: Full-time via VVNT SEQUOR LLP Preferred Qualifications Bachelor’s in Cybersecurity, Information Security, or IT Certifications preferred: CHFI, CEH, Security+, GCIA, GCFA Splunk Certified Analyst, PCNSE, AWS Security Essentials Experience with: Tripwire, KnowBe4, or Azure Sentinel / AWS GuardDuty

We're looking for a strategic thinker with deep hands-on expertise in GRC, cloud security technologies, and Focus Areas : Governance, Risk & Compliance (40%): Implement security frameworks (ISO 27001, NIST), conduct risk assessments, ensure regulatory compliance (GDPR, HIPAA, PCI-DSS). Security Operations (40%): Deploy cloud-native security controls, integrate DevSecOps, perform threat modeling and vulnerability assessments. Reporting & Documentation (20%): Create executive-level reports, maintain security architecture docs, support audits. What Were Looking For Bachelors or Masters degree in Computer Science, Information Security, or related field. 8 to 10 years of experience in cybersecurity with at least 5 years in cloud security. Strong knowledge of AWS, Azure, and/or GCP security services. Hands-on experience with security tools: Next Gen Firewalls, SIEM, SOAR, CSPM, DLP, EDR, etc. Hands-on experience with DevSecOps, container security (Kubernetes, Docker), and Infrastructure as Code (Terraform, CloudFormation). Hands-on experience with various VA/PT tools including open source like OpenVas/OWASP Zap/Veracode/Nessus/Qualys etc. Certifications (Preferred) Cloud Security: CCSP, AWS Security Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer (any one of them) General Security & Compliance: CISA/ISO 27001 Lead Implementer/Auditor (any one of them) (ref:hirist.tech)

Job Title: Senior SOC Analyst (L2/L3) – Threat Detection | SIEM Experience: 8+ Years Key Skills / Keywords: SOC Analyst | Threat Detection | SIEM (ArcSight, Splunk) | Incident Response | EDR (CrowdStrike, SentinelOne) SOAR Automation | Malware Analysis | RCA | CHFI | MITRE ATTCCK | VAPT | Cybersecurity Operations | Red/Blue Team | L3/L4 Security Support | GovTech Cybersecurity | ISO 27001 | NIST CSF Roles and Responsibilities Security Monitoring & Threat Detection: Operate SIEM platforms (ArcSight, Splunk, ELK) for real-time threat visibility Build and tune custom correlation rules, use cases, and threat detection dashboards Perform IOC analysis, log correlation, and malware behavior inspection Incident Response & RCA Ownership: Lead incident triage, containment, and recovery processes Conduct deep forensic investigations using CHFI methodologies (host, network, memory) Document RCA reports, incident timelines, and post-mortem summaries Act as L2/L3 escalation point within the SOC Threat Hunting & Vulnerability Management: Execute threat hunts using MITRE ATTCCK, anomaly baselines, and behavioral analytics Collaborate with VAPT teams on identifying and closing security gaps Analyze exploits and simulated attacks using Metasploit, Burp Suite, OpenVAS, Nessus Automation & Knowledge Sharing: Use or contribute to SOAR platforms and response playbook development Mentor junior analysts and lead security awareness initiatives (KnowBe4) Contribute to internal cyber threat intelligence practices and secure configurations Candidate Profile Experience: 8–12 years in SOC, Threat Detection, and Cybersecurity Operations Role Type: Individual Contributor, L2 Hands-On Specialist Strong communication skills: Able to document, articulate, and coordinate effectively with technical and non-technical stakeholders. Location: Onsite – Manesar, Haryana (Government Sector Deployment) Availability: Immediate or within 1 month Engagement: Full-time via VVNT SEQUOR LLP Preferred Qualifications Bachelor’s in Cybersecurity, Information Security, or IT Certifications preferred: CHFI, CEH, Security+, GCIA, GCFA Splunk Certified Analyst, PCNSE, AWS Security Essentials Experience with: Tripwire, KnowBe4, or Azure Sentinel / AWS GuardDuty

