8 Osce Jobs

Greetings potential candidate, We are looking for a Security Assessment & Compliance Specialist with 3-6 years of experience to join our team at Netsach, a Cyber Security Company based in Dubai. As a Security Threat Assessment & Compliance Specialist, you will be responsible for conducting testing on bank installations using focused threat-based methodologies to identify vulnerabilities, enhance Cyber readiness, and ensure security controls and system configurations adhere to compliance standards. Your role will involve collecting open source intelligence on threats, developing Cyber assessment plans, assessing The bank group installations & controls, and providing insight on IT technology assets. Key Responsibilities: - Conduct testing on bank installations using threat-based methodologies - Identify, expose, and exploit vulnerabilities to enhance Cyber readiness - Review security controls and system configurations to ensure compliance - Collect open source intelligence on threats and vulnerabilities - Develop Cyber assessment plans and conduct assessment tests - Ensure threat controls and systems are appropriately configured - Identify and track IT risks and remediate gaps through operational activities - Provide threat activity reporting and insight on IT technology assets - Manage ad-hoc review and reporting requests from stakeholders Requirements: - Bachelor's or Master's degree in Computer Science, Mathematics, or related field - Master's Degree in Business Management or equivalent - Certifications such as CISSP, OSCP, OSCE, CREST, GPEN, SANS GWAPT - 3-5 years of experience in technical Cyber security - Proficiency in Bash scripting, Perl, Python, and Machine Learning frameworks - Experience with malware scanning tools and mobile digitization platforms - Familiarity with threat modeling frameworks such as STRIDE, PASTA, and VAST - Knowledge of Cloud, DBMS, Containerization Technologies, and Microservices/API architecture - Strong technical background covering heterogeneous technologies and multiple security domains - Deep experience in vulnerability assessment, threat evaluation, and mitigation recommendations - Extensive experience with Security scanning solutions like Tenable Security Center, Tripwire, Rapid Scan, Qualys - Ability to integrate open source frameworks and solutions for unified reporting If you meet the above requirements and are passionate about Cybersecurity, we would love to hear from you. Join us in our mission to enhance Cyber readiness and ensure compliance in the banking sector. Thank you, Emily Jha emily@netsach.co.in,

Greetings, We are looking for a Security Assessment & Compliance Specialist with 3-6 years of experience to join our team at Netsach, a Cyber Security Company in Dubai. As a Security Threat Assessment & Compliance Specialist, your role will involve conducting testing for bank installations using threat-based methodologies to identify vulnerabilities, improve Cyber readiness, and review security controls and system configurations across IT systems to ensure security posture and compliance. Your responsibilities will include collecting open-source intelligence on threats and vulnerabilities related to the bank's technology stack, participating in event planning stages to develop Cyber assessment plans, ensuring that threat controls and systems are appropriately configured across the Group, identifying and tracking IT risks and gaps for remediation, providing threat activity reporting and insights on IT technology assets, and managing ad-hoc review and reporting requests from stakeholders. The ideal candidate should have a Bachelor's or Master's degree in Computer Science, Mathematics, or equivalent discipline, along with certifications such as CISSP, OSCP, OSCE, CREST, GPEN, SANS GWAPT. You should have 3-5 years of experience in technical Cyber security, proficiency in Bash scripting, Perl, Python, or R, expertise in Machine Learning frameworks and code development, familiarity with malware scanning tools, experience with mobile and digitization platforms, and knowledge of threat modeling frameworks like STRIDE, PASTA, and VAST. Moreover, you should have a strong technical background covering heterogeneous technologies and multiple security domains, deep knowledge of vulnerabilities in banking environments, expertise in threat assessment and mitigation, and experience in evaluating threats based on the latest threat landscape in EMEA & North Africa. Additionally, you should be well-versed in security scanning solutions such as Tenable Security Center, Tripwire, Rapid Scan, Qualys, and be able to integrate open-source frameworks and solutions into the Threat and Vulnerability solution environment for unified reporting. If you are passionate about Cybersecurity and possess the required skills and experience, we would like to hear from you. Thank You, Emily Jha emily@netsach.co.in,

Must have industry recognised certifications (e.g. OSCP, OSCE, OSWP, OSWE, OSEECISSP, OSCP, CRT, CREST, CRTP) Senior Cyber Security Consultant Requirements: Minimum 5+ yearsofconsulting experience in Red Teaming/Pentestingand possesses industry recognised certifications (e.g.CISSP, OSCP, CRT, CREST, CRTP) Experienced and well versed in security testing domains. For example,red teaming, web/network/mobile/cloud/thick client vulnerability assessments and penetration testing. Proven experience in implementing proactive security solutions and integrating security into the software development lifecycle (SDLC). Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques Familiarity with programming languages (e.g., Python, Bash, C#, or JavaScript). Responsibilities: Actively participate in security testing of web and mobile applications. Conduct thorough penetration tests on applications, systems, and networks to identify vulnerabilities. Support the internal and/or customer development team in the preparation, formalization, implementation and verification of security requirements following a Security by Design principle. Develop and execute hands-on DevSecOps programs, including penetration testing, automation, static/dynamic code analysis, threat modeling, and developer training. Ability to think like an attacker. Conduct secure design reviews and contribute to threat modeling exercises. Preparing reports at both technical and executive level, providing recommendations to an heterogeneous public. Plan, lead and execute projects, including team management. Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices. Engage in continuous learning and research to improve your skills and contribute to the team's knowledge base. ,

We are looking for a Penetration Tester to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Here is how, through this exciting role, YOU will contribute to BMC's and your own success: Primary Roles and Responsibilities: Lead security assessments of applications and solutions deployed on IBM z/OS-based environments. Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems.. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure youre set up for success, you will bring the following skillset & experience: 6+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to senior stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes.