Department: Technology Location: Pune Description We are looking for a skilled and experienced IT Security Analyst to join our team. In this role, you will be responsible for monitoring security alerts and service tickets, delegating tasks to the appropriate team members and coordinating effectively with both internal teams and end users. You will also ensure compliance with established policies and procedures, while proactively following up with stakeholders to drive the timely resolution and closure of tickets. What You'll Do… Communication of security vulnerability process Identify the affected resources that the vulnerability applies to Identify the validity of vulnerability Communicate the vulnerability to affected stakeholders Work closely with stakeholders to ensure closure/resolution based on SLA Execute necessary retesting to audit/confirm actual closure Monitoring alerts and tickets including generated through multiple security tools Responding to tickets and emails within SLA Delegating tickets to appropriate team members Focus on quality control within the IT security team Co-ordinate with teammates and end users for updates Follow up with stakeholders and team members for ticket closure Feedback or customer satisfaction Complies with the policies and procedures of the organization. What You’ll Need… At least 1+ year of experience working as Security Analyst Bachelors in computer science, IT, or related field Ticketing tool knowledge -familiar with ITIL process of closing actions in tickets Understanding of IT security framework like ISO 27001& NIST800sp Knowledge of AWS, Email gateway (Proofpoint)& Antivirus Must be familiar with Windows & application patching process Good team player Excellent communication abilities (verbal & writing). Willing to work in rotation shifts(24x7) Experience from IT audit field will be added advantage Technical requirement –Familiar with alerts generated by technologies like AWS Guard Duty, Proofpoint, Sophos AV, OpenVAS, etc. Here’s What We Offer … At Shipco-IT, we pride ourselves on our vibrant and supportive culture. Exciting Work Culture : Join our friendly, supportive team and start making a difference from day one Innovate Logistics : Help improve global efficiency and shape the future of logistics Collaborative Environment : Work with leaders in the industry in a creative and open culture Growth Opportunities: Reach your full potential with abundant professional and personal development options Competitive Compensation: Earn a salary that reflects your skills and expertise Awards and Recognition: For outstanding performance or significant contributions to the company's success Join Shipco-IT and be part of a team that’s shaping the future of the transportation and logistics industry. Visit us at www.shipco-it.com / www.shipco.com follow us on LinkedIn

Role Title: Cyber Defense Specialist – Senior SOC Analyst (L3/L4 | Threat Detection | Incident Response) 📍 Location: Manesar, Haryana (Onsite | Government Sector Engagement) 🏢 Organization: VVNT SEQUOR LLP, Noida 📅 Start Date: Immediate to ≤ 1 Month Preferred About the Role Join VVNT SEQUOR LLP as a Cyber Defense Specialist supporting our prestigious Government Sector client . With 8–10 years of deep expertise in SOC operations, SIEM platforms, and threat intelligence , you’ll be leading high-severity incident response efforts, forensic investigations, and proactive threat hunting. This is not just a monitoring role — it’s a frontline cybersecurity command post where you’ll shape detection strategies, automate response mechanisms, and act as a senior escalation point for L3/L4 security challenges. Your Core Responsibilities 🎯 SIEM & Threat Hunting Lead monitoring of security events using ArcSight , Splunk , ELK , and custom dashboards Develop and fine-tune correlation rules , detection use cases, and threat indicators Conduct proactive threat hunting using the MITRE ATT&CK framework, threat intel, and behavioral analytics 🚨 Incident Response & Digital Forensics Execute the full incident lifecycle —detection, containment, investigation, recovery, and RCA Perform forensic investigations : memory analysis, packet capture review, EDR telemetry (e.g., CrowdStrike , SentinelOne ) Conduct post-incident reviews , document findings, and coordinate RCA sessions with stakeholders 🛠️ Vulnerability Management & Infrastructure Security Conduct VAPT assessments using tools like Nessus , Qualys , OpenVAS , Metasploit , Burp Suite Manage and fine-tune Firewalls (Palo Alto, FortiGate) , WAF , IDS/IPS , and Anti-DDoS appliances Support audits and documentation for ISO 27001 , NIST CSF , and related compliance mandates ⚙️ Automation & Security Enablement Drive integration with SOAR platforms , building automated playbooks using Python , PowerShell , or REST APIs Mentor L1/L2 teams, lead internal security drills, and run awareness campaigns (e.g., KnowBe4 ) Collaborate on blue/purple team exercises to improve detection coverage Ideal Candidate Profile 8–10 years of SOC experience with strong L3/L4 exposure Expert in SIEM/EDR/SOAR tools , threat modeling, forensic analysis, and advanced detection Excellent in handling escalations, drafting RCA reports, and coordinating with InfoSec, Infra, and Audit teams Comfortable with mission-critical response , working in regulated or high-compliance environments Preferred Certifications / Experience Certifications: CEH, CHFI, GCFA, GCIA, Security+, Splunk Certified Analyst Experience with cloud security monitoring tools (AWS GuardDuty, Azure Sentinel, TIPs) Bonus: Exposure to OT/ICS environments , Red/Blue/Purple team operations, or critical infrastructure protection Why VVNT SEQUOR? Work on strategic cybersecurity projects for a Government client Get hands-on with next-gen detection tools and nation-grade threat response protocols Enjoy subsidized cab & lunch while working in a high-impact, innovation-led setup Be recognized as a cyber leader , not just an operator Application Process Send the following to: 📧 chaitali@vvntsequor.in , parveen.arora@vvntsequor.in 📱 WhatsApp: +91-9891810196 / +91-8802801739 Please include: Updated Resume (with certifications) Last Drawn & CTC Earliest Joining Date (Immediate to Max 1 Month only) Optimized Tags / Keywords Senior SOC Analyst | Cybersecurity Specialist | Threat Hunting | SIEM (Splunk, ArcSight) | Incident Response | Forensics | CrowdStrike | EDR | SOAR Automation | MITRE ATT&CK | ISO 27001 | NIST CSF | Python Scripting | VAPT | Firewall Security | L3 L4 Escalation Show more Show less

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com. Job Description Job Summary: Experienced Vulnerability Management and penetration testing Governance lead will manage a team to oversee the identification, assessment, and remediation of security vulnerabilities across enterprise systems. This role will focus on establishing a proactive security posture, ensuring compliance with industry standards, and driving governance initiatives to mitigate risks effectively along with strong leadership and project management skills. Vulnerability Assessment: Lead regular vulnerability scans and penetration testing across infrastructure, cloud environments and outside-In. Security Baseline: Lead development and implementation of Security Baseline using CIS Benchmarks by determining the systems, applications, and network devices to be secured (e.g., Windows, Linux, Cloud, Docker, Kubernetes). Risk Analysis & Prioritization: Evaluate identified vulnerabilities based on severity, exploitability, and potential business impact. Remediation Planning: Collaborate with IT, security, engineering and entity teams to ensure timely remediation of high-risk vulnerabilities. Governance & Compliance: Develop and enforce security governance frameworks in line with industry standards (e.g., NIST, CIS, ISO 27001, PCI-DSS). ͏ Threat Intelligence Integration : Leverage global threat intelligence feeds to stay ahead of emerging security threats and vulnerabilities. Security Policy Development: Define policies and best practices for vulnerability management, reporting, and remediation. Automation & Continuous Monitoring: Implement automated vulnerability scanning tools and ensure ongoing security assessments. Incident Response Support: Provide technical guidance in vulnerability-related security incidents and audits. Reporting & Metrics: Establish key risk indicators and provide executive reports on vulnerability trends and remediation progress. ͏ Experience: 12+ years in cybersecurity, vulnerability management, or Penetration testing roles. Technical Expertise: Hands-on experience with vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7, Nessus, OpenVAS), penetration testing and threat intelligence platforms. Penetration Testing & Ethical Hacking : Experience with tools like Metasploit, Burp Suite, Nmap, and Wireshark for real-world security assessments. Security Framework Knowledge: Strong understanding of NIST, CIS benchmarks, OWASP Top 10, and CVSS scoring models. Compliance Awareness: Familiarity with regulatory standards affecting security risk management. Leadership & Communication: Ability to coordinate with multiple stakeholders, drive security improvements, and articulate risks effectively. Certifications such as CISSP, CISM, CEH, OSCP or equivalent. Experience in cloud vulnerability management (AWS, Azure, GCP). Knowledge of DevSecOps practices and security automation. ͏ ͏ Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.