We are looking for Application Security Engineer to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Primary Roles and Responsibilities: Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure you re set up for success, you will bring the following skillset & experience: 5+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to senior stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes.

Here's an updated version of the job description, incorporating your specified details: Staff Product Security Engineer (Embedded & IoT) Work Flexibility: Hybrid Work Mode: Hybrid Location: Bengaluru Work Flexibility Definitions: Remote Role allows you to work the majority to 100% of time from an alternate workplace. These roles could have travel expectations, and you must work within the country of the job requisition location. Field-based – You can expect to regularly work a majority to 100% of time at customer facilities and has a set territory or expectation to travel within a set boundary. Almost all sales roles would likely be qualified as field-based. Onsite – Role is 100% located at a company facility. Some ad hoc flexibility may be available depending on role, level, and job requirements. Manufacturing roles and any role that requires physical presence at the office would qualify under this category. Hybrid – You can expect to regularly work in both an alternate workplace and a company facility. Roles that are partially remote or co-located would qualify as hybrid, and the expectation to be on site would be defined and agreed upon by your manager/supervisor. What you will do: Provide technical leadership and guidance to a team of Web, Embedded, and IoT Security engineers. Execute and oversee Penetration Testing and Vulnerability Assessment activities for Embedded Systems and IoT devices. Leverage DevSecOps to embed security testing ( SAST, DAST, Host Scanning, ATO Scanning, SBOM Generation ) into all phases of the Software Development Life Cycle (SDLC). Develop/review technical documentation (procedures/work instructions/guidance documents) for technical services. Develop and maintain comprehensive test plans, methodologies, and tools for security testing. Conduct in-depth analysis of security vulnerabilities and propose mitigation strategies. Collaborate with cross-functional teams to design and implement secure Embedded and IoT solutions. Lead the Software Bill of Materials (SBOM) Management program , ensuring accurate identification and documentation of software components and dependencies. Drive continuous improvement initiatives related to Embedded and IoT security, testing, and vulnerability management. What you need: Required Qualifications: Bachelor's or Master’s in Computer Science Engineering or a related field. 4 to 10 years of experience in product security, with a strong focus on embedded systems and IoT . Experience with threat modeling, risk assessment , and security architecture reviews for Embedded Systems and IoT solutions. Proficiency in C, C++, and Python programming languages. Familiarity with relevant security standards and frameworks such as OWASP, NIST Cybersecurity Framework , and ISO 27001 . Solid understanding of software development lifecycles and methodologies, particularly in the Embedded Systems and IoT context. Preferred Qualifications: Proficiency in using security testing tools such as Burp Suite, Wireshark, Nessus, and Metasploit , and experience applying DevSecOps principles. Experience in automation of routine tasks using tools like Jenkins and/or scripting languages such as PowerShell, Ruby, or Python. Understanding of Cloud-based environments like Azure and AWS . At least one professional certification like ECSA Practical/CPENT/LPT/OSCP/OSWE/OSCE or similar involving practical exams. Additional Details: Travel Percentage: 10% Mode of Interview: Face-to-Face

Designation: Cybersecurity Trainer Job Purpose & Role: To design, develop, and deliver advanced training programs in secure coding, reverse engineering, and malware analysis . Technical knowledge and hands-on experience in secure coding, system-level programming, and threat analysis is highly preferred. A. Knowledge Proven experience as a trainer or instructor in cybersecurity. Expertise in Assembly language, C/C++, and secure system programming. Proficiency in reverse engineering tools such as IDA Pro, Ghidra, and Process Explorer. Solid understanding of PE file formats, static and dynamic code analysis techniques. Experience with Python scripting for automation and cybersecurity use cases. B. Functional Skills Develop and deliver training modules in: Computer Architecture and Assembly Language Secure Coding Practices Reverse Engineering and Malware Analysis Advanced C++ Development Python for Security Automation (optional/elective) Conduct assessment and certification exams to evaluate participant learning outcomes. C. Attributes Dynamic, energetic, team player, thrives among strong colleagues. Ability to work in fast paced evolving environment . Be willing and able to exercise judgment and take risks. Accept criticism and constructive feedback , while being extremely adaptable and flexible. Reflection of an impeccable persona in walk-talk while dealing with academia High spiritual quotient (Social quotient -SQ, Intelligence quotient - IQ, Emotional Quotient - EQ) D. Qualification & Years of Experience Certifications such as GREM, OSCE, OSCP, or CEI (Certified EC-Council Instructor). ME/M.Tech and BE/B.Tech in Computer Science /Information Technology Cybersecurity or related field reputed university & Institute of eminence. PhD Degree in the relevant field of subject is desirable. Industry and Global Experience is desirable. E. Salary as per norms F. Location: Greater Noida, Delhi/NCR G. Apply for the position by sending your CV at careers@glbitm.ac.in H. Visit our website’s career page at www.glbitm.ac.in

Minimum 3 years’ experience working in a large-scale IT environment with focus on Cyber / Information Security. Areas of expertise should include Pre-Sales support, Service & Solution delivery, part of program management (Transition & Transformation) Required Candidate profile Knowledge in SIEM, SOAR, Threat Hunting, EDR, Deception, NTA, NBAD, UEBA. Handson experience on leading analytical platforms like Splunk, IBM QRadar, Hunters, Sumo Logic, Sentinel. Certification:CISSP